Engadget http://www.engadget.com Engadget http://www.blogsmithmedia.com/www.engadget.com/media/feedlogo.gif Engadget http://www.engadget.com en-us Copyright 2012 Weblogs, Inc. The contents of this feed are available for non-commercial use only. Blogsmith http://www.blogsmith.com/<![CDATA[Hacker pod2g to speak and run hacking workshop at JailbreakCon's WWJC]]>http://www.engadget.com/2012/06/01/wwjc-jailbreakcon-pod2g/http://www.engadget.com/2012/06/01/wwjc-jailbreakcon-pod2g/http://www.engadget.com/2012/06/01/wwjc-jailbreakcon-pod2g/#comments ImageWhile WWJC's already got a healthy list of special guests to address fellow iOS hackers, word has it that pod2g -- a well-known and good-looking contributor to the iDevice jailbreak scene -- will be the latest guest to join JailbreakCon's show on September 29th. Better still, the self-professed iOS security researcher will be both speaking and running a workshop there, making it all worthwhile for attendees traveling all the way to San Francisco. For those who want to familiarize yourselves with pod2g, hit the Redmond Pie link below to see his interview by JailbreakCon's Craig Fox. Or, you know, you can head over to WWJC to meet the man up close and personal -- just make sure you get a ticket first before it's too late!

Hacker pod2g to speak and run hacking workshop at JailbreakCon's WWJC originally appeared on Engadget on Fri, 01 Jun 2012 12:23:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>appleapple tvAppleTvconferenceCraig FoxCraigFoxhackhackerhackingiosiphoneipodipod touchIpodTouchjailbreakjailbreakconpod2gsoftwarewwjcwwjc 2012Wwjc2012Fri, 01 Jun 2012 12:23:00 EST<![CDATA[Adafruit modder builds Captain Jack's Vortex Manipulator / Leela's wrist-lo-jacko-mator for real]]>http://www.engadget.com/2012/05/30/wrist-sensor-mod/http://www.engadget.com/2012/05/30/wrist-sensor-mod/http://www.engadget.com/2012/05/30/wrist-sensor-mod/#comments Image

This impressive wrist / forearm cuff is the brainchild of Adafruit forum member and modder Stephanie, who has built a sensor platform into the fashion accessory. The device can monitor the exposure value, track your movements over GPS, measure your galvanic skin response, tell you the temperature, humidity and even doubles as a watch and flash-light. It was built around Sparkfun's Pro Micro development board and a boatload of sensors purchased from Adafruit. We might just build one ourselves with a radiation detector, so that we can live out our Pip-Boy fantasies down at the mall.

Gallery: Integrated Sensors Electronic Bracer

Adafruit modder builds Captain Jack's Vortex Manipulator / Leela's wrist-lo-jacko-mator for real originally appeared on Engadget on Wed, 30 May 2012 18:14:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>AdafruitAdafruit IndustriesAdafruitIndustriesAlarm ClockAlarmClockCaptain JackCaptainJackExposure ValueExposureValueFlashlightGalvanic Skin ResponseGalvanicSkinResponseGPSHackHackerHackingHumidityIntegrated Sensors Electronic BracerIntegratedSensorsElectronicBracerLeelaModModderModdingPip-BoySensorSparkfunSparkfun Pro MicroSparkfunProMicroTemperatureTorchVortex ManipulatorVortexManipulatorWrist CuffWrist-lo-jacko-matorWristCuffWed, 30 May 2012 18:14:00 EST<![CDATA[iOS 5.1 untethered jailbreak gets a video demo, not yet ready to meet the public]]>http://www.engadget.com/2012/05/10/ios-5-1-untethered-jailbreak-gets-a-video-demo-not-yet-ready-to/http://www.engadget.com/2012/05/10/ios-5-1-untethered-jailbreak-gets-a-video-demo-not-yet-ready-to/http://www.engadget.com/2012/05/10/ios-5-1-untethered-jailbreak-gets-a-video-demo-not-yet-ready-to/#comments iOS 5.1 untethered jailbreak gets a video demo, not yet ready to meet the public

Moving along a similar path to his previous untethered jailbreak for iOS 5.0, hacker pod2g has followed up announcements of an untethered jailbreak for the iPhone 4 and iPad 3 running iOS 5.1 with a quick demo video (embedded after the break) as evidence. The video shows a jailbroken iPad 3 that manages to stay that way even after a reboot, the key difference from the current tethered hack already available. There's still no word on when the community at large may get a crack at the software, although tweets mention "stabilizing the payload" before taking a crack at the recently released iOS 5.1.1, and that the new Apple TV may not be able to come along for the ride.

Continue reading iOS 5.1 untethered jailbreak gets a video demo, not yet ready to meet the public

iOS 5.1 untethered jailbreak gets a video demo, not yet ready to meet the public originally appeared on Engadget on Thu, 10 May 2012 21:43:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>a5applechronic dev teamChronicDevTeamhackeriosios 5.0ios 5.1ios 5.1.1Ios5.0Ios5.1Ios5.1.1ipadipad 3Ipad3iphoneiphone 4iphone 4sIphone4Iphone4sjailbreakjailbreakingjailbrokenminipostmobilepostcrosspod2guntethereduntethered JailBreakUntetheredJailbreakvideoThu, 10 May 2012 21:43:00 EST<![CDATA[Adobe issues security update for Flash player, warns against IE exploit]]>http://www.engadget.com/2012/05/05/adobe-issues-security-update-for-flash-player-ie-exploit/http://www.engadget.com/2012/05/05/adobe-issues-security-update-for-flash-player-ie-exploit/http://www.engadget.com/2012/05/05/adobe-issues-security-update-for-flash-player-ie-exploit/#comments adobe flash player update internet

Internet Explorer associated with an exploit? Color us shocked. Facetiousness aside, it's seriously about time you switched over to Chrome or Firefox (as a mitigation tool; not a foolproof solution), and if you're a desktop user relying on Flash Player, well... it's about time you updated that, too. Adobe has just released a security update for Flash Player 11.2.202.233 and earlier versions for Windows, Macintosh and Linux, Adobe Flash Player 11.1.115.7 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.8 and earlier versions for Android 3.x and 2.x. We're told that these updates "address an object confusion vulnerability (CVE-2012-0779) that could cause the application to crash and potentially allow an attacker to take control of the affected system." Adobe specifically mentions an exploit that targets Flash Player on Internet Explorer for Windows, where a user is duped into clicking on a malicious file delivered in an email message. Hit up the source link for more information on getting your system out of The Danger Zone. Which, conveniently, can be looped as you update with a click after the break.

[Thanks to everyone who sent this in]

Continue reading Adobe issues security update for Flash player, warns against IE exploit

Adobe issues security update for Flash player, warns against IE exploit originally appeared on Engadget on Sat, 05 May 2012 00:37:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>adobeemailexploitflashhackhackerInternet ExplorerInternetExplorerlinuxmicrosoftsecuritysecurity updateSecurityUpdateupdatevideovulnerabilitywindowsSat, 05 May 2012 00:37:00 EST<![CDATA[Phi: a wireless re-routing card that puts you in control of the airwaves (video)]]>http://www.engadget.com/2012/05/01/phi-a-wireless-re-routing-card-that-puts-you-in-control-of-the/http://www.engadget.com/2012/05/01/phi-a-wireless-re-routing-card-that-puts-you-in-control-of-the/http://www.engadget.com/2012/05/01/phi-a-wireless-re-routing-card-that-puts-you-in-control-of-the/#comments Phi: a wireless re-routing card that puts you in control of the airwaves (video)

For all the talk of convergence in mobile devices, there's relatively little chatter about the coming together of wireless signals themselves. In other words, why should we have a separate device to interact with each type of wireless signal? And so, with that intriguing question, begins the pitch for a new device call Phi. It's a $750 antennae-laden PCIe card that slots into a desktop and gathers up wireless signals that are flying around the home -- so long as they have a frequency below 4GHz and don't involve bank-busting neutrinos. The card then allows custom apps to re-direct those transmissions as you like: potentially acting as a "base station" so you can make free calls from your cell phone, or receiving over-the-air HD transmissions which you can play on your tablet, or doing whatever else hobbyists and devs can cook up. Phi is still version 0.1 and Linux-only while the startup behind it -- Per Vices -- looks for a Kinect-style blossoming of third-party interest, but with nothing less than a deity-like command over the domestic ether on offer, how could it ever fail?

