Blackhat: Breaking audio CAPTCHAs with Winamp

This year’s Blackhat computer security convention started off with a bang. Convention officials told us that a record number of people have registered and there are more than 4000 people attending. Former chief counter-terrorism advisor Richard Clarke gave this year’s keynote, while veteran speaker Dan Kaminsky showcased his hacking knowledge.

Like in previous years, the keynote wasn’t deeply technically, but rather focused on broad security issues in government. Clarke is known for his criticism of the current Bush administration. He believes the United States government and corporations spend much too little on cybersecurity.

Dan Kaminsky has been talking at hacker conventions for several years and is considered to be one of the most entertaining and knowledgeable speakers here. At his Black Ops 2007: Design Reviewing the Web today, he gave his typical stream of consciousness type of talk where he discusses many of the topics he’s currently researching. The most interesting part was about recognizing and defeating audio CAPTCHA’s with Winamp and graphical plotting.

Audio CAPTCHA’s try to weed out Spam scripts from entering in comments or forum posts by forcing humans to recognize the sound of numbers from background noise. Kaminsky claims he is close to making an automated tool that can instantly and accurately cut through the noise and recognize the number.

“That tool is coming out any day now,” Kaminsky said.

Kaminsky is also concerned about Internet service providers secretly replacing ads on web pages. He told the audience that this will become a significant problem in the future and security experts will have to start working on stronger website encryption and integrity protocols.

Use the USB port to charge AA batteries

Moixa Energy has developed rechargeable AA batteries with a twist: the batteries are recharged simply by plugging them into an USB port.

The batteries, called USBCell, do not look different than a regular Ni-MH AA battery at first sight. However, the top part of the device is a cover that not only contains the cathode of the battery, but also, when opened, exposes the USB connector. The battery can be plugged into any USB host to be recharged.

At this time, there are only AA types of the technology available, but the manufacturer promises to follow up with 9V blocks and cellphone batteries in the near future.

The convenience of the recharging process (assumed you have a USB host, such as a notebook) put aside, there are a few downsides. The integration of the USB connector requires a reduction of the electrolyte. As a result, the available capacity is much lower than a typical Ni-MH battery, which are commonly selling in variants ranging from 1400 mah to about 2400 mah. The 1.2 volt AA USBCell provides a maximum of only 1300 mah, which means that it won’t be able to provide as much juice than regular rechargeable AA batteries.

The weight reduction that results from trading electrolyte for a USB connector is marginal: The USBCell weighs about 22 grams compared to the 23 grams of a regular AA battery.

Also, the charging time appears to be quite long, as the manufacturer noted on his webpage that a 90% charge is reached after a charging time of about 320 minutes.

A 2-pack of USBCell batteries is currently selling for just under $17.

Police raid game console modders

Agents from the United States Immigration and Customs (ICE) agency have raided 32 game console modders across several states. The modders sold boards and CDs that allowed gamers to play counterfeit and custom games on popular consoles like the Xbox 360, Nintendo Wii and PlayStation 2.

In a press release, ICE says agents from 22 offices executed search warrants on businesses and homes in 16 states including California, New York, Texas and Illinois this morning. The agency isn’t giving any specifics about the cases or the names of those arrested.

Modding a game console typically requires installing a small board or “mod chip” on the motherboard of the console. The board effectively bypasses BIOS and firmware on the console allowing it to play copied game discs. Early versions of these boards required some soldering and a fair amount of technical know how to install, but recent models don’t use any tools for the installation.

ICE and the Entertainment Software Association claims that billions of dollars are lost annually due to the activities of game console modders. Julie L. Myers, Assistant Secretary of Homeland Security for Immigration and Customs Enforcement said the money earned through mod chip sales help fund other crimes and added, "These crimes cost legitimate businesses billions of dollars annually and facilitate multiple other layers of criminality, such as smuggling, software piracy and money laundering."

Ebay tightens policy on firearms and accessories

The world’s largest online auctioneer will tighten its firearms policy by banning any part that is required for the firing of a gun. EBay’s Trust and Safety department made the changes after the April 2007 shooting tragedy at Virginia Tech which killed 32 people.

The changes will take effect in mid-August and will ban listings for firearm parts like magazines, bullet tips, casings and firing pins. Actual firearms sales have been prohibited on eBay for several years.

Matt Halprin, eBay’s Vice President of Trust & Safety, said that some of the items used by the Virginia Tech shooter, Seung-Hi Cho, were bought on eBay. After the shooting, eBay spokesperson Hani Durzy told the media that Cho purchased several empty pistol magazines from eBay. Magazines can also be easily be bought at many sporting goods stores.

After “much consideration”, Halprin said the company decided to “further restrict more of these items than federal and state regulations require".

Rockstar officially appeals Manhunt 2 ban in UK

Rockstar has officially filed the paperwork to appeal the decision made by a UK regulatory committee to effectively ban the title from going on sale in the country.

On June 19, the British Board of Film and Video Classification (BBFC), the organization in charge of handing out video game age ratings, said it refused to give a rating to the game because it was too violent. Specifically, the BBFC said it contained "sustained and cumulative casual sadism," and criticized its "unremitting bleakness and callousness of tone."

