Third round. I’m not proud. Or tired.
- Slides from Salvador Mendoza‘s “Exploiting 0ld Mag-stripe information with New technology” are here. I think this is the most current version, but I welcome correction.
- Here’s the slides for “macOS/iOS Kernel Debugging and Heap Feng Shui” (Min(Spark) Zheng).
- Mikhail Sosonkin has a series of blog posts up describing vulnerabilities in the HooToo TM6 travel router. I believe this is a longer version of the same material from his “Hacking travel routers like it’s 1999” talk, but I haven’t had a chance to sit down and compare the blog posts with the slides.
- I have yet to find new material on “Open Source Safe Cracking Robots – Combinations Under 1 Hour!” but there’s a BBC article here. Worthy of note, to me: “For example, if one dial is set to open at 14, using 15 and 13 will work as well. It meant the robot could check every third number, making it possible to quickly test the remaining combinations much faster than a human being.” No disrespect intended to the presenters, but that’s exactly the Feynman/Los Alamos technique. (I think they used a different method for getting the number off the third dial, to be fair.) “The only thing we learn from history, is that we learn nothing from history.”
- David Robinson and ZX Security have a GitHub repo up. Here’s NMEAsnitch, a Python tool to detect GPS spoofing. Here are some other related (and some unrelated) tools courtesy of ZX Security.
- GitHub repo for “Snide” Owen’s “Phone system testing and other fun tricks” containing the slides and extras.
- EFF whitepaper, “The Pregnancy Panopticon”, by Cooper Quintin. This is the basis for the Cooper Quintin/Kashmir Hill talk “The Internet Already Knows I’m Pregnant”.