Continue reading Phi: a wireless re-routing card that puts you in control of the airwaves (video)

Phi: a wireless re-routing card that puts you in control of the airwaves (video) originally appeared on Engadget on Tue, 01 May 2012 06:46:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>3g4ghzbase stationBaseStationdevdevelopergood morning vietnamGoodMorningVietnamhackhackerhobbylinuxmobilepostcrossover-the-airpci-epciepcie cardPcieCardper vicesPerVicesphiradioradio frequencyRadioFrequencyre-directionre-routingredirectionRFtransmissionwifiwirelesswireless re-routingwireless signalWirelessRe-routingWirelessSignalycombinatorTue, 01 May 2012 06:46:00 EST<![CDATA[My whole life is a hack: how Geohot owned the iPhone, PS3 and inadvertently rallied hacktivists]]>http://www.engadget.com/2012/05/01/new-yorker-profiles-geohot/http://www.engadget.com/2012/05/01/new-yorker-profiles-geohot/http://www.engadget.com/2012/05/01/new-yorker-profiles-geohot/#comments My whole life is a hack: how Geohot owned the iPhone, PS3 and inadvertently inspired LulzSec

George Hotz is no stranger 'round these parts. Better known as Geohot, he first achieved internet fame at the age of 17 with his announcement of a hardware unlock method for the original iPhone. From there, he moved on to even greater notoriety with a PlayStation 3 exploit that quickly attracted the ire -- and legal wrath -- of Sony. Now profiled in The New Yorker, we're given a candid and unique insight into the world of George Hotz, whereby his own admission, he wasn't motivated by an ideology so much as boredom and the desire to control a system. The freedom issues, it seems, were merely an afterthought.

George Hotz is unique. We're talking about someone who was programming by age five, building video game consoles by the 5th grade and making appearances on NBC's Today at age fourteen. Like many brilliant adolescents, he experimented with drugs and rebelled against authority. Eventually, the powers that be caught up with him, and George Hotz was sued by Sony on January 11th, 2011. The lawsuit drew the attention of malicious hacker groups such as Anonymous and LulzSec, which retaliated against the company in very public ways. However unintentional, Geohot became the poster child for hacktivists and inspired a movement that quickly grew out of control -- if only more of us could be so productive with our boredom. For an insightful read into one of the most influential hackers of our time, be sure to hit the source link below.

My whole life is a hack: how Geohot owned the iPhone, PS3 and inadvertently rallied hacktivists originally appeared on Engadget on Tue, 01 May 2012 04:40:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>anonymousgeohotgeorge hotzGeorgeHotzhackerhackingiphoneLulzSecPlaystation 3Playstation3ps3Tue, 01 May 2012 04:40:00 EST<![CDATA[2600 Volume 1 released as a DRM-free ebook: phreak like it's 1984]]>http://www.engadget.com/2012/04/04/2600-volume-1-released-as-a-drm-free-ebook-phreak-like-its-1984/http://www.engadget.com/2012/04/04/2600-volume-1-released-as-a-drm-free-ebook-phreak-like-its-1984/http://www.engadget.com/2012/04/04/2600-volume-1-released-as-a-drm-free-ebook-phreak-like-its-1984/#comments Image
Long-running hacker magazine 2600 has been digging into its archives quite a bit as of late (it began releasing videos of the early HOPE conferences in December), and it's now gone back right to the beginning for its latest offering. It's just released 2600: The Hacker Digest - Volume 1, a DRM-free ebook that collects its first year of newsletters -- reformatted in book form for easier reading, but with every last detail intact (including typos). That's available in both the Kindle and Nook stores, as well as through 2600's own site in plain old PDF form, each of which set you back just under $4. What's more, while there's no firm word on any additional volumes just yet, 2600 says it'll keep them coming if there's enough support for the first one.

2600 Volume 1 released as a DRM-free ebook: phreak like it's 1984 originally appeared on Engadget on Wed, 04 Apr 2012 07:29:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>2600hackhackerhackinghistorymagazinezineWed, 04 Apr 2012 07:29:00 EST<![CDATA[Google Wallet gets prepaid security fix, but 'brute-force' issue still hangs in the air]]>http://www.engadget.com/2012/02/15/google-wallet-gets-prepaid-security-fix/http://www.engadget.com/2012/02/15/google-wallet-gets-prepaid-security-fix/http://www.engadget.com/2012/02/15/google-wallet-gets-prepaid-security-fix/#comments Google says it's fixed a Wallet security flaw that potentially allowed a phone thief to spend a user's prepaid balance. The ability to provision new prepaid cards had been suspended pending the update, but has now been restored. Things aren't quite back to normal in the Big G's world of mobile money, however. Users still find themselves caught between two competing arguments over an entirely different vulnerability, which involves a 'brute-force' attack on rooted devices. Google insists that this isn't a major concern, so long as Wallet users refrain from rooting, and that the system still "offers advantages over the plastic cards and folded wallets in use today." On the other hand, the company that discovered this issue -- zvelo -- has come back at Google with an equally blunt response. It acknowledges that a handset must be rooted to be vulnerable, but crucially its researchers also say that a device doesn't have to be rooted before it's stolen. In other words, they allege that a savvy thief can potentially steal a phone and then root it themselves, and they won't be happy with Wallet until it requires longer PIN number. Whichever argument sways you, it's worth bearing in mind that there's no evidence that anyone has yet managed to exploit these weaknesses for criminal purposes.

Google Wallet gets prepaid security fix, but 'brute-force' issue still hangs in the air originally appeared on Engadget on Wed, 15 Feb 2012 03:55:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>accountAndroidbankbrute forceBruteForcecashecommerceelectronic paymentsElectronicPaymentsexposedfinancialflawfraudgalaxy nexusGalaxyNexusgooglegoogle walletGoogleWallethackhackerhexidentity theftIdentityTheftmobilepostcrossmoneynfcpinSciTechsecuritytheftthiefvideovulnerabilitywalletzveloWed, 15 Feb 2012 03:55:00 EST<![CDATA[Hacker spites Symantec, puts pcAnywhere's source code out in the open]]>http://www.engadget.com/2012/02/09/hacker-spites-symantec-puts-pcanywheres-source-code-out-in-the/http://www.engadget.com/2012/02/09/hacker-spites-symantec-puts-pcanywheres-source-code-out-in-the/http://www.engadget.com/2012/02/09/hacker-spites-symantec-puts-pcanywheres-source-code-out-in-the/#comments Hacker releases Symantec pcAnywhere's source code out in the open Symantec said that folks running its pcAnywhere utility were at an "increased risk" when it revealed that the company had been hacked and its source codes pilfered, and advised customers to stop using pcAnywhere for the time being. Sage advice, as a hacker with the handle YamaTough -- who's affiliated with Anonymous -- helped do the deed and has now published the code for all the world to see. Apparently, the hacker and hackee had attempted to broker a deal for $50,000 to keep the code private, but neither side negotiated in good faith -- YamaTough always intended to release the code, and law enforcement was doing the talking for Symantec to catch him and his hacking cohorts. The good news is, Symantec has released several patches to protect pcAnywhere users going forward. As for the stolen code for Norton Antivirus, Internet Security and other Symantec software? Well, the company's expecting it to be disclosed, too, but because the code is from 2006, customers with current versions can rest easy.

Hacker spites Symantec, puts pcAnywhere's source code out in the open originally appeared on Engadget on Thu, 09 Feb 2012 09:24:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>anonymousbreachcyber crimecyber securityCyberCrimeCyberSecurityhackhackerhackingnorton antivirusNortonAntiviruspcanywheresymantectheftThu, 09 Feb 2012 09:24:00 EST<![CDATA[PSA: Google Wallet vulnerable to 'brute-force' PIN attacks (update: affects rooted devices)]]>http://www.engadget.com/2012/02/09/google-wallet-open-to-pin-attacks/http://www.engadget.com/2012/02/09/google-wallet-open-to-pin-attacks/http://www.engadget.com/2012/02/09/google-wallet-open-to-pin-attacks/#comments Security hounds over at zvelo have discovered a vulnerability in Google Wallet that means your precious PIN can be "easily revealed." Digging through the app's code and using Google's open resources to reveal its contents, they uncovered a piratical treasure trove of data: unique user IDs, Google account information, and the PIN stored as a SHA256 hex-encoded string. Since this string is known to carry four digits, it only takes a "trivial" brute-force attack involving a maximum of 10,000 calculations to decode it. To prove their point, the researchers made a Wallet Cracker app -- demoed after the break -- that does the job quicker than you can say "unexpected overdraft."

