The 5 Coolest Hacks of '07

ancientribe writes "Nothing was sacred to hackers in '07 — not cars, not truckers, and not even the stock exchange. Dark Reading reviews five hacks that went after everyday things we take for granted even more than our PC's — our car navigation system, a trucker's freight, WiFi connections, iPhone, and (gulp) the electronic financial trading systems that record our stock purchases and other online transactions."

Financial systems? Nothing new there

[mcsqueak]

This isn't quite a real "hack", but more of a "social hack" if you will.

In 1967 Abbie Hoffman and a group of protesters thew fake money onto the floor of the NYSE (it wasn't blocked by glass back then). Trading on the floor *actually stopped* while traders scrambled around trying to collect the money. Kinda ironic that they'd stop to do that, considering how much more they were actually making doing their real trading. Wikipedia has a little bit on it: http://en.wikipedia.org/wiki/Abbie_Hoffman [wikipedia.org]. I don't really know much about Hoffman, but I found the story very amusing myself.

3. Eighteen-wheelers

[FudRucker]

when i drove an 18 wheeler i hauled a some very expensive loads, once i picked up a load of Macintosh computers from Apple's Sacramento's warehouse and hauled them to Omaha Nebraska, another time i picked up wine (the kind you can drink) in several locations in northern California and hauled them to Little Rock Arkansas, thats just two examples, the Macs were the most expensive, (i bet there were close to half a million dollars worth of freight in Macs) when Apple was loading those Macs they told me to only stop at well lighted truck stops & stay away from roadside rest areas and given me a designated route along with the bill of lading...

Number one is FUD

[mi]

RDS-TMC provides broadcasts on traffic conditions, accidents, and detours for the driver. It's main weakness: It doesn't authenticate where the traffic comes from, the researchers say. That leaves the door wide open for a bad guy to reroute drivers to a detour, or to overwhelm it with a DDOS, killing the navigation system as well as its climate-control system and stereo. [...] There's not much you can do until it's too late and your AC and stereo are out, and you're sitting on a hot and dusty, deserted road nowhere near Starbucks.

Uhm, bullshit. The worst this attack can do is to either

1. shut the electronics down completely — in which case you'll know, something is wrong long before the last Starbucks is out of sight
2. fool your GPS into believing, there is some sort of interference (accident, jam) ahead, which will simply cause the device to pick an alternate (and sub-optimal) route. You will not be lost, you'll just arrive later.

In neither case does Kelly's mother need to be concerned with "how a hacker could redirect her brand-new car navigation system to a deserted dead end street far from her intended destination." For that one needs to be able to pretend to be a group of satellites. This possibility the article does not cover — either due to the (mentioned) lack of imagination (on behalf of the author itself), or because it is not really possible (because Pentagon's designers of the system thought about it first, maybe).

Re:3. Eighteen-wheelers

[lufo]

When my flatmate bought his new iMac, they told him they really didn't know the date the truck would be ready for delivery, because Apple didn't tell even them (the store staff) the exact date the truck was arriving.

Re:3. Eighteen-wheelers

[gyrogeerloose]

Former long-haul Big Truck driver here, too (I still drive one locally on occasion), and I often carried high-value loads. One time I hauled a load of cell phones from Texas to California and Motorola paid to have a pair of former FBI agents in a black Lincoln Towncar tail me the entire way. I was driving as part of a team then so there were no stops except for fuel. I was put off by the idea it at first--what, you don't trust me?--but after a while, it made me feel safe. That long stretch of two-lane between Ft. Worth and Amarillo seems pretty remote at 0200...

Re:GPS

[GrEmLiN76X]

Yeah.. about that..

Didn't someone follow their GPS into a river or something recently?

Oh, maybe I'm thinking of the trucker who followed his GPS into a low bridge on a two-lane parkway that's for non-commercial vehicles only. People need to not rely so much on technology. (Especially while operating a motor vehicle which could potentially kill someone or cause damage to things..)

