[Dailydave] Exciting Things to Work On!
Dave Aitel
dave at immunityinc.com
Wed Aug 12 15:39:18 EDT 2015
Lately both Charlie and Runa have posted to Twitter asking for some
ideas of similar things to hack, other than cars and expensive
Wifi-based lead-throwing equipment.
<picture of charlie> <Runa>
I wanted to crowdsource some junkhacking ideas. The obvious tenets are
that it must be something worthy of a talk and CNN interview, but be on
something with no security design whatsoever - and especially not one
hard enough to stand five minutes of attention from an ex-NSA hacker.
For example,lots of companies <webpass.net>are putting mesh networks
into buildings to provide high speed internet to customers. You could,
after a few minutes with a easy-to-pick lock, get into the room where
the microwave terminus is, assuming you don't get boiled, and connect
into that network to sniff, spoof, mess with routing, and otherwise
fuddle around with the mesh network. Or just imagine the "fun" of
messing with FireChat in Iraq!
And if you want to stick with "Internet of Things" you could hit up the
exciting world of networked airport security equipment! Yes! That's
right, not only are basic airport security measures bypassable by
putting things on certain places
<http://www.digitaltrends.com/cool-tech/activist-bypasses-200000-tsa-nude-body-scanners-with-cloth-and-a-sewing-kit/>
on your body, but they are networked computers as well! One quick plug
into any of them can do lots of interesting things. IMAGINE THE DEMO ON
STAGES AROUND THE WORLD, THE PRESS, THE "FAME"! Look, a lot of times the
rubber pad isn't even under the metal detector, because nobody ever
explained to the TSA that its whole point is to raise the people above
the bottom of the detection field. So imagine how great the security is
on the network traffic and various physical ports on those things.
<metal>
Trains. We don't have any in the United States. You might have to go to
Shanghai to find one with enough networking equipment to hack. WHAT IF
YOU CHANGED THE SPEED TO THE SAME AS AN AMTRACK? Patriotic, or
irresponsible? Let's let Wired decide?
:)
-dave
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20150812/6d0a40db/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: charlie.JPG
Type: image/jpeg
Size: 36206 bytes
Desc: not available
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20150812/6d0a40db/attachment-0003.jpe>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: runa.JPG
Type: image/jpeg
Size: 41894 bytes
Desc: not available
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20150812/6d0a40db/attachment-0004.jpe>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: metal.JPG
Type: image/jpeg
Size: 167635 bytes
Desc: not available
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20150812/6d0a40db/attachment-0005.jpe>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20150812/6d0a40db/attachment-0001.sig>
More information about the Dailydave
mailing list