Google has been receptive to these findings, but its attempts at a fix have so far been hampered by the need to coordinate with the banks, since changing the way the PIN is stored could also change which agency is responsible for its security. In the meantime, zvelo advises that there are some measures users can take themselves, aside from putting a protective hand over their pockets: refrain from rooting your phone, enable your lock screen, disable USB debugging, enable Full Disk Encryption and keep your handset up-to-date.

Update: Google has responded by emphasizing that it's only users of rooted devices who are at risk. In a statement to TNW it said: "We strongly encourage people to not install Google Wallet on rooted devices and to always set up a screen lock as an additional layer of security for their phone."

[Thanks to everyone who sent this in.]

Continue reading PSA: Google Wallet vulnerable to 'brute-force' PIN attacks (update: affects rooted devices)

PSA: Google Wallet vulnerable to 'brute-force' PIN attacks (update: affects rooted devices) originally appeared on Engadget on Thu, 09 Feb 2012 05:07:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>brute forceBruteForcecashfinancialflawfraudgooglegoogle walletGoogleWallethackhackerhexmobilepostcrossmoneyPINsecurityThierry HenryThierryHenryvideovulnerabilitywalletzveloThu, 09 Feb 2012 05:07:00 EST<![CDATA[Arduino hack turns Space Invaders alarm into Gmail Notifier (video)]]>http://www.engadget.com/2012/02/06/arduino-hack-turns-space-invaders-alarm-into-gmail-notifier-vid/http://www.engadget.com/2012/02/06/arduino-hack-turns-space-invaders-alarm-into-gmail-notifier-vid/http://www.engadget.com/2012/02/06/arduino-hack-turns-space-invaders-alarm-into-gmail-notifier-vid/#comments
Glaswegian engineer Grant Gibson spied a Space Invaders alarm clock being flogged off cheap ($5) and decided it deserved hacking. When activated, the battery-powered unit scuttled left to right, old-school style as it roused sleepy gamers but Mr. Gibson added a little Arduino magic to turn it into a moving Gmail notifier. Stripping out the battery compartment, he installed a USB-powered Arduino Nano, programmed to poll his email and activate the motion whenever he received a new message. The system is ripe for customization, it can be set up to alert when a front door bell is pushed or a notification received on Twitter -- which you'll be allowed to try as he's included all the details on his blog. The project (including the Nano and Alarm Clock) came to $20 and three hours of his time, which we're understandably impressed by. Head on past the break to see the thing in action and then fling yourself (highland-style) down to the source link to learn how to build your own.

Continue reading Arduino hack turns Space Invaders alarm into Gmail Notifier (video)

Arduino hack turns Space Invaders alarm into Gmail Notifier (video) originally appeared on Engadget on Mon, 06 Feb 2012 17:04:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>ArduinoArduino HackArduino NanoArduinoHackArduinoNanoGrant GibsonGrantGibsonHackHackerHackingModModdingvideoMon, 06 Feb 2012 17:04:00 EST<![CDATA[Human Birdwings project takes flight (update: hoax)]]>http://www.engadget.com/2012/01/20/human-birdwings-project-takes-flight-on-video/http://www.engadget.com/2012/01/20/human-birdwings-project-takes-flight-on-video/http://www.engadget.com/2012/01/20/human-birdwings-project-takes-flight-on-video/#comments Just now catching up with the Human Birdwings project? Nice timing. The human flight machine -- built by Jarnos Smeets to rely on a Wiimote and Wildfire S, among other niceties -- has just enjoyed its first moments of liftoff. In essence, the wings were strapped onto a willing Earthling, and as he began to flap his arms... well, it's a sight you need to see to fully appreciate. We'll confess that the "flight" didn't last long, but Jarno himself told us that it was but a first "test run." Promising? Oh, yes. Head on past the break for the vid.

Update: The project here has been underway since at least August of last year, but we've requested raw footage of the test flight here to further justify concerns. We'll report back shortly!

Update: Shocker, it's fake. And that's that.

Continue reading Human Birdwings project takes flight (update: hoax)

Human Birdwings project takes flight (update: hoax) originally appeared on Engadget on Fri, 20 Jan 2012 10:31:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>birdwingsdiyflightflyflyinghackhackerhtchuman birdwingsHumanBirdwingsJarnos SmeetsJarnosSmeetsmodmoddervideowiiwii remoteWiiRemotewildfirewildfire sWildfireSFri, 20 Jan 2012 10:31:00 EST<![CDATA[Hackers planning homespun anti-censorship satellite internet]]>http://www.engadget.com/2012/01/03/hackers-planning-homespun-anti-censorship-satellite-internet/http://www.engadget.com/2012/01/03/hackers-planning-homespun-anti-censorship-satellite-internet/http://www.engadget.com/2012/01/03/hackers-planning-homespun-anti-censorship-satellite-internet/#comments
SOPA is making ordinary, decent internet users mad as hell, and they're not gonna take it anymore. Hacker attendees of Berlin's Chaos Communication Congress are cooking up a plan to launch a series of homemade satellites as the backbone of an "uncensorable (sic) internet in space." Like all good ideas, there's a few hurdles to overcome first: objects in lower-Earth orbit circle the earth every 90 minutes, useless for a broadband satellite that needs to remain geostationary. Instead, a terrestrial network of base stations will have to be installed in order to remain in constant contact as it spins past, at the cost of €100 ($130) per unit. The conference also stated a desire to get an amateur astronaut onto the moon within 23 years, which we'd love to see, assuming there's still a rocket fuel store on eBay.

Hackers planning homespun anti-censorship satellite internet originally appeared on Engadget on Tue, 03 Jan 2012 13:15:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>AmateurAmateur SpaceAmateurSpaceBerlinCensorshipChaos Communication CongressChaosCommunicationCongresseBay IncHackHackerHackersHackingHacksOpen InternetOpenInternetrocketryRocketsSatelliteSci/TechSOPASpaceSpace TravelSpaceTravelTue, 03 Jan 2012 13:15:00 EST<![CDATA[Hacker builds allegedly pointless data network out of Lego train set]]>http://www.engadget.com/2011/12/27/hacker-builds-allegedly-pointless-data-network-out-of-lego-train/http://www.engadget.com/2011/12/27/hacker-builds-allegedly-pointless-data-network-out-of-lego-train/http://www.engadget.com/2011/12/27/hacker-builds-allegedly-pointless-data-network-out-of-lego-train/#comments How can we appreciate bullet-quick SSDs and fiber networks without pausing -- at the year's end -- to appreciate where it all came from? We should think back to before the birth of modern computing, even before the telegraph, to a time when bits of data were forced to travel everywhere by train. A hacker named Maximilien has now recreated that locomotive golden era using Lego, Arduino and Linux, and what his system lacks in bandwidth it more than makes up for in historical relevance. A USB flash key is borne by miniature railway carriage from station to station, stopping at each one to unload or pickup information and thus creating its own barebones networking protocol. Click the source link to appreciate the full museum piece.

Hacker builds allegedly pointless data network out of Lego train set originally appeared on Engadget on Tue, 27 Dec 2011 09:19:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>arduinohackhackadayHackerhackingIPIP over Avian CarrierIpOverAvianCarrierlegolinuxMaximilienmodmoddermoddingnetworknetworkingnetworking protocolNetworkingProtocolrailrailroadrailwaytraintrain setTrainSetTue, 27 Dec 2011 09:19:00 EST<![CDATA[Human Birdwings combines Wiimote, smartphone in DIY flying initiative (video)]]>http://www.engadget.com/2011/12/25/human-birdwings-combines-wiimote-smartphone-in-diy-flying-initi/http://www.engadget.com/2011/12/25/human-birdwings-combines-wiimote-smartphone-in-diy-flying-initi/http://www.engadget.com/2011/12/25/human-birdwings-combines-wiimote-smartphone-in-diy-flying-initi/#comments Somewhere, somehow, the Wright Brothers are smiling. Jarnos Smeets, a mechanical engineer from the Netherlands, has been plugging away on his Human Birdwings project for many, many months now, and his latest breakthroughs are absolutely worthy of a peek. Put simply, the bloke has married an HTC Wildfire S, a Wii remote and bookoodles of software genius in order to create a set of wings that are controlled by a human waving his arms as if to fly. As these things tend to go, it's all better explained in video, two of which are hosted up after the break. There's no capture just yet of Jarnos taking off himself, but at this rate, he'll probably be giving Santa a run for his money around this time next year.

