A rather geeky/technical weblog, est. 2001, by Bramus
This tweet is currently making rounds on Twitter: You can access it via System Preferences>Users & Groups>Click the lock to make changes. Then use "root" with no password. And try it for several times. Result is unbelievable! — Lemi Orhan Ergin (@lemiorhan) November 28, 2017 And yes, that actually works: enter root as a username, …
Continue reading “Login with root and no password on any mac running macOS High Sierra”
A few years ago window.getComputedStyle and the like where adjusted to return the default color of links, instead of the actual color on screen. Security and privacy were the driving factors behind that decision: by styling :visited links with a different color than their non-visited counterparts, a hacker could easily determine which sites a user …
Continue reading “Stealing your browser history with the W3C Ambient Light Sensor API”
Clever way, unearthed by Inti de Ceukelaire, to getting access to private communications channels (such as Slack) by leveraging the create-by-email feature of issue trackers/the helpdesk of a company. First target of Init was Gitlab’s Slack channel: Anyone with a valid @gitlab.com e-mail address can join their Slack team. At the same time, GitLab offers …
Continue reading “Ticket Trick: Hacking companies through their helpdesk”
About a year ago it came to my attention that voice assistants such as Siri can lead to easily exploitable security issues. As voice assistants are not aware who is talking to them, it doesn’t matter if it’s you or your neighbour shouting “Unlock the door” at ‘m … Now a team from Zhejiang University …
Continue reading “DolphinAttack: Hacking Voice Assistants with Inaudible Voice Commands”
flex-grow: 9999; hackImagine a flex container (display: flex) with two flex items in a row (flex-direction: row). Item A on the left, and item B on the right. I would like the flex items to be stacked on top of each other when necessary. Item B has to jump onto the second line, if there’s not enough …
Fascinating trick in which one actually reprograms Super Mario World by just playing it to make it start playing the end credits upon triggering a crash: The goal of this run is to trick the game into playing the credits in the first level. It works by using a glitch to allow yoshi to eat …
SkyJack is a drone engineered to autonomously seek out, hack, and wirelessly take over other drones within wifi distance, creating an army of zombie drones under your control. By Samy (yes, the Samy – author of the MySpace Samy Worm and Evercookie) Flying hacker contraption hunts other drones, turns them into zombies →