The group gave Rockstar six weeks to appeal the decision, and it has taken that path. Rockstar's parent company Take Two released a statement that reads, "Take-Two Interactive Software, Inc. confirmed today that Rockstar Games has appealed the British Board of Film Classification decision that prohibited the release of any version of Manhunt 2 in Britain."

Gamespot reports that the appeal process works by having Video Appeals Committee chairman John Woods selecting a group of people to sit down and vote on whether the ban should be overturned.

The US equivalent of the BBFC, the Entertainment Software Ratings Board (ESRB), deemed the game required an "Adults Only" rating. This works essentially as the same mark as what the BBFC did, as major retailers do not stock AO games. Nintendo and Sony also do not give licenses to titles with the restrictive rating. The game was planned for a Wii and PS2 release.

Rockstar has said it will do whatever it needs to in order bring the game to the market.

Plusmo dumps mobile widget portfolio on iPhone

Mobile application specialist Plusmo announced today full support for Apple's iPhone, bringing more than 20,000 mobile widgets to the device.

Plusmo is an online community for sharing and downloading mobile phone widgets, including everything from a Google news ticker to a Starbucks store locater. Many widgets on the site are developed by individual users, with help from Plusmo's slate of creation tools.

Plusmo has opened up a specific iPhone site, where users can browse and download widgets directly from their phone.

A vast list of over 20,000 widgets are now available for the iPhone, most of which Plusmo says were independently created. The service was set up mainly because most cell phones have limited Internet capabilities. Even with the much touted full Safari browser on the iPhone, however, some say normal Web surfing is still awkward.

Tech blogger Mike Elgan was quoted as saying, "Plusmo makes text- and photo-based content far mo

43% of Intel’s profits a result of monopoly, AMD claims

A study commissioned by AMD found that virtually all of Intel’s profits are “extractions” from the blue team’s monopoly in the microprocessor market.

AMD fired another salvo at its rival, closely on the heels of the EU indicating that it is taking steps to file antitrust charges against Intel. A study, commissioned by AMD, published today claims that “Intel has extracted monopoly profits from microprocessor sales of more than $60 billion in the period 1996-2006.”

Michael Williams, Director of ERS Group and publisher of the report, also said that consumers and computer manufacturers could save about $81 billion over the next decade, if the microprocessor market were open to competition. The lion’s share of this number $61 billion would fall into the hands of consumers with the rest being savings for manufacturers, which could be used for higher R&D investments that would result in better products and a greater product variety.

Williams said that Intel’s profits are estimates derived from standard financial numbers as well as information necessary to calculate a firm’s economic profits, both of which are available in financial statements publicly available. The model used is based on research conducted by Merton Miller and Franco Modigliani, which is used by more than half the Fortune 1000 firms to analyze their economic performance, AMD said.

In this calculation, ERS found that Intel is likely to have recorded profits of $141.8 billion during the 10 year period. From that number the consulting firm subtracted competitive profits ($54.2 billion), economic profits ($87.7 billion), a portion of economic profits attributed to assumed advantages and then came up with estimated monopoly profits of $60.1 billion.

Estimates aside, we have spent some time this morning and went back ten years to dig up financial reports and numbers as they were available:

There is no surprise that over the course of the decade, Intel made a killing in terms of net profits, while AMD came up with a bottom line loss. Intel’s profits totaled about $68 billion for the period, while AMD had to swallow a loss of $616 million.

While Intel recorded annual profits of at least 1.3 billion during the period, AMD was able to hit the black only four times, with record earnings of 983 million in 2000. In those years, Intel’s profit advantage was at least 11x (2000) and as high as 53x (2005).

Intel has not commented on Williams’ report.

Sony calls for recall of 416,000 cameras

Sony has announced a recall for as many as 416,000 digital cameras because a defect in the manufacturing could cause injuries.

According to statements made by Sony, the affected camera, the Cyber Shot DSC-T5, has a problem with the bottom casing. The defect causes the casing to warp, creating jagged edges that could scratch the user's hands.

Around 350,000 of the cameras were sold in the US, Europe, and China, according to Sony spokesperson Ryoko Takagi. Additionally, around 66,000 were sold in Japan.

The camera, which first went on sale in September 2005, received dozens of complaints from consumers, mainly in Japan, citing the warped casing, which resulted in small cuts and bruises, said Takagi.

Owners of the Cyber Shot DSC-T5 may send in the camera to have the bottom casing replaced at no cost.

New Timex watch doubles as iPod remote

Timex today announced a new sports watch that can wirelessly communicate with a nearby iPod, allowing remote control of the digital music player.

The iControl watch, part of Timex's Ironman line, can be programmed to sync with the user's iPod. The watch has specific iPod buttons, including play/pause, volume up/down, and skip forward/back.

The watch can also sync with an iPhone to offer the same functionality, but only if the cell phone transmitter is turned off.

With the Ironman distinction as well, the iControl watch has several running and training applications built in, including workout log, endurance training timers, and 50-lap memory recall.

Additionally, the watch has storage for three customizable alarm times for different days of the week, a countdown timer, and Indiglo backlighting. Timex says its built-in battery has a life of three years.

Given an official seal of approval by Apple, the watch comes in different color choices of gray/black, pink/blue, and orange/green. It is available now at an MSRP of $125.