Well that was quick — The Mac App Store launched today. And today, we’re reporting that it appears to have been cracked. Apparently, copying a few resource files from a free app (in this instance, the new, free Twitter app was used as an example) into a paid app’s own resources folder will allow you to run the paid app at no cost. How this little trick slipped by Apple is beyond us. But now that the cat is out of the bag, we expect a fix to be released sooner rather than later.
Well, this could be seen as a potential problem…
RSA encryption has been cracked — 1024-bit encryption to be more precise. If you’re wondering who had the time and money to put together the necessary machinery to trim a several hundred year job (at best) down to a few months? It’s not quite as simple as you’d think. The more common way of breaking such security is by brute force. But the brute force needed to crack 1024 the “standard” way is simply not attainable by any one human or company as the costs for owning and maintaining computer would be astronomical.
So how exactly do you break 1′s and 0′s that are 1024-bit strong? Put the CPU on a diet of course. It’s rather simple if you don’t look into all of the science or other technical mumbo jumbo. All that’s needed is some voltage modifications causing a single error per clock cycle. During these errors, the CPU will actually flip bits, making them completely open for the world to see and giving researchers a slow but steady way of putting the password puzzle together.
Don’t go running just yet. While this is no doubt a major development in technology/encryption/security, the team who accomplished this task used no less than 81 Pentium 4 machines all churning towards the same goal which was completed in a rather brisk. Still, I don’t know about you, but I don’t know anyone with that many computers. A malicious government we still have to worry about, but some angry computer junky aiming to rewrite the world — not so much.
Engadget
You would think that after seeing the music industry fail time and time again, year after year, that video game companies would be a tad wiser than they currently are. Trying to “beat” pirates or prevent people from doing what they want with their property will only end in embarrassment and angry customers. Case in point: Ubisoft’s awfully restrictive “always on” DRM that is featured in Assassins Creed II has been out in the open less than 24 hours and already it’s fallen to the ever persistent and talented developer community. Those with a techie mind won’t find this surprising in the least bit. For the eleventy billionth time we can now see what happens when outdated, incompetent people run companies long after their expiration date. In the spirit of “F the man”, the downright elementary method to circumnavigate this digital cancer:
ßßß ° Û 1. Unpack release Û Û
± Û 2. Mount image or burn it Û Û
Û Û 3. Install Û Û
Û Û 4. Copy the content from the SKIDROW folder on the DVD to your Û Û
Û Û installation directory and overwrite Û Û
Û Û 5. Play the game Û Û
Have at it.
BoingBoing
- December 28, 2009 3:07 pm
For the next few weeks be afraid, very afraid. Karsten Nohl, an encryption expert with PhD. in computer engineering from the University of Virginia has successfully cracked the algorithm that secures the billions of calls that populate the GSM airwaves around the world each and everyday. What does it mean? On the surface it shows that the GSM technology may be ready for another security update as listening in on wireless GSM calls just became a tad easier.
As tempting as it is however, resist the urge to stockpile vast amounts of precious resources for the world isn’t going to end quite yet. While the algorithm has technically been cracked, there are many more things that go into intercepting, decoding and actually listening in on “stolen” phone calls. Many of those other “things” mind you are copyrighted products and services that ordinary citizens don’t exactly have easy access to. Then again, the code book (more on that in a second) and necessary tools to get the ball rolling come in several open source forms.
How exactly was GSM cracked (again)? Brute number crunching actually. Mr. Nohl along with the help of roughly 24 other (some of the individuals included are members of the “Chaos Computer Club” [Berlin]) team members worked together to generate the massive amount of possible algorithms into one (very) large book. This code book of sorts holds over 2 terabytes of data in the form of binary codes that in theory can be used to hack into GSM phone calls. As highlighted earlier however, their are several pieces of equipment and software applications needed to bring together all the bits and pieces.
Is the world in inherent danger? It’s not as bad as it sounds really. Sure someone could hack into a GSM network with the book of provided codes. But according to the GSM, a simple alteration of the algorithm would render the entire code book useless. Still, for a technology that was created in 1988 and hasn’t really gone through many security revisions, this may signal a growing need for the aging 2G technology.
It may surprise you however to know that an update to the underlying security for GSM technology is already available. You see, when GSM/2G technology was first launched, it was based on a 64-bit binary code called the A5/1. 3G networks since inception have used a higher security 128-bit code. But in 2007, an updated A5/3 GSM algorithm was released — only few cellular operators have chosen to upgrade to the newer, more secure algorithm. This recent re-hacking just goes to show that you can never fall asleep at the wheel when security is concerned.
To recap, the world is not going to end and our phone calls aren’t going to become a library for hackers to pick and choose as the please. Though given enough determination and the right tools and skills, such information — especially now that it’s public domain and freely available — means that cellular providers should at least think about beefing up security.
What do you say?
Boing Boing > NYT
[Image Source] [Image Source 2]
- December 14, 2009 10:06 pm
In our day and age, no one ever wants to recycle, use someone else’s old stuff, or even take a refurb. Sure doing so reduces on various planet sucking resources but that’s not what anyone cares about. God forbid their *insert product here* have a hairline scratch that somehow takes away from the overall enjoyment. Out of nowhere rant aside, Gizmodo reader Nic H sent in pictures claiming to be a new repair method being explored by Microsoft.
Obviously his model is a refurb as they don’t come from the store all nice and new looking quite like that. Maybe Microsoft was merely trying to save on excess plastic by strategically removing pieces here and there no? Whatever the case, getting a RRoD, waiting eons, then receiving your console in a condition such as is pictured above and below would surprise anyone I’m sure. To give credit where it’s due, Microsoft did ship the unit with nice, plush green foam did they not….?
I’m all about cool Xbox mods. Someone really needs to come up with a beat to hell mod that looks like it was beat through all kinds of hell. Just without the — you know — actual beating to the point of claiming the internal components’ lives. Anyone up to the challenge?
Gizmodo
