The Edge of I-Hacked

I-Hacked’s Favorite DJ is getting some DIGG LOVE.. Go help him out. (and download his stuff too)

Digg – Great Scott Downloads

from Hack a Day

Our wallets are filling up with SIM and RFID cards that contain hidden information. Using our latest project, the Bus Pirate universal serial interface, we can dump the memory from many common smart cards. In today’s How-to, we show you how to interface common smart cards, and walk you through the data stored on a FedEx Kinko’s prepaid value card.

Background

The FedEx Kinko’s prepaid card is actually a SLE4442 smart card. There’s nothing secret about the SLE4442, it’s completely documented in the datasheet PDF, and you can buy blank cards on the web.

The card is openly readable, we’ll be able to look at the contents without any sort of malicious intrusion. It’s protected from writes by a three byte password, with a ‘three strikes you’re out’ policy that renders the card useless after three failed password attempts.

from lifehacker.com

Windows only: Free application Eraser Portable puts previously mentioned Eraser—the popular open-source secure file deletion tool—on your thumb drive for secure file deletion on the go. Like the original, Eraser Portable can wipe any hard drive, optical media, files, folders, encrypted data, the Recycle Bin, and pretty much any other data you want to kill. It may not be an app you use every day, but it’s a great utility to throw on your thumb drive, iPod, or other portable device for those times you do need a quick, secure delete.

Eraser Portable [PortableApps.com via MakeUseOf]

from The Register

A juvenile hacker with a reputation for stirring up trouble in online gaming groups has admitted to multiple computer felonies, including cyber attacks that overwhelmed his victims with massive amounts of data and the placing of hoax emergency phone calls that elicited visits by heavily armed police teams.

Known by the online handle of Dshocker, the 17-year-old Massachusetts hacker also admitted he breached multiple corporate computer systems, called in bomb threats and engaged in credit card fraud. The defendant, who was identified only by the initials N.H., pleaded guilty to charges in court documents that included one count each of computer fraud and interstate threats and four counts of wire fraud.

Dshocker is best known in hacker and gaming circles as the miscreant said to have perpetrated a series of attacks on members of myg0t, an online confederation dedicated to cheating and disrupting play in online games such as Counter Strike. He also unleashed attacks on other well-known hackers, according to online accounts.

According to federal prosecutors in Boston, Dshocker has since 2005 controlled “several” botnets comprising “tens of thousand [sic] of infected computers” used to carry out distributed denial of service (DDoS) attacks on his victims. In January, he turned his attention to a practice known as “swatting,” in which he made hoax 911 calls that falsely reported violent crimes were underway. On at least several occasions, the calls prompted visits by armed police.

To fool police, Dshocker spoofed his phone number so it appeared to originate from a victim who was located thousands of miles away. He obtained the victims’ numbers and addresses by breaking into the computer systems of their internet service providers and accessing subscriber records. Charter Communications, Road Runner, and Comcast are among the ISPs he broke into.

One call falsely reporting a violent crime in progress was made in March to the police department in Seattle. Another in April was made to police in Roswell, Georgia. Both calls originated from a phone located in Dshocker’s home town of Worcester, Massachusetts. He also phoned in a false bomb threat at one school and the presence of an armed gunman at another.

Dshocker didn’t limit his illegal hacking to settling grudges with fellow gamers. From 2005 to earlier this year, he used stolen credit card information to make fraudulent purchases. He also managed to gain free internet access by stealing proprietary software from a large, unnamed electronics company and then using it to modify his cable modem.

Dshocker agreed to the imposition of an 11-month sentence of juvenile detention. Had he been tried as an adult, he could have faced a maximum of 10 years in prison and a fine of $250,000. ®

from The Register

Attorneys for the University of Tennessee student accused of breaking into Alaska Governor Sarah Palin’s email account have filed a small forest’s worth of court documents in defense of the high-profile suspect. Among them is a motion to prohibit prosecutors from referring to their client as a hacker.

