Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Submission + - Your C# Executables: Now Even More Unsafe (imgur.com) 2

Redmancometh writes: So I have made hacks for a few semi-popular games that involve C#. Recently I discovered a library called mono.cecil which made ILcode manipulation relatively painless. After discovering this I put a bit of my infosec background to use. So...I used it to make an application that allows the injection of "agent" dlls into a bytecode assembly (exe or dll.)

Features currently available
: — Search directories for .net assemblies. Filter for .exe/.dll and whether or not to search recursively.
  — Get assembly of running process and determine if it's .net. If so, add to file list
  — Specify entry point for "jumpMethod()" instructions in C# dll assemblies from the GUI. This guarantees you can hook something that you know will be called.
  — Can completely replace entry point method if the option is specified
  — Can inject code from specified agent into all constructors in target assembly. Separate methods in agent correspond to instructions inserted at top/bottom of constructors respectively.
- Can inject code from specified agent into all methods of target assembly. Separate methods in agent correspond to instructions inserted at top/bottom of methods respectively...No checkbox yet, just an argument. I'll add the checkbox when methods can be hooked via select-able BindingFlag filters

Here are some photos:
http://imgur.com/a/QA5Hh
http://imgur.com/a/ajfQm
The good:
      — A means of instrumentation in C#. The ability to fully interact with the code causing you problems...at runtime.
      — The ability to deploy patches to 3rd party C# applications extremely easily.
      — Very few pieces of malware written in C# are "stealthy"
      — C# has authentication checks when accessing fol
The Bad:
    — I can cheat in all your .net games.
    — It can search specifically for .net assemblies, or the assemblies of chosen processes, and inject .net code into them. This could be used maliciously..and make injected code quite hard to remove.

So you know, never trust a .net binary again. I'll be releasing the application once it's 100% done. Currently it works with about ~90% of C# assemblies with a pretty significant agent payload. Let me know what you guys think, and let me know if you have any ideas. I'll be releasing the first version in the next week or so.

NASA

Submission + - NASA tool shows where forest is being cut down (mongabay.com)

terrancem writes: A new tool developed by NASA and other researchers shows where forest is being chopped down on a quarterly basis. The global forest disturbance alert system (GloF-DAS) is based on comparison of MODIS global vegetation index images at the exact same time period each year in consecutive years. GloF-DAS could help users detect deforestation shortly after it occurs, offering the potential to take measures to investigate clearing before it expands.
Space

Submission + - Was Earth a Migratory Planet? (discovery.com)

astroengine writes: "Why our planet isn't a "snowball Earth" — a dilemma called the "faint young sun paradox" — has foxed solar and planetary scientists for decades. Since the Earth's formation, a planet covered in ice should have stifled any kind of greenhouse effect, preventing our atmosphere from warming up and maintaining water in a liquid state. Now, David Minton of Purdue University has come up with a novel solution that, by his own admission, straddles science fact and fiction. Perhaps Earth evolved closer to the Sun and through some gravitational effect, it was pushed to a higher orbit as the Sun grew hotter. But watch out, if this is true, planetary chaos awaits."
Hardware

Submission + - Physicists detect elusive orbiton by 'splitting' electron (nature.com)

ananyo writes: Condensed-matter physicists have managed to detect the third constituent of an electron — its 'orbiton'.
Isolated electrons cannot be split into smaller components, earning them the designation of a fundamental particle. But in the 1980s, physicists predicted that electrons in a one-dimensional chain of atoms could be split into three quasiparticles: a ‘holon’ carrying the electron’s charge, a ‘spinon’ carrying its spin and an ‘orbiton’ carrying its orbital location.
In 1996, physicists split an electron into a holon and spinon. Now, van den Brink and his colleagues have broken an electron into an orbiton and a spinon (abstract).
Orbitons could also aid the quest to build a quantum computer — one stumbling block has been that quantum effects are typically destroyed before calculations can be performed. But as orbital transitions are extremely fast, encoding information in orbitons could be one way to overcome that hurdle.

Submission + - Ask Slashdot: How Would Room Temperature Superconductors Impact Society? 3

Bananatree3 writes: While we have sci-fi visions of room temperature superconductors like in the movie Avatar, the question still remains: How would the discovery of a such a material impact our everyday lives? How would the nature of warfare change? How would the global economy react? What are the cultural pros and cons of such a technological shift?
NASA

Submission + - Going to Mars for 500,000 with SpaceX (tech-stew.com)

techfun89 writes: SpaceX CEO, California entrepreneur, Elon Musk believes he can get the cost of a round trip to Mars to around a half million dollars and has worked out how to do it and possibly get there by 2018. He says that he will reveal these details later this year or early 2013.

SpaceX is one of NASA's key private commercial partners, one that will be pivotal in getting our astronauts to and from the International Space Station (ISS) in years to come. They expect to give a full demonstration of going to ISS next month. To do so they use the Falcon 9 launcher and Dragon vessel.

Musk envisions re-fueling on Mars though a fulling re-usable system, a key ingredient on a Mars trip, so you don't carry unnecessary fuel and weight. A reusable system will keep the costs down. He goes on to say that ultimately such a trip could even be made by the average person with some savings.

Musk goes on to state that such a figure is half a million dollars and unlikely to be the opening price, but one after 10 years or so.

NASA

Submission + - Mystery Rising Within Mercury (discovery.com)

astroengine writes: "Something besides volcanic eruptions and asteroid and comet impacts has sculpted the surface of Mercury — an unknown process, possibly still going on today, that causes the ground to swell from the inside out. The evidence, collected by NASA's MESSENGER spacecraft currently orbiting the innermost planet, is scattered all over Mercury, including a dramatic finding that half of the floor of the biggest crater on the planet has been raised above the walls.

The MESSENGER's team findings were announced at the Lunar and Planetary Science Conference in Houston on Wednesday and will be published in this week's Science."

Earth

Yellowstone Supervolcano Larger Than First Thought 451

drewtheman writes "New studies of the plumbing that feeds the Yellowstone supervolcano in Wyoming's Yellowstone National Park shows the plume and the magma chamber under the volcano are larger than first thought and contradicts claims that only shallow hot rock exists. University of Utah research professor of geophysics Robert Smith led four separate studies that verify a plume of hot and molten rock at least 410 miles deep that rises at an angle from the northwest."
Security

Submission + - ATM Machines Increasing Attractive to Hackers

Hugh Pickens writes: "Ken Munro writes in SC Magzine that in England, at least, used versions of ATM Machines can be bought on the open market for trivial amounts, they're poorly secured and cache card data locally. "We found a used one for £400, the ‘1.5%' fee type, complete with keys, instructions and credentials to hook it up to a service provider," writes Munro. "Playing around with the admin interface, it didn't take long to convince the machine to dump a list of all the card numbers it had cached – over 200 of them. Too easy. It also held detailed logs of the amounts of cash requested, and whether the transaction was successful or not. It looked to us as if this machine had been used to test out the validity of stolen cards, as a significant proportion of the failed transactions were for significant amounts." In the US there are plenty of used machines available on ebay and Munro says that there's little to stop anyone placing ‘back-doored' ATMs anywhere he wants including the foyer at the Defcon hacking conference in Las Vegas where several delegates fell for it. "I for one won't be using standalone ATMs," concludes Munro. "Even cash machines physically located in banks, however, have had skimmers installed in the past. I guess I'll have to buy everything online in future; it's safer...""

Slashdot Top Deals

At the source of every error which is blamed on the computer you will find at least two human errors, including the error of blaming it on the computer.

Working...