Hackers have two faces, they love to break things apart and fix them. Some of these trends may ruin your day or even cause near-apocalypse tragedy, while others can make our lives easier and better.
Renewed interest on PDF
Some hackers recently begin to focus their efforts on PDF format once again. In some conferences they demonstrated their vicious takedown of this technology. It is a common knowledge that PDF is so insecure that many evil hackers can embed a malicious code that it is hard for common users to detect. These codes can sneak in their tentacles into unpatched holes, take control of your computer and send all of your secrets to the evil coders. PDF technology is more than a decade old and we need to see a major revamp of the architecture from the bottom up.
Baseband is a phone component that is used to send and receive broadcast signals. Unfortunately, if your cellphone is using a GSM network, it’s relatively easy to manipulate the baseband with a few evil tricks. Hackers may easily do this by faking up base stations that allow them to snoop on your text messages and conversations. Another way is by sending malicious codes to your smartphone which can tell your phone’s OS to send classified data and turn your device into a zombie. So the next time you’re making a call, there could be a third person that taps on your conversation. Obviously, this trick may bring to mind, espionage efforts between nations and industrial communities.
More attacks on bank cards
A researcher from Cambridge University recently revealed that it is possible to break into the ATM card system and Smart credit card in UK, relatively easily. Although the banking industry in United Kingdoms has claimed that their systems are impervious to external attacks, it has been proven over and over again that these system can be broken and cause many people lose their hard-earned money.
Defeating GSM channel flipping
If the baseband manipulation can’t freak you out, then there is another way for hacker to snoop on you. Researches have revealed that standard encryption methods used to protect your data and private conversations can be quickly defeated using certain consumer-grade hardware. Often, GSM network providers claim that their frequency flipping technique is enough to deter even the most sophisticated spies. Someone may be able to grab a chunk of data, but when the signal flips to a different channel, the hacker’s effort is over. However, some researchers can circumvent this security technique only by using a cheap $50 phone. The tapped signal is injected to the phone and it can follow the signal to whatever channel it goes.
Our vital infrastructures are getting more integrated to the network. Researchers have often walked us through many ways that can disrupt the supposedly dependable infrastructure. For example, energy grids can be controlled due to its remote control and automation features.
Advanced gaming console jailbreaking
Gaming console is increasingly considered as a standard home appliance, along with computers, TV and home theatres. PlayStation 3 is among the most commonly used consoles along with Xbox 360 and Wii. Of course, PS3 can be fun, but is it only exists to entertain you? Are there other possible uses of the console? Can we install an OS on it and turn it into a computer? A group called fail0verflow showed that it is easy to retrieve codes needed to unlock your PS3 and force it to do your bidding. The series of numbers needed to unlock the console is already present inside the console themselves. It is possible to modify it and make the console programmable. Unfortunately, Sony has sued the group allegedly for distributing methods and tools that can allow PS3 piracy.
Preventing DDOS attacks
Dan Bernstein is the legend of cryptography, he developed some of the most secure system known to man. He recently revealed that DNSSEC, the oft-touted system for system security actually can be transformed into an excellent DoS attack tool. He also has a mindblowing proposition for a highly-advanced system for transporting data over the Internet that make DoS attacks nearly impossible. His system is based on specialized encryption tools, called CurveCP and DNSCurve, that can already be implemented on the Web today. Moreover, the system is lightning fast compared to the current architecture.
Open Ocean Mapping
You may already use open mapping services on the internet, for example the Open Street map where hackers and common users can add their own data and make it easier for everyone to navigate places around the world. But what about ocean navigation? Maps for this purpose is already available commercially and often are very expensive. The Open Sea Chart, is a group that has an aim to make it easier for everyone to get ocean map for free. This project may one day help individual fisherman around the world.