Full Disclosure mailing list archives
Re: Hackery Channel 01-09-01-LOLZ: Cat Spoofing against Flow Control
From: Jordan Bray <jordanbray () gmail com>
Date: Fri, 30 Jan 2009 13:17:56 -0500
On Fri, Jan 30, 2009 at 11:57 AM, Charles Morris <charlesmorris () gmail com>wrote:
On Thu, Jan 29, 2009 at 6:04 PM, hack ery <hackery.channel () gmail com> wrote:Security Risk: High Exploitable: Local Vulnerability: Arbitrary Flow Control Control, Cat Spoofing Discovered by: The Hackery Channel Tested: No The Flow Control project is an access control project for a cat. It consists of a cat door, an electromagnetic latch, a access controldevice,and image recognition software that allows Flow to enter the house, andonlywhen she is not carrying prey. When Flow is within proximity of thedoor,she passes through a light that casts a shadow on an area monitored by a camera. If the silouhette, appears to be Flow without prey, access is granted. Cat Spoofing: An attacker could potentially gain access by posing as a kitty by placing a cut out of the kitty next to the light. Mitigation: None. Work around: Guard dog Vendor Notified: No Vendor Site: http://www.quantumpicture.com/Flo_Control/flo_control.htm _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/The solution of course would be to clone the system and take a vertical image, creating a decent 3-D map of the Cat attempt. What about two-factor authentication? I'm thinking a mass spectrometer reading in combination with the facial recognition. That could detect a Cat spoofing and/or brute-force attack with a bust or cardboard cut-outs. With any biometric authentication it's going to be expensive and have all kinds of bugs and quirks... just teach him a password.. sheesh.
Have any of you guys heard of RFID? -- /me
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Hackery Channel 01-09-01-LOLZ: Cat Spoofing against Flow Control hack ery (Jan 29)
- Message not available
- Re: Hackery Channel 01-09-01-LOLZ: Cat Spoofing against Flow Control Nancy Kramer (Jan 29)
- Re: Hackery Channel 01-09-01-LOLZ: Cat Spoofing against Flow Control Jeremy Brown (Jan 30)
- Re: Hackery Channel 01-09-01-LOLZ: Cat Spoofing against Flow Control Nancy Kramer (Jan 29)
- Message not available
- Re: Hackery Channel 01-09-01-LOLZ: Cat Spoofing against Flow Control Charles Morris (Jan 30)
- Re: Hackery Channel 01-09-01-LOLZ: Cat Spoofing against Flow Control Jordan Bray (Jan 30)
- Re: Hackery Channel 01-09-01-LOLZ: Cat Spoofing against Flow Control Michael Holstein (Jan 30)
- Re: Hackery Channel 01-09-01-LOLZ: Cat Spoofing against Flow Control Jordan Bray (Jan 30)
- Re: Hackery Channel 01-09-01-LOLZ: Cat Spoofing against Flow Control Valdis . Kletnieks (Jan 30)