<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>Reverse Engineering &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/tag/reverse-engineering/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Thu, 21 Nov 2024 16:20:52 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>Details about the iOS Inactivity Reboot Feature</title>
		<link>https://noise.getoto.net/2024/12/02/details-about-the-ios-inactivity-reboot-feature/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 02 Dec 2024 12:08:40 +0000</pubDate>
				<category><![CDATA[Apple]]></category>
		<category><![CDATA[ios]]></category>
		<category><![CDATA[iPhone]]></category>
		<category><![CDATA[law enforcement]]></category>
		<category><![CDATA[Reverse Engineering]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69629</guid>

					<description><![CDATA[I recently wrote about the new iOS feature that forces an iPhone to reboot after it&#8217;s been inactive for a longish period of time.
Here are the technical details, discovered through reverse engineering. The feature triggers after seventy-two hours...]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Reverse-Engineering Ticketmaster’s Barcode System</title>
		<link>https://noise.getoto.net/2024/07/09/reverse-engineering-ticketmasters-barcode-system/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 09 Jul 2024 16:27:46 +0000</pubDate>
				<category><![CDATA[hacking]]></category>
		<category><![CDATA[Reverse Engineering]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69133</guid>

					<description><![CDATA[Interesting:
By reverse-engineering how Ticketmaster and AXS actually make their electronic tickets, scalpers have essentially figured out how to regenerate specific, genuine tickets that they have legally purchased from scratch onto infrastructure tha...]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>The Justice Department Will No Longer Charge Security Researchers with Criminal Hacking</title>
		<link>https://noise.getoto.net/2022/05/24/the-justice-department-will-no-longer-charge-security-researchers-with-criminal-hacking/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 24 May 2022 11:11:23 +0000</pubDate>
				<category><![CDATA[courts]]></category>
		<category><![CDATA[cybercrime]]></category>
		<category><![CDATA[cybersecurity]]></category>
		<category><![CDATA[national security policy]]></category>
		<category><![CDATA[Reverse Engineering]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[vulnerabilities]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=65454</guid>

					<description><![CDATA[<p>Following a recent <a href="https://www.theverge.com/2021/6/5/22491859/supreme-court-van-buren-cfaa-hacking-law-scope-narrowed">Supreme Court ruling</a>, the Justice Department will <a href="https://www.justice.gov/opa/pr/department-justice-announces-new-policy-charging-cases-under-computer-fraud-and-abuse-act">no longer prosecute</a> “good faith” security researchers with cybercrimes:</p>
<blockquote><p>The policy for the first time directs that good-faith security research should not be charged. Good faith security research means accessing a computer solely for purposes of good-faith testing, investigation, and/or correction of a security flaw or vulnerability, where such activity is carried out in a manner designed to avoid any harm to individuals or the public, and where the information derived from the activity is used primarily to promote the security or safety of the class of devices, machines, or online services to which the accessed computer belongs, or those who use such devices, machines, or online services...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Hacking the Sony Playstation 5</title>
		<link>https://noise.getoto.net/2021/11/10/hacking-the-sony-playstation-5/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 10 Nov 2021 12:17:41 +0000</pubDate>
				<category><![CDATA[exploits]]></category>
		<category><![CDATA[gaming consoles]]></category>
		<category><![CDATA[hacking]]></category>
		<category><![CDATA[Reverse Engineering]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=63854</guid>

