Yep, it's all out there on the internet, but if you use it to grab private data from someone else's computer chances are you're in for a world of legal hurt. It's one of the few pieces of software I can think of where the subsequent use is more illegal than the act of downloading it.

But I know it's not the only one. What else can you guys come up with? [CrunchGear, Pirate Merch]

The new sticker, found under the faceplate (just like the old one), looks a bit bigger and features both a code and a mysterious black bar.

Maxconsole forum members already came up with some interesting/believable theories: Could this code be tracked to your serial number, in case you open the machine and want to seal it back up with a fraudulent sticker? Could this black bar be heat-sensitive tape that would change color should you try the classic hot box trick to repair an RRoD? Could this sticker contain a tiny capsule of cyanide meant to crack under duress, eradicating the modding community one lonely guy at a time?

We don't know. But what seems obvious is that Microsoft is taking their warranty stickers a bit more seriously.

For reference, here's what the old sticker looked like:

Go nuts with accusations in the comments while we wait for Microsoft to give us an official answer. [Logic-Sunrise via Maxconsole]

RyeBrye has pieced together an Android app that does all the rooting legwork, a process that used to range from mildly intimidating to headache-inducing. In either case, the prospect was always daunting for the mainstream, which kept the joys of an unbound Android from most G1 and MyTouch owners. With this app, here's the new, streamlined procedure:

• Download "Recovery Flasher" From the Android Market (or sideload it)
• Run it
• Tap "Back up recovery image"
• Tap "Flash Cyanogen Recovery 1.4"

Seriously, that's it. Now your Android phone is splayed wide open, and ready for you to have your way with it. But, uh, what does that mean, exactly?

Plenty of things! The biggest draw to rooting is the ability to install a new ROM—in other words, replace the operating system on your phone. There are two ways to go with this, both equally awesome. The first is to go with a super-customized community ROM. These are tweaked and enhanced versions of the phone's default software, often grafted with pieces of Google's forthcoming updates to Android, some near, some far, and all dessert-themed. Practically, this means multitouch—since the G1 and MyTouch already support this on the hardware side—app storage on SD cards, tethering, more home screens, new system keyboards, and perhaps most importantly, vastly improved performance. A lot of users say using one of these is a night-and-day difference, and given the kinds of things the HTC ROM community has done with Windows Mobile phones, I'm inclined to believe them.

Your second path is to go full Hero—in other words, to install the HTC Hero's heavily customized OS, which is nothing short of fantastic, and about to get even better. This is a full phone conversion, and even in its current, slightly precarious state, well worth it.

In either case, you're going to need to choose a ROM, download it, and put it on your phone's SD card. You can select from an expansive list here—for reference, the MyTouch 3G is also known as the Magic 32B—but as far as non-Hero ROMs go, your best bet is the near-legendary, well-supported CyanogenMod. The newest release, out just two days ago, is fully compatible with the G1 and MyTouch. But don't stress too much over which ROM to choose, since changing them over is a breeze now that you're fully unlocked. An overview from Android and Me:

• Power off your phone.
• Boot into recovery mode. Press and hold the Home key, then hit the power button.
• Before you flash a rom file, perform a wipe. Press Alt+W to wipe the data and cache folders. You must wipe when going form different builds of Android.
• Wait for the wipe to finish and the recovery image to display again, then select "apply any zip from sd". Flash the zip file of your choice.
• After flashing any zip you should be able to reboot your system and watch it load to the home screen.

You'll want to read their full rooting and flashing guide for caveats, but that easy little list there is about the size of it.

A few more reasons to root that don't involve totally flashing your phone:

• Full backups to SD cards
• Wi-Fi tethering!
• Autorotation for all apps
• Install apps to an SD card

This alongside a treasure trove of smaller tweaks and tricks you can find at the every-active XDA forums. And of course, it should go without saying: this is potentially risky, and could brick your phone. The rooting process is almost foolproof, but before you jump in, make sure you've got the right hardware (American MyTouch 3Gs and G1s only) and have backed up any important data. Happy hacking! [RyeBrye, AndroidAndMe]

This completely fake ATM, equipped to skim debit cards, was discovered in the Riviera Hotel Casino right outside the hotel's security office. Conveniently, it also happened to be right out of the line of sight of surveillance cameras.