The terms “hacker” and “hacking” have no basis under the statute Kernell is accused of violating, a motion filed in US District Court in Knoxville argues. It goes on to seek an order forbidding prosecutors and their witnesses from using those words when referring to the case.

“Because of the negative connotations evoked by these terms, there is a significant danger of unfair prejudice, confusion of the issues, and misleading the jury,” the motion states. “Hackers are commonly portrayed as dangerous criminals who are involved in malicious conduct such as credit card fraud, stealing, intentional disruption of legitimate activities and causing economic damages.”

from instructables.com
Want to detect the presence of RFID readers? Want to control when a RFID tag is active or readable? We describe how to do both using bits of copper and card, and some readily available electronics hardware.

from Andrew Hay » Blog Archive

According to several sources, security researchers Erik Tews and Martin Beck have found a way to break the Temporal Key Integrity Protocol (TKIP) key used by WPA. Cracking the TKIP key was never thought to be an impossible feat and it was previously thought that the angle of attack would be via a massive dictionary attack over an extended period of time.

Tews and Beck, however, did not use a dictionary attack to crack TKIP. According to Dragos Ruiu (via this Network World article), the organizer of the PacSec conference where Tews plans on discussing the crack, the researchers first discovered a way to trick a WPA router into sending them large amounts of data. This makes cracking the key easier, but this technique is also combined with a “mathematical breakthrough,” that lets them crack WPA much more quickly than any previous attempt.

And how long did it take Tews and Beck….12 to 15 minutes.

Beck, creator of the Aircrack security tool, has also added the ability to exploit this weakness over the past two weeks. Note, this attack only impacts WPA and not WPA2, which is still deemed “safe”. Over the past few years people who were using WEP, which was determined to be an unsafe and easy to crack protocol, were advised to switch over to WPA due to prevent an attack of this magnitude. Now many enterprise customers will be left scratching their heads and wondering how long it will be until they have to switch to something other than WPA2…and at what cost.

from Walletpop
Starbucks: Giving away a free tall coffee to people with proof of voting (or a pledge of having voted)
Krispy Kreme: Giving away free star-shaped donuts with red, white and blue sprinkles (while supplies last) to people with an “I voted” sticker all day
Ben & Jerry’s: Giving away a free scoop in any flavor from 5pm to 8pm to anyone who says they voted.

But there’s much, much more… (and we’re hoping you’ll feel free to tell us what’s free in your neighborhood for voters).

This is in no way a list of all of them, but here are some:

• Todd Conner’s, a bar in Baltimore, will give voters a free beer. (I’m guessing 18-20 year-old voters are disqualifed.)
• Selected Chick-fil-A locations will be offering free chicken sandwiches on Election Day to anyone with an “I Voted” sticker, and also giving away items on Nov. 5 for those who bring in lawn signs, but check first, to see if your local store is in on the deal.
• Rock the Vote is offering free song downloads to anyone who pledges to vote
• To its first 300 customers at each location, Shane’s Rib Shack will give away a free “Vote America meal,” which are chicken tenders and a beverage.
• Anaheim White House, a restaurant in California, are giving voters a free bottle of champagne. The catch seems to be that you have to order the $44 meal that comes with it.
• At Zov’s, a three-restaurant chain, also in California, they’re giving away a free slice of apple pie to anyone who votes.
• The Atlanta Zoo are cutting admission prices to half price on November 4 for voters and their families.
• In Chicago, at the restuarant Park 52, guests showing a receipt for voting will receive a free red, white and blue dessert–as in, red velvet cake with white cream cheese frosting and fresh blueberries.
• In Troy, Michigian, the Hot Spot Coffee Company will be giving out free 12-ounce cups of coffee to customers on November 4.
• And Babeland, an adult sex toy store in New York, Los Angeles and Seattle, is giving away, um, some free toys to anyone who says that they’re voting.
• A Dallas tattoo-removal specialist is offering a free consultation to getting a tattoo removed.
• Even more deals are listed at slickdeals.net

Really, your best plan of attack tomorrow seems to be to go into any store or restaurant and say, “I voted today. Giving anything away for free?