Safekeeper Hotel Safe Bypass Video
I spent a week in Hawaii on the way back from Blackhat and Defcon in Las Vegas, and my hotel room had a Safekeeper key-lock safe that you had to pay $5 a day to use. Turns out the safe was perfectly usable without the key – which I guess nullifies the safe’s entire purpose. Although it had a Medeco lock, the lock wasn’t really necessary, I used a paperclip as my ‘key’. There must have been something really wrong with the way the plug was installed, I’d be horrified if this ‘attack’ worked on all of these safes. Unfortunately I only had the one in my room to play with.
Check out my demo video below for some facepalm-worthy safe bypass action!
[Updated] A guy called Brad found that his electronic hotel safe could be opened using an all-zero passcode.
My Favorite Top 10 Best #Protolol Jokes
No idea where it came from, but today the techno-geek community of Twitter woke up and decided en-masse that it was a good day to make pun-esque jokes about protocols and other computer technology. You probably need to be a geek to understand these, let alone find them funny. The following is a compilation of my favourite #protolols:
@yoz: order best is tell that The you thing can about jokes BitTorrent them in any
@eigenrick: The problem with TCP jokes is that people keep retelling them slower until you get them
@RichGibson: DHCP jokes only work when there is only one person telling them
@rickasaurus: The problem with token ring jokes is you need to wait your turn to laugh
@dasfiregod: The worst part about token ring jokes is that if someone starts telling one while you are telling yours, all joking stops
@KippiHax: I was promised a three way and all I got was a TCP handshake
@xntrik: The problem with git jokes is everyone has their own version
@thornmaker: I would tweet a joke about CSRF if you hadn’t just done so yourself
@zhov: I tried to come up with an IPv4 joke, but the good ones were all already exhausted
@akujobi: My HEAD hurts because I don’t GET all the HTTP jokes y’all PUT on my timeline. I have to DELETE some of them POST-haste
@securitygen: I received a Tor joke from someone… have no idea who they are though…
@securitygen: I’d make a joke about UDP, but I don’t know if anyone’s actually listening…
@securitygen: Let me speak out in the open: Telnet IS a joke!
Pic of the Week: Assange vs Zuckerberg
Stumbled across this picture this week, and although it’s quoting Bill Hader playing as Julian Assange in the Saturday Night Live skit below, I feel the message still makes a point. It’s probably worth reminding people that Assange was voted for Person of the Year by the readers of TIME magazine. In that same vote Zuckerberg came in at a lagging 10th place. I know… how Zuckerberg got it confused me too.
[Update] Here’s an Assange/Zuckerberg mashup picture of the quote above:
Pic of the Week: Real-World Penetration Testing
Can’t remember where I found this image, but it’s an amusing hyperbole of the sometimes limited or frustrating nature of penetration testing. Anyone who’s done pen testing/ethical hacking as a job will be able to appreciate the various points along the graph.
To the unknown author of this image: we feel your pain. ;)
There just one thing… I get M, T, W and F along the X-axis… wtf’s R ??
Facebook Hackers from the Future!
I got this email from Facebook today, and apparently my account was accessed on an iPhone by someone in the future! OMG HAX.
Either today is the day I successfully complete my time machine (made exclusively from broken pieces of the Large Hadron Collider) – or hackers in the future are wreaking havoc in my account, and there’s nothing I can do about it! At least Facebook were kind enough to notify me…
In reality this is happening because I’m in GMT+11 and Facebook’s servers in San Francisco are in GMT-8, making for an awesome 19-hour time difference. Unfortunately this makes my story far more mundane, so I’m sticking with hax0rs from the future. I think the guys at Facebook may want to disambiguate this email somewhat by putting in the date/time in UTC.
If you too want to be notified when there are unexpected logins to your Facebook account, check out my post on Facebook’s Suspicious Login Tracking.
Wikileaks Parody Music Video
Came across this parody music video of the whole Wikileaks/Cablegate debacle. It’s actually pretty good, check it out:
Pic of the Week: TSA Cupping
I’ve always thought that terrorists must find some of the attempts to thwart attacks quite amusing, Nudiescanners and TSA groping included. I recently stumbled across this picture and thought “this is probably not far from the truth”.
Either way, I found it funny so thought I’d share.
Correlation Found Between Julian Assange and Cloned Foods!
The following poll results very clearly show an irrefutable direct correlation between people who think that Wikileaks’ Julian Assange should be charged with espionnage, and those who think milk and meat products made from cloned animals are as safe as conventional food.
It is therefore possible to state that the more intelligent voters do not think Julian Assange should be charged with espionage. Science, it works bitches.
Voice your opinion on Wikileaks’ Cablegate by voting in the sidebar, or vote here.