Whether the kiosk was merely a DefCon prank or a serious and malicious attempt to steal bank account information is unknown. But not having been suckered myself, I'll admit that the ATM prop is at least a little funny. And if there were a little man inside just nabbing people's debit cards, it would have been even funnier. [Wired via CrunchGear]

You have to hand it to the guy behind this DefCon 17's winning badge hack. He really wanted one of those black über badges and figured out how to get it, one way or the other. While it may look like one of those tacky Mickey's Christmas Parade hats sold at Disney, the pulsing series of LEDs embedded in the bill of the cap confuses facial recognition systems. We'll never know whether his design would've truly allowed the guy to sneak into the room where the badges are stored or not, but it's quite an achievement to make a cat burglar's dream toy out of these badges:

While this kills that old 100% accuracy claim regarding facial recognition,there aren't any details about how the hack is meant to thwart facial recognition systems. Does it have to do with how 3D images are analyzed? Does anyone have any insight? Specs? Cookies of your choice to whoever satisfies my curiosity on this topic. [Wired]

The two figured out how to do this by intercepting the types of signals that get transmitted on a working card, then programming a fake card to reproduce those same signals.

They found that the card has a stored maximum value and only writes how many times the value has been decremented.

In essence, they found a way to give themselves free parking for as long as this system is in place. They declined to detail how exactly you can reproduce this, because they don't want people ripping off the city of SF, so their sole purpose is to get SF to fix their meters to that this can't happen. [Hackaday]

Beginning Friday, an AT&T customer was impacted by a denial-of-service attack stemming from IP addresses connected to img.4chan.org. To prevent this attack from disrupting service for the impacted AT&T customer, and to prevent the attack from spreading to impact to our other customers, AT&T temporarily blocked access to the IP addresses in question for our customers. This action was in no way related to the content at img.4chan.org; our focus was on protecting our customers from malicious traffic.

Overnight Sunday, after we determined the denial-of-service threat no longer existed, AT&T removed the block on the IP addresses in question. We will continue to monitor for denial-of-service activity and any malicious traffic to protect our customers.

I'm sure that won't stop the 4chan retaliation, but it's good to know censorship hasn't taken hold at AT&T. Yet.

Update: 4chan's Moot says:

Unfortunately, as an unintended consequence of the method used [to filter a DDoS attack against 4chan], some Internet users received errant traffic from one of our network switches. A handful happened to be AT&T customers.

In response, AT&T filtered all traffic to and from our img.4chan.org IPs (which serve /b/ & /r9k/) for their entire network, instead of only the affected customers. AT&T did not contact us prior to implementing the block. Here is their statement regarding the matter.

In the end, this wasn't a sinister act of censorship, but rather a bit of a mistake and a poorly executed, disproportionate response on AT&T's part. Whoever pulled the trigger on blackholing the site probably didn't anticipate [nor intend] the consequences of doing so.

[AT&T, 4chan]

Whatever the reason, the fact that AT&T won't officially comment on the matter virtually confirms that they were taking some action against 4chan earlier today. If there wasn't a valid security reason for blocking access to the site, then AT&T's actions are deeply troubling, to say the very, very least.

Access has since been restored, but expect the reprisal from 4chan—like planting the story that AT&T CEO Randall Stephenson died outside his house—to continue. 4chan's Moot says AT&T has yet to contact them. [4chan, TechCrunch]

The iPhone certainly isn't as ubiquitous for corporate use as BlackBerry or even Windows Mobile, but that's starting to change, and Zdziarski is very concerned that the iPhone 3GS's security puts sensitive data at unnecessary risk. He claims that with easily-available software, anybody can break into an iPhone 3GS and start extracting data within two minutes, and access everything on the phone within 45. After reading this, we could see why companies might just be reluctant to trade their BlackBerrys in for a shiny new iPhone 3GS. [Wired]

They were inspired by this Esquire article from 1971 called Secrets of the Little Blue Box, by legendary writer (and typewriter fetishist) Ron Rosenbaum.

Woz's boxes were simple, by standards of circuitry, but the original creator of the Blue Box built his with failsafes in mind in case the law got too suspicious.

