Spelling suggestions: "subject:"cracking"" "subject:"bracking""
161 |
Investigating Potential Strategies Used by Climate Change Contrarians to Gain Legitimacy in Two Prominent U.S. and Two Prominent U.K. Newspapers from 1988 to 2006Herman, Tess P. 01 June 2021 (has links)
No description available.
|
162 |
Etisk hackning av en smart foderautomat / Ethical hacking of a Smart Automatic Feed DispenserLokrantz, Julia January 2021 (has links)
Sakernas internet (IoT) syftar till det nät av enheter som samlar och delar data över internet. De senaste åren har användandet av konsument-IoT ökat explosionsartat och åtföljts av en ökad oro kring säkerheten i dessa enheter, då många system visat sig ha bristande säkerhetsimplementeringar. Denna studie undersöker säkerheten i en smart foderautomat för husdjur och redogör för ekonomiska orsaker till förekomsten av sårbarheter. Metoden bygger på att hotmodellera foderautomaten med STRIDE- och DREAD-modellerna följt av en penetrationstestningsfas för några av de allvarligaste hoten. Resultatet visar på att foderautomaten Trixie TX9 har otillräcklig kryptering av nätverksnamn och lösenord till Wi-Fi, är sårbar mot flödesattacker och att analys av trafiken till/från enheten kan avgöra vilket tillstånd den är i. Vidare har foderautomaten flera öppna nätverkstjänster, där bland annat en Telnettjänst som kan nås genom svaga, hårdkodade inloggningsuppgifter som finns publicerade på internet. Ekonomiska orsaker till förekomsten av sårbarheter är främst asymmetrisk information och motstridande incitament. Det är idag svårt för tillverkare att ta betalt för säkerhet då marknaden drivs av snabba lanseringar och utökade funktioner till ett pressat pris. / Internet of things (IoT) refers to the web of connected devices that collect and share data through the internet. The use of consumer-IoT has increased dramatically in recent years, accompanying an increasing concern about the security of these devices as many systems have proven to have insufficient security measures. This study aims to investigate the security level of a smart food dispenser for pets, and account for the underlying economic reasons for the occurrences of vulnerabilities. The method used in this study consists of conducting threat modeling of the food dispenser using STRIDE as well as DREAD models. This is then followed by a penetration-testing phase for some of the more serious threats. The results indicate that the food-dispenser Trixie TX9 has insufficient encryption of network names and passwords, is susceptible to flooding-attacks, and analysis of the incoming/outgoing data traffic from the device can deduct which state it is currently in. Furthermore, the food dispenser has several open network services, Telnet is one among them, which can be accessed through weak, hardcoded credentials that are published on the internet. The economic reasons for these security weaknesses are asymmetrical information and misaligned economic incentives. Manufacturers struggle to charge consumers for an increased level of security as the main market driving factors are swift and regular product launches as well as an expansion of new features available at competitively low prices.
|
163 |
Ethical hacking of a Smart Wi-Fi PlugNewton Hedelin, Markus, Samuelsson, Marcus January 2022 (has links)
This bachelor’s thesis paper investigates the security of a smart Wi-Fi plug a power outlet remotely controlled by a smart phone, the Deltaco Smart Home SH-P01. In order to raise the security standards of the numerous new digital products produced every year, the possible security flaws of these devices must be exposed and made official to the general public. Especially since these flaws could be exploited by an adversary. By the means of ethical hacking, this paper aims to contribute with a security assessment of a device with components from a globally leading actor, Tuya. This is done by picking up where a previous study of the same device left off; penetration testing of the smart plug’s Android mobile application and its related cloud service, following the guidelines based on years of previous tests in the field. The final security assessment is that Tuya has made a real effort to securing the smart plug’s systems. The Android app, Tuya Smart, does contain some sensitive information and lacks two-factor authentication, but this did not allow for critical exploits. The cloud is deemed well-protected, and overall, there were no severe security flaws exposed by this investigation. Through more extensive penetration testing and by targeting the device’s firmware, future work could perhaps render an even more substantial assessment. / Det här kandidatexamensarbetet undersöker säkerheten hos ett smart Wi-fi-uttag - ett eluttag som styrs trådlöst av en mobiltelefon, uttaget Deltaco Smart Home SH-P01. För att kunna höja säkerhetsstandarden hos de otaliga nya digitala produkter som produceras varje år, måste de eventuella säkerhetsbristerna inom dessa enheter exponeras och offentliggöras för allmänheten. Framför allt då dessa brister kan utnyttjas av någon med fientlig agenda. Genom användning av etisk hackning är avsikten med denna rapport att bidra med en säkerhetsbedömning av en enhet innehållandes komponenter från en världsledande aktör, Tuya. Utförandet påbörjades där ett tidigare arbete avslutades; med penetrationstestning av det smarta uttagets Android-mobilapplikation och enhetens relaterade molntjänst, utfört i riktlinjer baserat på flera år av tidigare tester inom området. Den slutgiltiga säkerhetsbedömningen är att Tuya verkligen har satsat på säkerheten hos det smarta uttaget. Mobilappen, Tuya Smart, visades innehålla känslig information och saknade två-stegs-autentisering, men detta möjliggjorde inte någon kritisk exploatering. Molntjänsten bedöms vara väl skyddad, och överlag hittades inga allvarliga säkerhetsbrister under undersökningen. Ytterligare mer omfattande penetrationstestning, samt undersökning av enhetens mjukvara, skulle kunna bidra till en ännu mer gedigen säkerhetsbedömning i framtida arbeten.
