Archivi Blog
Google teases hackers with $2 million in prizes, announces Pwnium 2 exploit competition
The folks in Mountain View are starting to make a habit of getting hacked — intentionally, that is. Earlier this year, Google hosted an event at the CanSecWest security conference called Pwnium, a competition that challenged aspiring hackers to poke holes in its Chrome browser. El Goog apparently learned so much from the event that it’s doing it again — hosting Pwnium 2 at the Hack in the Box 10th anniversary conference in Malaysia and offering up to $2 million in rewards. Bugging out the browser by exploiting its own code wins the largest award, a cool $60,000. Enlisting the help of a WebKit or Windows kernel bug makes you eligible for a $50,000 reward, and non-Chrome exploits that rely on a bug in Flash or a driver are worth $40,000. Not confident you can break Chrome? Don’t let that stop you — Google plans to reward incomplete exploits as well, noting that it has plenty to learn from unreliable or incomplete attacks. Check out the Chromium Blog at the source link below for the full details.
Android-style FaceUnlock ported to iOS (video)
Developer teases voice control of Zune, using PC and Windows Phone (video)
The great thinkers of the world have long known a secret that we’re now happy to disclose: it’s not necessity that’s the mother invention, but rather laziness. Fortunately, expending a great deal of effort on a project — simply to perform a task effortlessly — sometimes brings very cool results. A concept app known as ZuneVoice easily passes muster in this realm, which is used to control Zune software on the PC with only a standard microphone and spoken commands. As you can see in the demo video, its creator, keyboardp, is able to play individual songs, issue commands such a “pause” or “next song”, and even display full-screen music videos from YouTube. The developer even crafted an app for his Lumia 800 known as PhoneZune, which serves as a remote control for times when he’s away from the box. Neither application is yet publicly available, though feedback is welcome. Next, we’re told to expect Kinect integration. Perhaps one day, these gems will see the light of day.
Web: http://www.zune.net/it-IT/products/windowsphone7/default.htm
Siri ported to iPad, still getting silent treatment from Apple servers
Siri ported to an iPhone 4, old phone learns a new trick (Video)
Apple’s iPhone 4 may not have the fancy dual core CPU of its successor, but thanks to the efforts of developer Steven Troughton-Smith and the folks at 9to5 Mac, it may soon have Siri. The port of the sultry voice assistant was accomplished by using the 4S Siri and Springboard files, and some serious elbow grease, no doubt. As you can see in the video below, it’s far from perfect, but it can recognize spoken commands without issue. Currently, the hack is missing an iPhone 4 GPU driver that keeps things running buttery smooth on the elder phone, and Cupertino won’t authenticate Siri’s commands coming from it either. So, it isn’t quite ready for primetime, but it should only be a matter of time before all you iPhone 4 owners can tell Siri what to do, too.
Install Windows 8 onto your HTC Shift today, give it a reason to wake up in the morning (video)
If you’ve got an HTC Shift sitting around that’s collecting dust and not doing much else, it could find a new lease on life with the revelation of its (very unofficial) support for Windows 8. Like they did for Mac OS X previously, the folks at xda-developers have shoehorned Microsoft’s latest Developer Preview OS onto the dejected UMPC, and so long as you’ve got a bit of spare time, the right equipment and are good at following instructions, you can too. All the basic driver support appears to be in order, including support for video acceleration, the touchscreen and WiFi. Granted, you should keep in mind you’ll be installing pre-release software on unsupported hardware, but isn’t that half the fun? There’s a video after the break (heads-up: it’s in French), and if you’re looking to get started right away, you’ll find a full list of instructions in the source below.
Lion Ultimatum brings desktop-like functionality and file manager to jailbroken iOS (video)
Sure, OS X Lion borrowed many of its design cues from Apple’s iOS platform, but now users of jailbroken iPhone and iPod Touch devices may bring much of the desktop Mac’s functionality onto their handset with Lion Ultimatum. In essence, this beta project is a theme for Dreamboard (which is required software), but it’s rather far-reaching, with a functional file manager and Finder menus, a scrollable dock and draggable windows, along with Stacks, Launchpad, Mission Control and Dashboard. There’s also a customizable lock screen that provides access to the dialer, email and messages. Even the keyboard can be modified to resemble the design of MacBook Pro or the traditional Apple Keyboard, thanks to integration with ColorKeyboard. If you’re thirsty for more, hop the break for an extended video preview, or just follow the source for the full install instructions.
Researchers hack Kinect for glasses-free 3D teleconferencing (video)
Since the dawn of Kinect hacking, we’ve seen cameras strung together (or rotated) to create 3D, video game-like environments, while others have tweaked it for headtracking. Others, still, have used it for teleconferencing (albeit, the flat, two-dimensional variety). Now, a team of researchers have gone and thrown it all together to achieve 3D video chats, and if we do say so, the result is greater than a sum of its parts. The group, based out of UNC-Chapel Hill, uses 3D mapping (and at least four Kinects) to render the video, and then employs headtracking on the receiving end so that people tuning in will actually see the live video in 3D, even without wearing 3D glasses. The result: a tableau that follows you as you move your head and spin around restlessly in your desk chair waiting for the meeting to end. That’s mighty impressive, but we can’t help but wonder: do you really want to see your colleagues in such lifelike detail? Have a gander at the video and decide for yourself.
Water-cooled, luggable PS3 offers semi-convenient gaming for your on-the-go lifestyle (Video)
We’ve seen plenty of handheld console mods, but only a few laptops — most impressively, Ben Heck’s sleek PlayStation 3 — and PSHax member Pirate recently finished his water-cooled take on the notebook PS3. The cooling system replaces the stock heatsinks, allowing for a slimmer design, and one much more polished than the last water-cooled version we saw. Weighing in at 15 pounds, it’s also got a built-in keyboard and speakers, a 500GB hard drive, and a 720p / 1080i screen. If this sounds like your type of machine, Pirate’s put it on eBay, where it’s currently heading north of $1,500. He’s not looking to make a profit, promising that after costs a portion of the selling price will go to server expenses at PSHax, with another portion dedicated to tornado relief efforts in Joplin, Missouri. Check out the video after the break to see this beast in action.
Sony responds to Congress: all 77 million PSN accounts compromised, finger pointed at Anonymous
We’ve heard Sony explain itself at length regarding the gigantic PlayStation Network breach, but this might be the most useful version of the story yet — it’s the one that Sony’s Kaz Hirai is forwarding to US Congress members concerned about your personal information. The official PlayStation.Blog has the full English document up on Flickr for your perusal, and we’ll warn you it’s much the same tale — Sony says all 77 million PSN and Qriocity accounts have had information stolen, but the company’s still not sure exactly which pieces have gone missing, whether credit card numbers are compromised or not, or who could be behind the hack. Sony does say, however, that it had 12.3 million credit card numbers on file, and 5.6 million of them from the US, and that investigators found a file on one of the servers named “Anonymous” with the words “We are Legion” inside it. Hard to draw many conclusions from that.
Skype for Android update adds US 3G calling, fixes personal data hole
Verizon Android users have had 3G Skype calling since this time last year, but the latest app release — v1.0.0.983 for those of you keeping tabs — brings 3G calling to the masses, without the need for a VZW-sanctioned app. The update also patches a rather significant security hole discovered last week, which could let third-party apps get hold of your personal information. We’re glad to see that’s no longer the case, and who’s going to object to free calling as part of the deal as well? Make sure your phone’s running Android 2.1 (2.2 for Galaxy S devices) and head on over to the Android Market to get updated.
Skype for Android vulnerable to hack that compromises personal info
If you didn’t already have enough potential app privacy leaks to worry about, here’s one more — Android Police discovered that that Skype’s Android client leaves your personal data wide open to assault. The publication reports that the app has SQLite3 databases where all your info and chat logs are stored, and that Skype forgot to encrypt the files or enforce permissions, which seems to be a decision akin to leaving keys hanging out of the door.
Basically, that means a rogue app could grab all your data and phone home — an app much like Skypwned. That’s a test program Android Police built to prove the vulnerability exists, and boy, oh boy does it work — despite only asking for basic Android storage and phone permissions, it instantly displayed our full name, phone number, email addresses and a list of all our contacts without requiring so much as a username to figure it out. Android Police says Skype is investigating the issue now, but if you want to give the VoIP company an extra little push we’re sure it couldn’t hurt.
Sony's Move.me database used to create gesture-enabled mouse driver (video)
Unless you’re into weird promotional mascots, video games, or measuring the rotation of the earth, the PlayStation Move probably hasn’t caught your eye. Here’s an idea: what if you could wave it about to control your PC? Earlier this week, electronics hobbyist Jacob Pennock used the Move.me C library to build a gesture-controlled mouse driver, and we’ve got the project’s tech demo after the break. Watch as Pennock launches Facebook by drawing an “F,” starts a video with a jaunty “V,” and closes a few items with a quick “X” motion over the offending windows. Control motions are loaded through the creator’s own gesture recognition library, called hyperglyph, which he claims can record motions with 98 percent accuracy. As Move.me is currently a closed beta, Pennock is keeping the source code under wraps, but he hopes to eventually put the driver to use controlling a gesture-based Linux media center. Pretty neat, but not quite enough to stave off our Kinect hack envy.
Kinect dives into anime cyberspace, dares you to catch cute robot tanks (video)
If your foremost dream is to jack into a dystopian cyberpunk reality where hackers play with human brains (and you also happen to love Japanese anime), you’d best book your flight to Tokyo right now — a Shibuya department store has set up a basic cyberspace simulator straight out of Ghost in the Shell. That’s the film Ghost in the Shell: S.A.C. Solid State Society, to be precise, which just got a stereoscopic 3D re-release in Japan this week, and in its honor creative services company Kayac set about constructing a high-quality Kinect hack. Microsoft’s depth camera tracks the lean of your body, while the honeyed virtual reality is projected onto a pair of nearby walls, and it’s your objective to slap the Tachikoma tank silly without falling over yourself. Get a peek at what it’s like to play with in the video above.
German students make life-sized VR Fruit Ninja, declare war on digital produce (video)
Do you enjoy the produce-slashing action that Fruit Ninja affords, but feel constrained by the meager display capabilities of handheld devices? Well, some German students from FH Wedel University of Applied Sciences have created a VR version of the game to make your dreams of having more massive melons fly at your face come true. Using a CAVE four-walled virtual environment to display the hurtling fruit and a modified Wiimote to do the slicing and dicing, players can exorcise their cantaloupe and kumquat demons in a life-sized fruit cleaving frenzy — with none of the Gallagher-style mess. See it in action after the break, just be sure to don your Kikou first.
iPad 2 jailbroken, no ETA on public release
You knew this was coming — it was only a matter of time — and here it is, Apple’s latest creation sans the iOS 4.3 chains. The development community credits @comex with installing Cydia on this white iPad 2, and he’s apparently already hard at work on a public jailbreak. According to his Twitter feed, the hack required a brand new exploit, as previous bugs were squashed in iOS 4.3. We’ll keep you posted on when the hack’s ready for you to use, too.
Transportation, Tablet PCs iPad 2 installed in Ford F-150 truck, does FaceTime while you roll over stuff (video)
SoundMan Car Audio’s done it again, and this time on day one — they’ve stuffed an iPad 2 into the dashboard of an unsuspecting vehicle, in this case a 2010 Ford F-150 pickup. While that doesn’t sound like the most exciting hack in the world, we have to give credit where it’s due — Doug and company now have a truck that can make FaceTime video calls, browse to world-class technology websites (we’re blushing) and play Pandora too. See the SoundMan crew show off the fruits of their labors in a video after the break.
Kinect hacked for home automation, does your mood lighting for you (video)
Microsoft’s Kinect has become quite the hacking hotbed — the fields of medicine, music, and even shadow puppeteering have all benefitted from the peripheral’s incredible versatility. And now, to the delight of home automation nerds everywhere, an enterprising young hacker has rigged a Kinect to automate the lighting in his home. By positioning the camera bar in a corner to track his movements, connecting it to the automation controller, and coding on / off commands, he’s able to control the lights throughout his geektastic domicile. The automation logic then turns on the lights when entering the room, localizes them according to location, and turns them off upon leaving. One less thing to worry about — here’s hoping a method for spotting our perpetually misplaced keys is in version 2.0. Vid’s after the break.
