Image: Overwatch, this photo is available to licence on EyeEm.


Friday, July 19, 2019

In This Edition:
Quantum Entanglement, hacking hotels, hacking games, hacking people, holograms, flight carbon and Sting & Shaggy!

This week I started using Facebook and Twitter (on desktop) as Gaeilge, inspired by my friend Rhodri Davies who does the same in Welsh.
I've found it's a good way to learn some new words and phrases without too much effort, plus if I'm not in the mood to learn, all the links and features are in the same place so I can easily use them from habit. My favourite translation is on Twitter's tweet box, which says What's Happening? in English, but says Aon Scéal? in Irish!

Quantum Entanglement Photo

Image: Science Advances, University of Glasgow

Researchers at the University of Glasgow have captured an image of quantum entenglement for the first time.


Hacking Hotels

Image: Bloomberg, Inkee Wang

Bloomberg has an interesting piece that follows a group of consultant hackers trying to hack a hotel. The piece describes the usual targets that allow would be hackers to gain access to a hotel's physical infrastructure, such as isolated POS systems, smart TV internet ports or even ports for automated window blinds. The holy grail of hotel hacking is accessing the hotel's Property Management System (PMS), which would give the hackers control of all the hotel's reservations including customer and credit card information.

The piece describes how IT infrastructre in hotels is often out of date and some may be running an old PMS system called Opera which requires security controls to be deactivated on a machine to allow the software to work, making the hacker's job much easier. The piece is also a cautionary tale about using hotel WiFi, which is fertile ground for man in the middle attacks using WiFi pineapples. VPNs are your friend when it comes to public WiFi networks, as any viewer of Mr.Robot will tell you :-p


20 Years of Online Game Hacking

Image: Darknet Diaries

Despite having recommended the Darknet Diaries podcast way back in Edition #150, I fell behind in my listening and have just started catching up. This week I listened to a fascinating two part story about Manfred, an online game hacker who earned a living from his hacking for 20 years! Manfred found and exploited insecurities in pretty much every online game going, except World of Warcraft, for years.

Most exploits he found were integer overflow bugs that allowed him to increase the amount of virtual currency in the game (test your edge cases people!). He then sold these virtual assets an eBay first, then other marketplaces after eBay banned the sale of virtual goods. In one game he found a duplicate exploit, which allowed him to login twice without logging out, effectively doubling his in game assets, that's compound interest on steroids!

He only used exploits that did not effect the other players and moderators of a game, and only when that game did not offer its own in-game purchases, effectively offering after-market services without disrupting the business model of the game. After 20 years of raking in the cash, most games now have in-game purchases, so he has hung up his black hat in exchange for a security consultant's white hat.


Spear Phishing

Image: Mohamed Ahzam, Unsplash.com

Many are now aware of the term phishing, the attempt to obtain sensitive information by luring people into clicking links in an email from what they think is a trsuted sender. A new subset of this, spear phishing, is the attempt to lure into the same using emails sent from legitimate and trusted sources which have been compromised.

Software engineer Robert Heaton tells an eye-opening story in his post about how receiving an email from a genuine University of Cambridge email address, with a genuine Cambridge URL, was in fact a spear phising attempt. It would have been successful on him only for the fact that the malware was using a zero-day exploit in Firefox to gain access to the user's machine, and lucky for him he opened the link in Chrome. He went a few steps further and conversed over email with the sender, who maintained character throughout and dismissed the email as a case of mistaken identity.


Hololens Hologram Language Transaltion

Image: Microsoft

Julia White from Microsoft Azure Marketing demonstrated the use of Hololens 2 to project a motion captured holograph of herself speaking in Japanese using her own speech patterns. The demonstration was created using Azure mixed reality to record the hologram, Azure text to speech and translate to create the spoken content and Azure neural text to speech technology to imprint her speech patterns in Japanese. Check out the video demonstration, which also looks like a scene from the Taelon ship in Earth Final Conflict :-p


Flight Carbon Calculator

Image: The Guardian

The Guardian have released a flight carbon calculator, allowing you to select your starting and destination airports to see how much kilograms of CO2 emmissions are released per passenger on that return flight. it also shows you how many countries emit less CO2 per person per year compared to that flight. Aviation is responsible for 2% of global emissions and are set to at least double by 2050 :-(


Sting & Shaggy!

Image: NPR Tiny Desk

Sting and Shaggy, a match made in Tiny Desk heaven! You may not initially think that the silky smooth Sting groove would go well with a generous helping of Jamaican timbre from the sensational Shaggy, but you would be wrong my friend! :-)

Sit back, relax and crank up the volume on this class Tiny Desk performance! (They also have an album out called 44/876)


About Found This Week

Found This Week is a curated blog of interesting posts, articles, links and stories in the world of technology, science and life in general.
Each edition is curated by Daryl Feehely every Friday and highlights cool stuff found each week.
The first 104 editions were published on Medium before this site was created, check out the archive here.

Daryl Feehely

I’m a web consultant, contract web developer, technical project manager & photographer originally from Cork, now based in London. I offer my clients strategy, planning & technical delivery services, remotely & in person. I also offer freelance CTO services to companies in need of technical bootstrapping or reinvention. If you think I can help you in your business, check out my details on http://darylfeehely.com

Life Changing Smart Thinking Books