|
164 |
Utilization of a Programmable Node in a “Black-Box” Controller Area Network in Conjunction with a Serial Gateway to Prototype Control of a P0+P4 Hybrid Architecture on an Existing Conventional PlatformSovey, Gage Stephen 10 November 2022 (has links)
No description available.
|
165 |
Web Penetration testing : Finding and evaluating vulnerabilities in a web page based on C#, .NET and EpiserverLundquist Amir, Ameena, Khudur, Ivan January 2022 (has links)
Today’s society is highly dependent on functional and secure digital resources, to protect users and to deliver different kinds of services. To achieve this, it is important to evaluate the security of such resources, to find vulnerabilities and handle them before they are exploited. This study aimed to see if web applications based on C#, .NET and Episerver had vulnerabilities, by performing different penetration tests and a security audit. The penetration tests utilized were SQL injection, Cross Site Scripting, HTTP request tampering and Directory Traversal attacks. These attacks were performed using Kali Linux and the Burp Suite tool on a specific web application. The results showed that the web application could withstand the penetration tests without disclosing any personal or sensitive information. However, the web application returned many different types of HTTP error status codes, which could potentially reveal areas of interest to a hacker. Furthermore, the security audit showed that it was possible to access the admin page of the web application with nothing more than a username and password. It was also found that having access to the URL of a user’s invoice file was all that was needed to access it. / Dagens samhälle är starkt beroende av funktionella och säkra digitala resurser, för att skydda användare och för att leverera olika typer av tjänster. För att uppnå detta är det viktigt att utvärdera säkerheten för sådana resurser för att hitta sårbarheter och hantera dem innan de utnyttjas. Denna studie syftar till att se om webapplikationer baserade på C#, .NET och Episerver har sårbarheter, genom att utföra olika penetrationstester och genom att göra en säkerhetsgranskning. Penetrationstesterna som användes var SQL-injektion, Cross Site Scripting, HTTP-förfrågningsmanipulering och Directory Traversal-attacker. Dessa attacker utfördes med Kali Linux och Burp Suite-verktygen på en specifik webbapplikation. Resultaten visade att webbapplikationen klarade penetrationstesterna utan att avslöja någon personlig eller känslig information. Webbapplikationen returnerade dock många olika typer av HTTP-felstatuskoder, som potentiellt kan avslöja områden av intresse för en hackare. Vidare visade säkerhetsgranskningen att det var möjligt att komma åt webbapplikationens adminsida med inget annat än ett användarnamn och lösenord. Det visade sig också att allt som behövdes för att komma åt en användares fakturafiler var webbadressen.
|
166 |
L’œuvre Capter les fréquences optiques : une performance sonore ancrée dans la matérialité par le détournement de circuits électroniquesCastonguay, Stephanie 08 1900 (has links)
Mémoire en recherche-création. / Ce mémoire de recherche-création explore le processus de conception et de production menant à la performance audiovisuelle Capter les fréquences optiques. Ce processus repose sur la rétro-ingénierie de dispositifs optiques, tels que des têtes de numériseurs, afin de générer des sons et des images à partir d'objets en proximité des senseurs. Des panneaux solaires sont également détournés de leur fonction habituelle afin de rendre audibles diverses sources lumineuses. Les stratégies d’élaboration dans la création de ces dispositifs de lutherie expérimentale entre en résonances avec la culture du do-it-yourself (le faire par soi-même), caractérisée en partie par le recyclage, l’intégration des résidus et le détournement. Passant par la notion de nostalgie technologique vers la matérialité du bruit et de l’approche critique dans le glitch art, ce texte examine comment la matérialité infuse le processus à travers la réappropriation d’objets électroniques. Par conséquent, l'œuvre met en évidence la façon dont la matérialité des circuits électroniques sert de vecteur d'agentivité, jouant un rôle esthétique et conceptuel crucial tout au long du processus de création, et ce, jusqu'au contexte de la performance. / This research-creation memoir explores the design and production process leading to the audiovisual performance Capturing Light Frequencies. This process relies on the reverse engineering of optical devices, such as scanner heads, to generate sounds and images from objects in proximity to their sensors. Solar panels are also redirected from their usual function to generate sound from various light sources. The strategies employed in these experimental instruments resonate with the do-it-yourself culture, characterized in part by recycling, the integration of residuals and hardware hacking. Examining the notion of technological nostalgia towards the materiality of noise and the critical approach in glitch art, this text examines how materiality infuses the process through the appropriation of electronic circuitry. Consequently, the work highlights how the materiality of electronic circuits serves as a vector of agentivity, playing a crucial aesthetic and conceptual role throughout the creative process, right up to the context of performance.
