I’m finally getting some decent results producing 100%-edible iridescent tempered chocolate. The colors are from the chocolate (not any ingredient or coating) diffracting light after being forcefully molded onto a diffraction grating in vacuum.
I've released NAT Slipstreaming, a spooky new technique that allows an attacker to remotely access any TCP/UDP service bound to a victim machine, bypassing the victim’s NAT/firewall, just by the victim visiting a website. Happy Halloween!
As a high school dropout, I often struggle comprehending mathematical formulas from academic papers (aka numbers combined with squiggly lines). This github just explained so much to me:
I've developed a new technique for bypassing firewalls/NATs and producing full TCP/UDP session to targeted user. Anyone have RCE for a service that's typically only run behind NATs (eg desktop software like Sonos, Spotify, Dropbox, etc which bind to *) and want to merge projects?
I've released webscan, a browser-based internal network scanner that detects victim's LAN IP (loops back via WebRTC) & other network hosts just by visiting a page. Can be chained w/NAT Slipstreaming+other attacks; works on mobile; no TURN/STUN/ICE needed.
Sniff network traffic from your iOS device, no jailbreak necessary! Just plug into your mac and run: system_profiler SPUSBDataType|perl -0 -ne'/iP(?:hone|ad):.*?Serial Number: (\S+)/s?`rvictl -s $1`:0' ; sudo tcpdump -i rvi0 # standard tcpdump options/filters apply
This is so deceptive. When you "disable" WiFi and Bluetooth in iOS Control Center and they gray out, they're technically still enabled. Even with Airplane Mode on, your device continues to transmit and your name can even be discovered nearby via AirDrop!
Very cool, macOS now prevents (current) USBdriveby/Rubber Ducky attacks where USB device emulates keyboard to take control of system just by plugging in. I suspect this can be defeated by simulating a USB hub+mirrored monitor over USB, screen scraping to extract code, then typing
I've released frisky, a tiny collection of info, iOS tools for jailbreaking, examples of techniques to sniff/alter/reverse/inject code into closed-source mobile apps, etc, based off of the incredible work from
@fridadotre
and others.
@risknc
Yup, hard sugar candies would work really well and is an easier process. Much more common to see neat optical properties in those; chocolate just seemed more unique and ultimately was a much more challenging process (for me :)
I've drawn out the Contact Tracing spec (crypto/BLE/device/server) as it stands today from Apple & Google. Interesting way to anonymize+prevent tracking of users every 10mins until user opts-in to reveal themselves over past 14 days. Chart w/links avail @
This is crazy. Australia banned & censors The Anarchist Cookbook, a book I grew up learning electronic attacks, surveillance techniques, and methods of detecting surveillance tools. I've published it at . I will leave it up unless any legal copyright claim.
Uber created a software upgrade (Android) using the signal to noise ratio of GNSS (including GPS) signals in conjunction with 3D maps to improve location accuracy in urban areas, like determining side of street from a weak, reflected signal off a building.
@L_AGalloway
I saw 3D printing on diffraction grating a while back, tried it, worked really well (very poor print, but the effect worked well - black PLA). Thought it would be cool to do with food!
Created insulated ice tray to make clear ice via directional freezing. Ice freezes clear until water has no where to go/expand so insulating allows it to freeze top down while reservoir below the silicone tray w/holes becomes the cloudy portion, vs normal tray freezing outside in
Had opportunity to collab w/
@gregoryvish
&
@BenSeri87
of
@ArmisSecurity
, releasing NAT Slipstreaming v2, an upgraded technique that allows attacker to remotely access any TCP port bound to *any system* behind victim's NAT just by victim visiting a website.
Old fashioned + maraschino cherry spheres that explode in your mouth! I've improved & sped up the reverse spherification process by using cryobath (dry ice + ethanol) to freeze the alcoholic shots, pull vacuum on alginate bath to remove bubbles in minutes & sweetened the alginate
@cybergibbons
Simple tool I wrote for comparing binary strings between each other, as well as against other groups of binary strings. Used primarily in proprietary protocol research
Get your NAND game on. Build a 16-bit computer starting from just NAND gates (which in reality you can build from just two relays) in this online game:
Circuit Coder was an absolutely awesome iOS game that gamified and taught building circuits and logic components from scratch. It's no longer available. Does anyone know the author(s) from Tricycle Design HB? I'd like to help get it back up.
First time successfully evaporating aluminum in home built vacuum chamber! Test coated acrylic disc as a mirror. Now to get reflectivity/transmission measurement going in vacuum to build controlled beamsplitters for single-photon experiment similar to Elitzur–Vaidman bomb tester
Built a Raman spectrometer for chemical analysis based on the awesome
@openraman
project; new optical breadboard design w/performant components to augment more + quick alignment. Exciting to "see" light change color via Raman scattering! Example acetone spectra vs public db's
Got an NFC continuous glucose monitor out of curiosity to see how food (read: pints of Ben & Jerry's Half Baked) affects my glucose & if linked to mood/energy/hangry. Swapped the sensor, Abbott Freestyle Libre CGM, last night and did a quick teardown and X-ray. IC: RF430TAL152H
v1 of my design of a mechanical Wimshurst high voltage electrostatic generator. No magnets. Instead of Leyden jars, a single aluminum sheet in the base acts as a capacitor plate to 2 plates in the sides. Sides detach to move the 10s of kilovolts of charge to other HV projects.