Re:Financial systems? Nothing new there

[Dun Malg]

This isn't quite a real "hack", but more of a "social hack" if you will.

In 1967 Abbie Hoffman and a group of protesters thew fake money onto the floor of the NYSE (it wasn't blocked by glass back then). Trading on the floor *actually stopped* while traders scrambled around trying to collect the money. Kinda ironic that they'd stop to do that, considering how much more they were actually making doing their real trading. Wikipedia has a little bit on it: http://en.wikipedia.org/wiki/Abbie_Hoffman [wikipedia.org]. I don't really know much about Hoffman, but I found the story very amusing myself.

Eh. I think AH was a really sharp and entertaining dude, but the irony everyone thinks they see there, isn't actually there. Hoffman was making a political statement, that stock trading was just a bunch of money grubbing. Really, those schulbs working the floor trading all those stocks were trading for other people. They weren't all millionaire stock holders. There's no irony behind a $8K/yr floor trader who lives in a fifth floor walk-up studio apartment grabbing at dollar bills in 1967. Five bucks in 1967 was a month of lunches at the hot dog cart outside.

Re:GPS

[iocat]

My favorite GPS story was driving cross-country with a friend a few years ago. I was like "we should get Burger King." He was like "there's no Burger King around here. The closest place is a taco bell about 2.1 miles to our east." I was like "let's get Burger King" and he was like "I told you, there's no Burger King around here!" and I was like "Look up" so he did, and realized we were across the street from a Burger King. HAHAHA

GPS is better than a google map, becuase if you mess up there's some ability to recover, but it pales in comparison to actually being able to read a real map, or know your way around someplace. I love maps, and I like my GPS ok, but mostly because I like feeling superior when it's wrong.

I thought this was a cool hack

[Anonymous Coward]

Spotted in Sydney and posted to youtube:

http://www.youtube.com/watch?v=ECoA8pi9Rmk [youtube.com]

A road-side advisory sign.

Re:GPS

[rmerry72]

GPSs foster insecurity and the inability to think analytically.

Mate you nailed it. I was once asked for directions to the nearest fast food joint, which was a couple of hundred metres down the main road and then right at the lights before the freeway. Easy peasy, right? No, not at all, the conversation followed along the lines of

• "Hang on , what was that street? I've got GPS so it will tell me"
  "It's literally just left then right at the lights"
  "no, wait, my nav doesn't recognise the name. Can you spell it for me?"
  "i think its called - wait - Dude, turn left, drive 200 m, then right at the lights!
  "Did you say Heathcote Rd?"

Then I drove off and left her standing there. Wonder if she found it? shrug!

Re:Financial systems? Nothing new there

[hughk]

I know more than a little about this. Traditionally exchange members have used leased data circuits between them and the exchange. This gives predictable performance, particularly around price delivery and execution time. However leased circuits remain expensive. These days an institution tends to be a member of multiple exchanges. They will continue to use circuits for the markets where they execute at high volume but for other markets they may typically use an Internet connection and FIX. The older exchanges tend to use closed protocols and some at least have session authentication and encryption. Newer exchanges, typically alternate trading facilities such as Chi-X and so on have moved to FIX with its attendant problems. Although fixed links are more predictable, they also require at least doubling up because they can fail. The difference between the fixed link and the Internet is that you only need redundancy as far as your ISPs rather than the entire journey.

The real problem starts when I'm a smaller broker in NY and somebody asks me to buy some NOK (Nokia) shares. These are listed in the US on the NYSE and Europe. Maybe Europe offers a better price at the volume my customer wants so I need to get the order over to XETRA (a Frankfurt based trading system). The way they do it is to contact a broker in Europe and pass the order onto them for execution. Your link with that broker is via the Internet and the FIX protocol. When you only issue a couple of orders a week, you are not going to pay for your own link to XETRA or even to the XETRA member.

