Turn a Tesla Into a Pokémon Go Machine

What happens when you pair up the most buzz-worthy car with the most viral game? You get a giant Pokémon Go car that looks awesome and will help you catch them all.

Pokémon  Go Tesla
Pokémon Go Tesla

A guy named Jeff, an editor for Pink Java Media enjoys playing Pokémon Go so much that he threw a little caution to the wind and poked around with his Tesla until he got it to install the popular game, making the most creative use I’ve seen out of the Tesla’s 14 inch display with GPS and a camera built in. “It’s not perfect,” Jeff said. “The Tesla’s display cuts off some of the game; I haven’t been able to fix that.” Probably more challenging is that the built-in camera the Tesla provides is a back-up camera, intended for assisting with, well, backing up. This, of course, means that Jeff must put the car in reverse in order to catch Pokémon.

How Did He Do It?
According to Pink Java, Jeff completed this feat with “a little bit of luck, some old-fashioned ingenuity, and an ethernet cable”, but that’s all the detail provided. I guess we’ll have to wait for him to document the process and just catch Pokémon with our phones like regular folk.

What is Pokémon Go?
Pink Java does a great job of summarising the game in their own article about Jeff’s adventure:

Pokemon GO is a smartphone game in which players chase and capture virtual creatures using geolocation. The phone’s camera makes it seem like these fanciful beasts are right there with the player in the real world, with different creatures appearing in different places.

When asked what Jeff had in mind next for his Tesla, he responded, “Tinder,” he said with a smile. “Going to see if I can swipe right with my turn signal.” I’d like to see how that works out. What would you like to see Jeff hack into his Tesla?

Gawker Media Hack Is A Password Reminder

Over the weekend, Gawker Media was hacked, providing an encrypted password list (among other things) to the hackers. A group calling themselves Gnosis has taken credit for the hack and released a package full of server information, notes on the hack, Gawker Media site source code and worst, everyone’s passwords.

Gnosis hack on Gawker Media

Judging by the statement made by the hackers, it looks like someone at Gawker pissed them off. I was actually planning another post about web security before this happened, but that will wait for another day as it has to do with different perils of having online accounts.

Here’s the email Gawker Media sent out today:

This weekend we discovered that Gawker Media’s servers were compromised,
resulting in a security breach at Lifehacker, Gizmodo, Gawker, Jezebel,
io9, Jalopnik, Kotaku, Deadspin, and Fleshbot. As a result, the user name
and password associated with your comment account were released on the
internet. If you’re a commenter on any of our sites, you probably have
several questions.

We understand how important trust is on the internet, and we’re deeply
sorry for and embarrassed about this breach of security. Right now we
are working around the clock to improve security moving forward. We’re
also committed to communicating openly and frequently with you to make
sure you understand what has happened, how it may or may not affect you,
and what we’re doing to fix things.

This is what you should do immediately: Try to change your password in
the Gawker Media Commenting System. If you used your Gawker Media
password on any other web site, you should change the password on those
sites as well, particularly if you used the same username or email with
that site. To be safe, however, you should change the password on those
accounts whether or not you were using the same username.

We’re continually updating an FAQ (http://lifehac.kr/eUBjVf) with more
information and will continue to do so in the coming days and weeks.

Gawker Media

How Does This Affect You?

If you’ve never commented on a web property in the Gawker Media network, you may not have anything to worry about. If you have, on the other hand, your password on that site has been compromised and you should think about where else you used that password and change it on all sites. In the quoted text above, Gawker points us to a post on Life Hacker full of answers. Of course, to minimize the effects of future hacks on Gawker or any site, it’s best to have a strong password (see below) and use different passwords for different sites. As an example, you wouldn’t want to use the same password on Gawker that you use for online banking.

Is Your Password Strong Enough

Surprisingly, too many people have passwords that are easy enough to crack or even just guessable. Without a doubt, the absolutely worst password you can use for any account is the word, “password”. Regardless, of the nearly 1.3 million accounts compromised, 1,959 had “password” as their passwords. Even if it’s not guessed by a hacker, the simplest brute force attack can crack this password in no time. So how do you know if your password is strong enough?

Is my Password Strong

I built a quick and easy password strength test site to help you test your password. This may be helpful but you can also get by with some quick password tips. To understand them, you should know a little about how a brute force attack works. Typically a script runs that tries one password after another until one works. A simple script might first try every word in a dictionary file. This is just a file full of known real words like “gamer”, “puppy”, or maybe, “password”. Failing that, it would start going through every character combination from aaa, aab, aac, for example, through to larger guesses like 9999999. A more time-consuming attack might make use of characters like $%!, etc. but this takes far longer. Having to check for upper vs lower case takes a lot longer as well. From this, we can assume that you can make your password stronger by making it longer and including numbers, mixed case, and special characters. By this logic, “Chr1Stm@s!!%” is a far more secure password than “christmas”.

