Skip to Content

Slim Down for Summer with That's Fit
AOL Tech

Posts with tag hacker

DARPA aims to create virtual environment for cyberwar simulations


Considering that mechanical beings will be fighting our real wars here in just a few years, it's no shock to see more focus placed on the areas where actual humans will still be the ones waging. DARPA is looking to create what it calls a National Cyber Range, which would essentially act as a training ground for cyber warriors. The setup would enable defense gurus to simulate battle against attacks our on nation's most highly prized data, and of course, give victors over virtual phishing scams immense bragging rights. Come to think of it, Estonia could have totally benefited from something like this last year.

[Via Information Week, image courtesy of Sandia]

Hackers embed flashing animations on epilepsy support forum

Shortly after hearing a sad tale of a 7-year old cancer patient having his medication and PSP stolen whilst en route to treatment comes yet another story of the world's meanest preying on the innocent. This go 'round, a group of griefers (which appear to be members of Anonymous) managed to invade a support forum established by the nonprofit Epilepsy Foundation and use JavaScript code and messages littered with flashing animations to effectively assault dozens of visitors who suffer from the disorder. The Foundation managed to catch wind of the problem within 12 hours of the attack, and while the boards were closed down temporarily to purge it of offending messages, many readers (such as RyAnne Fultz, pictured) experienced headaches and seizures before rescue arrived. Let's just say we sincerely hope the culprits get what's comin' to 'em.

Linux becomes only OS to escape PWN 2 OWN unscathed


After a week full of Red Bulls, Fruit by the Foot and dreams of In-N-Out, the mighty Sony VAIO loaded with Linux stood as the only machine unhacked by the end of the PWN 2 OWN hacking contest at CanSecWest. As you're well aware by now, the MacBook Air on display was seized in two minutes by the presumably well prepared Charlie Miller, and after two full days of work, Shane Macaulay and a few of his 1337 associates managed to crack the Vista rig on Friday. Reportedly, Shane and his pals weren't expecting to do battle with the extra protected SP1 version of Vista, and while the exact loophole won't be divulged, we are told that it was a cross-platform bug that "took advantage of Java to circumvent Vista's security." In the end, it was reported that some folks on hand had discovered bugs in the Linux OS, but many of them "didn't want to put the work into developing the exploit code that would be required to win the contest."

[Image courtesy of TippingPoint]

PWN 2 OWN over: MacBook Air gets seized in 2 minutes flat


And just think -- last year you were singing Dino Dai Zovi's praises for taking control of a MacBook Pro in nine whole hours. This year, the PWN 2 OWN hacking competition at CanSecWest was over nearly as quickly as the second day started, as famed iPhone hacker Charlie Miller showed the MacBook Air on display who its father really was. Apparently Mr. Miller visited a website which contained his exploit code (presumably via a crossover cable connected to a nearby MacBook), which then "allowed him to seize control of the computer, as about 20 onlookers [read: unashamed nerds] cheered him on." Of note, contestants could only use software that came pre-loaded on the OS, so obviously it was Safari that fell victim here. Nevertheless, he was forced to sign a nondisclosure agreement that'll keep him quiet until "TippingPoint can notify the vendor," but at least he'll have $10,000 and a new laptop to cuddle with during his silent spell.

PWN 2 OWN contest lets hackers choose Vista, OS X or Linux

Last year's PWN 2 OWN contest at the CanSecWest security conference went over way better than expected (read: exploits were glorified), so this year, organizers have spiced things up by letting hackers have their way with three separate machines. The Linux, OS X and Vista-based rigs were all setup as similarly as possible in order to "make sure the attack surface was the same on all of them." For attendees in Vancouver, there sits a $20,000 top prize -- which dwindles with each passing day as restrictions on attacks ease up -- but it can only be acquired if an all new zero-day cyber roundhouse kick is used. Anyone here going to give it a go? You get to keep the freshly victimized laptop too, you know.