Yes, I am aware of the world of pain around the trading links and sensible banks/brokers will carefully build the interconnected systems in a DMZ. Most FIX engines are closed source but there is at least one that is truely open. A good institution will use VPN or STUNNEL to establish their links, but many don't.

Re:GPS

[rikkards]

I concur. I found that was happening when I used to wear digital (numbered) watches. After about 10 years of pure digital, I ended up getting a nicer dress watch which had hands, I realized it took me about 5 seconds to remember how to read time. Since then I have only had watches with hands on it. Even though I always have a cell phone which will tell me the time, I find I feel naked without a watch.

Hack, schmack

[sm62704]

I used to be a gay hacker. Then they changed the meanings of all the words, now I'm a happey equipment modifier. No, I'm heterosexual but they changed the meaning of "gay" from "happy and carefree" to "homosexual" and changed the meaning of "hacker" from "someone who writes quick-and-dirty but functional code, or modifies equipment" to "an electronic burglar".

I was incredibly disappointed with the article (RTFA? I must be new here), so much so that I made it no farther than page one of the short five page adfest. I thought it was going to be about hacking a wi-fi connection so that it doubled as a firewall or something. We nerds still use "hacker" in the old fashioned sense, just as we geezers still sing "deck the halls" without thinking about sodomy.

Ok, I know language evolves, but unlike the evolution of organisms the evolution of language is usually stupid. Like "gay", which now means "homosexual", half of whom attempt suicide. I never could understand what was so gay about suicide. Now the kids are twisting the word "gay" to mean clumsy, stupid, or dorky.

As to hacking, fine, now a hacker is a burglar. What do we nerds who write quick single-use code, or those of us who take a soldering iron to a transistor radio to turn it into something besides a radio, call ourselves now?

And could someone please point to an real NERD article somwhere that actually has the ten best hacks of 2007, instead of the ten best cracks of 2007?

I'm glad I can afford to be modded down because this really annoys me and I want to know what the rest of the slashdot audience thinks. I wish I'd seen this when it was fresh, nobody will likely seee this comment to mod it down anyway.

-mcgrew

Re:Number one is FUD

[Like2Byte]

I wrote diagnostic software for SNAP-ON a while back. I was completely amazed on how high-tech the trucks are these days. It seemed every physical switch had some sort of digital representation through the CAN bus.

Fuel flow rate, engine temp, etc,...

Learn More (YMMV): (PDF Warning for bottom one)
http://www.specifications.nl/can/protocol/can_UK_protocol.php [specifications.nl]
http://www.freescale.com/files/microcontrollers/doc/data_sheet/BCANPSV2.pdf [freescale.com]

Re:GPS

[Tran]

GPS are good at telling where you specifcally are. Maps tell you more easily where in relationship to other things you are once you know where you are.
I do some long distance Motorcycle Rallies, and I have runs in some rallies using maps only, GPS only and both maps and GPS. I like having both.
Plan route with the map( see the relationships), key points/stops in GPS and voila a succesful fun rally.
But yeah GPS only was the worst experience.
In normal car trips to relatives I have mixed results with GPS only. On one hand, using GPS on trips has taken me on some wonderful roads that I would not have tried otherwise. On the other hand it has taken me through traffic snarls and traffic light fests that almost ruin the trip. I suppose newer models that interface with traffic reports and allow better options in routing may make the experience more positive overall.

Forget navigation. Anyone hacked OBD2 yet?

[mopower70]

I just got my first car with OBD2 (yes, it's been a while) and it says right in the manual that it records about 60 seconds of driving information that can be used against me in the case of an accident whether I give permission or not. I want a hack that automatically erases that information in the event of a button push or airbag deployment. That's complete crap if you ask me...

Re:obvious

[Sigma 7]

A corporation is a large-scale version of a street vendor that has access to a larger quantity of inventory/services. It's as much of a hack as using a more powerful processor for a task, no matter how much Tim "The Tool Man" Taylor believes otherwise.