Purpose

Dedicated to helping people make themselves safe and their Homes harder targets,...or when James Bond meets Soccer Mom




Thursday, May 21, 2015

WARNING: Is your Starbucks morning coffee putting your bank balance at risk from THIEVES?





THIEVES are draining money from credit cards, PayPal and bank accounts using the Starbucks mobile app.

Starbucks chief digital officer Adam Brotman demonstrating mobile order and pay Cyber-criminals are reportedly draining up to "three figure sums" from the bank accounts of Starbucks customers who use the Apple iPhone, iPad and Android app.

Hackers are using 'vulnerable' Starbucks accounts to gain access to the coffee drinkers' bank accounts.

The thieves issued gift cards to themselves once they had successfully gained access via the website.

Occasionally, Starbucks receives reports from customers of unauthorized activity on their online account Starbucks statement Starbucks' auto-refill feature automatically draws more money from the customers' bank once the in-app funds are depleted.

Hackers would change the username and password to the app to lock customers out while the theft was taking place.

Starbucks is hugely popular. Its mobile app now accounts for one in every six transactions in US outlets.

Jean Obando, of Texas had $550 drained using his Starbucks app – which was linked to a PayPal account – he told CNN.

Starbucks issued a statement on their website about the incidents.

"News reports that the Starbucks mobile app has been hacked are false," it posted.

"Occasionally, Starbucks receives reports from customers of unauthorized activity on their online account.

"This is primarily caused when criminals obtain reused names and passwords from other sites and attempt to apply that information to Starbucks.

"To protect their security, customers are encouraged to use different user names and passwords for different sites, especially those that keep financial information."

Starbucks came under fire in January after a security vulnerability allowed app passwords to be stolen.

The Seattle firm has since issued an update which fixed the issue.

Express.co.uk reached out to Starbucks about the issue.

The company said it was unaware of any UK customers being affected by the hack.

[Source: GETTY]

Friday, May 15, 2015

This Little 3-D Printed Robot Cracks Combination Locks in 30 Seconds



 
Careful what you leave in your lockers, high school students and gym-goers. An invasion of 3-D printed robots may be coming, capable of popping one of the world’s most ubiquitous brands of combination locks in as little as half a minute.

On Thursday, well-known hacker Samy Kamkar published on his website the blueprint and software code for a 3-D-printable Arduino-based lock-opening robot he calls the “Combo Breaker.” Attach it to any of millions of Master Lock combination locks, turn it on, and it can take advantage of a Master Lock security vulnerability Kamkar recently discovered to open the lock in a maximum of five minutes with no human interaction. “The machine pretty much brute-forces the lock for you,” says Kamkar. “You attach it, leave it, and it does its thing.”

In fact, the Combo Breaker is programmed to do far better than a mere brute-force attack. It takes advantage of a mathematical trick Kamkar revealed last month that allows anyone—with a little practice—to find the combination of a low-end Master Lock combination lock in only eight tries. That technique takes advantage of a manufacturing flaw: when the U-shaped shackle of one those combination locks is pulled while its rotor is turned, the cracker can feel resistance on certain numbers that help to reveal the position of the “combination disks” that determine the combination that opens the lock. 

In combination with some restrictions in possible combinations that Kamkar mathematically deciphered and encoded in a web-based tool, Kamkar exploited that information leak to cut out all but a few possible combinations. The resulting manual technique is easy enough—writers at Ars Technica who tested it, for instance, were mostly able to pull it off after a couple of tries.

The Combo Breaker goes even further, automating the process with zero skill or practice required from the user. But a Master Lock cracker willing to learn just one step in the process can also give the Combo Breaker a manual head start by merely turning a target lock’s rotor while tugging the shackle to find the first number that offers resistance and starting the robot at that position. Doing that, Kamkar says, enables his device to then crack a Master Lock combination in just 30 seconds. “Without doing any work, this can open the lock entirely automatically in 80 combinations,” Kamkar explains. “If you do that one little test first, it can crack the lock in eight combinations or less.”

[source: Andy Greenberg, Wired May 14, 2015]

You may want to stay away from combo and cheap locks!
 

Wednesday, May 6, 2015

How to Open a Combo Lock Hack

 


Here is a video that shows how easy it is to open a combination lock when you do not have the combination. There are even other ways of doing it without a program. So if you are concerned with the safety your items, I would opt for keyed lock rather than the combo lock.

Make sure the keyed lock can not be picked with flat shims. A good lock is one that the Army uses and its the series 200 locks. There is a preventive measure used to keep from pushing a shim down the sides of the shackle that releases the locking mechanism.