Continue reading Human Birdwings combines Wiimote, smartphone in DIY flying initiative (video)

Human Birdwings combines Wiimote, smartphone in DIY flying initiative (video) originally appeared on Engadget on Sun, 25 Dec 2011 23:58:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>birdwingsdiyflightflyflyinghackhackerhtchuman birdwingsHumanBirdwingsJarnos SmeetsJarnosSmeetsmodmoddervideowiiwii remoteWiiRemotewildfirewildfire sWildfireSSun, 25 Dec 2011 23:58:00 EST<![CDATA[Yifan Lu jailbreaks Kindle Touch, uses a special MP3 file to do so (video)]]>http://www.engadget.com/2011/12/12/yifan-lu-jailbreaks-kindle-touch-uses-a-special-mp3-file-to-do/http://www.engadget.com/2011/12/12/yifan-lu-jailbreaks-kindle-touch-uses-a-special-mp3-file-to-do/http://www.engadget.com/2011/12/12/yifan-lu-jailbreaks-kindle-touch-uses-a-special-mp3-file-to-do/#comments http://www.engadget.com/2011/12/11/yifan-lu-jailbreaks-kindle-touch-uses-a-special-mp3-file-to-do/We've seen a fair share of Kindle Jailbreaks over the past few years, but Yifan Lu's (evidently the first) for the Kindle Touch is certainly novel in its approach. As The Digital Reader points out, a sizeable chunk of the Touch's software is essentially a string of pseudo HTML5 and JavaScript webpages -- differentiating it from Kindles prior -- which led Lu to notice an exploit rooted in its browser. It's there where he found a function titled nativeBridge.dbgCmd(), which'll run any ol' shell command as root. Armed with that knowledge, Lu crafted the jailbreak by cramming his payload of HTML and JavaScript into the ID3 tags of an easily downloadable MP3 file. There isn't much to be gained from "playing" that MP3 just yet, but Lu's looking forward to developers using the tools needed to write programs for the device. Full details about the jailbreak can be found at source link below, but before you head off, you can catch the video proof after the break.

Continue reading Yifan Lu jailbreaks Kindle Touch, uses a special MP3 file to do so (video)

Yifan Lu jailbreaks Kindle Touch, uses a special MP3 file to do so (video) originally appeared on Engadget on Mon, 12 Dec 2011 09:46:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>amazondeveloper-bloge booke bookse readere readerse-booke-bookse-readere-readershackerHTMLid3 tagsId3TagsjailbreakJavaScriptkindleKindle touchKindleTouchmedia playerMediaPlayermp3mp3 jailbreakMp3JailbreakMp3Playerrootvideoyifan luYifanLuMon, 12 Dec 2011 09:46:00 EST<![CDATA[iFaith v1.4 allows downgrade to iOS 5.0, jailbreaker's dream come true]]>http://www.engadget.com/2011/12/05/ifaith-v1-4-allows-downgrade-to-ios-5-0-jailbreakers-dream-com/http://www.engadget.com/2011/12/05/ifaith-v1-4-allows-downgrade-to-ios-5-0-jailbreakers-dream-com/http://www.engadget.com/2011/12/05/ifaith-v1-4-allows-downgrade-to-ios-5-0-jailbreakers-dream-com/#comments
In the game of Apple versus the jailbreakers, Cupertino threw the community a curveball with iOS 5's newly restricted downgrade system which blocks devices from restoring to old 5.x firmware. With the help of his noble steed iFaith (a custom Windows tool), hacker iH8sn0w has found a way around the firmware block, making it possible for dumped iOS 5 signature hash blobs (SHSH blobs) to permit unsigned restores. Why all the fuss about downgrading to prohibited firmware? Prominent iOS hackers MuscleNerd and pod2g have stated that the first untethered jailbreak will arrive on iOS 5.0 and, as such, may require iFaith's downgrade process to facilitate user restores. While the jailbreak is still under construction, iFaith should assure disheartened users in the community that all is not lost. Want to learn about blobs, blobs, and more blobs? Continue past the break to view iH8sn0w's informative video.

Continue reading iFaith v1.4 allows downgrade to iOS 5.0, jailbreaker's dream come true

iFaith v1.4 allows downgrade to iOS 5.0, jailbreaker's dream come true originally appeared on Engadget on Mon, 05 Dec 2011 07:54:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>appleblobscydiadowngradedowngradinghackhackerhackershacksifaithih8sn0wiosios5ipadipad2iphoneipodipod touchIpodTouchitouchjailbreakjailbreakerjailbreakersjailbreaksmobilepostminimusclenerdpod2grestorerestoringSHSHSHSH blobsShshBlobstooltoolsuntetheruntetheredwindowsMon, 05 Dec 2011 07:54:00 EST<![CDATA[Man on vacation confused for a Russian spy, almost restarts cold war]]>http://www.engadget.com/2011/12/01/man-on-vacation-confused-for-a-russian-spy-almost-restarts-cold/http://www.engadget.com/2011/12/01/man-on-vacation-confused-for-a-russian-spy-almost-restarts-cold/http://www.engadget.com/2011/12/01/man-on-vacation-confused-for-a-russian-spy-almost-restarts-cold/#comments Threats of Russian espionage can come from the unlikeliest of sources, as Jim Mimlitz, owner of Navionics Research, a small integrator firm, knows only too well. Curran Gardner Public Water District, just outside of Springfield, Illinois, employed Mimlitz's firm to set up its Supervisory Control and Data Acquisition system (SCADA), and the spy games began when Mimlitz went on vacation in Russia. While there, he logged into the SCADA system to check some data, then logged off and went back to enjoying Red Square and the finest vodka mother Russia has to offer.

However, five months later a Curran Gardner water pump fails, and an IT contractor eyeballing the logs spots the Russian-based IP address. Fearing stolen credentials, he passes the info up the chain of command to the Environmental Protection Agency (as it governs the water district) without bothering to contact Mimlitz, whose name was in the logs next to the IP address. The EPA then passed along the paranoia to a joint state and federal terrorism intelligence center, which issued a report stating that SCADA had been hacked. Oh boy. A media frenzy followed bringing all the brouhaha to Mimlitz's attention. After speaking with the FBI, the massive oversight was identified, papers were shuffled, and everyone went about their day. So, next time you delete all your company's e-mail, or restart the wrong server, remember: at least you didn't almost start World War III. Tap the source link for the full story.

[Image courtesy Northackton]

Man on vacation confused for a Russian spy, almost restarts cold war originally appeared on Engadget on Thu, 01 Dec 2011 14:35:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>Curran GardnerCurranGardnerdhsepaespionagefalse alarmFalseAlarmfbihackhackerhackingillinoisjim mimlitzJimMimlitzmimlitzmistakeNavionics ResearchNavionicsResearchrussiascadaspiesspywater-pumpThu, 01 Dec 2011 14:35:00 EST<![CDATA[Blu-ray video encryption cracked using $260 kit]]>http://www.engadget.com/2011/11/28/blu-ray-video-encryption-cracked-using-260-kit/http://www.engadget.com/2011/11/28/blu-ray-video-encryption-cracked-using-260-kit/http://www.engadget.com/2011/11/28/blu-ray-video-encryption-cracked-using-260-kit/#comments When a master key for HDCP encryption surfaced last year, Intel hardly broke a sweat. It declared that nobody could use the key to unlock Blu-rays or other protected sources unless they got into the semiconductor business and "made a computer chip" of their own. Oh Mann, didn't they realize? That sort of language is like a red rag to a German post-grad, and now Ruhr University's Secure Hardware Group has produced the ultimate rebuttal: a custom board that uses a field programmable gate array (FPGA) board to sit between a Blu-ray player and TV and decode the passing traffic. Student price: 200, and no silly bodysuits required.

Blu-ray video encryption cracked using $260 kit originally appeared on Engadget on Mon, 28 Nov 2011 06:32:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>Blu-raycopyingCrackdown-2digital rights managementDigitalRightsManagementdrmencryptionfpgahackhackerHDCPhdmihdpostcrossIntelpiracypiraterippingRuhr universityRuhrUniversitysecure hardware groupSecureHardwareGroupsecurityvideovideo encryptionVideoEncryptionXilinxMon, 28 Nov 2011 06:32:00 EST<![CDATA[Arduino hacker conjures NES and Etch-a-sketch wonderment (video)]]>http://www.engadget.com/2011/11/25/arduino-hacker-conjures-nes-and-etch-a-sketch-wonderment-video/http://www.engadget.com/2011/11/25/arduino-hacker-conjures-nes-and-etch-a-sketch-wonderment-video/http://www.engadget.com/2011/11/25/arduino-hacker-conjures-nes-and-etch-a-sketch-wonderment-video/#comments You never know when that creative spark will ignite in your brain and compel you to sketch out some ideas. But when that genius moment finally arrives, you might consider grabbing your original Nintendo controller, quickly wiring it up to an Arduino board, connecting that to some motors and then using those to drive the dials on an Etch-a-Sketch. Modder Alpinedelta32 tries it in the video after the break and it turns out to be a breeze -- and so much more tactile than other idea-capturing devices.