He sighs. "We had this order for a thousand beeper boxes from a syndicate front man in Las Vegas. They use them to place bets coast to coast, keep lines open for hours, all of which can get expensive if you have to pay. The deal was a thousand blue boxes for $300 apiece. Before then we retailed them for $1,500 apiece, but $300,000 in one lump was hard to turn down. We had a manufacturing deal worked out in the Philippines. Everything ready to go. Anyway, the model I had ready for limited mass production was small enough to fit inside a flip-top Marlboro box. It had flush touch panels for a keyboard, rather than these unsightly buttons sticking out. Looked just like a tiny portable radio. In fact, I had designed it with a tiny transistor receiver to get one AM channel, so in case the law became suspicious the owner could switch on the radio part, start snapping his fingers, and no one could tell anything illegal was going on. I thought of everything for this model—I had it lined with a band of thermite which could be ignited by radio signal from a tiny button transmitter on your belt, so it could be burned to ashes instantly in case of a bust. It was beautiful. A beautiful little machine. You should have seen the faces on these syndicate guys when they came back after trying it out. They'd hold it in their palm like they never wanted to let it go, and they'd say, 'I can't believe it. I can't believe it.' You probably won't believe it until you try it."

[Esquire; photo of the Blue Box taken at the Computer History Museum]

Gizmodo '79 is a week-long celebration of gadgets and geekdom 30 years ago, as the analog age gave way to the digital, and most of our favorite toys were just being born.

Their method varies in accuracy from state to state, but the basics of it is that they use your birth date and the area you were born to come up with a likely match for the first few digits of your SSN.

Since the late 1980s, the government has promoted an initiative termed "Enumeration at Birth" that seeks to ensure that SSNs are assigned shortly after birth, which should limit the circumstances under which individuals apply for them later in life (and hence, make fraudulent applications easier to detect).

The last few digits are harder to guess correctly. If the algorithm narrows down your details to just the last few and attack it with a brute force method—say online, on a site that lets you try multiple times—this could mean that people could forge your identity by using details you have on Facebook, coupled with a botnet of a couple thousand machines. [Ars Technica]

On Friday, George Hotz (aka the guy who unlocked the original iPhone 2G) released his purplera1n iPhone 3GS jailbreak tool.

On the Dev Team's decision to wait until iPhone OS version 3.1 is released, Hotz sniped:

"Normally I don't make tools for the general public, and rather wait for the dev team to do it. But guys, whats up with waiting until 3.1? That isn't how the game is played. We release, Apple fixes, we find new holes. It isn't worth waiting because you might have the "last" hole in the iPhone. What last hole...this isn't golf. I'll find a new one next week."

Meanwhile, Dev Team has posted a video with details of its upcoming iPhone 3GS unlock.

And while many of us were off eating ribs or playing with fireworks, Geohot was busy releasing purplera1n RC2. Amongst a variety of fixes, including less flakiness in the payload, RC2 adds support for more versions of Windows (Vista, Windows 7, International, and 64-bit). Sorry Mac folks, Hotz says an OS X version is coming shortly. Update: Purplera1n RC2a has now also been released for the Mac.

If you're frothing at the mouth to give Purplera1n a try, iPhone Hacks iClarified has a pretty good step-by-step guide. But note: We've not yet tested it ourselves. As with all beta software, try it at your own risk and, please, remember to back everything up first.

I'd also recommend reading through the comments over at George Hotz's blog. Some users have reported random SIM lock-outs and Wi-Fi issues after installing UltraSn0w. Many others are reporting success:

"Louis said...Excellent Jailbreak program! RC2 seems to work better than RC1. Make sure you restore your iPhone 3GS with the original firmware 3.0 from Apple, then run Purplrra1n RC2 from Windows. You must have a valid ATT SIM card to activate the phone, then run Freeze to install Cydia. After rebooting, update Cydia and install ULTRASN0W, then you are ready to use any SIM card you have. Enjoy a jailbroken and unlocked iPhone 3GS!"

Have you tried it? Let us know how it went. Assuming you actually do see a need to jailbreak or unlock, will you wait for OS 3.1 and Dev Team's "official" jailbreak instead? [On The iPhone]

Their method of hacking used spoofing to pretend the call originated from the victim's house. The team could then say all kinds of crazy stuff. For example:

On June 12, 2006, for example, another swatter, Guadalupe Martinez, dialed 911 using a spoof card to make it look as though he was calling from an Alvarado, Texas, phone number and told dispatchers that he was holding hostages and had killed family members with an AK47 while high on hallucinogenic drugs.

But what really got him and his buddies in trouble was the fact that he showed up at the home of the Verizon investigator that was gathering evidence against him and harassed him. He was arrested shortly after. [Yahoo]

You see, a firmware update, version 3.0.1, is inevitable, and will probably arrive from Apple sooner rather than later because Cupertino probably feels that it needs to plug a few major holes being exploited by ultrasn0w. So, the team has decided it's best to wait so that the few people who can benefit from the crack now don't become the only people who benefited from it.