Hackers reportedly targeting cities' power systems


We know, hackers tend to get a pretty bad rap these days, but with some of 'em out there creating ginormous gridlocks in Los Angeles and shutting down networks in enemy territories, we sort of understand the sentiment. Most recently, it seems that hackers are being blamed for "penetrating power systems (sound familiar?) in several regions outside the US, and in at least one case, causing a power outage affecting multiple cities." That's according to Tom Donahue, a CIA official, who failed to dole out critical details such as where or when the attacks occurred nor how many folks were actually left in the dark. 'Course, Bruce Schneier, CTO of security firm BT Counterpane, warns that these attacks could in fact be aided by individuals with administrative access to said systems, implying that "human vulnerability" could share at least some of the blame. Don't worry guys, we're faxing CTU right now, they'll be right on it within 72 business hours.

[Image courtesy of WPS]

SlySoft's latest AnyDVD beta cracks BD+

Regardless of what those oh-so-knowledgeable analysts had to say, we all knew this day was coming. Yep, that highly-touted, totally "impenetrable" copy protection technology known as BD+ has officially been brought to its knees, and it's not at all surprising to hear that we have SlySoft to thank. The AnyDVD 6.1.9.6 beta has quite a comical change log too, and aside from noting that users now have the ability to backup their BD+ movies and watch titles sans the need for HDCP-compliant equipment, it also includes a candid note to Twentieth Century Fox informing the studio that its prior assumptions about BD+'s effectiveness were apparently incorrect. You know the drill, hit the read link below to try 'er out.

[Thanks, Aaron]

Workaround enables Netflix 'Watch Now' titles to be decrypted, saved


Looking for a new way to use FairUse4WM? Have a Netflix account? If so, go on and roll your sleeves up, as a crafty (and acrimonious) fellow has managed to find a workaround that enables you to not only decrypt the DRM-laced "Watch Now" movie files, but save them to your hard drive for future viewing. Admittedly, the process is somewhere between painless and potentially frustrating, but the gist of it involves Windows Media Player 11, FairUse4WM, Notepad, a Netflix account, and a broadband connection. Through a series of hoop jumping, users can now strip the "Watch Now" files free of DRM and watch them at their leisure and on any video-playing device they choose. Granted, there's certainly issues of legality mixed in here, but where there's a will, there's a way. [Warning: Read link language potentially NSFW]

[Via TVSquad]

Wii update provides minor menu changes, could brick modded consoles


It's that time again folks -- the moment when you're rushing out of the house, but you make the oh-so-wise decision to head in even later rather than leaving that glowing Wii unattended. Today, Wii owners in Europe, Japan, and the US can download a shiny new firmware update, which institutes a new digital clock on the main menu, a few "aesthetic changes to the Wii Shop," an updated Forecast Channel window, a "Today's Accomplishments" note on the message board, and a made over Wii Shop that "changes the way Virtual Console games are ordered." Also of note, some users are reporting that a message appears before updating that states: "If your Wii console has an unauthorized technical modification, this upgrade could cause interoperability of your console." Of course, this shouldn't come as a surprise considering the Big N's crackdown on modders, but in our single attempt of updating a Wii not left on standby, the aforementioned statement did not appear. So go on, head on down and get to updatin' (if you're not chipped, that is), and do let us know how your experience goes.

[Via The Wolf Web]

UPDATE: We've seen numerous reports of the new firmware not bricking modded Wii consoles, and that includes machines using Cyclowiz and WiiKey. If you're courageous enough, give it a go yourself and let us know how it turns out in comments.

Mod chip raid victim details the experience

While US Immigrations and Customs Enforcement are remaining tight-lipped about what exactly they have seized thus far, a certain modder has come forward to depict his story and explain the experience of getting raided by the fuzz. After agents woke up his grandmother and perused her domicile with a warrant in hand, they confiscated a number of consoles and spare parts around the house before heading out to find the man behind FallsInc. Once locating him at his girlfriend's dwelling, they persuaded him to hand over everything even remotely related to modding, and he was left with "nothing of worth" outside of a computer monitor and his vehicle. Unsurprisingly, the culprit (or victim, depending on perspective) feels that his "life was taken away by a ludicrous interpretation of the DCMA" as the "little guy" was taken down while mass piraters remain at large. To read his whole account, be sure and tag the read link.