Continue reading Arduino hacker conjures NES and Etch-a-sketch wonderment (video)

Arduino hacker conjures NES and Etch-a-sketch wonderment (video) originally appeared on Engadget on Fri, 25 Nov 2011 22:01:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>alpinedelta32arduinoetch a sketchetch-a-sketchEtchASketchhackhackermodmodderMotorShowNESNintendonintendo entertainment systemNintendoEntertainmentSystemvideoFri, 25 Nov 2011 22:01:00 EST<![CDATA[Feds deny hacking caused Illinois water pump failure]]>http://www.engadget.com/2011/11/23/feds-deny-hacking-caused-illinois-water-pump-failure/http://www.engadget.com/2011/11/23/feds-deny-hacking-caused-illinois-water-pump-failure/http://www.engadget.com/2011/11/23/feds-deny-hacking-caused-illinois-water-pump-failure/#comments
Did a hacker or group of hackers, possibly in Russia, manage to physically destroy a water pump in Springfield, Illinois? That was the word last week, when reports spread that hackers had managed to take control of the water plant's Supervisory Control and Data Acquisition System (or SCADA), which gave them the ability to repeatedly turn the pump on and off and eventually burn it out. Now, however, both the FBI and the Department of Homeland Security say that their investigations have found no evidence of hacking or malicious activity, and that earlier reports were based on "raw, unconfirmed data." As you might expect, that explanation isn't quite being accepted by everyone, including Joe Weiss, the security researcher who first reported the incident. You can find his comments on Wired's Threat Level blog linked below.

Feds deny hacking caused Illinois water pump failure originally appeared on Engadget on Wed, 23 Nov 2011 17:51:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>hackhackerhackershackingrussiascadasecuritywater pumpWaterPumpWed, 23 Nov 2011 17:51:00 EST<![CDATA[Arduino geek develops Cold War Angst, starts spying on satellites (video)]]>http://www.engadget.com/2011/11/22/arduino-geek-develops-cold-war-angst-starts-spying-on-satellite/http://www.engadget.com/2011/11/22/arduino-geek-develops-cold-war-angst-starts-spying-on-satellite/http://www.engadget.com/2011/11/22/arduino-geek-develops-cold-war-angst-starts-spying-on-satellite/#comments Start with some Arduino and Gameduino hardware, add a splash of PLAN-13 satellite tracking software from 1983, and finish with a healthy dose of libertarianism. The result? A neat little hack called Angst, designed and built by Mark VandeWettering (aka Brainwagon). It can store details of up to 750 satellites on 128KB of EEPROM memory and display their predicted orbits in all the glory of SVGA. Don't get lazy though -- the most reliable way to track those pesky snoops in the sky is still to don your anorak, step outdoors and snoop right back.

Continue reading Arduino geek develops Cold War Angst, starts spying on satellites (video)

Arduino geek develops Cold War Angst, starts spying on satellites (video) originally appeared on Engadget on Tue, 22 Nov 2011 21:21:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>angstromarduinobrainwagoncustomDIYgameduinohackhackerhackingmark vandewetteringMarkVandewetteringorbitsatellitesatellitesspy satelliteSpySatellitesvgatrackingvideoTue, 22 Nov 2011 21:21:00 EST<![CDATA[Water pump reportedly destroyed by SCADA hackers]]>http://www.engadget.com/2011/11/20/water-pump-reportedly-destroyed-by-scada-hackers/http://www.engadget.com/2011/11/20/water-pump-reportedly-destroyed-by-scada-hackers/http://www.engadget.com/2011/11/20/water-pump-reportedly-destroyed-by-scada-hackers/#comments The FBI and DHS are investigating damage to a public water system in Springfield, Illinois, which may have been the target of a foreign cyber attack. There's no threat to public safety and criminal interference has not been officially confirmed, but a security researcher called Joe Weiss has reported evidence that hackers based in Russia are to blame. He claims they accessed the water plant's SCADA online control system and used it to repeatedly switch a pump on and off, eventually causing it to burn out. Coincidentally, a water treatment facility was publicly hacked at the Black Hat conference back in August, precisely to highlight this type of vulnerability. If there are any SCADA administrators out there who haven't already replaced their '1234' and 'admin' passwords, then they might consider this a reminder.

Water pump reportedly destroyed by SCADA hackers originally appeared on Engadget on Sun, 20 Nov 2011 19:20:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>cyber attackcyber attackscyber crimeCyberAttackCyberAttacksCyberCrimehackhackerhackingIllinoisJoe WeissJoeWeissRussiaRussianSCADAsecuritySpringfieldwaterwater plantwater pumpWaterPlantWaterPumpSun, 20 Nov 2011 19:20:00 EST<![CDATA[The Engadget Interview: Dr. Charlie Miller]]>http://www.engadget.com/2011/11/18/the-engadget-interview-dr-charlie-miller/http://www.engadget.com/2011/11/18/the-engadget-interview-dr-charlie-miller/http://www.engadget.com/2011/11/18/the-engadget-interview-dr-charlie-miller/#comments Dr. Charlie Miller -- a man who has been covered extensively here at Engadget -- snagged a doctorate in Mathematics from the University of Notre Dame. He spent five years working on cryptography for the National Security Agency. And, after heading into the wilds of security analysis, he was the first to find a bug in the battery of the first MacBook Air, various bugs within Mac OS X and the Safari web browser and assorted bugs within iOS itself, all while racking up thousands of dollars in hacking contest prize money.

Last week, this came to a head, as Miller created a controversial proof of concept application that both proved the existence of an iOS security hole as well as got him expelled from the App Store's developer network. Given that he's driven Apple Inc. somewhat nuts over the past few years, we sat down with the good doctor to see how he felt about Apple, iOS, security, technology, sandboxing, the pros and cons of modern security and the ups and downs of one of the weirdest career paths for any aspiring technologist today. Join us after the break for the full interview in both textual and audio form.

Continue reading The Engadget Interview: Dr. Charlie Miller

The Engadget Interview: Dr. Charlie Miller originally appeared on Engadget on Fri, 18 Nov 2011 13:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>applecharlie millerCharlieMillerengadget interviewEngadgetInterviewhackhackerhacksinterviewiosios 5Ios5macmobilepostcrossos xOsXsecuritythe engadget interviewTheEngadgetInterviewFri, 18 Nov 2011 13:30:00 EST<![CDATA[Jailbreakers unearth hidden panorama mode in iOS 5 camera app]]>http://www.engadget.com/2011/11/08/jailbreakers-unearth-hidden-panorama-mode-in-ios-5-camera-app/http://www.engadget.com/2011/11/08/jailbreakers-unearth-hidden-panorama-mode-in-ios-5-camera-app/http://www.engadget.com/2011/11/08/jailbreakers-unearth-hidden-panorama-mode-in-ios-5-camera-app/#comments Somewhere deep within the bowels of iOS 5 lurks a panoramic camera function, and hacker Conrad Kramer has unlocked it. The trick, according to Kramer (AKA Conradev), is to set the "EnableFirebreak" key to "Yes" within an iOS preference file. Alternatively, you could just grab fellow hacker Grant Paul's Firebreak tweak, which just hit the Cydia storefront this morning. Once installed on your jailbroken phone, Firebreak will allow you to take full panoramic shots directly from the iOS interface, as pictured above in Paul's screenshot. No word yet on if or when Apple plans on flipping this function live, but in the meantime, you can check out the links below for more details.

[Thanks, Charlie]

Jailbreakers unearth hidden panorama mode in iOS 5 camera app originally appeared on Engadget on Tue, 08 Nov 2011 12:22:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>appleconrad kramerConradKramercydiafirebreakgrant paulGrantPaulhackeriosios 5ios5iphonejailbreakjailbrokenmobilepostminipanoramapanoramicphotographytweakTue, 08 Nov 2011 12:22:00 EST<![CDATA[Siri port now talking to Apple servers, avoiding Cydia]]>http://www.engadget.com/2011/10/30/siri-port-now-talking-to-apple-servers-avoiding-cydia/http://www.engadget.com/2011/10/30/siri-port-now-talking-to-apple-servers-avoiding-cydia/http://www.engadget.com/2011/10/30/siri-port-now-talking-to-apple-servers-avoiding-cydia/#comments

A little cajoling from a clever developer got Siri talking to the iPhone 4 and the iPad, but Apple's tight-lipped servers kept the conversation effectively one-sided. The last-gen port was still missing something, and developer Steven Troughton-Smith knew where to find it: a jailbroken iPhone 4S. In an interview with 9to5Mac, Troughton-Smith said that getting Siri to talk to Cupertino's data servers only took ten minutes after he had all of the pieces in place. Ready for your personal assistant port? Hold the phone, the process is a bit dodgy -- our hacking hero said that getting Siri on the older device is a 20-step process, and it requires files from the iPhone 4S that he says aren't his to distribute. When asked about distributing the hack over Cydia, Troughton-Smith said it was something he couldn't be a part of. On Twitter he suggested that a release would "anger the hive," but promised to post detailed notes on the hack after a iPhone 4S jailbreak drops.

