In previous December I attended Berlin’sChaos Communication Congress , an yearly hacker conference where speakers reveal the late in high - tech deviousness . Straight from CCC , here are ten way hackers will subvert your computer , headphone , bank bill , and life in 2011 .
Photo byv2px
I ’ve broken these hack down into two section . The first focuses on breaking your technical school , and the second on fixing thing using tech . Of course , there is a lot of lap between the two . This is hacking after all – breaking thing makes us stronger . Remember , as the motto for CCC says : We come in repose .
Also , these are just a handful of the awesome dialogue at CCC . I recommend that youlook through the CCC site and check out others – all are on video , and in most cases slide and Federal Reserve note are available too .
A last warning : Most of these talks are fairly technological , so do n’t await dressed soundbites in the video . Do have a bun in the oven lines of code . These are cyber-terrorist , not PR types , so they keep it real .
BREAKING THINGS
Are you read my PDF ? Then I control your computing equipment .
Julia Wolf harbor and boggled the interview with her vicious squelch of the PDF file format – you bang , the data format you employ pretty much every Clarence Day to read documents ? She revealed that the PDF format is so insecure that evil hackers could embed a course of study inside one that you would never see – and which would send its tentacle into your computer and discover all its secret to anyone who wanted them . And that ’s just the rootage . The widely - used PDF format is over a tenner old and its spec is nearly 1,000 pages long – by the end of Wolf ’s talk , we were all ready to see it retired for the sake of everybody ’s security and privacy .
The Baseband Apocalypse
The baseband is the part of your phone that sends and receives broadcast signals . And it turns out that if your phone is on the GSM connection , it ’s middling damn easy to manipulate the baseband with all kinds of horrific trick , from setting up fake base stations that will snoop on your conversations or textbook content , to secretly sending nasty programs to your phone that could do everything from steal your data point to ferment your phone into a bug . When you make a call on the GSM connection , who is really mind ? maybe everyone but the person you ’re hop to speak to .
Your bank card is mine now
Cambridge University protection researcher Steven Murdoch gleefully revealed how easy it is to break the security on the UK ’s smart acknowledgment add-in and ATM card organization . Though British banks exact the security on these cards is unbreakable , in fact it ’s been compromised repeatedly and many client have lost money . Murdoch is an engaging speaker system , and it ’s worth watching the picture because he walks you through three ways that fraudsters can slip your money using the “ bit and pin ” system in smartcards . Murdoch ’s analysis was so devastating thatUK banks try on to get him to take down his paper on the subject and ban his enquiry . fortuitously , they did n’t succeed in silencing him .
I am take heed to your phone conversation with my computer
In display case the baseband apocalypse did n’t gross out you out enough , another researcher let out more agency that GSM speech sound can be snooped on . Researchers have already evince that the encoding used to harbour your private conversations on these wise phones can easily be vote out with consumer - class hardware . But speech sound companies claimed that did n’t thing , because GSM communicating toss between multiple channels . A hacker might be able to grab a midget chunk of a call , but when it turn over to another channel their spy game would be over . However , this talk showcases research that let out how easy it is to follow datum across a broad spectrum of channels , easily vote out this “ secure ” facet of GSM , using nothing but cheesy mobile phones . Are you convinced yet that your GSM telephone set is a pecker of mass mischief-making ?
Click to view
Your infrastructure will kill you
Eleanor Saitta works doing “ threat modeling , ” predicting ways that system can fail – from computer networks , to internal infrastructure . Here she walks you through all the ways that our purportedly dependable infrastructures , including energy grids , can be destroyed by malicious foe or simple neglect . What can we do about it ?
FIXING THINGS
PS3 Jailbreak !
Your PS3 console is great for playing games , but what if you want to apply it like the computer it is ? Why should n’t you be able-bodied to install another operate system on it , and play home brew games that are n’t officially authorise by Sony ? An outside squad of researchers called fail0verflow revealed just how easy it is to call up the computer code required to unlock the PS3 and make it do your command . The long strings of number used to unlock the twist and make it programmable are actually hidden on the console table themselves , if you have intercourse where to look . After the public lecture went public , Sonysued penis of fail0verflowalong with wads of other people , allegedly for distributing tools that would allow plagiarism .
27C3 – Console Hacking 2010fromYifan LuonVimeo .
The greatest DOS attack of all time , and how to stop it forever
Among hackers , University of Chicago computer scientist and crypto expert Dan Bernstein ( often known by his handleDJB ) is a legend . He ’s written some of the most secure code know to world ( just examine to fuck with qmail – you ca n’t ) , and has lobbied unceasingly – and snarkily – for the eradication of broken security systems online . He gave a mad genius presentation where he give away that the ofttimes - brag web security organization DNSSEC is really so badly - design that it would make the staring denial - of - avail onslaught tool . And then he proposed a mindblowing , futuristic organisation of send out data over the Web that would make it nearly impossible to launch a DOS approach – and would prevent defective guy rope from sending your secure data point to mobsters alternatively of your bank . The cool part about DJB ’s new system , based on encoding tools he callsDNSCurveand CurveCP , is that it could be implemented now , on top of the entanglement as we know it . And the good part ? It ’s lightning fast . Listening to DJB ’s talk gave me promise for the future of the Web – and his withering put-down of DNSSEC was the best example of smartypants troll you ’ll see this twelvemonth .
mark – to learn the video , just decamp past the first several minutes , where the personal organizer were pose up the talk and getting everybody seated .
27C3 lecture by Dan Bernstein : High - speed high - security cryptography : encrypting and authenticating the whole Internet.fromnig nogonVimeo .
hack the ocean
There are a number of open mathematical function projection out there , let in Open Street Map , where hacker and average people have add together data to make it easier for you to navigate terrain all over the world . But what about navigating on the sea ? Often ocean maps are very expensive , or are simply not available at all . A chemical group called Open Sea Chart is aiming to change all that . They ’ve already started work on one of the crowing world - improving task you’re able to imagine : make a free , capable single-valued function that you’re able to utilise to sail the domain ’s oceans . In this challenging presentation , one of the Open Sea Maps developers blab out about the difficultness of presenting data whose truth could imply the conflict between liveliness and end for people on ship . In gain , you ’ll learn a lot about just how unearthly it is to map the surface of a planet that is bumpy and scratchy .
OpenLeaks
Former Wikileaks staffer Daniel Domscheit - Berg , who is save a tell - all leger about his time at Wikileaks , presented a fresh projection purpose at fixing some of the problems he play work at Wikileaks . OpenLeaks will be a “ distribute ” project that does n’t suffer from some of the top - down management job of Wikileaks . He predict that the project will be aimed entirely at getting news leak , and wo n’t put a political spin on the leaks .
Three Jobs Journalists Will Be Doing in 50 old age
I commit a intro on the future of new media – yes , that ’s me in the suit and tie . Though the media be intimate to mourn their own death , in this presentation I argue that journalism of the future will be as knock-down and subversive as ever . Find out how hacker journalists of the futurity will be using technology to report the facts , data miners will provide conscientious commentary , and push engineers will help oneself people make informed decisions about consequence in their communities . The so - yell newfangled medium are part of a long journalistic tradition that runs no risk of disappearing . Here ’s why .
ComputersGizmodoHackingScienceTechnology
Daily Newsletter
Get the best tech , science , and culture word in your inbox daily .
news program from the futurity , deliver to your present tense .
You May Also Like
