Jump to content

noway

Supervisors
  • Content Count

    2,134
  • Donations

    $0.00 
  • Joined

  • Last visited

  • Days Won

    83

noway last won the day on July 6 2017

noway had the most liked content!

About noway

  • Rank
    OSX86 Crew

Converted

  • Biography
    Guy from Hamburg, working at Lake Constance in environment analytics for decades, but preferred Baltic Sea for best age.
  • Location:
    Germany
  • Interests
    Tinkering with all kind of stuff.
  • Occupation
    Retired biologist

Profile Information

  • Gender
    Not Telling

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. If you live in Germany or Austria and always wanted a MasterCard really free of carge, Number26 is the one. Number26 is an offspring of WireCard, offering a giro account for receiving/sending money plus a full featured MC for nothing! The banking requires a smartphone running iOS7 or Android 4.3 or better to verify the credit card. The banking is done online via smartphone or any modern OS and browser of your choice. The MC and the account work as prepaid, so only money you have there may be used (or abused). If you don?t want or cant use your smartphone, you may also use a virtual Android smartphone for that. BlueStacks emulating a 4.4.2 device does the job without issues. Genymotion is working fine too, but the Number26 app has to be installed manually - PlayStore refuses installation. Links for Genymotion: ARM Translation, must have: https://www.androidfilehost.com/?fid=23252070760974384 Number26 app: http://apkpure.com/store/apps/details?id=de.number26.android Once through, finally you have an account with a little play-money for iTunes Store etc. without the need to link your "real" bank account. Me, I was very happy to switch my iCloud account from Santander to Number26, as you may have guessed. MacLife has the Number26 story in German: (An invite code is no longer needed to get the account) http://www.maclife.de/test/number26-europas-modernstes-girokonto-selbstversuch-10062933.html
  2. noway

    The Pita Bread Atack

    The authors demonstrate the extraction of secret decryption keys from laptop computers, by nonintrusively measuring electromagnetic emanations for a few seconds from a distance of 50 cm. The attack can be executed using cheap and readily-available equipment: a consumer-grade radio receiver or a Software Defined Radio USB dongle. The setup is compact and can operate untethered; it can be easily concealed, e.g., inside pita bread. Common laptops, and popular implementations of RSA and ElGamal encryptions, are vulnerable to this attack, including those that implement the decryption using modern exponentiation algorithms such as sliding-window, or even its side-channel resistant variant, fixed-window (m-ary) exponentiation. Here is the full story: http://www.tau.ac.il/~tromer/radioexp/index.html
  3. If you are using MacKeeper an have visited a phishing website, a bug in MacKeeper can install a Trojan on your rig. Beware! Last step before trojan installation: Here is the full story: http://baesystemsai.blogspot.ch/2015/06/new-mac-os-malware-exploits-mackeeper.html
  4. What is that hole after all? Is Dark Jedi hard to achieve on Macs?? No, it?s extremely easy because Apple does all the dirty work for you. What the hell am I talking about?? Well, Apple?s S3 suspend-resume implementation is so f*cked up that they will leave the flash protections unlocked after a suspend-resume cycle. !?#$%&!#%&!# And you ask, what the hell does this mean? It means that you can overwrite the contents of your BIOS from userland and rootkit EFI without any other trick other than a suspend-resume cycle, a kernel extension, flashrom, and root access. Wait, am I saying Macs EFI can be rootkitted from userland without all the tricks from Thunderbolt that Trammell presented? Yes I am! And that is one hell of a hole :-). Full story here: https://reverse.put.as/2015/05/29/the-empire-strikes-back-apple-how-your-mac-firmware-security-is-completely-broken/ Seems Mac from 2014 and newer are not affected by the above, but still a desaster in terms of security.
  5. Malware Persistence on OS X Yosemite. Patrick Wardle showed that Yosemite can be compromised with malware rather easily. Neither OSX?s built in features, nor the known antivirus apps are a cure seemingly. Here is the story: https://s3.amazonaws.com/s3.synack.com/RSAC+2015+Final.pdf
  6. Wired has the full story about retrieving data on a ultra slow pathway: http://www.wired.com/2015/03/stealing-data-computers-using-heat/
  7. noway

    Lighteater

    Because almost no one applies BIOS patches, almost every BIOS in the wild is affected by at least one vulnerability, and can be infected. The high amount of code reuse across UEFI BIOSes means that BIOS infection is automatable and reliable. Lighteater may infect almost any new or old hardware and hides in flash until it notices "promising" data to collect and send outbound. Wiping HDD/SSD aint no cure, only a flashing a trustworthy untouched UEFI may help - until next time. http://legbacore.com/Research_files/HowManyMillionBIOSWouldYouLikeToInfect_Full.pdf
  8. 133 downloads

    Kexts for usage with EeePC 1001HA, 1005HA, 1008HA and some similar N270/GMA950 netbooks. As usual, install with KextWizard and repair permissions afterwards.
  9. If you own one of these: Better replace it, as well as similar devices based on nRF24L01+ chipsets. The chipset is discussed here: http://travisgoodspeed.blogspot.co.uk/2011/02/promiscuity-is-nrf24l01s-duty.html Hacker Samy Kamkar made a homebrew USB wall charger with built in logic board to read your keystrokes. Full story here: http://arstechnica.com/security/2015/01/meet-keysweeper-the-10-usb-charger-that-steals-ms-keyboard-strokes/
  10. As many here use dual/triple boot laptops, be aware of this "nice addition". A DELL users notebook had to have a new logic board as Computrace could not be removed otherwise. (Source: heise.de/security 15-01-12)
  11. Did you know that sites can create HSTS cookies you can?t delete? This is a known issue for some time, but no cure is available. "Private" browser sessions do not help either. (From the German heise.de/security) Feel free to try this site for demonstration: http://www.radicalresearch.co.uk/lab/hstssupercookies/ A how to is included on the radicalresearch web page. I could not get rid of my SuperCookie "a14vnm" by any means with Firefox 31.3 ESR.
  12. And I?m positive many here could do better, even without making use of a pro drill stand. Or, more creative, write your name with drilled holes! (Source: macissues.com) Full article: http://www.macissues.com/2014/12/29/radical-fix-drill-holes-in-your-mac-to-make-it-run-cooler/#more-2705
  13. Version 1.2.2

    457 downloads

    The Driver was developed for Ralink Network, applied to RT309x, RT3092, RT3090, RT2790, RT2860 and was installed in Mac OS X 10.3/10.4/10.5. The version of the Driver was 1.2.2.0. The package for 10.5 Leopard should also work for SL 10.6 (32bit). This workaround is not perfect, better change your WLAN PCI-e card for a compatible one.
  14. Version 1.0

    513 downloads

    Yet another IO80211Family.kext, making AR9285 WLAN chipsets work as Airport Extreme with "n". The kext is meant for 10.6.7 only. I have no idea whether it can be used with other OS as well.
  15. I guess the mobo needed for FX cpus will be the bigger problem, FyllyMan. Recent chipsets for AMD cpus are not very well supported by 10.6. Maybe try a ML hack with a patched kernel for ML.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.