Information Security

Rock Out to the Written Word with BookSound

Hack a Day - Wed, 11/14/2018 - 19:00

[Roni Bandini] has given the world a new type of music with, BookSound. As the name implies, it takes the written word and turns it into electronic music.

You’re no doubt familiar with audiobooks, which are basically the adult equivalent of having somebody read you a bedtime story. They’re an easy way to boast to your friends that as a matter of fact, you have read that popular new novel when in all likelihood you were probably just half listening to it while you drove to work. But for all the advantages audiobooks have over their traditional pulp-based brethren, they still have one glaring downside: with precious few exceptions, they’re no good to dance to.

BookSound creates electronic music from regular books. Well, electronic sounds at the very least. He says he’s still working on perfecting the word to music mapping, so the results shown in the video after the break are still a bit rough. But even in these early stages there’s no denying this is an exceptionally unique project, and we’re excited to see where it goes from here.

Inside the classy looking 3D printed enclosure is a Raspberry Pi, an OLED display, and the button and switch which make up the extent of the device’s controls. At the end of the arm is a standard Raspberry Pi Camera module, which gives the BookSound a bird’s eye view of the book to be songified.

To turn your favorite book into electronic beats, simply open it up, put it under the gaze of BookSound, and press the button on the front. Because the Raspberry Pi isn’t exactly a powerhouse, it takes about two minutes for it to scan the page, perform optical character recognition (OCR), and then convert that to the beats before you start to hear anything.

If you’re wondering what the secret sauce is to turn words into music, [Roni] isn’t ready to share his source code just yet. But he was able to give us a few high-level explanations of what’s going on inside BookSound. For example, to generate the song’s BPM, the software will count how many words per paragraph are on the page: so a book with shorter paragraphs will consequently have a faster tempo to match the speed at which the author is moving through ideas. Similarly, drum kicks are generated based on the number of syllables in each paragraph. In the future, he’s looking at adding “lyrics” by running commonly used words in the text through a text to speech engine and inserting them into the beat.

We’ve seen practical applications of OCR on the Raspberry Pi in the past and even similar looking book scanning arrangements. But nothing quite like BookSound before, which at this point, is really saying something.

Oracle's JEDI mind-meld doesn't work on Uncle Sam's auditors: These are not the govt droids you are looking for

The Register - Wed, 11/14/2018 - 18:57
Federation snubs Larry Ellison's bid to break up $10bn winner-takes-all contract

Oracle's bid to halt the Pentagon's JEDI $10bn winner-takes-all cloud IT contract has been turned down.…

Need help with root input

Tasker: Total Automation for Android - Wed, 11/14/2018 - 18:05

Hey, nothing is coming out with root input.what am I doing wrong? Also how can I determine what input device is being used? Please help.

submitted by /u/Mist717
[link] [comments]

Hands up who isn't p!*$ed off about Amazon's new HQ in New York and Virginia?

The Register - Wed, 11/14/2018 - 17:38
Ok, we have Amazon. Anyone else?

Analysis If regulators ever do get around to reining in the ecommerce steamroller that is Amazon, this week's announcement of his new headquarters may be the spark.…

[HELP] Create an actionable notification with a countdown

Tasker: Total Automation for Android - Wed, 11/14/2018 - 17:21

So I'm trying to make a task that has a notification with actions that contains a countdown timer. I've looked at a few Reddit posts and have a somewhat working setup but the cancel button doesn't work and it could also probably be simplified a bit. Here is my task (just testing the methods so it doesn't actually do anything of value, just a test case).

Task: NotificationTest A1: Variable Set [ Name: %cdown To: 5 ] A2: Notify [ Title: Test Text: %cdown seconds left Actions: {Label: CANCEL} {Action: Goto [ Type: Action Number, Number: 1 ] ] A3: Wait [ Seconds: 1 ] A4: Variable Subtract [ Name: %cdown Value: 1 ] A5: If [ Condition: %cdown > 0 ] A6: Goto [ Type: Action Number Number: 2 ] A7: End If [] A8: If [ Condition: %BATT > 00 ] A9: Notify Cancel [] A10: Bluetooth [ Set: On ] A11: Else [] A12: Notify Cancel [] A13: Stop [ Task: NotificationTest ]

I am unable to set the number for the Goto Action in A2 higher than 1. I want to set it to 11 since pressing the cancel button would immediately close the notification then end the task as defined by the Else statement at A11. If I try to set the goto higher than 1 it gives me a, "Error: Number : not that many actions in this task." error and I'm not sure how to fix it.

submitted by /u/YamatoMark99
[link] [comments]

Setting up a home environment to test

Your hacking tutorial - Wed, 11/14/2018 - 16:41

I'm looking to set up a home network to attack and have some fun in a safe and legal environment without using a VM.