Even if you were not affected directly by this, take this as a reminder to audit your password habits and make changes if needed. A little effort now can save you a lot of future headache.

How To Crack PDF Passwords In Your Sleep

There are many reasons a PDF might be locked. The author may want to prevent unauthorized editing, or in the case of a magazine, the publisher may want to prevent readers from printing the online version. I honestly rarely have a need for this kind of thing, but it does come up, so when Eltima Software asked if I wanted to review a copy of their software, Recover PDF Password, I agreed. They also offered up a couple more free licenses to my readers, so read to the end to find out how to get a free license or cash.

Recover PDF Password

How it works
Like many password crackers, Recover PDF Password uses a “brute force” method to guess at a password. By this, I mean that it tries every combination over and over again until one matches. One thing I liked was that I could choose to exclude some of the more complete searching options like special characters ($%^&*, etc), numbers, or upper case letters to name a few. This speeds up the search incredibly at the risk of missing the correct password completely if it has one of these characters. To give you an idea of the speed difference, imagine you’re lucky enough to know that the password is six characters in length. To just try searching with the lower case alphabet, (if my math is right) the software has to try up to 308,915,776 possible character combinations (26 * 26 * 26 * 26 * 26 * 26). If you add in 26 upper case alpha + 10 numeric + 28 special characters, you get 90 characters total and 90 * 90 * 90 * 90 * 90 * 90 makes 5.31441e+11 (531,441,000,000) possible combinations to try. That’s about 1,720 times more than just lowercase alpha characters. Having the option to pick and choose is a big plus. Remember, too, that this is if you’re lucky enough to know the password length and it’s only six characters. The problem with cracking passwords is a matter of the time it takes, and this program does in hours what it would take you a lifetime to do on your own.

What I think is missing is the ability for the software to try dictionary words first. A good password will be a combination of upper and lower case alpha characters, special characters, and numeric digits, but let’s face it… too often, the password is merely “password” and a large portion of the rest are dictionary words. Using the method above, it might take 19 billion or so tries, give or take a billion, to conclude that the password is “password”. Trying all the 8-character words from a dictionary file would take somewhere in the tens of thousands of guesses. This is a feature I’d really like to see in any password cracking tool, as it should be used as a first pass, just in case.

My tests
First, I downloaded Recover PDF Password. The download took about a half hour, but I tried again (twice) later, and it came down in around 14 seconds both times. Then, I grabbed a random (locked) PDF from the web. I first tried with all the options on and was getting nowhere after a day. I decided to start over, telling it to try anything with lowercase characters and numbers from three to four characters in length. That went pretty quickly, eliminating all possibilities. Next, I moved on to 5-6 characters, which took a lot longer, as expected, due to the exponential growth in combinations to try. The program eliminated all 5-character combinations and then, about a third of the way through the alphabet, it recovered a 6-character password for me. The total search took 19 hours, 50 minutes, 28 seconds, and used about 50% cpu and 25MB of RAM pretty consistently.

After thinking about my wish that a dictionary file be used for the first pass, I decided to try a PDF with a password of “password” just for kicks. I grabbed one from Adobe’s site and set Recover PDF Password loose on it, trying only lowercase alpha characters and only with a length of 8. After about five minutes, it was estimating 100-108 days remaining.

Conclusions
First of all, it does what it says, so that’s good. At the $39.95 price for a personal license, it’s also within reach of anyone needing to recover a password on a PDF without breaking the bank. The down side is that a good password will take a very long time to crack, but that’s going to be true for any program, I guess. I’d love to see a dictionary file used, but it won’t make a difference for a secure password. The software is solid and complete with useful options to help save time and it’s worth the purchase as long as you can let it run in the background for a while.

UPDATE: Eltima Software tells me that they are now working on implementing the request for use of a dictionary file. That’s great news.

Get a free license
Want to try it out yourself or just have it handy for when you really need it? Eltima Software gave me two licenses to give away to readers. All you have to do to try for one is tweet with “http://Lnk.gd/ej” and “@joetech” and you’ve earned an entry. If someone re-tweets your tweet, you get another entry for every RT. Just to spice things up a little, I’ll throw in $20 (via PayPal) to a third winner. I’ll draw three twitter users at random from those who have entered. To collect, I have to be able to send you a direct message, so make sure to follow @joetech in case you win.