Another three months have passed and so it is time to once again review my favorite magazine – 2600 The Hacker Quarterly. I have been an avid fan of this magazine for a number of years now. Sadly, this year there was a lengthy gap between its spring and summer issue. Though HOPE 2020 was at least saved. The latter became an online event whose videos I am now watching from a USB-stick. While SciFiEmpire.net focuses mainly on, as you guessed, science-fiction, I do cover topics at least related to it. And so, it is with cybersecurity, or in this case phone-phreaking, phishing with QR-codes and creating innovative viruses. With everybody suffering from a lockdown during Christmas it is good to know you can keep busy and productive. Exploring these topics ‘legally’ will ensure 2021 will be a better year for privacy and cybersecurity.
My favorite article in this issue is “QR Chaos” by Edward Miro A.K.A. c1ph0r. Edward teaches cybersecurity at a community college in California. He decided to test the readiness of people to scan random QR codes. Edward did nothing nefarious when they did, he just logged a timestamp, geolocation, browser and device used. In this article he describes the steps needed to create the QR codes and the website that would keep track of which codes were used. Sadly, 42 percent of the codes placed were used. That is a very high number considering the QR code contained a link to an unknown website. Edward stresses some mistakes he made which invalidates any scientific result, but the reader has gleaned more than enough details to replicate his work. Edward recommends several remedies: don’t scan QR codes, check if the code is a sticker or use a security-centric QR scanning app.
Viruses, Worms and Rootkits
Another very interesting article is entitled “Make Viri Great Again” by Israel. In this article the author laments the demise of vxheavens, a website used for the creation and tracking of computer viruses. The author explains the differences between viruses and rootkits and what exactly their purposes are. Israel makes it clear it remains necessary to understand their functioning, methods at evading detection and evolution to continue to arm against them. The author illustrates the creation of viruses using example code. He considers C and Assembly the only viable programming languages to do so as Python and Bash won’t allow the virus to mutate. Compiler flags are explained and how they are used to ensure proper evasion. There is a lot of material in this article, but it is highly intriguing. I will probably use it a jump-off point for my own study on this topic.
Finally, I want to point the article “Hacking Rotary Dials” by yeat in which the author explain the working of a classic rotary dial phone. On paper these phones can still be used if connected to a DSL router. The author instead connects it to an Arduino to read what the switches are doing – fascinating. Overall, this is a very successful edition of the 2600 The Hacker Quarterly. Kudos to its staff led by Emmanuel Goldstein. Though I think these were the best articles there is plenty more to entertain any hacker through the Christmas period. On a side note, there is an advertisement in this edition for the rC3 Remote Chaos Experience, an online hacker event set for December 27th to 30th. It will be organized by the German Chaos Computer Club though subtitles are being worked on.
Get a subscription to 2600 The Hacker Quarterly
That was it. I hope you enjoyed this short review and hopefully you will decide to pick up the digital edition for just $5. You can also purchase the print issue subscription for $29 or $41 if you overseas from the US or Canada.