Before I spend some money would it be possible to set up a separate WIFI connection using a TP-LINK TL-MR3020 Portable 3G/4G Wireless N Router in AP mode ( connect that to my ISPs router (Virgin Media Hub 3

Would this then be a separate WIFI connection where I can then connect a laptop to which I can then use my other laptop and equipment to attack?

Essentially be the attacker using airgeddon etc to get access and then victim to check logs see the changes I made using physical machines?

EDIT: I think this TP-LINK router may be better? TP-Link TL-WR802N 1-port Wireless Cable Router (

submitted by /u/gunuk
[link] [comments]
Categories: Information Security

Another Meltdown, Spectre scare: Data-blabbing holes continue to haunt Intel, AMD, Arm

The Register - Wed, 11/14/2018 - 16:38
CPU slingers insist existing defenses will stop attacks – but eggheads disagree

Computer security researchers have uncovered yet another set of transient execution attacks on modern CPUs that allow a local attacker to gain access to privileged data, fulfilling predictions made when the Spectre and Meltdown flaws were reported at the beginning of the year.…

Stanley Kubrick made Eyes Wide Shut. Data-protecting Andes Rubrik makes bytes slide shut

The Register - Wed, 11/14/2018 - 16:13
This is a Shinning example of an enterprise IT pun

Rubrik has expanded its database, unstructured data, and in-cloud protection.…

3D Print Springs With Hacked GCode

Hack a Day - Wed, 11/14/2018 - 16:00

If you’ve used a desktop 3D printer in the past, you’re almost certainly done battle with “strings”. These are the wispy bits of filament that harden in the air, usually as the printer’s nozzle moves quickly between points in open air. Depending on the severity and the material you’re printing with, these stringy interlopers can range from being an unsightly annoyance to triggering a heartbreaking failed print. But where most see an annoying reality of pushing melted plastic around, [Adam Kumpf] of Makefast Workshop sees inspiration.

Noticing that the nozzle of their printer left strings behind, [Adam] wondered if it would be possible to induce these mid-air printing artifacts on demand. Even better, would it be possible to tame them into producing a useful object? As it turns out it is, and now we’ve got the web-based tool to prove it.

As [Adam] explains, you can’t just load up a 3D model of a spring in your normal slicer and expect your printer to churn out a useful object. The software will, as it’s designed to do, recognize the object can’t be printed without extensive support material. Now you could in theory go ahead and print such a spring, but good luck getting the support material out.

The trick is to throw away the traditional slicer entirely, as the layer-by-layer approach simply won’t work here. By manually creating GCode using carefully tuned parameters, [Adam] found it was possible to get the printer to extrude plastic at the precise rate at which the part cooling fan would instantly solidify it. Then it was just a matter of taking that concept and applying it to a slow spiral motion. The end result are functional, albeit not very strong, helical compression springs.

But you don’t have to take their word for it. This research has lead to the creation of an online tool that allows you to plug in the variables for your desired spring (pitch, radius, revolutions, etc), as well as details about your printer such as nozzle diameter and temperature. The result is a custom GCode that (hopefully) will produce the desired spring when loaded up on your printer. We’d love to hear if any readers manage to replicate the effect on their own printers, but we should mention fiddling with your printer’s GCode directly isn’t without its risks: from skipping steps to stripped filament to head crashes.

The results remind us somewhat of the 3D lattice printer we featured a couple of years back, but even that machine didn’t use standard FDM technology. It will be interesting to see what other applications could be found for this particular technique.

Did you by chance hack OPM back in 2015? Good news, your password probably still works!

The Register - Wed, 11/14/2018 - 15:51
Government audit finds office still hasn't cleaned up from Obama-era megabreach

More than three years after suffering one of the largest cyber-attacks in US government history, the Office of Personnel Management has yet to adopt dozens of the security measures investigators ordered – including basic stuff like changing passwords.…

Alexa, cough up those always-on Echo audio recordings, says double-murder trial judge

The Register - Wed, 11/14/2018 - 15:21
Amazon gizmo may be key witness in slaying

A US judge has ordered Amazon to hand over any recordings made by its Echo digital assistant at a house where two women were murdered last year.…

Why most apps have way better designs on iOS than on Android?

