Reinventing the weel
Category Archives: 0Day News
A user of the r/YouShouldKnow subreddit of Reddit has brought to my attention of the a new Google plus social networking platform censorship filter.
Posts with any of the “Seven Dirty Words” will not show up on your or your friend’s stream. It’ll be visible on your profile to anyone who browses there, but will be blocked from the “streams” pages. This means that someone has to be browsing your profile directly to see the post. Noone in your shared circles will know it’s there otherwise. As of yet, there’s no preference for choosing to view such censored content.
Well it is most definitely by now no secret that Sony’s online security is some what lacking, I’m not sure when Sony will get there act together lets hope soon the only Xbox game I have is The Orange Box.
An Anonymous hacker de-compiles StuxNet, and posts source code on Github.
Stuxnet is a Windows computer worm discovered in July 2010 that targets industrial software and equipment While it is not the first time that hackers have targeted industrial systems, it is the first discovered malware that spies on and subverts industrial systems, and the first to include a programmable logic controller (PLC) rootkit.
This brief text file shows how simple it was for anonymous to get access to Greg Hoglands website rootkit.com:
The paper highlights risks that accompany losing a locked iOS device regarding confidentiality of passwords stored in the key chain. It presents results of Handson tests that show the possibility for attackers to reveal some of the key chain entries. For the described approach, the knowledge of the user’s secret pass code is not needed, as the protection provided by the pass code is bypassed.
It is now fixed, but here is the Hotmail exploit.
How it worked:
- Type in the Hotmail email you want to change the password for.
- Fill out the captcha.
- View page source on the next page and see what the users secondary email is (if it exists).
- Check to see if the email is registered (alot of people don’t even bother registering them). If it is, do the same thing you just did and keep going back until you have control over the first account you can.
- Reset passwords to those emails address in a daisy-chain fashion until you have control.
The old email used to be a hidden input element on the password reset form, but they just fixed it.
Microsoft Kinect has been reversed and there is now an open source driver, ooo the fun we will have.
What is Kinect?
Kinect for Xbox 360, or simply Kinect (originally known by the code name Project Natal (pronounced /nəˈtɒl/ nə-tahl)), is a “controller-free gaming and entertainment experience” by Microsoft for the Xbox 360 video game platform, and may later be supported by PCs via Windows 8. Based around a webcam-style add-on peripheral for the Xbox 360 console, it enables users to control and interact with the Xbox 360 without the need to touch a game controller through a natural user interface using gestures, spoken commands, or presented objects and images. The project is aimed at broadening the Xbox 360’s audience beyond its typical gamer base. It will compete with the Wii Remote with Wii MotionPlus and PlayStation Move motion control systems for the Wii and PlayStation 3 home consoles, respectively. Kinect is scheduled to launch worldwide starting with North America in November.
the source is here http://git.marcansoft.com/?p=libfreenect.git
This will only work under Linux but the windows drivers for the Kinect I’m positive will not be that far behind, I will update as fast as a can on any projects, also I hope he gets the $2000 prize.