Showing posts with label Hacking - Portable devices. Show all posts
Showing posts with label Hacking - Portable devices. Show all posts

Saturday, February 2, 2013

HOW-TO: Make Your Own Faraday Cage


Unbeknownst to many outside the security arena, mobile devices are nothing more than really cool listening devices. In my first few blog posts, many moons ago, we covered how hackers could exploit vulnerabilities inherent with Bluetooth to take control of your phone's microphone.  There is also speculation and evidence that it is now possible to turn both the camera (front and rear) and the microphone to get full video. With GPS, if a hacker gains electronic access to your phone, you have a device even the KGB would envy.  As a security professional, there are times when you need to have conversations without having to worry about eavesdropping.  Standard procedure in most high-security areas is to immediately surrender your phone, in order to prevent electronic eavesdropping.  Devices are then placed in a container to ensure no data is transmitted received to or from the device.  This container is known as a faraday cage.  It blocks the transmission and reception of all electronic devices as well as acts as a shield against electromagnetic pulse attacks.  There are several places you can go online that have faraday bags.  However, I found an article that walks you through constructing your own faraday cage for $15.
Here’s How to Build Your Own with About $15

Supplies

This is probably my most simple DIY project to date. All you need is an aluminum garbage can with a nice and snug lid along with a cardboard box.


Step One: Cut the Cardboard

From the bottom flaps to about the middle of the box you’re going to want to cut some slots about 8 inches wide. This just makes it so that the cardboard can conform easier to the shape of your can.


Step Two: Insulate Can with Box

You’re going to make a tube with your cardboard and slide it into the can. Go ahead and press against the edges of the can to make sure it’s right up against it. That way you have more room inside.



Step Three: Make & Place the Base Insulation

By tracing the bottom of the can on some extra cardboard, you’re going to cut out a circle that will fit in the bottom of your insulation. Then just push it down inside your can. You want this to be a tight fit.



Step Four: Tape the Insulation 

Tape in the creases where the base meets the sides of the insulation. Also tape along the cuts you made in the cardboard. Whatever you put inside of this cannot be touching the metal can – only the cardboard insulation. Taping these weak spots just ensures nothing gets past the cardboard to touch the metal.

Step Five: Trim the Excess

Just go around the edge of your can with a box cutter to cut off the excess cardboard insulation sticking out of the top.



Step Six: Put On Your Lid

Once you’ve put in all of your radios and other gadgets, you’ll just fit on your lid nice and tight.


There are many, many different designs and concepts for homemade faraday cages. This is just one of them. If you happen to find a design that calls for the use of wire mesh instead of solid metal, be sure to get some with the smallest holes you can find. Remember, you want the openings smaller than the electronic waves that will damage your stuff.


Read more: http://saltnprepper.com/faraday-cage/#ixzz2JitUSUi1

Monday, October 3, 2011

My, how times have changed....Haven't they????....

Saw this gem on Twitter......Can't remember from whom (sorry)......Makes you wonder how far we've come with our perceptions of hackers and the threat they pose......


Monday, May 19, 2008

WIFI Hotspots not secure?!?!



Who would have thunk it? I had to chuckle when I saw this article jump across my screen. I don't know what's funnier - the FBI catching on to how insecure airport "hot spots" are or that this was even news. The FBI released a statement this week warning citizens who use the WIFI connections at airports to be careful as the connections were suseptible to being hacked. According to the article,
"While many of these hot spots have secure networks, some do not, according to Supervisory Special Agent Donna Peterson of FBI's Cyber Division. And connecting to an insecure network can leave one vulnerable to attacks from hackers.

Agent Peterson said one of the most common types of attack is this: a bogus but legitimate-looking Wi-Fi network with a strong signal is strategically set up in a known hot spot...and the hacker waits for nearby laptops to connect to it.

At that point, your computer and all your sensitive information, including user ID, passwords, credit card numbers, basically belongs to the hacker, Peterson said.

The intruder can mine your computer for valuable data, direct you to phony webpages that look like ones you frequent, and record your every keystroke."
I'll accept this is news to most people who are unaware of the risks but most serious web users as well professionals have known this for years. This could have been an attempt by the FBI to curb a trend of online thefts from WIFI connections which would certainly under their jurisdiction. As you can tell from the article, there isn't much detail regarding why this is suddenly newsworthy.

Tuesday, March 4, 2008

UK Card Readers Hack

According to SecutrityFocus, an e-zine which focuses on electronic security issues, UK merchants have a problem. It sounds like a pretty significant problem with their card readers. SecurityFocus' article says the when credit cards are scanned through the readers the information is not encrypted and thus readable by anyone with access to the data stream from that reader.

The University of Cambridge discovered the PIN entry device (PED) vulnerabilities allow an attacker to wiretap a reader and collect enough data from cards and the PIN pad to create counterfeit cards.

For those of you unfamiliar with the UK's debit and credit setup, I'll explain. Let's say I go to a restaurant and purchase a dinner for two costing a certain amount of money. The waitress brings out a portable card reader in which instead scanning, she can take your debit or credit card from a UK bank and place the card which is embedded with a chip inside the reader. Then the transaction proceeds like it does everywhere else. The readers then transmit the card information through a wireless connection. Catch where I'm going with this? If not, continue reading and you'll get it eventually.

According to SecurityFocus, the researchers stated the vulnerabilities in a paper to be published at the IEEE Symposium on Security and Privacy in May.

"The vulnerabilities we found were caused by a series of design errors by the manufacturers," Saar Drimer, a researcher at UC's Computer Laboratory and an author of the paper, said in a statement. "They can be exploited because Britain's banks set up the Chip & PIN in an insecure way ... A villain who taps this gets all the information he needs to make a fake card, and to use it."

This is not just UK-only vulnerability. There are all sort of vulnerabilities with card readers all over the world. If the card information isn't encrypted on the merchant, purchaser, and bank ends, then there will always be a vulnerability.

Thursday, February 28, 2008

Bluetooth Hack

This video has been out for a while. I'm surprised this vulnerability hasn't gotten more "play". The basic premise of this hack is you can not only hack into a Bluetooth device and record what is said into the headset but you can also inject your own audio. This of course being that the password for the device is still "0000" which I'm it is like most of ours. Check out the video to watch the hack.

About Us