Mrz 17 23

In this new paper title „LED-it-GO: Leaking (a lot of) Data from Air-Gapped Computers via the (small) Hard Drive LED“ researchers at Ben-Gurion University Cyber Security Research Center present a method how data can be stolen with a maximum bit rate of 4000 bits per second from an isolated „air-gapped“ computer’s hard drive reading the pulses of light on the LED drive using various types of cameras and light sensors.

Find out more:
* Cameras can Steal Data from Computer Hard Drive LED Lights
* PDF version of the paper
* LED-it-GO – youtube video

written by d45id \\ tags: , , , , , ,

Okt 16 07

motion-codeSociété Générale and Groupe BPCE preparing to roll out a new credit card where the CVV code changes every hour.


written by d45id \\ tags: , , , , ,

Sep 16 10

Thomas Lendacky from the AMD introduces on the KVM Forum 2016 Secure Memory Encryption (SME) and Secure Encrypted Virtualization (SEV) features from the new Zen microarchitecture.

Find out more:

written by d45id \\ tags: , , , , , , , ,

Jul 16 08

James Newman from Cabridge builds his own very huge „micro“-processor called The Megaprocessor.

This awesome 16bit processor is about 10m long and 2m tall has thousands of LEDs more than 40 thousands of transistors. It has 256 byte RAM and a clock rate of 20kHz!
You can find more information, videos and a couple of articles (The Register and the BBC News) about The Megaprocessor at the project page or at facebook.

written by d45id \\ tags: , , , ,

Aug 15 03

Kovah, who discovered with his partners a lot of firmware vulnerabilities in Macs  last year has now designed with Trammell Hudson, a security engineer a worm they dubbed Thunderstrike 2 that can spread between MacBooks undetected.

[The attack is] really hard to detect, it’s really hard to get rid of, and it’s really hard to protect against something that’s running inside the firmware

Find out more at BlackHat & DefCon or read an amazing article @wired

written by d45id \\ tags: , , , , , , , ,

Jul 15 25

In this paper we [Daniel Gruss, Clémentine Maurice, Stefan Mangard] present Rowhammer.js, a JavaScript-based implementation of the Rowhammer attack. Our attack uses an eviction strategy found by a generic algorithm that improves the eviction rate compared to existing eviction strategies from 95.2% to 99.99%. Rowhammer.js is the first remote software-induced hardware-fault attack. In contrast to other fault attacks it does not require physical access to the machine, or the execution of native code or access to special instructions. As JavaScript-based fault attacks can be performed on millions of users stealthily and simultaneously, we propose countermeasures that can be implemented immediately.

written by d45id \\ tags: , , ,

Jul 15 21

…a very interesting article published in wired magazine about wireless carjacking.

written by d45id \\ tags: , , , ,

Jul 15 10

I’ve seen an very interesting LEGO construction at Hannover IdeenExpo. A near full automated paper cube production machine.

written by d45id \\ tags: , , , , , , , ,