Makerfaire 2010

On my way back from Makerfaire 2010 and thankfully I can decompress on the train back. The event was a hit with plenty more makers that last time. Surprisingly the event took place inside the science centre instead of millennium square which the science centre circles and was the venue of the last one. One of the downsides of the move to the science centre is the cost which was about 4 pounds per person. There was the question would

Some very cool things I saw….

Lasers! Some of the guys from the spraycan project had built a multi-colour laser out of a standard green laser, a red dvd laser and blu-r laser. Using special mounting mirrors between them all, You can see the whole lot on this forum specially setup for laser makers. Some of the others are equally impressive and dotted all over the forum. Will I make my own laser? who knows maybe some day in the future. Maybe I’ll start by strip down my toy red laser and add a couple other Red DVD lasers to a baseplate and then try adding a controller. Hummmm one for a rainy day me thinks.

Sonodrome create bespoke audio hardware and software which fit into small pocket size tins. What I like about them is the size and ability to add it to my pacemaker output. So I could live mix on my pacemaker and plug into one of these pocket size tins for some crazy filtering. Heck I can even chain them for some real fun. Talking to the guys behind Sonodrome its possible to do some stuff with wiimotes as a controller, so look out for some hacking in that area by me soon.

Sugru is interesting shame the guys can’t seem to make enough to make it into the shops.

Lastly Steampunk magazine. I’ve never really engaged with steampunk culture or anything like that. I’m more a futuristic kind of a guy in these departments, hi-tech trainers, hi-tech fabrics all dark colours. Anyway it was interesting to think about and the woman’s dresses and corsets are well something else!

Of course there was tons and tons of other things at Makerfaire but theres really caught my attention. The whole event was amazing and I look forward to 2011.

The Playstation 3 finally and completely hacked

Playstation 3 in dark city

Geohot has outdone himself again, not only the first person who unlocked the iPhone, but now also the Playstation3. In his own words…

I have read/write access to the entire system memory, and HV level access to the processor. In other words, I have hacked the PS3. The rest is just software. And reversing. I have a lot of reversing ahead of me, as I now have dumps of LV0 and LV1. I’ve also dumped the NAND without removing it or a modchip.

3 years, 2 months, 11 days…thats a pretty secure system

Took 5 weeks, 3 in Boston, 2 here, very simple hardware cleverly applied, and some not so simple software.

Now we really get to see how powerful the playstation 3 really is when its not being crippled in a virtual machine. I’m much more likely to buy one if I can see a whole homebrew community of stuff on it in the near future. The source code for the hack isn’t available quite yet but its just a matter of time. I wonder how long the Xbox 360 can stay closed?

Finally got the Wiimote working with my laptop

Wiimote and Dell laptop

After weeks of messing around with many different configurations, tonight (1am) I got it working, thanks to this great forum.

I'm using a Wavelinker bluetooth USB dongle with the IVT Corporation BlueSoleil drivers on my Dell XPS M1210. I have to turn off my internal Bluetooth because it seem to not work with BlueSoleil drivers. The thing which seemed to make all the difference was this ordering.

  1. Open GlovePie
  2. Open BlueSoleil
  3. Press 1+2. Wait for “* Connected” to pop up in the lower righthand corner of your screen.
  4. Run your script.

I found that GlovePie with no Bluetooth Fix or Auto Bluetooth Connect worked for me. GlovePie when opened would launch BlueSoleil for me and within a few seconds I was up and running. I used the script Wiimote identifier to work out if the Wiimote was connected or not. Once it was connected I can then run a more exotic script like the Mouse Control Script.

I've uploading a video I shot, so others can learn how to do the same.

Comments [Comments]
Trackbacks [0]

Linux and homebrew on Xbox 360 and PS3?

So while I was looking around the 23C3 conference notes I found some links to videos about a possible Xbox 360 hacking. The video which can only be viewed on Youtube now seems odd and underwelming. But if its true means you can now using some exploit in the game King Kong run unsigned code on a Xbox
360. Engadget also had a piece about the whole thing.

One of the best things about the original Microsoft Xbox console wasn't the fact that it ran games. Oh no, for many, the best part was the ease at which that low-cost / high-powered device could be hacked to run all kinds of Homebrew applications including a damn fine media center. Now, in a tantalizing bit of showmanship put on by a cloaked hacker at the 23C3 Hacker Congress in Germany, a modified Xbox 360 (note attached circuit board) is shown loading Ubisoft's King Kong game just before displaying a trio of
dancing 360, Tux, and (old) MacOS logos with the words “coming soon.” Could this be a true exploit of King Kong's unchecked and unsigned vector shaders? We don't know, but the ability to execute any kind of code is certainly progress.

