Clever Reed Switch Catches Thief

,
When [Abhimanyu Kumar] noticed money going missing from his small bookshop, he decided to set up a little trap to catch the thief. The problem was that the bookshop’s money was stored inside a cupboard in their house (back end of the shop), which meant that the culprit was likely one of their own employees....
read the rest of article...

Gesture Based Security Lock

A team of students from Cornell University are looking into alternative ways of creating a security system that can be locked or unlocked by using physical gestures in an enclosed space. It is the final year project for [Ankur], [Darshan] and [Saisrinivasan] in their MEng of Electrical and Computer Engineering....
read the rest of article...

Key Cutting with a CNC Mill

Keys cost like what, $2 to copy at a locksmith? But where’s the fun in that? Here’s an easy way to cut your own keys using a CNC mill! [Bolsterman] now “works” for a real estate company that rents out various properties. Whenever someone moves out, the locks need to be changed ASAP. They use Schlage locks,...
read the rest of article...

JTAGulator Finds Debug Interfaces

,
[Joe Grand] has come up with a tool which we think will be useful to anyone trying to hack a physical device: The JTAGulator. We touched on the JTAGulator briefly during our DEF CON coverage, but it really deserves a more in-depth feature. The JTAGulator is a way to discover On Chip Debug (OCD) interfaces...
read the rest of article...

Reverse Engineering a D-Link Backdoor

Here’s one true hack (Google cache link) for our dear Hackaday readers. On a Saturday night, as [Craig] didn’t have anything else to do, he decided to download the firmware of an old D-Link DIR-100 router (because who wouldn’t?). His goal was to see what interesting things he could find in it. He fired...
read the rest of article...

Cracking GSM with RTL-SDR for Thirty Dollars

Theoretically, GSM has been broken since 2003, but the limitations of hardware at the time meant cell phone calls and texts were secure from the prying ears of digital eavesdroppers and all but the most secret government agencies. Since then, the costs of hardware have gone down, two terabytes of rainbow...
read the rest of article...

Running Custom Code on Cheap One-time Password Tokens

,
One-time passwords (OTP) are often used in America but not so much in Europe. For our unfamiliar readers, OTP tokens like the one shown above generate passwords that are only valid for one login session or transaction, making them invulnerable to replay attacks. [Dmitry] disassembled one eToken (Aladin...
read the rest of article...

Getting a Shell on any Android Device

,
If you’re an Evil Customs Agent or other nefarious Three Letter Agency Person, you’re probably very interesting in getting data off people’s phones. Even if the screen is locked, there’s a way around this problem: just use the Android Debug Bridge (ADB), a handy way to get a shell on any Android device with...
read the rest of article...

An Awesome Wireless Motion Sensor

Wireless sensor networks are nothing new to Hackaday, but [Felix]‘s wireless PIR sensor node is something else entirely. Rarely do we see something so well put together that’s also so well designed for mass production. For his sensor, [Felix] is using a Moteino, a very tiny Arduino compatible board with solder...
read the rest of article...

Sniffing Out LG Smart TV Tracking Protocol

[DoctorBeet] noticed the advertisements on the landing screen of his new LG smart television and started wondering about tracking. His curiosity got the better of him when he came across a promotional video aimed at advertisers that boasts about the information gathered from people who use these TVs. He decided...
read the rest of article...

Update: SD Card Locker Now Supports Password Protect

[Karl Lunt] has updated his Secure Digital Card locker to support password based locking. [Karl's] original design only supported write locking via the TMP_WRITE_PROTECT  bit. The new design gives the user an option: TMP_WRITE_PROTECT, or password protection. [Karl] goes into further detail...
read the rest of article...

Google Security Certificates Forged

Recently, Google discovered that a certificate authority (CA) issued forged certificates for Google domains. This compromises the trust provided by Transport Layer Security (TLS) and Secure HTTP (HTTPS), allowing the holder of the forged certificates to perform a man-in-the-middle attack.To validate that the...
read the rest of article...

Ambient Computer Noise Leaks Your Encryption Keys

[Daniel, Adi, and Eran], students researchers at Tel Aviv University and the Weizmann Institute of Science have successfully extracted 4096-bit RSA encryption keys using only the sound produced by the target computer. It may sound a bit like magic, but this is a real attack – although it’s practicality...
read the rest of article...

Chameleon Emulates Contactless Smart Cards

Researchers at Ruhr University of Bochum in Germany have been busy working with RFID and related devices for quite some time now. They call the fruit of their labors Chameleon, a versatile Contactless Smart Card Emulator. Contactless Smart Cards are RFID style devices that also contain a smart...
read the rest of article...