--> Best-selling French Courses - 75% Commission, 8,000+ Students Already!
--> Get Onboard! 7 Hot Products- High Epcs- Converts 5%- Earn 75% Comm.
--> Fast Ringworm Cure: Incredible Product W/ Amazing Conversions
--> Natural Anti-aging Shortcuts - New High-converting Anti-aging Offer!
Since 1992, hackers have met each summer in Las Vegas, Nevada to talk shop about the state of technology security and the implications of the futures possibilities at Def Con. Over the years, Def Con grew to become a full-fledged and thriving convention.
The event has served as something of a warning sign of things to come. Researchers, privacy advocates, and hackers have gathered to discuss and present the scarier side of technologys capabilities, and to clue consumers into realizing what the devices they own can do. Of course, given the increasingly low bar the everyday tech news cycle sets, the stranger these demonstrations are, the more attention they get.
This year has been no exception. Here are the best hacks from Def Con 2019.
1) Insecure sex toys
A hacker who goes by the name smea gave a talk during Def Con, where he detailed how he hacked a butt plug with Bluetooth connectivity capabilities. The device, a Lovense Hush, has a companion app that is easily hacked, smea told Gizmodo.
According to Gizmodo, Smeas talk focused on how hackable sex toys could lead to sexual harassment and security risks. Smea said he heard a friend talking about Bluetooth-enabled butt plugs, and became interested in the privacy safety of the devices. He quickly discovered that the capability allows a hacker to compromise the security of the toys associated app, which is where personal information can be stored and the toy can be controlled.
One of the things I brought up during the conference was that gaining access to the sex toy might allow you to bypass some safety features and that could cause physical harm, assuming those safety features were implemented in software, Smea told Gizmodo. I dont think thats really necessarily possible with these [buttplugs], but you have other devices that have motors that are meant to rotate parts of the toy and stuff like that. If those have safety features implemented in software that could be a real problem.
2) The OMG Cable
One developer at Def Con is showing off (as well as selling) a USB Lightning cable engineered to allow remote access to a Mac unbeknownst to its owner. The modification allows access to the computer when it is connected to a phone by what is being called the OMG Cable.
Forbes reportsthe developer of OMG Cables (who goes by@_MG_ on Twitter) is already selling these cables to anyone who can track them down. The cables operate as youd expect a charging cable to, but contain a wireless implant which their developer claims he can access from a distance of about 300 feetabout the length of a football field.
However, when the cable is formatted to act as a web client to nearby wireless internet networks, distance is taken out of the equation. MG told Forbes that the lightning cables user interface is so innocuous that no one would be able to know what was happening until its too late.
It looks like a legitimate cable and works just like one, MG told Forbes. Not even your computer will notice a difference. Until I, as an attacker, wirelessly take control of the cable. Feels like a good time to stock up on Apple Store-only cables and refrain from borrowing any.
3) Hacking into Google Home
Researchers revealed onstage at Def Con exactly how they compromised a Google Home. Threatpost reports that these researchers exploited the Magellan vulnerability, a hole in the devices firmware which allows for remotely implemented code to grant access to code executions, leaking program memory or causing crashes.
In this case, a Google Home was prompted with a false update which allowed the researchers to load malicious software to the device and effectively render it a privacy danger to consumers.
According to Threatpost, the Magellan vulnerability has not been used to exploit Google Home devices outside of this instance.
4) A very expensive vanity license plate
The word null has long wreaked havoc on computer systems. Many times, bad software see null as meaningwell, nothing. Its a value-less word and so the system sees nothing. Usually, that could be really frustrating for a userbut one Def Con hacker thought he could use the error to his advantage. Presenter Joseph Tartaro (who also goes by Droogie) explained in his talk that he got a vanity license plate that read NULL in hopes of avoiding parking tickets. If the system couldnt read his license plate, maybe he could get away with all kinds of traffic violations.
Instead, the opposite happened: Tartaro received $12,049 in traffic fines, some of them from places hes never been. The explanation of why is complicated, but suffice it to say that the NULL license plate didnt make Tartaro invisible to the system, it simply broke the system and then penalized him for it. Basically, if someone was ever cited for something and the officer failed to include their license plate in the citation, the system would go ahead and do it for him, registering it asyou guessed itnull.
Tartaro wasnt the only one at Def Con who wanted to exploit license plate reader technology.Fashion hacker Kate Rose wants her clothes to be seen as much as possibleincluding by automatic license plate readers (ALPRs) used by law enforcement.
Her clothing, a line of dresses, T-shirts, pencil skirts, and crop tops featuring license plate designs are meant to fill the databases created by ALPRs with so many false plates that their data sets are unusable, according to The Parallax. Hopefully, her experiment is more successful.