Search the Community

I like attaching RaspberryPis to TVs to make them do different kinds of kiosk things. Pis are impossible to find, and pretty much all of our smart TVs are a) already running Linux and b) more than capable of doing more or less what a Pi can do. Hot gluing an SBC onto an already embedded linux computer - just to join them with an HDMI cable - seems like a huge waste of perfectly usable hardware. However, I've run out of ideas how to get into the Linux part of this Vizio "smart" TV. Suggestions of what to do next, where to go looking, or if other brands are perhaps easier to deal with are welcome. thanks! Here's what I do have: * Full serial (UART) console output via a BusPirate, with lots and lots of output. * The CPU is a Mediatek 5583, which is likely just a variant of the 558x made for Vizio? and running an ubuntu-like Linux distro. * onboard storage is 4GB of HS400 eMMC * bootloader is U-Boot 2011.06 * the firmware updater file downloaded from Vizio. the binary blob file looks like two sections: first is a JWT and then what seems like the actual firmware - encrypted. I assume encrypted because the entire remainder of the ~530MB looks like noise. Here's what I know from reading the console output: * As U-Boot does, the first thing it does is gets moved to RAM. It then reads some basic configuration from EEPROM (somewhere) getting the network MAC address (seems to be set in software rather than burned into the hardware) and then immediately disables the UART input: !!!! enable_uart_rx=[0] !!!! Disable UART In: serial Out: serial Err: serial * a USB flash drive will be automatically mounted if present, and uboot(?) will look for several files like MstarUpgrade.bin, SbootUpgrade.bin, MbootUpgrade.bin, and UrsaUpgrade.bin. * during normal operation, the USB flash drive is mounted at /mnt/usb/sda1. * the custom ubuntu is called "ViziOS" and is version 1.3.432.468.0 * there is a shell and/or busy box available, but it's not accessible because the UART rx is disabled * an external keyboard (at least the only Mac keyboard I have around here) seems to be recognized as a present USB device, but is almost always otherwise ignored - it can sometimes be used for input * command injection by using backticks around the wireless network name does _not_ appear to have any effect in this version of the firmware, although it was apparently possible in older versions * Likewise, vulnerabilities around https://<ip_address>:7345/scpl/ don't seem to be present anymore * Despite being factory reset and never connected to Netflix ever, since I won't let the tv connect to the internet (it will automatically upgrade the firmware), it (internally) loses its mind because it can't send telemetry to Netflix. That's another big reason I'm not at all satisfied to just "throw a chromecast/etc onto an HDMI port and be done with it" - I want to turn off all the telemetry crap. * There are a couple of "secretKey" messages that might be interesting/useful, but I don't know what to do with them [SECRETKEY DBG]in func:getSecretKey line:94 strModelName=Vizio_D32f-J04 [SECRETKEY DBG]out func:getSecretKey line:104 (hashed)strKey=dcaa76a2 strKey.length()=48 * When there is no USB drive present, the following network ports are listening: 7345/tcp 8005/tcp 9223/tcp 56789/tcp 56790/tcp * However, when the drive is removed, 36675/tcp is also listening. * Lastly, there's old firmware sourcecode on github, but honestly I have no idea what to do with it or if I even could. There is no obviously accessible EEPROM on the board. I suspect that it's probably part of the SOC. Both the eMMC and the SOC are BGA chips, so there's no way to probe them directly even if I understood how to do such a thing.

Windows 11 has a reputation for making a lot of changes that makes life more difficult for Windows 10 users. But there has always been a community effort to make tools that ruin Microsoft’s vision… StartAllBack - https://startallback.com/ Start11 - https://www.stardock.com/products/start11/ Live Tiles Anywhere - https://www.reddit.com/r/Windows11/comments/q18ipe/live_tiles_anywhere_create_custom_live_tiles_for/ RoundedTB - https://github.com/torchgm/RoundedTB Win11DisableOrRestoreRoundedCorners - https://github.com/valinet/Win11DisableRoundedCorners (RIP) EdgeDeflector - https://www.ctrl.blog/entry/edgedeflector-default-browser.html EdgeDeflector alternative: MSEdgeRedirect - https://github.com/rcmaehl/MSEdgeRedirect AltDrag - https://stefansundin.github.io/altdrag/ Sizer - http://www.brianapps.net/sizer4/ Twinkle Tray - https://twinkletray.com/ PowerToys - https://docs.microsoft.com/en-us/windows/powertoys/ Winaero Tweaker (registry hacks) - https://winaero.com/winaero-tweaker/ Buy ASUS ROG Swift PG27UQ Monitor On Amazon (PAID LINK): http://geni.us/d6mJ On Newegg (PAID LINK): http://geni.us/y2Zg