Filed under:

Siri port now talking to Apple servers, avoiding Cydia originally appeared on Engadget on Sun, 30 Oct 2011 03:34:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>4sappleassistantCydiadeveloperhackhackerhackinghacksiOS 5Ios5ipadiPad iOS 5IpadIos5iphoneiphone 4iphone 4sIphone4Iphone4sjailbreakjailbrokenmobilepostcrossportportssirisiri virtual assistantSiriVirtualAssistantvideovoice comVoiceComSun, 30 Oct 2011 03:34:00 EST<![CDATA[How Arduino got its start: a behind the scenes revelation]]>http://www.engadget.com/2011/10/28/how-arduino-got-its-start-a-behind-the-scenes-revelation/http://www.engadget.com/2011/10/28/how-arduino-got-its-start-a-behind-the-scenes-revelation/http://www.engadget.com/2011/10/28/how-arduino-got-its-start-a-behind-the-scenes-revelation/#comments Plenty of tales have cropped up through the years focusing on the roots of Arduino -- a tiny circuit board that holds a special place in the heart of every modern-day DIYer -- but a recent expose from the folks at Ieee Spectrum has a behind-the-scenes look that'll impress even historians. Massimo Banzi is the name, and Bar di Re Arduino is the place. The former is hailed as an Italian cofounder of the project he dubbed Arduino in honor of the latter, and in time, four more folks would join him to create what would become a complete gamechanger in the universe of homegrown electronics. We've covered initiatives built on Arduino for years here at Engadget. Everything from sigh collectors to early warning systems for pastry chefs has been built around the platform, and the story of how we got to the place we are now is a fascinating one. We won't introduce any spoilers here -- tap that source link below to enjoy at your own pace.

How Arduino got its start: a behind the scenes revelation originally appeared on Engadget on Fri, 28 Oct 2011 12:27:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>arduinocircuitcircuit boardCircuitBoardcircuitrydiyhackhackerFri, 28 Oct 2011 12:27:00 EST<![CDATA[Siri shows up on an iPod Touch, no longer plays favorites in the iOS family]]>http://www.engadget.com/2011/10/25/siri-shows-up-on-an-ipod-touch-no-longer-plays-favorites-in-the/http://www.engadget.com/2011/10/25/siri-shows-up-on-an-ipod-touch-no-longer-plays-favorites-in-the/http://www.engadget.com/2011/10/25/siri-shows-up-on-an-ipod-touch-no-longer-plays-favorites-in-the/#comments That Siri gal is certainly making the rounds these days. When she's not answering your questions on a 4S, she's showing up on iPads and elder iPhones. Not one to play favorites, Siri's now lending her considerable talents to an iPod touch. Two enterprising young hackers, euwars and rud0lf77, are the ones who put Siri on the iPod, and you can see the results of their labor in the video after the break. Of course, Apple's servers still aren't as friendly as the virtual voice assistant, so Siri's latest cameo remains a silent one -- but some Siri's better than none, right?

Continue reading Siri shows up on an iPod Touch, no longer plays favorites in the iOS family

Siri shows up on an iPod Touch, no longer plays favorites in the iOS family originally appeared on Engadget on Tue, 25 Oct 2011 19:24:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>appleassistanthackhackerhackinghacksiosios 5Ios5ipodipod touchIpodTouchportsirisiri virtual assistantSiriVirtualAssistantvideovoice commandvoice commandsvoice recognitionVoiceCommandVoiceCommandsVoiceRecognitionTue, 25 Oct 2011 19:24:00 EST<![CDATA[Siri ported to iPad, still getting silent treatment from Apple servers]]>http://www.engadget.com/2011/10/24/siri-ported-to-ipad-still-getting-silent-treatment-from-apple-s/http://www.engadget.com/2011/10/24/siri-ported-to-ipad-still-getting-silent-treatment-from-apple-s/http://www.engadget.com/2011/10/24/siri-ported-to-ipad-still-getting-silent-treatment-from-apple-s/#comments
Developers wasted no time bringing Siri to the iPhone 4, and nine days later, it's been brought to the iPad as well. This version, running on a first-generation jailbroken Apple tablet, suffers from a similar problem as past non-iPhone 4S ports: it's still not talking to Apple's data servers. This means that until devs manage to get voice commands recognized and initiated, the iPad's unofficial virtual assistant will remain effectively gagged.

Siri ported to iPad, still getting silent treatment from Apple servers originally appeared on Engadget on Mon, 24 Oct 2011 10:20:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>4sappleassistantdeveloperhackhackerhackinghacksiOS 5Ios5ipadiPad iOS 5IpadIos5iphoneiphone 4iphone 4sIphone4Iphone4sjailbreakjailbrokenportportssirisiri virtual assistantSiriVirtualAssistantvideovoice commandsvoice recognitionVoiceCommandsVoiceRecognitionMon, 24 Oct 2011 10:20:00 EST<![CDATA[Siri ported to an iPhone 4, old phone learns a new trick (Update: Better performance!)]]>http://www.engadget.com/2011/10/15/siri-ported-to-an-iphone-4-old-phone-learns-a-new-trick/http://www.engadget.com/2011/10/15/siri-ported-to-an-iphone-4-old-phone-learns-a-new-trick/http://www.engadget.com/2011/10/15/siri-ported-to-an-iphone-4-old-phone-learns-a-new-trick/#comments Apple's iPhone 4 may not have the fancy dual core CPU of its successor, but thanks to the efforts of developer Steven Troughton-Smith and the folks at 9to5 Mac, it may soon have Siri. The port of the sultry voice assistant was accomplished by using the 4S Siri and Springboard files, and some serious elbow grease, no doubt. As you can see in the video below, it's far from perfect, but it can recognize spoken commands without issue. Currently, the hack is missing an iPhone 4 GPU driver that keeps things running buttery smooth on the elder phone, and Cupertino won't authenticate Siri's commands coming from it either. So, it isn't quite ready for primetime, but it should only be a matter of time before all you iPhone 4 owners can tell Siri what to do, too.

Update: And in the space of just a few hours, Mr. Troughton-Smith has already managed to improve performance of the app on the iPhone 4 significantly, although Apple's servers are still unreachable. Check out a newer YouTube video showing off some seriously smooth scrolling action after the break. [Thanks, Ramzi]

Continue reading Siri ported to an iPhone 4, old phone learns a new trick (Update: Better performance!)

Siri ported to an iPhone 4, old phone learns a new trick (Update: Better performance!) originally appeared on Engadget on Sat, 15 Oct 2011 01:38:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>4sapplehackhackerhackinghacksiphoneiphone 4iphone 4sIphone4Iphone4smobilepostcrossportportssiriSteven Troughton-SmithStevenTroughton-smithvideovoice recognitionVoiceRecognitionSat, 15 Oct 2011 01:38:00 EST<![CDATA[Sony locks 93,000 PSN and SOE accounts due to 'massive' hack attempt]]>http://www.engadget.com/2011/10/12/sony-locks-93-000-psn-and-soe-accounts-due-to-massive-hack-att/http://www.engadget.com/2011/10/12/sony-locks-93-000-psn-and-soe-accounts-due-to-massive-hack-att/http://www.engadget.com/2011/10/12/sony-locks-93-000-psn-and-soe-accounts-due-to-massive-hack-att/#comments Sony's not having a good morning. In addition to having to recall 1.6 million Bravia TVs, it's also been forced to temporarily lock 93,000 customers out of their PSN and Sony Online Entertainment accounts. You won't be surprised by the reason: an attempt by hackers to "test a massive set of sign-in IDs and passwords" against Sony's network database. Some of the affected accounts showed "additional activity prior to being locked" and are being investigated. On the flip-side, Sony's Chief Information Security Officer, Philip Reitinger, stressed that most of the hackers' details resulted in failed logins and in any case credit card details are not at risk. Users are being told to expect an email if they've been affected, which will contain further instructions. Has Sony finally realized the value of timely communication?