@matthew_d_green
In addition to phones tracking routers! When I first reverse engineered iOS, Android & Windows (RIP) in 2011, they all sent wifi MACs+RSSI strength of all nearby routers+GPS to parent companies correlating routers to location. iOS sent cell tower+MACs even w/Location Services off
Had a lot of fun on
@WIRED
's "5 Levels" discussing hacking, its various techniques, and some underlying principles, with increasing levels of complexity from a child (Level 1) to an expert (Boss Level,
@colinoflynn
)
Blow out an LED!
@hackaday
just ran article on blowing out an LED with a resistor & microcontroller. You can get rid of the resistor and just use internal pullup! Temperature affects diode (LED) voltage drop, thus measurable by the MCU's ADC across pullup.
@LoialOtter
I didn't get as much optical vibrance without the vacuum chamber. My guess is that air was being trapped in the rulings between the grating and chocolate, but this is just a guess. Yup, tempered with 2/3rds at 41-45°C, mixed other 1/3rd in till reached 30°C, then cast
Life tip. When waiting for your flight and watching your phone to see if departure time is close, make sure you’re not staring at a screenshot from an hour ago.
Cool to see Lenz's law in action w/o enveloping the magnet. I cut away part of a copper tube for full view of Neo the magnet on its journey as it induces current in the conductive partial-tube (Henry/Faraday) which in turn generates a magnetic field (Oersted), opposing Neo here
Amazing work from
@axi0mX
with first iPhone bootrom exploit since 2010. Sets stage for permanent and *unpatchable* jailbreak, affects iPhone 4S through X (A5-11).
Amazing YouTube channel from Michel van Biezen with playlists teaching various areas of math, physics, mechanical engineering, chemistry, astronomy, and more! It's so good.
You enter password to decrypt email (PGP w/RSA). CPU instructions executed based on the key, diff instructions = diff power. Power delivered to capacitors+inductors produce electro+magnetostrictive+piezoelectric effects, Lorentz force, others. Components vibrate the key under EM!
Making liquid nitrogen @ home by extracting nitrogen from air (adsorbing O2) & pumping into cryocooler (~77K!) extracted from superconducting RF filter. Next up, liquid cooling the cryocooler to remove (loud) fan and producing pressure swing adsorption system to run indefinitely
@gsuberland
If refrigerated, it persists. I'm guessing it will melt away at room temp somewhat quick, but longer now that I'm tempering it. That image is from chocolate that was in the fridge for a few days.
@femtoduino
I actually think that's a great question...not everyone will like it, but that may be a good filter to find a place where respectful debate/challenge is accepted despite hierarchy (though I would answer their question first)
@atomicthumbs
Do you know which is the most common device going into this recycle mode? I'd like to purchase a non-recycled one and investigate liberation from recycle mode.
Older versions of iOS are (accidentally?) currently signed by Apple, meaning you can *downgrade* for the first time! if you want to jailbreak, downgrade to a jailbreakable version right now!
Is anyone familiar with tools to perform out-of-band snooping+modification of AV signals for HDMI? Seems like it would be an effective game cheat tactic, eg adding improved/assisted zoom on weapons, improved contrast, HUD locating surround-sound sonic signatures of footsteps, etc
I want a book-reading vid-chat group where you jump in/out @ any time to read quietly near others. Host always playing lofi hip hop, can be muted/unmuted, and you'd just hear people flipping through pages/(dry)coughing. Take a break in the text chat to share your book/chit-chat.
I want a `DT` (Do Track) HTTP header. If I'm using the browser where I *do* want cookies, I don't want to click 'Accept cookies' from the legit sites I visit. I'm really over those popups as "malicious" trackers will track you regardless via fingerprinting, evercookie, etc
Cool to see how simple the mechanism of a rotary vane vacuum pump is & that there’s no such thing as “sucking”. As rotor+spring loaded vanes turn, one side volume increases/pressure lowers. Inlet wants to equalize pressure so air rushes in then gets compressed/pushed out exhaust.
@annewils0n
@PlanetaryPiggy
I couldn't tell it was any different on my tongue. I licked the grating just now & also can't tell it's any diff from non-ruled side. Only way I can tell which side is which is by rubbing finger to produce squeak sound. Gratings are ~2µm. Wonder how the freq of sound is related?
Whoa, nondestructive detection of single photons (QND)! Can this break BB84 quantum crypto protocol? Polarizing beamsplitter->45˚ PBS @ outputs->QND (det|refl)ectors @ outputs; recover *both* basis states based on detector! Going to need a bigger kitchen.
Best starting word for Wordle is "ALTER", tested by getting most used letters in its dictionary, finding word w/each unique letter & most letters in most likely positions: curl |perl -ne'/=\[".*?\]/;$.{$_}++for$&=~/\w/g;print+(sort{$.{$b}-$.{$a}}%.)[0..5]'
Very cool, Arduino has a yield() function built into delay -- if you overload yield() with your own function, it will run *during* delay()s without need for interrupts or any other code changes!
There was a petition to make "hella" an official SI unit prefix for 10^27. The International Bureau of Weights and Measures were not impressed, but Google and Wolfram Alpha adopted this useful multiple.
Whoa, I just created a free
@ComedyCentral
account with a never-before-used email in a private browser window, and it showed me a CNC milling machine advertisement (I have two CNCs) which they'd never show a generic audience. Thoughts on how? Only IP address seems reasonable...