I'm about to buy a 2014 Ford Edge, and I was wondering if anyone's ever tried to get Linux or a different version of Windows on one of these Ford systems. I can't find anything online about anyone doing this, but the preliminary research I've done online has revealed that Microsoft used Windows Embedded Automotive for Sync. The system has 2 USB 2.0 ports and an SD reader. I'm pretty sure the SD card reader contains the map data, and updates to the system are issued via flash drive. Seems like there should be a way to highjack the bootloader for the flashdrive and put another OS on there.

oof Summary PlayStation has been getting hacked!! They have disabled the servers until further notice to stop the hackers and fix the flaws in their security system. LittleBigPlanet's twitter account shared a statement about the hacks stating "Due to the severity of the recent attacks we have no other option than to temporarily disable the game servers. We do not take these attacks lightly especially when they target our loyal community members. Thanks for understanding." - LittleBigPlanet twitter account. The servers should be back up once PlayStation fixes the security flaws. Quotes My thoughts LittleBigPlanet just has not had good luck like ever. The best LittleBigPlanet was on the Vita in my opinion. Yes I had a PS Vita and I loved it. Sources LittleBigPlanet Servers Have Been Taken Down Following Targeted Attacks - IGN https://www.thegamer.com/little-big-planet-servers-taken-offline-after-suspected-ddos-attacks/#:~:text=Little Big Planet Servers Taken Offline After Suspected,of suspected DDOS attacks from one unhappy fan. LittleBigPlanet servers under threat again (truetrophies.com)