|
167 |
Auster: A service designed on the context of a surveillance society in an increasingly connected worldKoelemeijer, Dorien January 2015 (has links)
The privacy and surveillance issues that are consequences of the Internet of Things are the motivation and grounding for this thesis project. The Internet of Things (IoT) is a scenarioin which physical objects are able to communicate to each other and the environment, by transferring data over communication networks. The IoT allows technology to become smaller and more ubiquitous, and by being integrated in the environment around us, the world is becoming increasingly connected. Even though these developments will generally make our lives easier and more enjoyable, the Internet of Things also faces some challenges. One of these are the aforementioned privacy and surveillance issues that are the results of transferring sensitive data over communication networks. The aim of this thesis project is therefore to answer, both in a theoretical, as well as in a practical way, the following research question: How can the Internet of Things be more accessible and safe for the everyday user? Accordingly, the Auster online platform, the Auster app and the Data Obfuscation Kit were developed to provide people with the tools and knowledge to construct home automation projects themselves, as an alternative for using applications from governments and corporations alike. The aim is to create a way to endow people with the capability to exploit their talents, realise their visions and share this with a community joining forces. By enabling people to create their own home automation projects, personal data is kept in the user’s possession and the collection of data by governments and companies alike is prevented. Moreover, by giving the control over technology back to the user, creativity and innovation in the field of the Internet of Things in domestic environments are expected to increase.
|
168 |
Autocraft Runners : Anticipating a future of customized physiology and advanced body hacking. Crafting footwear through tissue engineering for enhanced long-distance running.Wolfgang, Laimer January 2024 (has links)
This work explores the fusion of bio-technology and sports footwear design and envisions a future where people enhance their physiology to meet their specific needs. Through tissue engineering, the wearer’s own biomaterials are utilized to optimize performance and customization. It seeks to redefine the enhancement of long-distance running by creating a physical bond between footwear and feet. Based on both design fiction and industrial design, the project speculates on the impact of biotechnological advances. It reflects a curiosity-driven exploration of the human body and its potential transformation. The thesis concludes with reflections on such innovations in footwear design and the role of design fiction in imagining future possibilities. It forms a contribution to Design Ecologies and illustrates the intersection of design, ecology, biology, and fiction, in addressing contemporary challenges.
|
169 |
Eavesdropping Attacks on Modern-Day Connected Vehicles and Their Ramifications / Avlyssningsattacker på moderna uppkopplade bilar och deras följderBakhshiyeva, Afruz, Berefelt, Gabriel January 2022 (has links)
Vehicles today are becoming increasingly more connected. Most cars are equipped with Bluetooth, Wi-Fi and Wi-Fi hotspot capabilities and the ability to connect to the internet via a cellular modem. This increase in connectivity opens up new attack surfaces for hackers to exploit. This paper aims to study the security of three different cars, a Tesla Model 3 (2020), an MG Marvel R (2021) and a Volvo V90 (2017), in regards to three different eavesdropping attacks. The performed attacks were a port scan of the vehicles, a relay attack of the key fobs and a MITM attack. The study discovered some security risks and discrepancies between the vehicles, especially regarding the open ports and the relay attack. This hopefully promotes further discussion on the importance of cybersecurity in connected vehicles. / Bilar idag har blivit alltmer uppkopplade. Idag har de inte bara bluetooth och Wi-Fi funktionalitet utan vissa bilar har förmågan att kopplas till internet via ett mobilt bredband. Denna trend har visats ge bilar nya attackytor som hackare kan utnyttja. Målet med denna studie är att testa säkerheten hos tre olika bilar, Tesla Model 3 (2020), MG Marvel R (2021) och Volvo V90 (2017) med åtanke på tre olika avlyssningsattacker. De attackerna som studien valde var port-skanning på bilen, relä-attack på bilnycklarna och mannen-i-mitten attack. Studien hittar vissa säkerhetsrisker och skillnader mellan de olika bilarna särskilt vid reläattacken och port-skanningen som förhoppningsvis främjar en fortsatt diskussion om cybersäkerhetens vikt för säkrare uppkopplade bilar.
|
170 |
Cyber crime: a comparative law analysisMaat, Sandra Mariana 11 1900 (has links)
The Electronic Communications and Transactions Act, 25 of 2002, eradicated various lacunae that previously existed in respect of cyber crimes. Cyber crimes such as inter alia hacking, rogue code, unauthorised modification of data and denial of service attacks have now been criminalised. Specific criminal provisions in relation to spamming, computer-related fraud and extortion have also been included in the Act. It is argued that theft of incorporeal items such as information has already been recognised in our law, but has not been taken to its logical conclusion in our case law. However, there are instances where neither the common law nor our statutory provisions are applicable and where there is still a need for legislative intervention. The Act sufficiently deals with jurisdiction, the admissibility of data messages, the admissibility of electronic signatures and the regulation of cryptography. Cyber inspectors are a new addition to law enforcement. / Jurisprudence / L. L. M.
|
Page generated in 0.0398 seconds