Ethical hacker Chris Paget demonstrates a low-cost mobile device that surreptitiously reads and clones RFID tags embedded in United States passport cards and enhanced drivers’ licenses.
DO YOU EVER want to change the way you see the world? Wouldn’t it be fun to hallucinate on your lunch break? Although we typically associate such phenomena with powerful drugs like LSD or mescaline, it’s easy to fling open the doors of perception without them: All it takes is a basic understanding of how the mind works.
The first thing to know is that the mind isn’t a mirror, or even a passive observer of reality. Much of what we think of as being out there actually comes from in here, and is a byproduct of how the brain processes sensation. In recent years scientists have come up with a number of simple tricks that expose the artifice of our senses, so that we end up perceiving what we know isn’t real – tweaking the cortex to produce something uncannily like hallucinations. Perhaps we hear the voice of someone who is no longer alive, or feel as if our nose is suddenly 3 feet long.
Link: Hack your brain -How to hallucinate with ping-pong balls and a radio.
Dutch security researchers rode the London Underground free for a day after easily using an ordinary laptop to clone the “smartcards” commuters use to pay fares, a hack that highlights a serious security flaw because similar cards provide access to thousands of government offices, hospitals and schools.
There are more than 17 million of the transit cards, called Oyster Cards, in circulation. Transport for London says the breach poses no threat to passengers and “the most anyone could gain from a rogue card is one day’s travel.” But this is about more than stealing a free fare or even cribbing any personal information that might be on the cards.
Casinos are all about odds. If a player has shifted the odds into his favor, he can be asked to leave. But if a player simply wins a ton of money through sheer luck even though the odds are against him, the casino will do everything it can to lure the player back.
To Jonas, the example that may describe this phenomenon involves a private jet.
“There’s this one casino, one of their high rollers beat them for US$18 million,” Jonas said. “That’s actually going to show up on quarterly earnings. So they left with US$18 million. The casino sent a jet to their town and left a limo in front of their house on weekends and said ‘you know just in case you get the bug.’ And they got the bug and they took them up on it and they came back and lost something like US$22 million.”
Con job, pretexting, social engineering – the art and science of manipulating human beings for nefarious ends – goes back as far as the origin of the species. The techniques have been practiced and perfected by a rogue’s gallery of flimflam artists, from legendary carnival operator P. T. Barnum to infamous FBI mole Robert Hanssen.
But in our modern, security-centric world, this ancient craft poses an ever-present danger: Despite technological advances that present an illusion of security, we are as vulnerable as ever to the con.
IT security pros frequently employ social engineering when analyzing a company’s overall security strategy. After all, even a completely locked-down computer network won’t protect your company’s secrets if someone can “tailgate” a group of employees through the front door, plug a remote-access device into an open network port, and walk out again.
Link: FBI able to listen in on Mobile Phones that are Turned on or off
This is awesome , the people who generated fake news about the harry potter book being stolen reveal how they developed and implemented this social engineering / information hack.
Title : The Harry Potter Hoax
Class : Social Engineering / Denial Of Service
Severity : Critical
Solution Status : Unpatched
Vendor : The Media
Affected versions: The People
Link: The Harry Potter hoax, or manipulating the mass media for fun and for profit.
This entire book will eventually be read aloud and podcast for you to hear ! The link is to Part 1 .
Bruce Sterling’s classic work highlights the 1990 assault on hackers, when law-enforcement officials successfully arrested scores of suspected illicit hackers and other computer-based law-breakers. These raids became symbolic of the debate between fighting serious computer crime and protecting civil liberties. However, The Hacker Crackdown is about far more than a series of police sting operations. It’s a lively tour of three cyberspace subcultures–the hacker underworld, the realm of the cybercops, and the idealistic culture of the cybercivil libertarians.
Sterling begins his story at the birth of cyberspace: the invention of the telephone. We meet the first hackers–teenage boys hired as telephone operators–who used their technical mastery, low threshold for boredom, and love of pranks to wreak havoc across the phone lines. From phone-related hi-jinks, Sterling takes us into the broader world of hacking and introduces many of the culprits–some who are fighting for a cause, some who are in it for kicks, and some who are traditional criminals after a fast buck. Sterling then details the triumphs and frustrations of the people forced to deal with the illicit hackers and tells how they developed their own subculture as cybercops. Sterling raises the ethical and legal issues of online law enforcement by questioning what rights are given to suspects and to those who have private e-mail stored on suspects’ computers. Additionally, Sterling shows how the online civil liberties movement rose from seemingly unlikely places, such as the counterculture surrounding the Grateful Dead. The Hacker Crackdown informs you of the issues surrounding computer crime and the people on all sides of those issues.
Not everyone steals famous paintings, cash, or microchips. In fact, some people go to great lengths to get their hands on some very unsavory — yet quite expensive — items. In November of 2005, a farmer at Smithburg, Maryland’s Stonewood Acres had ventured to Pennsylvania to visit relatives. When he returned to the farm, he noticed a 70-pound tank filled with $75,000 worth of bull semen had been opened up, with sixty-five “straws” containing the sperm of nearly 50 bulls missing. “Frozen bull semen is big business because it saves on the transportation cost of putting a bull and a cow into the same pen to breed,” explains the Washington Post. “Frozen semen can also last for many years, outliving the bull who produced it.” Moo?
A great essay on cyberwar by Bruce Schneier .
The first problem with any discussion about cyberwar is definitional. Ive been reading about cyberwar for years now, and there seem to be as many definitions of the term as there are people who write about the topic. Some people try to limit cyberwar to military actions taken during wartime, while others are so inclusive that they include the script kiddies who deface websites for fun.
I think the restrictive definition is more useful, and would like to define four different terms as follows:
Cyberwar — Warfare in cyberspace. This includes warfare attacks against a nations military — forcing critical communications channels to fail, for example — and attacks against the civilian population.
Cyberterrorism — The use of cyberspace to commit terrorist acts. An example might be hacking into a computer system to cause a nuclear power plant to melt down, a dam to open, or two airplanes to collide. In a previous Crypto-Gram essay, I discussed how realistic the cyberterrorism threat is.
Cybercrime — Crime in cyberspace. This includes much of what weve already experienced: theft of intellectual property, extortion based on the threat of DDOS attacks, fraud based on identity theft, and so on.
Cybervandalism — The script kiddies who deface websites for fun are technically criminals, but I think of them more as vandals or hooligans. Theyre like the kids who spray paint buses: in it more for the thrill than anything else.
At first glance, theres nothing new about these terms except the “cyber” prefix. War, terrorism, crime, even vandalism are old concepts. Thats correct, the only thing new is the domain; its the same old stuff occurring in a new arena. But because the arena of cyberspace is different from other arenas, there are differences worth considering.