Muslix64 has managed within a month to crack both Blue-Ray andHD-DVD and has released software allowing you to back up these DVDs (for personal use, of course). BackupBluray and BackupHDDVD

Showing that the government in the UK is not above the law, Scotland Yard has hacked into government computers following suspicions that the government was not exactly forthcoming with evidence into one of their investigations. It gives me a nice, cuddly feeling, knowing that the two parties get to check up on each other.

Invisible things is the website of Joanna Rutkowska, who is very interested in stealth malware insertion into kernels. She came up with the ‘blue pill’, which is a stealth VM in the kernel running side by side with the normal kernel and is pretty much undetectable. A whole load of different attack vectors are explored in the site, as well as a taxonomy for stealth malware – a sector virtually ignored by the anti-virus community.

I sometimes spend 14 hours a day working behind a PC. Any action that requires me to push the rodent around annoys the crap out of me.

So I’ve ditched the mouse and gone with a Wacom pen for the times that I can’t avoid it.

I also use Ratpoison as a window manager, so I can perform basic UI operations without resorting to the rodent. Also, Ratpoison doesn’t clutter up my interface with useless crap like “window decorations”, “window buttons” or “interface themes”. I don’t like them, I don’t use them and I really have a better use for my screen real-estate.

Because I do a lot of web development stuff, I use the Firefox plugin Conkeror most of the time.

I email with mutt, read feeds with snownews, edit anything non-binary with VIM, edit binaries with BIEW, read Usenet with tin, watch movies (on a remotely controlled display) with mplayer, I play music with mp3blaster and manage my ipod with gnupod.

For experiments with alternative inputs that do require pointing devices, I’m interesting in Dasher, which you really should check out if this is your kind of thing.

The proof of concept code opening up that RFID passport you always wanted to have has been made public and posted on Bugtraq.

Yes, after having proven time and again that RFID is not safe (it’s easily readable and copyable) those twits at the credit card companies have helped enable fraud on a massive scale by deploying RFID on credit cards. Naturally none of your data is protected at all (like, for example encryption) and (almost) all the necessary data to make a credit card purchase is on the chip. Of course that didn’t take too long to make a workable hack of and over 20 credit cards (which is every one the researchers tried) were vulnerable. Easily. You could just tatoo you credit card on your forehead, but that would be too difficult for criminals – they’d have to copy the data using writing or pictures.

How the Google OS works – links and articles about the ins and outs of google as well as other search engines. All the services and software provided by Google and how to use them. Interesting stuff.

Hardly surprisingly you can find easter eggs, customer data, backdoor passwords, nerd jokes and all kinds of other information in Google Code Search.

Not only Diebold has a monopoly on hackeable voting machines – the ones the Dutch government uses are hackeable to the point of being able to reflash them to play chess!

How to create a Verichip reader, cloner and writer – get yourself into Guantenamo Bay as a security guard, buy drinks at Baja Beach Club 🙂

Should you ever need to get into a hardware router, you’re going to need a username and password. We all know to try admin/admin, but here’s a list of the defaults for a huge selection of routers.

If you want to piss of Microsoft, you endanger their DRM system, which protects its connections to content suppliers.
FairUse4WM strips DRM off media files allowing you to do what you like with the files you paid for.
It’s now at version 1.2 and looks like it’s going to keep ahead of Microsoft.
You can find mirrors here, and the maker of the software posts in this forum too.

Here’s a chemist’s take on the plausibility of the London liquid bomb plot, followed by commentary on what he calls Potemkin security. He references Schneier, and goes on about the practicality of security against these kind of plots (as almost everything can be impregnated with nitrates, such as clothing) and the practicality of guarding against these specific threats. Yup, we all need cavity searches and x-rays before we board the planes naked.

This hack is awesome – instead of blocking an unauthorised user over your wireless connection, this guy uses dhcp to assign unkown mac adresses to a different network segment. Then he uses iptables to redirect all the traffic to a squid proxy, which uses mogrify to modify all the image content by turning the images upside down or blurring it. Awesome!

Apparently this method is easier than picking or using a picking gun. You take keys and file them down to the minimum, hit them on the back after insertion and turn the lock. With a bit of practice this allows you to open locks within 30 seconds.
(pdf link)

Verichip implants a tiny RFID chip in you which contains a unique ID which will identify you at hospitals, allowing doctors to find you in the database and find your file for you.
At HOPE they demonstrated that the Verichip has no encryption and no question / response mechanism, meaning that using an RFID reader and a laptop you can clone someone’s identity no problem as writing this data to an RFID chip is no problem either.

Now everybody can use the GPS signal information – for free 🙂

A seriously elegant way to hack someone’s network: drop USB sticks containing a trojan on the target’s parking lot and wait for the mail to come in.

Apparently those Nigerians really are making millions out there scamming idiots using email

We knew RFID chips were insecure – if you didn’t you’ve been living under a rock. Anyway, this Indymedia story chronicles a few concrete examples of RFID hacking in reality.

Can be broken through a laptop with WiFi within 20 minutes allowing people to do a clean steal of the car. A bit like when they had IR car fobs which could be saved using a palm and then replayed, but now you have to break the encryption.

PCs have virusses, Macs have virusses, PDAs and cellphones have virusses, so why should RFID chips be any different?
A working proof of concept has been made which is put onto an RFID chip, which infects the backend database and then transmits to other RFID chips that connect to that database.

Nobody seems to believe me when I say it’s possible, but now it’s happened – in Greece unknown people have hacked into the cellular system and been tapping politicians and officers. Yup, the bad guys can get into your wonderful surveillance infrastructure too.

Engadget is running a nice article on how to scale your video input to show better on a HD TV or projector by scaling the video feed.

Bluediving is a suite that implements attacks like Bluebug, BlueSnarf, BlueSnarf++, BlueSmack and features like bluetooth address spoofing.