So there are plenty of reasons to hate on windows, especially the way they are aggressively pushing their products. And it’s sad! Windows can be such a powerful tool for people that produce things! Please, if you want to hate on windows, make another topic called “Why you don’t use windows” and post there. I just want this topic to be about the positive aspects of Windows that get overlooked by the average user. Like I said, there are PLENTY of reasons to hate windows and that's fine; just keep things civil. Also, if you know of any useful programs that extend the windows shell, or tools that make cool registry hacks, please post them! I know some of you may feel editing the windows registry is sketchy, and this is justifiable to some extent; but it’s not a big deal if you pay attention. The windows registry is just Windows’ settings broken into a series of “hives”. Always backup your registry before making edits. And if possible, look at what is being changed before running a .reg file. The Windows registry is actually far more efficient than people would have you believe. Also, avoid using “registry cleaning software” unless something is genuinely wrong (even CCleaner). They generally remove more than they should and cause more problems than they fix. Reducing the size of your registry doesn’t have as much of an effect as you think. Folder Icons I love things like Plex when I want to watch movies in my living room, or on an iPad. But if I have access to a PC, I would rather use MPC (lets be real, plex sh!*s the bed anytime there is even a tiny amount of corruption in a file...and when there isn't any). But the best part of Plex is scrolling through Movie Posters and having media information pulled from the internet! Well, just look at my media library: I don’t need anything but windows to browse my Movies/TV Shows. And if I want to search for a movie by actor/actress, genre, etc…I just use windows search because I tag all my media files using MetaX (see useful programs below). The best part is, if I have access to my media server, this will work on pretty much any version of Windows since it done with a uniform “desktop.ini” file: [ViewState] Mode= Vid= FolderType=Videos Logo=FolderIcon.ico [.ShellClassInfo] IconResource=FolderIcon.ico,0 Another benefit, it helps things like Plex find the correct meta information online. Useful Tools MetaX (http://www.danhinsley.com/metax/metax.html) – A POWERFUL video tagging tool with a great GUI (this product is worth the $10, trust me) Context Menus In my opinion, the windows context menu system is one of the most powerful tools at your disposal (when leveraged correctly). You see some programs take advantage of this, like 7-Zip. Right click on a zip file and you are presented with a whole new context menu just for handling compressed files. But have you ever created your own context menu? It can make your life a whole lot easier. Take my media library from an earlier example. It is actually somewhat complicated to add a movie to my library. I have to use MetaX to tag the movie and output the movie poster. Then I have to convert the poster to an icon, copy in my “desktop.ini” template, and make the folder a system file. So I created a context menu for “.jpg” files that calls a script that does all that for me. It only took a few minutes to code, but it saves me so much time: F:\Projects2\ConvertToIcon\ConvertToIcon.vbs: OPTION EXPLICIT CONST HIDDEN = 0 DIM shell SET shell = WScript.CreateObject("WScript.Shell") shell.Run "%comspec% /c F:\Projects2\ConvertToIcon\ConvertToIcon.bat """ & WScript.Arguments.Item(0) & """ > ""F:\Projects2\ConvertToIcon\log.txt""", HIDDEN, FALSE SET shell = NOTHING F:\Projects2\ConvertToIcon\ConvertToIcon.bat: @echo off echo Convert %~d1%~p1%~n1%~x1 to %~d1%~p1%~n1.ico echo convert file convert "%~d1%~p1%~n1%~x1" -matte -background none -resize 2048x2048^ -gravity Center -extent 2048x2048 -define icon:auto-resize "%~d1%~p1FolderIcon.ico" echo check if desktop.ini exists IF NOT EXIST "%~d1%~p1desktop.ini" echo F| xcopy "M:\_Template\desktop.ini" "%~d1%~p1desktop.ini" /H /K set PARENTFOLDER=%~d1%~p1 IF %PARENTFOLDER:~-1%==\ SET PARENTFOLDER=%PARENTFOLDER:~0,-1% echo make parent folder a system folder (%PARENTFOLDER%) attrib +S "%PARENTFOLDER%" /D echo make desktop.ini a hidden system file attrib +S +H "%~d1%~p1desktop.ini" :: If you are having to delete Thumbs.db every time, uncomment the following ::timeout 3 ::echo check if Thumbs.db exists ::IF EXIST "%~d1%~p1Thumbs.db" del /F /A:HS "%~d1%~p1Thumbs.db" echo Done. F:\Projects2\ConvertToIcon\ConvertToIcon.reg: Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Classes\SystemFileAssociations\.jpg\shell\ConverttoIcon] @="Convert to Icon" [HKEY_CURRENT_USER\Software\Classes\SystemFileAssociations\.jpg\shell\ConverttoIcon\command] @="wscript.exe \"F:\\Projects2\\ConvertToIcon\\ConvertToIcon.vbs\" \"%1\"" But let’s take an example from something I’ve seen Linus rant about: the “Up Directory” button while viewing search results. In Windows 10, if you open a directory from a search result then click the “Up Directory” button, it returns you to the search results page (even if you right click and open in a new window). It is the most infuriating thing in the history of mankind! So let’s fix it and add 3 new context menus entries: Right click a folder -> Open folder in a new window: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\Folder\shell\Open Target] @="Open Target in New Window" [HKEY_CLASSES_ROOT\Folder\shell\Open Target\command] @="Explorer.exe \"%V\\\"" Right click the background of a folder -> Open its parent folder: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\Directory\Background\shell\Open Parent] @="Open &Parent" [HKEY_CLASSES_ROOT\Directory\Background\shell\Open Parent\command] @="Explorer.exe \"%V\\..\\\"" Right click anything -> Open parent folder in a new window: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\*\shell\OpenTargetParentFolder] @="Open Target's Parent Folder" [HKEY_CLASSES_ROOT\*\shell\OpenTargetParentFolder\command] @="Explorer.exe /select,\"%V\"" Boom! Problem Solved! A more advanced way to generate dynamic context menus. I don’t want to get too into this, but here is a great place to start: CppShellExtContextMenuHandler (https://code.msdn.microsoft.com/CppShellExtContextMenuHandl-410a709a). So let’s say you have media files that don’t have public meta information for MetaX to use, but you still want to tag things like actors/actresses, genre, etc…(let’s say you are naughty and have a lot of pr0n and want to make it easier to search ? I’m not saying I created a context menu for this reason…it’s just an example….don’t tell my mom). Now you can create an elaborate where you can tag media files easily, by generating menus based on things like folder path, existing tags on the file, recently used tags, etc… Really the limit is your imagination. Useful Tools Default Programs Editor (http://defaultprogramseditor.com/) – An amazing program that allows you to edit everything from file extension context menus (by extension and by class), to file extension icons/descriptions. One of the best programs available for creating/editing Windows context menus. ShellNewHandler (https://sourceforge.net/projects/shellnewhandler/) – A great program for clearing out your “New” context menu. Let’s be real, have you EVER used the context menu to create a new “Contact” file? No. No you have not. In fact, you’ve never used 90% of the other default options in that menu. So get rid of them and add some useful ones. ShellExView & ShMnView (http://www.nirsoft.net/utils/shexview.html) – Great tools for clearing out unwanted context menu items.

I'm writting essay mainly about what people know about hacking and internet security, and i need one more thing, how do you describe in two sentences term "Hacker" Can you? That would be really helpfull for me Gawron

i have an old dell inspiron 3421 and i noticed that my laptop has a msata slot (i think thats what is is) where the wifi card is inserted. can i plug in a egpu through that slot? i have seen adapters like this one: https://www.banggood.com/Mini-PCI-E-Version-V8_0-EXP-GDC-Beast-Laptop-External-Independent-Video-Card-Dock-p-1011222.html?rmmds=detail-top-buytogether but will that actually work?

Intel Vets Challenge ‘Russia Hack’ Evidence Western mainstream news media tends to run coordinated media blackouts on information that isn't favourable to its agendas, such as was done concerning the USA-coalition's campaign for Mosul, Iraq, which was far worse (with more than double the average weekly civilian death toll) and ran far longer than Syria, Russia, and Iran's campaign for Aleppo, Syria. But with this many intelligence veterans backing this appeal, hopefully it will be covered in the MSM, at least somewhere. This isn't the first time that members of this intelligence veterans group have made a public a public appeal against the allegations that there was a hack by Russia. In December 2016, some of them collectively signed a report calling the allegations baseless: US Intel Vets Dispute Russia Hacking Claims - "Allegations of Hacking Election Are Baseless" William Binney, a co-signatory of this new appeal, is a 36-year veteran of the NSA, and is the architect of the NSA's data-collection systems. He has previously made other comments in rejection of the claim that the DNC emails were the result of a hack: Ray McGovern is a former top-level CIA officer and data-analyst, who advised 7 consecutive USA presidents over 27 years, and whose job at the CIA was to always tell the truth, while it was other people's job to fudge data. Ray is also the former head of the CIA's USSR foreign policy department, and has chaired multiple intelligence estimates. Ray might be the most experienced and knowledgeable Russia expert in the West. It was Ray's friend, former British ambassador Craig Murray, who received the DNC emails from the leaker and personally delivered them to WikiLeaks. Ray has spoken about this publicly many times, while his friend who delivered the DNC emails to WikiLeaks, Craig Murray, has said that no mainstream new media has ever reached out to him for comment. This new appeal makes reference to the recent published analysis of the Guccifer 2.0 files, which discovered that their copy speed of the files recorded in their meta-data seemingly proves that they were not transferred through the internet, but were copied locally to a removable drive: New Research Shows Guccifer 2.0 Files Were Copied Locally, Not Hacked

Howw!!?? I am really looking for an explenation! There are more likes then views?! Wtf?! And this is not even the first time! I have seen it before!

This can actually useful for some purposes out there that isn’t malicious, I still don’t understand why they massed it t ope-source, something like this with the wrong hands could be bad. This is actually pretty smart if they are using it to recruit people. There’s plenty of people with unused talent out there, this maybe their chance to prove themselves. Let us know down below what you think, is this a good thing or not? What could this be used for? SOURCE

I would like to argue my laptop's stock speakers are bad quality.. I would like to switch them out for better ones - the objective is louder volume all compact inside the laptop for transportation. Any leads would be helpful, thanks. I'm going to 'thicken' laptop to allow better airflow and possible battery upgrade. The new speakers could be a different size

Sources: Gizmodo Fox 2 Detroit Media: Fox 2 Video Quotes/Excerpts: My Opinions: It used to be that hacking gas pumps and ATMs were mainly just from TV dramas. However it's becoming easier and easier to illegally access those devices by improperly configured devices. Some things should definitely not become IoT and this is just another example.

Your Wi-fi and NAS Server are not safe. Follow the hyperlink provided below to read about the hack and how to remove the VPN hack from your system Russians Hack Wi-Fi Routers: What to Do Right Now

Due to the recent issues surrounding both Intel and AMD's CPU's is it worth changing build plans and siding with AMD's processor's to avoid performance loss? Any thoughts or comments are appreciated, Pulpypanda.

I live in a small town with only 4 Pokemon gyms. The problem that we have is that a lot of people from nearby cities are GPS spoofing their Pokemon go game, and taking over our gyms with high level Pokemon. For example, I took over a LV 7 gym today at a local ballfield. Right after I captured it for my team ( go instinct) a player took it over from me and dumped a 2400cp charzard ( Fing valor). I look around, and nobody is even within sight, and there are no houses close by. Go to battle it, and boom, it's now a level 4 gym with many 1000+ CP Pokemon. All trainers with similar names. Again, nobody within 1km of me. There is currently no way to report these dicks, and they are ruining the fun for our rual town.

