Wednesday, August 12, 2015

Four Things You Didn’t Know Could Be Hacked

At two big hacking conferences in Las Vegas over the past week, security pros revealed new vulnerabilities in daily items we never considered security risks. These events serve as annual displays of the latest hacking tricks.

The Austin, Texas-based company TrackingPoint makes auto-aiming rifles that increase a shooter’s accuracy and have Wi-Fi connectivity. Within the 100- to 150-feet range of the Wi-Fi and using a mobile phone, a hacker can compromise the weapon and change the target of the shooter, says Runa Sandvik, one of the researchers who presented at the annual hacker gathering Def Con last week.

In a demonstration for Wired, Sandvik and a research partner finagled with a rifle’s software to shift aim 2.5 feet to the left, hitting a different target...

Electronic skateboards 
Electric skateboards can make your ride smoother — until the board no longer listens to your controls and throws you off. Two researchers developed a hack they dubbed “FacePlant,” which gave them total control over digital skateboards by manipulating the Bluetooth connection.

An attacker could force the skateboard to connect to a laptop and then stop the board, alter its direction or disable its brakes.

Death records 
It’s pretty simple to kill someone off — at least on paper — Chris Rock, chief executive officer and founder of the security company Kustodian, showed in a presentation at Def Con. Using information found online, anyone can complete state electronic death records, Rock found, and then register to become a funeral director online to complete a certificate of death.

Why kill someone off officially, but not physically? For revenge against an ex-partner or a jerk boss, according to Rock’s presentation, or to enjoy the insurance benefits or access elderly parents’ estates.

We already know that the modern car is like a smartphone on wheels in that it’s susceptible to hack attacks like any other connected device... What they found: Teslas are, in fact, built with more security in mind than the average vehicle. But they also found several vulnerabilities, and were able to remotely open and close trunks, lock and unlock doors and stop a Tesla, depending on what speed it was being driven at.

The researchers worked with Tesla, and Tesla automatically pushed an update to all the cars so drivers could patch the vulnerabilities within one to two weeks — unlike other car companies, which have had to issue recalls on vehicles with security flaws.  more