					<description><![CDATA[<p>I just don’t think it’s possible to create a hack-proof computer system, especially when the system is physically in the hands of the hackers. The <a href="https://www.theverge.com/2021/11/8/22770300/ps5-playstation-5-root-keys-debug-menu-hacks-exploits-jailbreak-sony">Sony Playstation 5</a> is the latest example:</p>
<blockquote><p>Hackers may have just made some big strides towards possibly jailbreaking the PlayStation 5 over the weekend, with the hacking group <a href="https://twitter.com/fail0verflow/status/1457499576676634625">Fail0verflow claiming</a> to have managed to obtain PS5 root keys allowing them to decrypt the console’s firmware.</p>
<p>[…]</p>
<p>The two exploits are particularly notable due to the level of access they theoretically give to the PS5’s software. Decrypted firmware ­ which is possible through Fail0verflow’s keys ­ would potentially allow for hackers to further reverse engineer the PS5 software and potentially develop the sorts of hacks that allowed for things like installing Linux, emulators, or even pirated games on ...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Apple’s NeuralHash Algorithm Has Been Reverse-Engineered</title>
		<link>https://noise.getoto.net/2021/08/18/apples-neuralhash-algorithm-has-been-reverse-engineered/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 18 Aug 2021 16:51:17 +0000</pubDate>
				<category><![CDATA[algorithms]]></category>
		<category><![CDATA[Apple]]></category>
		<category><![CDATA[backdoors]]></category>
		<category><![CDATA[Cryptography]]></category>
		<category><![CDATA[hashes]]></category>
		<category><![CDATA[ios]]></category>
		<category><![CDATA[iPhone]]></category>
		<category><![CDATA[Reverse Engineering]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=63588</guid>

					<description><![CDATA[<p>Apple’s <a href="https://www.apple.com/child-safety/pdf/CSAM_Detection_Technical_Summary.pdf">NeuralHash algorithm</a> — the one it’s using for <a href="https://www.schneier.com/blog/archives/2021/08/apple-adds-a-backdoor-to-imesssage-and-icloud-storage.html">client-side scanning</a> on the iPhone — has been <a href="https://github.com/AsuharietYgvar/AppleNeuralHash2ONNX">reverse-engineered</a>.</p>
<p>Turns out it was already in iOS 14.3, and <a href="https://www.reddit.com/r/MachineLearning/comments/p6hsoh/p_appleneuralhash2onnx_reverseengineered_apple/">someone noticed</a>:</p>
<blockquote><p>Early tests show that it can tolerate image resizing and compression, but not cropping or rotations.</p></blockquote>
<p>We also have the <a href="https://github.com/AsuharietYgvar/AppleNeuralHash2ONNX/issues/1">first collision</a>: two images that hash to the same value.</p>
<p>The next step is to generate innocuous images that NeuralHash classifies as prohibited content.</p>
<p>This was a bad idea from the start, and Apple never seemed to consider the adversarial context of the system as a whole, and not just the cryptography...</p>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Reverse-Engineering the Redactions in the Ghislaine Maxwell Deposition</title>
		<link>https://noise.getoto.net/2020/10/27/reverse-engineering-the-redactions-in-the-ghislaine-maxwell-deposition/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 27 Oct 2020 11:34:40 +0000</pubDate>
				<category><![CDATA[courts]]></category>
		<category><![CDATA[redaction]]></category>
		<category><![CDATA[Reverse Engineering]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=60376</guid>

					<description><![CDATA[Slate magazine was able to cleverly read the Ghislaine Maxwell deposition and reverse-engineer many of the redacted names.
We&#8217;ve long known that redacting is hard in the modern age, but most of the failures to date have been a result of not reali...]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Hacking a Coffee Maker</title>
		<link>https://noise.getoto.net/2020/09/29/hacking-a-coffee-maker/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 29 Sep 2020 11:16:12 +0000</pubDate>
				<category><![CDATA[hacking]]></category>
		<category><![CDATA[Internet of Things]]></category>
		<category><![CDATA[Reverse Engineering]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[vulnerabilities]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=60271</guid>

					<description><![CDATA[<p>As expected, IoT devices are <a href="https://arstechnica.com/information-technology/2020/09/how-a-hacker-turned-a-250-coffee-maker-into-ransom-machine/">filled with vulnerabilities</a>:</p>
<blockquote><p>As a thought experiment, Martin Hron, a researcher at security company Avast, reverse engineered one of the older coffee makers to see what kinds of hacks he could do with it. After just a week of effort, the unqualified answer was: quite a lot. Specifically, he could trigger the coffee maker to turn on the burner, dispense water, spin the bean grinder, and display a ransom message, all while beeping repeatedly. Oh, and by the way, the only way to stop the chaos was to unplug the power cord...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 31/137 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2025-12-06 17:15:21 by W3 Total Cache
-->