Voting machine producers criticize critiques

Voting machine makers scoffing at bad reviews? That's preposterous! Actually, it's not all that alarming to hear that Diebold, Hart InterCivic, and Sequoia Voting Systems all had less-than-amicable responses to a state study that "found that their machines could be breached by hackers." Of course, we're not exactly sure what all that groaning is about, as we've seen nothing but proof to back the investigation up. Nevertheless, Sequoia dubbed the review "an unrealistic, worst-case-scenario evaluation," Diebold kvetched that the study didn't look at its most recently developed software, Hart found "several inconsistencies, alternate conclusions, and errors," and Elections Systems & Software bypassed the rigmarole entirely by failing to provide their information to the secretary of state. Oh, the irony. [Warning: Read link requires subscription]

Hacked Xbox 360 firmware prevents banning

In today's episode of tit-for-tat, hackers have blocked Microsoft's attempt to ban their modified consoles. Just two weeks ago remember, Microsoft began checking and then banning Xbox 360 consoles from Xbox Live if the Big M found the gear to be modified in violation of the Terms of Use. However, new firmware -- a tat if you will -- was just released by the lively (to say the least) modding community making hacked Xbox 360s invisible to Microsoft's snooping; if they can't see it, they can't ban it. Now come on Microsoft, show us your tit. Erm.

Apple issues fix for recently discovered QuickTime flaw

Just over a week after a dubious duo found a way to commandeer a Mac thanks to an elusive flaw in QuickTime (of all things), Apple's security police have purportedly fixed the flaw and issued an update. Apparently, the hole could be "exploited through a rigged website and let an attacker control computers running both Mac OS X and Windows," and the firm elaborated by stating that a "maliciously crafted Java applet could lead to arbitrary code execution" if users didn't apply the patch. The newest version of QuickTime now sits at 7.1.6, and reportedly "repairs the problem by performing additional checking," and interestingly enough, Apple seemingly tipped its hat to Dino Dai Zovi and the TippingPoint Zero Day Initiative for reporting the issue. So make sure you fire up that Software Update today if you haven't already -- a presumably small bundle of downloadable joy should be waiting.

Microsoft corroborates Windows Vista OEM hacks


At least Redmond can't say that no one told them so, as the folks at Microsoft are finally holding up a hesitantly-raised white flag and admitting that Windows Vista is indeed far from crack-proof. After depressing the mental "Allow" button, Microsoft Senior Product Manager Alex Kochis has come to grips with the Vista hacks that are currently floating around (and apparently functioning). Interestingly, he insinuates that the company will be looking at ways to "disrupt the business model of organized counterfeiters and protect users from becoming unknowing victims," but also mentioned that it wouldn't be rushing out in a likely futile attempt to nab every "mad scientist" (saywha?) on a mission to hack Windows. Hmm, wonder if that has anything to do with the barren efforts it exhausted trying to one-up FairUse4WM?

Hackers next target: your in-car navigation system

We hate to break it to you, but that oh-so-reliable GPS system that you simply obey each day could eventually lead you down a dark, perilous path. No, we're not referring to the blind faith drivers who throw caution common sense to the wind and drive directly into sandpiles and bodies of water, but a new discovery has found that the unencrypted data that's beamed to drivers everyday via RDS-TMC navigation systems could be undermined with relative ease. Andrea Barisani, chief security engineer with Italian consultancy Inverse Path, has claimed that the wireless signals could not only be intercepted, but incorrect directions could actually be used to lead motorists into a trap, direct traveling competitors away from a sales presentation, or create a massive gridlock by instructing the weary working crowd to all take the same "detour" home. It was noted that some firms are already looking into more secure methods of delivering such critical information, and considering the lessons we've already learned about GPS-addicted drivers, the updates can't come soon enough.

[Thanks, Andrea B.]



AOL News

Other Weblogs Inc. Network blogs you might be interested in: