Sunday, 31 August 2014

EMF 2014 - Presentation

I was delighted to be given the opportunity to give a talk at EMF camp 2014 [1] about Point-of-Sale devices [2]. 

I would like to thank all of you who attended and I really hope you enjoyed the talk. Also, the talk was being streamed live at the website [3]
Looking forward to go back next year. 


Garmin GPS nuvi 2597LTM, 5" - How to..

I recently purchased a Garmin GPS and more specifically the nuvi 2597LTM, 5" screen. Compared to other makes, I find Garmin to be the best GPS devices out there for all sort of reasons. I have used different models of Garmin GPS over the years and I was fully satisfied with them every time.

However, my recent purchase put me off a little bit and the reason was that I was expecting more from Garmin. What I mean is that I purchased one of the latest models in 2014 and I was expecting to see the graphics to be a bit more smooth, without any delays in drawing/redrawing the map. It feels like they haven't upgraded the processor over the years and its performing exactly like a GPS bought at least 6-8 years ago. Also, it would be really nice if the screen had better resolution. We have retina displays now, I don't think increasing just a little bit the screen resolution would make such a bit difference to the final price. Despite the above the GPS is picking up the satellites very fast, the antenna picks up the satellites in semi-covered places as well, the real directions are very nice and useful, and of course the bluetooth allows you to take calls on the GPS which are loud and clear! 

The issue I had to face though, came a couple of months after during a trip. The GPS decided that the auto-brightness feature will start working as it pleases. More specifically, during the trip, it decided to switch from bright to 10% brightness. Every time I set it back to 70%-100%, after a random number of seconds/minutes it switched back to 10% for no reason. 

UnPHP - The PHP decoder

UnPHP is a free service for analysing obfuscated and potentially malicious PHP code. 

Test your PHP code online

For various reasons you might want to test your PHP code (or code written by others) and see if it works or check what it does. If this is something you would like to do, then you can use a couple of websites which will do this for you. 

Saturday, 30 August 2014

Outbox.. have you heard???

Outbox apparently is a "novel" service in the US. It is refereed as a "disruptive innovation". Basically, their innovation is that they will open the mail that it was post to you (read it maybe), scan it, and email it to you.
Effectively, the idea behind this is to have your mail delivered to you through email, wherever you are. Of course there is a monthly fee that you need to pay in order to use this service.
There is a huge debate between the founders of Outbox and the postal service in the US regarding this "disruption of the postal service". The following article summarises pretty well the views from both sides [1] and give you a nice inside on what is going on.

This blog post is about the security/privacy of the contents of the postal mail, by also taking under consideration is it is ethical as well, looking into the recipient's and the sender's perspective. It is not intended to discuss/debate if the Outbox idea is an innovation or a disruption of the postal service.

Friday, 29 August 2014

Electromagnetic Field 2014 - EMF Camp

Electromagnetic Field [1] is a UK camping festival for those with an inquisitive mind or an interest in making things: hackers, artists, geeks, crafters, scientists, and engineers.

This is actually the first day out here for this year (Fri 29th - Sun 31st Aug 2014). It is a lovely site with power to your tent (if you remembered to bring an extension) and Wi-Fi. Tickets are approximately £100 and if you are thinking of driving down, you need to purchase in advance a parking ticket for £15. 

As a side note; as it is not clear on the website, the parking area is a field. Also, to get there you will have to drive through mud, dirt, grass and about 500 yards of rocks which seem pretty sharp. So, be prepared before you decide to drive to EMF. I suggest renting a car for the weekend if you don't wanna risk getting your car out here!

Thursday, 21 August 2014

UPS Store tills infected by Malware in the US

UPS Store tills in the US are infected by debit and credit-card-reading malware in 51 of its branches. [1] UPS says the security breach may have exposed credit and debit card data at the affected stores between January 20, 2014 and August 11, 2014. As many as 100,000 transactions may have been snooped on, we're told, out of the millions normally running through the UPS network.

US-CERT has been warning about point-of-sale vulnerabilities for some time now. An advisory was released on January regarding Malware Targeting Point of Sale Systems [2]. 

The only way businesses could prevent carder raids is to look into adapting point-to-point encryption (P2PE).


Sunday, 17 August 2014

Outlook 365 Full Reset

I tried to set up Outlook 365 but I entered the wrong credentials. For some reason, which there is no point investigating further at this stage, I managed to crash Outlook 365. I was stuck with the forever loading splash screen of Outlook. There was no way for me to change the values from that loading interface. On top of that I believe the profile data file was corrupted, so there was no way to start Outlook at this stage. 

So, I had to reset Outlook 365 like it was the first time it was being used:

Saturday, 9 August 2014

Black Hat: Hackers execute code on mobile POS devices, play their version of Flappy Bird

Researchers who discovered vulnerabilities in mobile point-of-sale devices (mPOS), which could allow malicious code execution on targeted payment systems, demonstrated their findings at Black Hat 2014 in Las Vegas. 


Friday, 8 August 2014

Gamma International; a Hacker's Hacking Guide

The original document was found at pastebin [1]. 


                _   _            _      ____             _    _ 
               | | | | __ _  ___| | __ | __ )  __ _  ___| | _| |
               | |_| |/ _` |/ __| |/ / |  _ \ / _` |/ __| |/ / |
               |  _  | (_| | (__|   <  | |_) | (_| | (__|   <|_|
               |_| |_|\__,_|\___|_|\_\ |____/ \__,_|\___|_|\_(_)
     A DIY Guide for those without the patience to wait for whistleblowers