Android - Wed, 11/14/2018 - 15:01

I really, really don't get it. iOS apps are just beautiful, I don't get why devs of the same App decide to make a beautiful design on iOS and put a material design on Android or whatever, with no fancy rounded corners, no fancy shadows, no fancy fonts. It's so hard to find well designed apps for Android compared to iOS.

submitted by /u/Prisanejamik
[link] [comments]

Mastering OpenSCAD Workflow

Hack a Day - Wed, 11/14/2018 - 14:30

As you may have noticed in our coverage, we’re big fans of OpenSCAD around these parts. The fact that several of the Hackaday writers organically found and started using the parametric CAD package on their own is not only a testament to our carefully cultivated hive mind but also to the type of people it appeals to. Hackers love it because it allows you to model physical objects as if you were writing software: models are expressed in code, and its plain text source files can be managed with tools like git and make. If you’re a real Pinball Wizard you could design objects and export them to STL without ever using a graphical interface.

But as you might expect, with such power comes a considerable learning curve. OpenSCAD devotee [Uri Shaked] recently wrote in to share with us his workflow for designing complex interacting mechanisms, which serves as an excellent primer to the world of parametric design. From animating your models to recreating the “vitamins” of your build, his post contains plenty of tips that can help both new and veteran OpenSCAD users alike.

Perhaps the biggest takeaway from his post is that you should be thinking of your projects as a whole, rather than as individual models. [Uri] recalls his early attempts at designing mechanisms: designing each component individually, printing it out, and only then finding out if it fits together with the other pieces. This method of trial and error is probably familiar to anyone who’s designed their own 3D printed parts — but it’s slow and wastes materials. The alternative, as he explains it, is to design all of the pieces at the same time and “assemble” them virtually. This will allow you to check clearances and fitment without dedicating the time and materials to test it in the real world.

In fact, as [Uri] explains, you’re better off spending your time bringing real-world parts into OpenSCAD. By carefully measuring the hardware components you want to interact with (servos, gears, switches, etc), you can create facsimiles of them to use as a reference in your OpenSCAD project. As time goes on, you can build up your own library of drop-in reference models which will accelerate future designs.

He also spends a little time talking about something that doesn’t seem to be terribly well known even among the OpenSCAD converts: you don’t have to use the built-in editor if you don’t want to. Since OpenSCAD source code files are plain text, you can write them in whatever editor you like. The OpenSCAD model viewer even has an option specifically for this scenario, which will cause it to update the rendered preview as soon as it detects the source has been updated. For [Uri] this means he can create his designs in Visual Studio Code with a constantly updating preview in another window.

If you’re looking for examples of what the parametric capabilities of OpenSCAD can do for you, we’ve got no shortage of excellent examples. From creating customized computer cases to saving time by using mathematically derived components. Our very own [Elliot Williams] even has a write up about that most glorious of OpenSCAD commands: hull().

"Hacker Database"

Your hacking tutorial - Wed, 11/14/2018 - 13:59

I was listening to the podcast Reply All (The Snapchat Thief #130). They mostly covered the possibilities of sim swapping. However, they consulted a security expert for a part of the episode. The expert was able to find sensitive information (address, SSN, previous passwords) just by looking at a "hacker database" and putting in the podcaster's phone number.

This made me curious about what kind of information is available about me. What types of tools might this expert have been using?

submitted by /u/philosotits
[link] [comments]
Categories: Information Security

Hardware for game hacking with help of VM?

Your hacking tutorial - Wed, 11/14/2018 - 13:53

I've read that one of the ways that games will detect if you're using a VM is by checking things like how many CPU you have, how much HDD space, how much RAM, etc, to see if it looks legit or like a VM. And I think that the minimum you need to look legit (just imho) is 8gb ram, 500gb hdd, and I don't know about CPU cores tbh.

What do you think? Creating a game bot farm, even just 3 bots would cost a lot of money, you would need a really super expensive ultra computer or several expensive computers to look legit and not get flagged as a VM which most games outright prohibits and if they don't then they flag you and investigate you very closely.

What are your advice?

submitted by /u/DiligentArrival
[link] [comments]
Categories: Information Security