Sunday, 18 September 2016

44CON 2016

Another year, another 44CON in London. A line-up of great talks, and a very good opportunity to catch-up with friends from the industry. The event took place between 16-18/Sep 2016, at the ILEC Conference Centre
This year you were able to solder your badge while you were there. There was a nice corner dedicated to soldering, with solder irons provided and all the bits to make it work. 

I ended up making six of those in order to help out a couple of friends. It was really easy to make and really fun to do, especially when it started working as it should. 

The badge is called HIDIOT and it is short for HID IO Toolkit. :) The Human Interface Device Input/Output Toolkit (HIDIOT) is a USB-based board for manipulating and experimenting with USB HID class devices. The version given out at 44CON is unreleased. In effect, we decided to make our badge a piece of 0day hardware.

Sunday, 21 August 2016

How to train your facebook ads..

Most of you use Ad Blockers and I am happy that you do for all sort of reasons, which I will not discuss here. This blog post is about how you can train the ads you get on different websites (mostly on social media) based on what you care less. Yes, that is right. If you really want to avoid being distrusted or even tempted from clicking on (sometimes malicious) ad links, then what is better than training the system behind the scenes to show you ads only on things that you really don't care about at all. :D

I will use the example of Facebook, which I have been doing for a long time and I realised just know that I haven't actually shared this with you all. 

What you see on the left hand side is a print screen from the ads I get on Facebook. Those side ads are not a problem due to way they are being displayed but, based on these ads, you get similar ads in your news feed as well. 

Thus, by training these ads, you will get relevant ads in your news feed as well. As you can see on your left, all the ads I get are about sports and sometimes about music

The reason is because I DO NOT CARE AT ALL about sports, or what is happening in the music industry

When you click to hide an ad, Facebook asks you the following:

 Why did you hide it?
 - I don't care about this
 - I keep seeing this
 - It's offensive or inappropriate 
 - Other
 - I want to see something else

When you are presented with these options, you just need to use them in a clever way. Anything that seems like you would be interested, lets say politics, environment, science, space exploration, ninjas, you select any on the options that classify it as "something you don't care". 

On the contrary, when you get ads that you really never cared about, such as sports, or gambling, you keep leaving these ads in your feed like it really matters to you. 

Doing that 3-4 times in a day, for a couple of days, trains the engine behind Facebook and starts displaying ads that you don't really care

Actually, our brains learn to ignore ads after a while, but when the content is irrelevant to your liking, your brain ignores them completely. I know it sounds weird, but you will end up going through your news feed and your brain will keep ignoring the ads. Especially ads that you don't care about, in such a way that you won't ever remember seeing the targeted add. Trust me and try it! ;)


Saturday, 20 August 2016

Security BSides Manchester 2016

Thank you all for coming to my talk at Security BSides Manchester 2016. The conference took place on Thursday 18th August 2016, at Manchester Metropolitan University Business School, in the heart of Manchester.
The title of my talk was: 
Accessing the personal details of most of the InfoSec professionals & the Responsible Disclosure process.

The talk was not recorded due to the sensitive nature of the content and not much information was given in the abstract. 

Sunday, 7 August 2016

Electromagnetic Field 2016 - EMF Camp

Electromagnetic Field [1] is a UK camping festival for those with an inquisitive mind or an interest in making things: hackers, artists, geeks, crafters, scientists, and engineers.

This year's badges were amazing! If you want to start hacking your badge, go to this link: https://badge.emfcamp.org/wiki/TiLDA_MK3
I actually had the opportunity to give a talk on the myths and truths when it comes to hacking airplanes. Thank you all for coming to my talk! The talk was recorded and streamed live at the same time. Soon, the video will be available on EMFcamp's youtube channel if you would like to watch.

This year the event took place between Fri 5th - Sun 7th Aug 2016. The organisers found a really nice location outside Guildford. It is an awesome camping site with power to your tent (if you remembered to bring an extension) and Internet access. Tickets are approximately £120 and if you are thinking of driving down, you need to purchase in advance a parking ticket. If you have a motor-home, you are also welcome. 

EMFcamp welcomes everyone, supports diversity and does not tolerate misconduct. So, pack your tent, some warm clothes, a couple bottles of/for water, a torch, your favourite drinks and you are all set. I suggest you get earplugs as well, especially if it is windy, you wont be able to sleep. 

Plenty of presentations to watch, a few canteens with drinks and food, and many different workshops. Many different villages [2] and a lot of fun stuff to do all day long! Except from attending interesting talks and workshops, from hacking stuff, making stuff, creating music through algorithms, practising your soldering skills, lock-picking, talking to people around the world through radio broadcast, and play fire ping pong, you can also enjoy the day with all sort of people, make new friends while have a a cold drink and warm food.

There is also a kids area as well where you can let them play from 10:00 am until 20:00 pm and overseen by professional carers. 
Pick your favourite activity as you go along or plan your day in advance by looking at the schedule on the website. 

You can follow EMF camp on twitter: @emfcamp 

[1] https://www.emfcamp.org
[2] map.emfcamp.org

Wednesday, 27 July 2016

0x Haxors - Deck of Playing Cards (hexadecimal)

Ever wanted a #geek version of a deck of playing cards based on the #hexadecimal numeral system (68 cards)? At last, a deck of playing cards based on the hexadecimal numeral system, also known as HEX. (meaning this is a custom-made deck that has 68 cards, not the 52 standard deck). ..check this Kickstarter project out!



Then you should check this out: 

This project in order to be completed needs to place an order for a custom design (graphics included) and a custom cut for these cards. All existing playing-cards printing facilities (patterns) are made to print the normal 52 cards deck and in this case we need way more: 68 custom high quality prints and cuts. (special packaging for each deck is needed as well)

Thus, by backing this project you will help with the significant cost of placing a custom order for designing and printing this special set of cards
We are aiming to make the cards high quality in order to last longer when you play.

So, to summarise: 
Please note that making a deck or 68 cards, instead of the standard 52 cards, it means that even the packaging is custom-made and the cost involved is WAY HIGHER that simply changing the drawing on a standard 52 cards deck.

  • Graphics (by a professional graphic designer). 
  • High Quality print 
  • Quality cards with clear plastic coating to last longer and fill nicer (than paper cards). 
  • We want them to be water resistant as well. 
  • Special Order to print 68 cards for each deck
  • Packaging design and making to fit 68 cards. (packaging need to be custom made) 
  • Staff costs to pack all these decks and ship them worldwide.
Please, help this project to become a reality!