This is all fitting because Sony have just released a Yellow Dog linux build for PS3. Engadget once again has the right idea.

We're still holding out until Ubuntu gives us the love we crave. Well, that or until the OSS community get started on making an XBMC-like PS3 interface, since Sony believes all of your home's media should live on the PS3, and not on a media server.

Hey and no better time, XBMC is long from dead. Its been partly ported over to x86 for skinners and developers and this new skin from PDM called clearly shows the pure maturity of the XBMC platform.

And in related news I read Microsoft are releasing another version of the Xbox 360 code named Zephyr (1st one was called Xenon), this time with cooler processor, 120gig HD, HDMI and 1080p support out of the box. Sounds interesting but not as important as the previous news.

If the hack is true, it looks like I'll have to decide between the PS3 and Xbox 360 sometime this year. Maybe it will be a race to see who gets XBMC on it first.

Comments [Comments]
Trackbacks [0]

Geek and Geekhag podcast number eleven – The Experience

Me and Sarah discuss a few things in this 1 hour podcast. Some things I've talked about in previous blog entries and others are quite new.

  • Xbox 360 hacked?
  • Sanyo HD Camcorder
  • Movie Piracy
  • Its the experience that counts
  • Snakes on the plane
  • Don't copy that floppy
  • Geekdinner
  • Rocketboom
  • Police with guns
  • Sarahs now British

Comments [Comments]
Trackbacks [0]

BA site compromised, again?

British Airways

From Slashdot yesterday, Identity Theft from Tossed Airline Boarding pass?

The Guardian newspaper has a great story about how the gathering of information for anti-terrorist passenger screening databases allowed a reporter and security guru Adam Laurie to lay the groundwork for stealing the identity of a business traveller by using his discarded boarding-pass stub. From the article: We logged on to the BA website, bought a ticket in Broers name and then, using the frequent flyer number on his boarding pass stub, without typing in a password, were given full access to all his personal details – including his passport number, the date it expired, his nationality (he is Dutch, living in the UK) and his date of birth. The system even allowed us to change the information.

So my take on it is, maybe this story is not quite what its cracked up to be. According to many Slashdotters there calling bullshit. But in the past I've also seen how easy it is to exploit BA's online system. I'm actually sure I've emailed BA over 2 years ago and maybe blogged it a while ago. See the problem I had was that my password timed out and I needed to get a eticket for the return journey. So I logged in as Sarah who had a different account then changed a few things in the URL and bingo I was able to see my account details including address, passport number, etc. Now from what I remember I couldn't get the password, but I could change it (which I did). I do remember the membership number, firstname, lastname and email address was all I needed to change the account.

I remember being so shocked at the lack of security and privicy that I tried to delete my account once I got back to the UK. I know for sure I told quite a few people about this flaw but can't quite remember exactly who. Honestly the problem seems to be when your already logged in accessing someone elses account other than your own. Anyway, I guess I should go and see if I can get my old details without a password… Hopefully some mainstream attention like this will force BA to recheck there site and maybe solve the flaw I identified all that time ago.

Comments [Comments]
Trackbacks [0]

Messy haxoring with metasploit caught on iptv

Its not quite as cool as it may sound from the title. I just watched epioside 13 of my lame-ass iptv soap, The scene. yes everyones got there weakness but if you put this against other soaps like Hollyoaks then it comes out quite well. Anyhow, I got a real kick out of main character trying to get root on windows box hosting a FTP server. They used the well established metasploit to find a flaw and exploit it. To be fair its one step up from the hack in the matrix reloaded and they did do a little homework to use the nice opensource framework metasploit. Its certainly a fine line between security tester and exploiter but the best tools always are.

Talking of which if you didnt catch the Security now podcast number 9 about rootkits, please do as it will give you a good old wake up call. I've been personally aware of rootkits for quite a long time but I didnt know spyware, adware applications were starting to use them just so they cant be removed from a computer. Its crazy, but its true. Honestly I wouldnt wish a rootkit on my worst enemy, I just cant imagine anything worst. Anyhow, Steve and Leo do a great job explaining how rootkits work. It is however really good to know Microsoft and Sysinternals are working on the problem. I did try out SysInternal's Rootkit Revealer on all my machines and I'm clean as expected but its good to be sure. I suggest everyone should give it a try, at least till Microsoft add rootkit scanning to there malicious software removal tool. No one likes to be rooted…

Comments [Comments]
Trackbacks [0]