Sony locks 93,000 PSN and SOE accounts due to 'massive' hack attempt originally appeared on Engadget on Wed, 12 Oct 2011 07:51:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>breachhackhackedhackerloginloginspasswordPlayStation NetworkPlaystationNetworkPSNsecuritySENSOESonySony Entertainment NetworkSony Online EntertainmentSonyEntertainmentNetworkSonyOnlineEntertainmentWed, 12 Oct 2011 07:51:00 EST<![CDATA[Growing Up Geek: Ben Heck]]>http://www.engadget.com/2011/10/10/growing-up-geek-ben-heck/http://www.engadget.com/2011/10/10/growing-up-geek-ben-heck/http://www.engadget.com/2011/10/10/growing-up-geek-ben-heck/#comments Welcome to Growing Up Geek, an ongoing feature where we take a look back at our youth and tell stories of growing up to be the nerds that we are. Today we have Hacker Extraordinaire (and host of his own show), Benjamin J. Heckendorn!

As a kid growing up in Richland Center, WI, I sometimes had to be extra creative in finding things to occupy my time, and my creativity naturally gravitated toward all things technology. Soldering, erector sets and deconstructing toys were the epicenter of my young life. Taking things apart to find out how they worked was essentially a rite of passage for me to becoming the geeky man I am today.

I got my first taste of programming in elementary school on a collection of even-then old Apple II's, but I really got into it wholesale when, at age 11, I got my first computer - an Atari 800. While still ancient for the time, I did a lot of programming on it and learned a lot of fundamentals that are useful to this day.

Continue reading Growing Up Geek: Ben Heck

Growing Up Geek: Ben Heck originally appeared on Engadget on Mon, 10 Oct 2011 13:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>ben heckBenHeckbenjamin heckendornBenjaminHeckendorndiyhackhackerhackingMon, 10 Oct 2011 13:00:00 EST<![CDATA[NC State researchers team with IBM to keep cloud-stored data away from prying eyes]]>http://www.engadget.com/2011/10/07/nc-state-researchers-team-with-ibm-to-keep-cloud-stored-data-awa/http://www.engadget.com/2011/10/07/nc-state-researchers-team-with-ibm-to-keep-cloud-stored-data-awa/http://www.engadget.com/2011/10/07/nc-state-researchers-team-with-ibm-to-keep-cloud-stored-data-awa/#commentsThe man on your left is Dr. Peng Ning -- a computer science professor at NC State whose team, along with researchers from IBM, has developed an experimental new method for safely securing cloud-stored data. Their approach, known as a "Strongly Isolated Computing Environment" (SICE), would essentially allow engineers to isolate, store and process sensitive information away from a computing system's hypervisors -- programs that allow networked operating systems to operate independently of one another, but are also vulnerable to hackers. With the Trusted Computing Base (TCB) as its software foundation, Ping's technique also allows programmers to devote specific CPU cores to handling sensitive data, thereby freeing up the other cores to execute normal functions. And, because TCB consists of just 300 lines of code, it leaves a smaller "surface" for cybercriminals to attack. When put to the test, the SICE architecture used only three percent of overhead performance for workloads that didn't require direct network access -- an amount that Ping describes as a "fairly modest price to pay for the enhanced security." He acknowledges, however, that he and his team still need to find a way to speed up processes for workloads that do depend on network access, and it remains to be seen whether or not their technique will make it to the mainstream anytime soon. For now, though, you can float past the break for more details in the full PR.

Continue reading NC State researchers team with IBM to keep cloud-stored data away from prying eyes

NC State researchers team with IBM to keep cloud-stored data away from prying eyes originally appeared on Engadget on Fri, 07 Oct 2011 09:24:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>cloudcloud computingcloud storageCloudComputingCloudStoragecomputer scienceComputerSciencecoreCPUcybercrimedataexperimentalhackerhypervisorIBMminipostNC StateNcStatenetworkNorth Carolina State UniversityNorthCarolinaStateUniversityprocessorprogramprogrammingresearchsecuritySICEsoftwarestrongly isolated computing environmentStronglyIsolatedComputingEnvironmentTCBtechniquetrusted computer baseTrustedComputerBaseFri, 07 Oct 2011 09:24:00 EST<![CDATA[Team-Touchdroid dual boots Android on TouchPad -- touchscreen not included]]>http://www.engadget.com/2011/09/03/team-touchdroid-dual-boots-android-on-touchpad-touchscreen-no/http://www.engadget.com/2011/09/03/team-touchdroid-dual-boots-android-on-touchpad-touchscreen-no/http://www.engadget.com/2011/09/03/team-touchdroid-dual-boots-android-on-touchpad-touchscreen-no/#comments The race to get Android working on the now budget-friendly HP TouchPad is on. We've already heard rumors of the little green robot coming pre-installed on the ill-fated slate and we've seen the first CM7 boot, but no one's gone all the way quite yet. While progress is slow, a team of dedicated TouchPad hackers, calling itself Team-Touchdroid, is now showing off a dual-boot configuration with Android 2.3.5. As with CM7, the touchscreen still doesn't work, but the demo video is quite dramatic -- that is until the credits stop rolling. If early-stage flip-flopping OSs are your thing, hop on past the break, but don't say we didn't warn you: it's going to get weird.

Continue reading Team-Touchdroid dual boots Android on TouchPad -- touchscreen not included

Team-Touchdroid dual boots Android on TouchPad -- touchscreen not included originally appeared on Engadget on Sat, 03 Sep 2011 20:13:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>AndroidAndroid 2.3.5Android GinderbreadAndroid on TouchPadAndroid2.3.5AndroidGinderbreadAndroidOnTouchpadDual Boot TouchPaddual-bootdual-boot touchpadDual-bootTouchpadDualBootTouchpadGinderbreadhackhackerhackinghewlett packardHewlettPackardHPHP TouchPadHpTouchpadteam touchdroidTeamTouchdroidtouchdroidTouchPadvideowebosSat, 03 Sep 2011 20:13:00 EST<![CDATA[MIT research team improves wireless security, is starting with the man in the middle]]>http://www.engadget.com/2011/08/26/mit-research-team-improves-wireless-security-is-starting-with-t/http://www.engadget.com/2011/08/26/mit-research-team-improves-wireless-security-is-starting-with-t/http://www.engadget.com/2011/08/26/mit-research-team-improves-wireless-security-is-starting-with-t/#comments
Now that they've finished building a robot capable of making cakes, MIT's researchers can get on with the serious business of improving our wireless security. In a new study it reveals a technique dubbed tamper-evident pairing that stops so-called man-in-the-middle attacks. Put simply, a hacker intercepts your wireless communications, reads it and passes it onto the recipient, pretending to be you. Because the hacker controls the flow of information between the two parties, it's difficult to detect. MIT's process randomizes and encrypts the data with silence patterns and strings of additional information, which a hacker won't be able to replicate. The best part is that the added security measures only add 23 milliseconds of time onto each transmission. As fixing our wireless security problems is now out the door, the team are probably off to solve some more giant Rubik's cubes.

MIT research team improves wireless security, is starting with the man in the middle originally appeared on Engadget on Fri, 26 Aug 2011 13:35:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>HackhackerhackersHacksMan in the middleManInTheMiddleMassachusetts Institute of TechnologyMassachusettsInstituteOfTechnologyMITtamper-evident pairingTamper-evidentPairingWiFiWireless SecurityWirelessSecurityFri, 26 Aug 2011 13:35:00 EST<![CDATA[LetterBomb does game-free Wii hacking for System Menu 4.3]]>http://www.engadget.com/2011/08/10/letterbomb-does-game-free-wii-hacking-for-system-menu-4-3/http://www.engadget.com/2011/08/10/letterbomb-does-game-free-wii-hacking-for-system-menu-4-3/http://www.engadget.com/2011/08/10/letterbomb-does-game-free-wii-hacking-for-system-menu-4-3/#comments The myth of the unhackable Wii has long since been put to rest, but that hasn't stopped intrepid homebrew enthusiasts from coming up with new exploits. Case in point: LetterBomb. This particular Wii hack is a follow-up to BannerBomb, which was billed as a replacement for Twilight Hack -- all of which are capable of launching the homebrew channel sans hardware mods. BannerBomb stopped short at Menu 4.2, but LetterBomb is carrying the exploit banner, so to speak, for the next generation. Utilizing the console's Message Board, the hack requires an SD card, a Wii running System Menu 4.3, and a Wii MAC address. If you're looking to get your game-free Wii hack on, check out the source link for the full rundown.

