Posted 02/08/10 at 06:30:00 PM by Alex Castle

After our USB 3.0 coverage last week, we figured it would be a good time to turn our attention back to USB 2.0 (aka High Speed), and one of the classic nerd hobbies: USB hacking. Because of its highly-accessible wiring, USB can be easily modified for all sorts of purposes, even by neophyte hardware hackers. In the past, we've shown you how to perform some simple hacks, but now we want to highlight some of our favorite hacks created by members of the DIY community.

Some are of questionable utility, some of them are downright dangerous, but all of them are good, old-fashioned fun. Read on for our picks for the 10 most amazing USB hacks!

Read More

Posted 01/24/10 at 07:14:18 PM by Justin Kerr

When Google announced that it might be pulling out of China as a result of recent cyberattacks, everyone assumed the Chinese Government was involved in the breach. After all, pulling the plug on the largest customer base of Internet users in the world couldn't have been an easy decision to make, and would have been a bit of an overreaction if the evidence was pointing to a private individual or company. With this in mind however, its important to note that Google hasn't officially implicated the Chinese government in the attacks, and that rumor now stands in stark contrast to a statement issued today by Chinese officials.

The "accusation that the Chinese government participated in (any) cyberattack, either in an explicit or inexplicit way, is groundless and aims to denigrate China," an unidentified ministry spokesman told Xinhua, according to an Agence France Presse report. "The U.S. has criticized China's policies to administer the Internet and insinuated that China restricts Internet freedom...This runs contrary to the facts and is harmful to China-U.S. relations," a Chinese Foreign Ministry spokesman said.

The harsh words quoted above out of Beijing are one of the first public reactions to Hillary Clintons recent lecture on Internet freedom. In her speech Clinton criticized Chinas efforts to censor the country's 384 million web users which she claims are trapped behind "The Great Firewall of China". Clearly the Chinese government was not amused. Google hasn't stopped censoring the results on Google.cn just yet, but CEO Eric Schmidt said on Thursday that it would happen soon.

So is China's blanket denial of any wrong doing good enough for you? Keep this link bookmarked for ongoing coverage of the situation as it unfolds.

Read More

Posted 01/12/10 at 10:56:58 AM by Paul Lilly

Sorry Baidu users, your search engine is down for the count (in parts of the world, anyway), at least for the time being. No, a late night watchman didn't trip over the power cord in a data center, and instead the outage appears to be the work of Iranian hackers.

Baidu, China's most popular search engine with a market share exceeding 77 percent, now shows a page saying "This site has been hacked by Iranian Cyber Army." These are the same dudes who also attacked and defaced Twitter just a few weeks ago using the same method: DSN cache poisoning.

Sounds toxic, but rest assured, no chemicals were used. DNS cache poisoning involves corrupting a DNS table by replacing an IP with a malicious address, which in this case is the Iranian Cyber Army page.

Why the hackers targeted Baidu is not yet known.

Read More

Posted 01/04/10 at 09:09:07 PM by Pulkit Chandna

Kingston Technology is recalling certain models of its DataTraveler Secure flash drives. It was forced to take the step after a German company named SySS exposed a security flaw in few of its drives. “It has recently been brought to our attention that a skilled person with the proper tools and physical access to the drives may be able to gain unauthorized access to data contained on the following Kingston Secure USB drives,” reads a statement on the company's website.

The DataTraveler BlackBox, DataTraveler Secure — Privacy Edition, and DataTraveler Elite — Privacy Edition are the only flash drives being recalled. Kingston has advised those affected to contact tech support before returning their flash drives. Its site contains a country-wise list of all its tech support phone numbers.

Read More

Posted 10/21/09 at 08:55:36 AM by Paul Lilly

Yikes - it was discovered that a vulnerability in a Time Warner cable modem and WiFi router being used by 65,000 customers makes it possible for a hacker to remotely access the device's administrative menu and wreak havoc, To deal with the problem, Time Warner said it hopes to have updated firmware from the router manufacture to push out to customers soon.