Well, there isn't really any source or site for this, so I'll link some forum posts instead: https://www.reddit.com/r/tf2/comments/4h1xfv/lmaobox_vac_detected_30th_april_2016/ http://forums.steampowered.com/forums/showthread.php?t=3302787 http://www.ugcleague.net/forum/showthread.php?48559-Lmaobox-Premium-Detected So to summarize, LMAOBox was an aimbot/aim assist/chat spammer that went unnoticed from VAC for years and years. Now it seams Valve has caught up with the whole thing and has started banning LMAOBox users who've used it after January 2015. About 6000 people were banned, including about 500 UGC Gold/Platinum players (see here: https://docs.google.com/spreadsheets/d/1dfcMHrF3dGByk-UV8CEDhhhDVBhb3Uo2QC7kWU6ciEs/htmlview?sle=true#gid=0). These are people that paid (yes, there was a premium version), and it remains to be seen how many F2Ps with free versions will get their ass banned. Not that it matters to them, they'll make a new account and continue on as usual. VAC needs to be banning people based on IP address or hardware ID. Furthermore, the developer of the hack has called quits on it and has made the code open source. Nope, apparently the development is still continuing. The account that claimed to be the dev was hacked. Recently Valve has started showing more and more interest in TF2 again, and this is good news. This is a great day for all of us who play this game legitimately.

Any suggestions on classroom management software. I'm trying to narrow down something that is network deploy-able, easy for non-techy teachers to figure out, and difficult to hack. Currently I'm beta testing Net Control 2 and NetSupport. They are meh... ...also here is what I want my students to look like when they try to access the internets.

As the titel says Plz no s4andst0rm, 3epic5me

One of my mutual "friend" invited me to skype call and he sent me my ip adress, he also took a screenshot of some DDosing client, what is the worst thing could happen, My ISP hopefully resets everything every month, so yeah (btw im very noob) EDIT: Also sent me some of my devices mac adress EDIT:So, I figured out that ISP can't change my IP will change when the lease expires, then I should be safe right?

Tesla doesn't want you tinkering with your car, largely because you're a moron who will cause something to go wrong, get in a crash, then proceed to blame Tesla for your screwup thus harming their image - a image they can't afford to tarnish since even though Tesla is "the shit" right now, they're still young and don't need Governmental inquiries into their safety or reliability to ruin the good streak they have going. I'm with them. This isn't a regular car you can do whatever you want on. This is a tad more complicated. Likely, the engineers who signed off the last piece of code know a little more about how to make it the best possible thing than you do. But thats just me. http://www.engadget.com/2015/03/04/tesla-10k-hack-model-s/

Found this crazy guy's exploits on hackaday: He had all his x16 PCIe slots filled, so decided, as anyone would, to cut up his graphics card (GeForce 8400 GS) with a dremel and change the pinout. Aaaaaand it worked: http://3.14.by/en/read/videocard-pcie-conversion-x16-x1 Original Hackaday Post: http://hackaday.com/2012/10/06/hackaday-links-october-6-2012/

Help I need my password back quick I have forgotten it I have windows 8.1 and I dont have a usb

Source: http://9to5mac.com/2014/12/18/sony-hack/ A Sony employee has described the company as being “stuck in 1992″ following the massive hacks, with employees desperately trying to avoid using any technology that could be compromised, reports TechCrunch. The company is even encouraging staff to avoid using phones – presumably including the company’s own Android Xperia smartphones and tablets – in favor of face-to-face meetings. There has, though, been one exception to the ban on modern technology: Apple kit. Sony may need to buy a few extra Macs, with some departments having only one or two computers for the entire office. It is, she said, like “living in an office from ten years ago.”

With all of these hacks going on, it's more prudent than ever to make sure that your passwords are strong. Doing so is not always easy, however. If someone guesses the password to your password manager, you're pretty much screwed. If I were Microsoft, Sony, or Amazon, I would strongly suggest or maybe even require that a person use a fingerprint reader as a means of security. It's nearly impossible to remember so many passwords but fingerprints are almost always unique. Why don't these big companies do something similar to what Apple has done? Even take a page out of Blizzard's book and offer authenticators on top of fingerprints. The problem with passwords currently is that they do not require the person trying to access the account to have physical verification. With the authenticator, for example, the randomized code has to match the serial number of the authenticator. The authenticator in this case would not be a phone. The device's sole purpose would be to act as a RNG. While this would not be impossible to hack, it would be an incredible pain in the ass to get around. My Battle.net account got hacked one time. Once I got access back, I immediately bought an authenticator and have had no issues since. The combination of fingerprint and authenticator might be a little bit inconvenient at first, but I think that companies would gain a lot more trust if they went in this direction.