phreaking
Latest
Flipper Zero turns hacking into a Tamagotchi-style game
Its creators want to show that hacking is 'a skill set like anything else.'
Your timely reminder: Not all hacking requires a computer
The public perception of hacking involves a shadowy figure in a hoodie hunched over a laptop, tapping furiously while a waterfall of glowing green text fills the screen. Also he's probably listening to industrial music. First off, that's a ridiculous caricature, and more important, not all intrusions are the result of someone banging away on a keyboard to "hack the network." Exploiting the vulnerabilities of a company can simply involve picking up a phone, chatting with a few people or memorizing a few tones.
Dallas siren hack: Coming to a city near you
At 11:42 PM last Friday night in Dallas, suddenly and for no apparent reason, what locals call the 'tornado sirens' went off. All of them. It was a clear, calm night; no foul weather presaged the blare of an emergency system so loud it's meant to wake sleepers inside their houses. When the 156 sirens continued to go off in repeating 90-second cycles, seemingly without end, people started to worry about being bombed.
Proof of concept: iPhone captures keystrokes via 'thump phreaking'
Researchers at Georgia Tech have worked up a proof-of-concept demonstration of using an iPhone 4's accelerometer as a keylogger. After setting the iPhone near a computer keyboard, the device's built-in accelerometer and gyroscope were able to decipher entire sentences "with up to 80 percent accuracy." Similar keyloggers have already been developed using microphones, which sample vibrations far more frequently than accelerometers. However, nearly all phone operating systems ask a user's permission before granting applications access to the built-in microphone, which limits the utility of a keylogger. Apps don't currently ask for users' permission for access to accelerometers and gyroscopes, which raises the remote possibility of iPhones or other accelerometer-equipped devices spying on keyboard inputs without users being the wiser. "The way we see this attack working is that you, the phone's owner, would request or be asked to download an innocuous-looking application, which doesn't ask you for the use of any suspicious phone sensors," said Henry Carter, one of the project's researchers. "Then the keyboard-detection malware is turned on, and the next time you place your phone next to the keyboard and start typing, it starts listening." The keylogger software works by detecting key pairs -- detecting individual key presses turned out to be too difficult and unreliable -- and by comparing paired accelerometer events against a built-in dictionary, the software can decipher keypresses with startling accuracy. Our own Mike Rose has coined "thump phreaking" to refer to this spying technique (after Van Eck phreaking, which uses CRT or LCD emissions to reconstruct the screen image) and it's as apt a term as any for what this software does. It must be mentioned that this is only a proof of concept and not an actual attack that's out in the wild. The researchers themselves admit that this keylogger was difficult to build, and it's easily defeated by something as simple as moving your iPhone more than three inches away from the keyboard. That having been said, the technique is very James Bondian, and I wouldn't be at all surprised if something similar to this turns up in a forthcoming spy thriller or Batman movie.
How to reveal blocked caller ID info: a video guide to risky behavior
Let's say for some reason someone has his or her caller ID blocked and is calling you all the time. Let's then say you really want to know who that person is for, you know, whatever reason -- not that we'd know anything about that. Some crafty phreaker types have come up with a way to do this using an enterprise-spec asterisk box and a SIP trunk provider. In a demonstration video, a hacker tweaks said asterisk box with some new configurations to strip out privacy flags, forward the call to another number, and ultimately reveal caller ID information which, surprisingly, is still available. This isn't meant to be easy, but if the terms "prepend," "SIP trunk," and "asterisk box" don't scare you away, go ahead and watch the video after the break. Big disclaimer: we're not responsible for your broken gear, jail time, or restraining orders.
Laptops and flat panels also vulnerable to Van Eck eavesdropping
Those who wander into the realms of spying, phreaking, and dubious eavesdropping are likely familiar with Wim Van Eck, but for those new to remote screen-grabbing scene, you should probably take note. Back in the day, Mr. Eck "proved it was possible to tune into the radio emissions produced by electromagnetic coils in a CRT display and then reconstruct the image," effectively rending the images on a distant monitor without the user knowing. Now, however, a modern day guru in his own right has found that the methodology used in 1985 can still be potent today, albeit on laptops and flat panel LCDs. Markus Kuhn has since discovered that by tuning into the radio emissions produced by the cables running into a monitor, hackers can garner the pixels one at a time, and carefully stack them together to form a picture of someone else's screen. Reportedly, Markus was able to "see a PowerPoint presentation from a stand 25 meters away (pictured)," and he also noted that laptops with metal hinges were particularly good targets as they tended to broadcast the necessary signals quite well. Of course, we aren't encouraging the act of on-screen voyeurism without appropriate consent, but if you're interested in seeing what's behind the (faraway) LCD, be sure to hit the read link and push aside those morals for a moment. [Warning: PDF read link][Via Slashdot]
Dial the phone using your iPod
Ah, Woz would be proud. MacMerc's Brian Burnham has written a tutorial detailing how you can turn your iPod into a phone dialer (is iPod phreaking far away? I think not). It works because analog phones use a series of tones to decipher what numbers you are inputting, so you simply play those same tones through some speakers, via your iPod, and BAM! The iPod dials for you.[via Make]