"We were aware of the problem last week and have been working on it since," said Time Warner spokesman Alex Dudley.

The security snafu affects Time Warner's SMC014 series combo modem/WiFi router and was discovered by blogger David Chen, who writes for chenosaurus.com. Chen said he was trying to help a friend change the settings on his cable model when he discovered Time Warner had hidden some admin functions using JavaScript code. All he had to do was disable JavaScript in his browser and he could see those functions, including a tool to dump the router's config file displaying the admin login and password.

"From within your own network, an intruder can eavesdrop on sensitive data being sent over the Internet and even worse, they can manipulate the DNS address to point trusted sites to malicious servers to perform man-in-the-middle attacks," Chen wrote on his blog. "Someone skilled enough can possibly even modify and install a new firmware onto the router, which can then automatically scan and infect other routers automatically."

Time Warner said it is working to find out if the same or a similar vulnerability also affects other models.

Read More

Posted 10/05/09 at 01:54:56 PM by Paul Lilly

One surefire way to egg on the hacking community is to place ever increasing restrictions on your product, essentially daring black hat coders to find a back door. Nvidia is finding this out the hard way, after the GPU maker modified its latest PhysX drivers to prevent any non-Nvidia GPU from working, says news and rumor site The Inquirer.

And if that weren't enough, the latest version of PhysX also prevents physics processing unit (PPU) cards from working if it detects a non-Nvidia card in the system. That may have been the proverbial straw that broke the hacking community's back, and a hacker who goes by the handle GenL has put together some experimental code that stops Nvidia's drivers from shutting everything down when it detects a Radeon card.

We haven't tried it ourselves, but if you're feeling adventurous, rebellious, or both, you can grab the code here.

Read More

Posted 09/22/09 at 10:00:00 AM by Alex Castle, Norman Chan, and Florence Ion

Techies are too often tempted by the lure of new technology, leaving perfectly good hardware drifting in the wake of compulsive upgrading. And while we love getting new gadgets as much as the next geek, we also like how a new purchase gives us the opportunity to take apart and tinker with our older gear in the Lab. Whether it’s by soldering circuit boards or loading open-source firmware, we pride ourselves on being able to stretch the lifespan of older electronics by performing undocumented (and sometimes warranty-breaking) hardware hacks.

The projects we’ve included here range from relatively safe software tweaks to more challenging technical exercises. You’ll learn how to bend USB connections to your will and imbue home routers and digital cameras with robust new features. We’ve also taken some inspiration from projects we’ve seen online, including building a blue laser gun and making a digital picture frame you can mount on the wall of your office. These hacks will help you showcase your craftiness and give you a better understanding of how your electronics work. And the best part is that your old hardware will be faster, cooler, and more awesome afterward.

So, let’s get hacking!

Read More

Posted 08/05/09 at 09:58:10 AM by Paul Lilly

Jailbreak your game console and no one is likely to take notice. But make a home business out of jailbreaking consoles for others and you may draw the attention of Homeland Security.

At least that's the case for Matthew Crippen, a 27-year-old Cal State Fullerton liberal arts student who was arrested by Homeland Security authorities on Monday. Crippen was picked up for allegedly violating the Digital Millennium Copyright Act (DMCA).

"Defendant Matthew Crippen willfully and for purposes of commercial advantage and private financial gain, circumvented a technological measure that effectively controlled access to a copyrighted work, more particularly, used software to modify a Xbox machine's Optical Disc Drive so it would circumvent the anti-piracy measures contained on the original unmodified Optical Disc Drive,"  U.S. attorney Thomas P. O'Brien wrote in the indictment (PDF).

In a telephone interview with Wired.com's Threat Level, Crippen maintains the purpose of his jailbreaking business was to allow patrons to make "legally made backups," not for piracy.

The indictment charges Crippen with two counts, and if convicted, he could face up to 10 years in prison.

Read More