OK we get it, cars can be hacked http://arstechnica.com/security/2015/07/ownstar-researcher-hijacks-remote-access-to-onstar/ …
Great article about #HackingTeam's third-party acquisition of zero-day vulnerabilities and exploits by @vlad902:
http://tsyrklevich.net/2015/07/22/hacking-team-0day-market/ …
"Chrysler’s patch must be manually implemented via a USB stick". Maybe hire the
hackers to help you out with OTA updates.
The call is asynchronous - it's just that the surrounding code doesn't have
anything better to do but wait for a response
NSA's Backdoor Key from Lotus Notes http://www.cypherspace.org/adam/hacks/lotus-nsa-key.html …
Hilarious dev's Tinder bot woman proxies male suitors' messages to one another.
http://www.theverge.com/2015/3/25/8277743/tinder-hack-bros-swiping-bros … Sitcom misunderstanding generator.
"The best cyber film of the year!" -- Which year? Every year. #HackThePlanet #BeKindRewind pic.twitter.com/ZNCigxXgds
Analysis of 2011 DARPA Challenge tracks down the trolls who destroyed their
competitors crowd sourced solution. https://medium.com/backchannel/how-a-lone-hacker-shredded-the-myth-of-crowdsourcing-d9d0534f1731 …
Custom named operators in C++ https://github.com/klmr/named-operator … This is some kind of hack! Depends solely on operator overloading.
Hacker News
@newsycombinator :
[NPC] Randi Harper
@freebsdgirl :Quadrilateral Cowboy gameplay video
“Quadrilateral Cowboy is a game we’ve been watching with great interest ever since Thirty Flights Of Loving creator Brendon Chung first debuted it last year. It’s about hacking, but not via irritating minigames or jargon-your-problems-away Hollywood magic. Instead, you learn basic (albeit fictional) code and take down everything from laser grids to gun emplacements with a twitch of your fingers and a wriggle of your brain. It’s already an extremely clever game, and it’s quite empowering despite the fact that you play as someone who probably couldn’t even heft an assault rifle - let alone fire one. Basically, it’s a wonderfully novel idea - more Neuromancer than Deus Ex - but words only do it so much justice. Thus, I’ve decided to play it for your enrichment, in hopes that you will understand why Quadrilateral should be driving your radar haywire.”
A DEFCON talk “The Secret Life of SIM Cards” that covers running apps on your SIM card. Surprisingly they run a subset of Java and execute semi-independent of the Phone’s OS.
On exploiting security issues in botnet C&C software:
Hackers “are learning that it’s not so easy to write secure code,” Toro says. “Most of us in the business of securing our applications and systems know that bulletproofing software is an extremely expensive and exhaustive undertaking. Malware creators who have to look to their own defences would have to slow down the production of new attacks.”
FYI, if you want to know what it looks like when you hack a hacker, look no further than the seminal 1995 film Hackers.
The best hack I’ve seen in a while. With no way to disable the shutter sound from the capture photo API, the developer creates the inverse waveform of the shutter sound and plays it at the same time to cancel out the shutter sound.
Does it betray my innocence that I’m shocked by the amount of exec($_GET you can easily find on github? Hilarious comment thread on hacker news:
This is awful. Shell commands are not guaranteed to be idempotent, people! These should all be of the form exec($_POST, not exec($_GET.
I don’t care whether the game is good or not, I just love this trailer. Make more trailers. Also 240kb should be enough for anyone.
My first app for Windows 8 was Shout Text. You type into Shout Text, and your text is scaled up as large as possible while still fitting on the screen, as you type. It is the closest thing to a Hello World app as you'll find on the Windows Store that doesn't contain that phrase (by default) and I approached it as the simplest app I could make to learn about Windows modern app development and Windows Store app submission.
I rely on WinJS's default layout to use CSS transforms to scale up the user's text as they type. And they are typing into a simple content editable div.
The app was too simple for me to even consider using ads or charging for it which I learned more about in future apps.
The first interesting issue I ran into was that copying from and then pasting into the content editable div resulted in duplicates of the containing div with copied CSS appearing recursively inside of the content editable div. To fix this I had to catch the paste operation and remove the HTML data from the clipboard to ensure only the plain text data is pasted:
function onPaste() {
var text;
if (window.clipboardData) {
text = window.clipboardData.getData("Text").toString();
window.clipboardData.clearData("Html");
window.clipboardData.setData("Text", util.normalizeContentEditableText(text));
}
}
shoutText.addEventListener("beforepaste", function () { return false; }, false);
shoutText.addEventListener("paste", onPaste, false);I additionally found an issue in IE in which applying a CSS transform to a content editable div that has focus doesn't move the screen position of the user input caret - the text is scaled up or down but the caret remains the same size and in the same place on the screen. To fix this I made the following hack to reapply the current cursor position and text selection which resets the screen position of the user input caret.
function resetCaret() {
setTimeout(function () {
var cursorPos = document.selection.createRange().duplicate();
cursorPos.select();
}, 200);
}
shoutText.attachEvent("onresize", function () { resetCaret(); }, true);
You don’t use the same password over and over right? Let’s be honest this is the day and age of the hacker. Eclectic Method brings you “Hackers” , Hollywood’s celebration of basement dwelling 128 bit encryption masters. They’ll shut down before you can trace them, hack into the mainframe…
Hack the planet!
This is essentially an AV exploit against Super Mario World that results in running the end game code. Watch the video. “…there’s a glitch that’s been known for a while, where Yoshi can end up in the “I have an item in my mouth” state, but not actually have an item in his mouth. When he spits out this nothingness, the game crashes. …That address did not contain code, and so the system crashed. But wait a second. What if, by some sheer coincidence, that address did contain code? The specific address dropped him in somewhere amongst various data for the game’s internal random number generator, and the random number generator can be manipulated in a TAS. Could the game be coerced into running arbitrary code?…”
Some rights reserved