Android Airplane Hack Clarified By Researcher

June 25, 2014

After a tremendous amount of press, Hugo Teso, the researcher who presented at Hack In the Box 2013 Amsterdam, that he'd found vulnerabilities in systems used by control towers, has posted some clarifications.

Read More

Spoofing Device Location Made Easy

June 24, 2014

In his talk last week, "A Million Little Tracking Devices: Turning Embedded Devices into Weapons," Don Bailey, a security researcher with iSEC Partners, demonstrated how he'd been in Boston, Afghanistan, Libya, and at the White House –all within the 24 hours proceeding the annual Hack In The Box conference in Amsterdam. Or so his tracking device said.

The device, Zoombak, is essentially a GSM module with a separate MicroController, said Bailey. If you want to find a particular Zoombak, the service sends a SMS over GSM with A5/2 encryption and then the device responds with its location via pure HTTP. Bailey said he was able to spoof the responses, and thus appear to have been in four or five countries within the previous 24 hours.

Read More