Hacking Systems: An Ongoing List

Published on June 08, 2019 • 1 min read

One of the greatest joys in life is hacking a system. The system being hacked doesn't necessarily have to be a computer — it can be a real world system, and real world hacks tend to be the most unique ones.

Accelerometer-based keylogger

Whenever you type something into your phone, the impact of your finger on the screen creates tiny movements, and those movements can be recorded by your phone's accelerometer and gyroscope. A friend of mine tried to use the accelerometer data from an iPhone 6 to figure out what someone was typing on their phone — essentially creating a key logger. Unfortunately the granularity of the time series data didn't allowed for accurate prediction of the keyboard presses, but it did allow her to capture the phone's lock screen passcode. Since Apple allows apps to collect accelerometer data in the background, any app with accelerometer permissions (ie. a fitness app) could theoretically become a full-device key logger once accelerometer accuracy improves.

Don't hack the system. Hack the system's system.

Rather than hacking a Bitcoin exchange's web server directly, Linode, a hosting provider, was compromised by hackers who stole $200k worth of Bitcoin from one of Linode's customers. https://spectrum.ieee.org/tech-talk/computing/networks/thousands-of-bitcoins-stolen-in-a-hack-on-linode

Warshipping

Mailing parcels with tiny wireless computers. https://techcrunch.com/2019/08/06/warshipping-hackers-ship-exploits-mail-room/