LetterBomb does game-free Wii hacking for System Menu 4.3 originally appeared on Engadget on Wed, 10 Aug 2011 21:22:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>exploithackhackerhackinghackmiihome brewHomeBrewhomebrew channelHomebrewChannelhowebrewLetteMessage BoardMessageBoardNintendoNintendo WiiNintendoWiiSD cardSdCardSystem Menu 4.3System Menu 4.3 exploitSystem Menu 4.3 hackSystem Menu exploitSystemMenu4.3SystemMenu4.3ExploitSystemMenu4.3HackSystemMenuExploitWiiWii hackWii HomebrewWiiHackWiiHomebrewWed, 10 Aug 2011 21:22:00 EST<![CDATA[Android Network Toolkit lets you exploit local machines at the push of a button]]>http://www.engadget.com/2011/08/08/android-network-toolkit-lets-you-exploit-local-machines-at-the-p/http://www.engadget.com/2011/08/08/android-network-toolkit-lets-you-exploit-local-machines-at-the-p/http://www.engadget.com/2011/08/08/android-network-toolkit-lets-you-exploit-local-machines-at-the-p/#commentsDefcon 2011 is in full hacking swing, and Itzhak Avraham -- "Zuk" for short -- and his company Zimperium have unveiled the Android Network Toolkit for easy hacking on the go. Need to find vulnerabilities on devices using nearby networks? The app, dubbed "Anti" for short, allows you to simply push a button to do things like search a WiFi network for potential targets, or even take control of a PC trojan-style. To do this, it seeks out weak spots in older software using known exploits, which means you may want to upgrade before hitting up public WiFi. According to Forbes, it's much like Firesheep, and Zuk refers to Anti as a "penetration tool for the masses." Apparently, his end-goal is to simplify "advanced" hacking and put it within pocket's reach, but he also hopes it'll be used mostly for good. Anti should be available via the Android Market this week for free, alongside a $10 "corporate upgrade." Consider yourself warned.

Android Network Toolkit lets you exploit local machines at the push of a button originally appeared on Engadget on Mon, 08 Aug 2011 02:18:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>androidandroid appandroid hackAndroid Network ToolkitAndroidAppAndroidHackAndroidNetworkToolkitantidefcondefcon 2011Defcon2011exploitforbeshackhackerhackersItzhak AvrahamItzhakAvrahamsecurityvulnerabilitiesvulnerabilitywhite hatWhiteHatwifiwifi hackWifiHackZimperiumzukMon, 08 Aug 2011 02:18:00 EST<![CDATA[WhiteHat Security hacks into Chrome OS, exposes extension vulnerability at Black Hat]]>http://www.engadget.com/2011/08/06/whitehat-security-hacks-into-chrome-os-exposes-extension-vulner/http://www.engadget.com/2011/08/06/whitehat-security-hacks-into-chrome-os-exposes-extension-vulner/http://www.engadget.com/2011/08/06/whitehat-security-hacks-into-chrome-os-exposes-extension-vulner/#comments It's been a rough Black Hat conference for Google. First, FusionX used the company's homepage to pry into a host of SCADA systems, and now, a pair of experts have discovered a way to hack into Chrome OS. According to WhiteHat security researchers Matt Johansen and Kyle Osborn, one major issue is Google's vet-free app approval process, which leaves its Chrome Web Store susceptible to malicious extensions. But there are also vulnerabilities within native extensions, like ScratchPad -- a note-taking extension that stores data in Google Docs. Using a cross-site scripting injection, Johansen and Osborn were able to steal a user's contacts and cookies, which could give hackers access to other accounts, including Gmail. Big G quickly patched the hole after WhiteHat uncovered it earlier this year, but researchers told Black Hat's attendees that they've discovered similar vulnerabilities in other extensions, as well. In a statement, a Google spokesperson said, "This conversation is about the Web, not Chrome OS. Chromebooks raise security protections on computing hardware to new levels." The company went on to say that its laptops can ward off attacks better than most, thanks to "a carefully designed extensions model and the advanced security available through Chrome that many users and experts have embraced."

WhiteHat Security hacks into Chrome OS, exposes extension vulnerability at Black Hat originally appeared on Engadget on Sat, 06 Aug 2011 17:07:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>black hatblack hat conferenceblack hat securityblack hat security conferenceBlackHatBlackHatConferenceBlackHatSecurityBlackHatSecurityConferencechromechrome oschrome web storechromebookChromeOsChromeWebStoredemoextensionflawgmailgooglegoogle chromegoogle chrome osgoogle docsGoogleChromeGoogleChromeOsGoogleDocshackhackerhackingkyle osbornKyleOsbornMatt JohansenMattJohansenresearchscriptingsecurityvetvulnerabilitywhite hatWhiteHatSat, 06 Aug 2011 17:07:00 EST<![CDATA[Microsoft offers 'mad loot' Bluehat prize to entice security developers (video)]]>http://www.engadget.com/2011/08/05/microsoft-offers-mad-loot-bluehat-prize-to-entice-security-dev/http://www.engadget.com/2011/08/05/microsoft-offers-mad-loot-bluehat-prize-to-entice-security-dev/http://www.engadget.com/2011/08/05/microsoft-offers-mad-loot-bluehat-prize-to-entice-security-dev/#comments Mere numbers aren't enough to describe cash prizes for Microsoft, it seems. The firm's inaugural Bluehat security competition's introduction video opted for a clearer term: "mad loot, lots of it." The big M hopes the hefty first prize of $200,000 will inspire the creation of the next generation of defensive computer security technology. The most innovative "novel runtime mitigation technology designed to prevent the exploitation of memory safety vulnerabilities" (phew!) will take home the aforesaid mad loot, while second and third places will receive $50,000 and an MSDN Universal subscription, respectively. The winner won't be announced until Blackhat 2012, of course, and applicants have until April to submit their prototypes and technical descriptions. Hit the break for the official announcement video, complete with CG backgrounds and prize euphemisms.

Continue reading Microsoft offers 'mad loot' Bluehat prize to entice security developers (video)

Microsoft offers 'mad loot' Bluehat prize to entice security developers (video) originally appeared on Engadget on Fri, 05 Aug 2011 09:22:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>awardblackhatblackhat conferenceBlackhatConferencebluehatbluehat awardbluehat competitionbluehat prizeBluehatAwardBluehatCompetitionBluehatPrizecompetitioncomputer securityComputerSecuritycontestexploitexploitationhackhackerhackingmad lootMadLootmicrosoftruntime mitigationRuntimeMitigationsecurityvideoFri, 05 Aug 2011 09:22:00 EST<![CDATA[Getting to know you: Comex, the boy behind iOS' JailbreakMe]]>http://www.engadget.com/2011/08/01/getting-to-know-you-comex-the-boy-behind-ios-jailbreakme/http://www.engadget.com/2011/08/01/getting-to-know-you-comex-the-boy-behind-ios-jailbreakme/http://www.engadget.com/2011/08/01/getting-to-know-you-comex-the-boy-behind-ios-jailbreakme/#comments See that kid above? That's Nicholas Allegra. He's the hackdom Harry Potter to Apple's Ye-Who-Shall-Not-Jailbreak-Our-Wares, and Forbes managed to sniff him out for a little bold-faced exposé. The 19-year old hero of the iOS community, better known as Comex, got his self-taught start with Visual Basic when he was still in single digits. After graduating through a venerable online forum education, the precocious coding lad set his smarts to homebrew Wii development, and the rest is JailbreakMe history. The self-described Apple fanboy admits his background is atyipcal of the cybersecurity industry, but with a former National Security Agency analyst praising his work as years ahead of his time, we don't think he should worry. For all the trouble his code has caused Cupertino, Allegra's not trying to be the embedded thorn in Jobs' side. Rather, the iPhone hacker claims "it's just about the challenge" and plans to keep on keeping ol' Steve on his billion dollar toes.

Getting to know you: Comex, the boy behind iOS' JailbreakMe originally appeared on Engadget on Mon, 01 Aug 2011 20:23:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments]]>ApplecodecodingComexCupertinohackhackerhackingiOSiPadiPhonejailbreakjailbreakingJailbreakMeJailbreakMe 3.0Jailbreakme3.0mobilenational security agencyNationalSecurityAgencyNicholas AllegraNicholasAllegraSteve JobsSteveJobsVisual BasicVisualBasicMon, 01 Aug 2011 20:23:00 EST