@nazokiyoubinbou @Viss Exactly
Uncategorized
1.4k
Posts
383
Posters
0
Views
-
@Viss @funnymonkey what is the approximate distance? Feet? Inches? I thought badge readers intentionally made it so it had to be close to prevent interference from other cards but with a appropriate reader the distance was farther...
Those badges are supposed to do a cryptographic handshake with the reader so that you can't just clone them.
So are car keys, for that matter.
The problem is that the cryptographic handshake proves identity but does *not* prove *proximity*. Attackers can't clone the key/badge but they can boost the signal to confuse the reader into thinking the key/badge is nearby when it's actually not.
I don't know how feasible such an attack is with badges, but cars were stolen.
-
Speaking of which, I wonder how long it'll be before some psycho hacks a bunch of people's earbuds to make a noise loud enough to destroy their hearing.
There's no fun or profit in it, but there must be some “watch the world burn” kind of character somewhere who thinks this is a good idea…
-
Perhaps not, but you do need to make sure you don't pair with any potentially insecure devices.
Pairing a phone with a laptop is hopefully fine. They both get security updates. But gadgets like speakers and keyboards? Don't even think about it. Wired or bust.
@argv_minus_one @funnymonkey this hack happens outside of pairing
-
Those badges are supposed to do a cryptographic handshake with the reader so that you can't just clone them.
So are car keys, for that matter.
The problem is that the cryptographic handshake proves identity but does *not* prove *proximity*. Attackers can't clone the key/badge but they can boost the signal to confuse the reader into thinking the key/badge is nearby when it's actually not.
I don't know how feasible such an attack is with badges, but cars were stolen.
@argv_minus_one @Viss @funnymonkey if only I was smarter this would be interesting to investigate... But alas I'm a idiot loser so it will end up being a mental experiment
-
Those badges are supposed to do a cryptographic handshake with the reader so that you can't just clone them.
So are car keys, for that matter.
The problem is that the cryptographic handshake proves identity but does *not* prove *proximity*. Attackers can't clone the key/badge but they can boost the signal to confuse the reader into thinking the key/badge is nearby when it's actually not.
I don't know how feasible such an attack is with badges, but cars were stolen.
@argv_minus_one @Viss @funnymonkey if only I was smarter this would be interesting to investigate... But alas I'm a idiot loser so it will end up being a mental experiment
-
@argv_minus_one @funnymonkey this hack happens outside of pairing
@Viss @argv_minus_one @funnymonkey this part involves pairing, no?
> Then they impersonated the headphone from their laptop and connected to the phone (pretending to be the headphone).
-
@Viss @argv_minus_one @funnymonkey this part involves pairing, no?
> Then they impersonated the headphone from their laptop and connected to the phone (pretending to be the headphone).
@aburka @argv_minus_one @funnymonkey its possible to talk btle without pairing. check out lightblue if youre on Android
-
@aburka @argv_minus_one @funnymonkey its possible to talk btle without pairing. check out lightblue if youre on Android
@Viss @argv_minus_one @funnymonkey huh, til
-
@aburka @argv_minus_one @funnymonkey let me know when you soft brick your first thing. i like changing the names of peoples fitbits while on flights
-
@aburka @argv_minus_one @funnymonkey let me know when you soft brick your first thing. i like changing the names of peoples fitbits while on flights
@Viss @argv_minus_one @funnymonkey my Fitbit that's paired to the same phone doesn't even show 🤷♀️
-
@aburka @argv_minus_one @funnymonkey its possible to talk btle without pairing. check out lightblue if youre on Android
Yes but they can't impersonate the headphone to the phone if the headphone isn't paired to the phone, can they?
-
@Viss still looking like Saturday to me :D
-
@Viss still looking like Saturday to me :D
@winterknight1337 i like your brain
-
@winterknight1337 i like your brain
@Viss helps that I was playing Rimworld till 0330 and I just got up lol
-
@Viss helps that I was playing Rimworld till 0330 and I just got up lol
@winterknight1337 that works too! i was in arc raiders for like. 7 hours yesterday
-
@da_667 @winterknight1337 i wish other folks were into arc raiders. cruising around in a team of 3 would be so rad
-
@da_667 @winterknight1337 its a sneakmode one tho
-
@Viss @da_667 @winterknight1337 I've been eyeing it for a while, especially since it appears to not be outright hostile to Linux.
But I'm also using an old enough NVIDIA card to be affected by the recent Arch kernel/driver shenanigans 😅
-
@Viss @da_667 @winterknight1337 I've been eyeing it for a while, especially since it appears to not be outright hostile to Linux.
But I'm also using an old enough NVIDIA card to be affected by the recent Arch kernel/driver shenanigans 😅
@nCrazed @da_667 @winterknight1337 its platinum on protondb
-
@da_667 @winterknight1337 its a sneakmode one tho
@da_667 @winterknight1337 you can go full 100% stealth if you want, or you can go picking fights, or you can snipe from halfway across the map. i turned on that thing in steam where friends can watch me stream if im playing, if you wanna creep on me
Feed RSS
Gli ultimi otto messaggi ricevuti dalla Federazione
-
Imagine losing a child in the War To Make Ronald Lauder Richer.
-
-
#AskFedi : How to bulk download all emails in inbox from #Yahoo email? I confess, I do not have a good habit of archiving and backing-up my emails. Now my inbox is booming and reaching ~10k emails since I have subscribed to a few mail lists. I do have #Alpine set up locally on my laptop to read them once in a while. I tried Select All and Save in Alpine however it is too slow and easily fail simply because it took so long that remote server would kill the connection.
#FOSS #Unix #Linux
-
@mayintoronto I'm not good at rolling burritos alas... they always fall apart on me :(
But I am pretty good at Katamari Damacy
-
@cwebber Burrito style?
-
I wanna roll you up into my life
-
@mcc Heather? I hardly know her