Says the Dev Team:

Here's the critical point, the reason why we're delaying our version of the jailbreak: Once the jailbreak is out, Apple will fix the iBoot-family bug we use to accomplish it. They will simply stop signing the old iBoots and only sign the fixed ones. If you bought your phone after Apple has done this, there's nothing you can do…the jailbreak isn't going to work for you.

It is possible that Apple will find the bug we use without our handing it to them on a silver platter (via a public jailbreak). In that case, we will have delayed our jailbreak for "nothing". But we'd rather be safe than sorry!

Apple is surely coming out with a 3.0.1 firmware release shortly. They need to fix ultrasn0w. They need to fix some UI issues. 3.0 is buggy and 3.0.1 is coming. We're going to wait and see what 3.0.1 brings before figuring out the release date for our version of the jailbreak.

In the meantime, we have some remaining 3.0 jailbreak issues to investigate, including push notification. Thanks for being patient with us while we took a 3GS "timeout"!

Patience, people. The fun will arrive, just not tonight. The Star Trek: Wrath of Kahn analogy the Dev Team has decided to go with this evening is spot on, by the way. [Dev Team]

The image associated with this post is best viewed using a browser.

Though it was announced earlier today, they still haven't revealed too much about "ultrasn0w" yet for fear of Apple updating the software with a lock, only saying that the new software should be out this Friday for your hacking pleasure. It's not totally clear that the newly-rebranded ultrasn0w will work on the new iPhone 3GS, either, but Apple hasn't been able to create an iPhone the Dev Team can't jailbreak yet. Check out the video above for more info, with the caveat that the first two minutes are just a static image. [iPhone Dev Team]

Not only can you use the Konami code to get the phone into dev mode, you can hold the volume-up button while it's booting in order to set it to restore mode. Once in that mode, you can use Palm's firmware flasher app to place on your own custom firmwares (doing whatever the hell you want to the phone) even if it hasn't been authenticated by Palm. Expect lots of low-level hacks that can do some really, really cool things. [Stephen Troughton-Smith via Daring Fireball]

In the span of 5 months, Richard Wolf spent approximately 100 work hours using his work computer for personal use, which included looking at—and uploading—nude photos, none of which were actually of people engaging in sexual acts. His superiors said during that time, Wolf's job performance never suffered and he always managed to complete all of his duties on time. However, after it was discovered that Wolf was accessing inappropriate content at work, he was investigated by the police and later charged for hacking his work computer.

The current Ohio hacking law states that "No person, in any manner and by any means, including, but not limited to, computer hacking, shall knowingly gain access ... to any computer ... without the consent of, or beyond the scope of the express or implied consent of, the owner of the computer ... or other person authorized to give consent." Although he was given consent to use the computer, the court believes that Wolf's personal activities constituted as "beyond the scope of the express or implied consent," thus being able to prosecute him with a hacking conviction.

Wolf's lawyer pointed out that a major reason why Wolf's situation was handled so severely was because of the content he was looking at his computer. If Wolf had been looking at videos of cats riding on Roombas, for instance, he would not be in the predicament he is in now. However, due to the sexual nature of the content, the court is treating it somewhat like they would a sex offense. As of now, Wolf has been sentenced to 15 months in jail and has been fined $5,000 among other restitutions. [Wired]

The video above shows (turn the sound off if you're at work) shows developers "Davee" and "Bubbletune" using a TIFF exploit on 5.03 firmware, placing the PSP into the correct state that it can eventually run custom homebrew apps. It's not quite finished, but it should be close now. [Slashdot via Technabob]

Update: Nevermind! Looks like Chickhen, the homebrew enabler, is available now. Thanks karltpb.

Maybe using the name of her biggest film's title and role to date ("Frida") as the answer to her security question wasn't the smartest choice, but luckily nothing the least bit incriminating has been found so far. And as much fun as it was to scour the internet for the chestiest pic of Salma we could find, we still don't approve of this kind of underhanded hackery.

Since this kind of hacking is so common, we suggest using a total non sequitur as an answer for the custom security question. For example, did you know that my favorite ice cream flavor is Brian Lam? [ElectronicPulp via Technologizer]

OK, Joel Johnson's comment on this video was funnier than mine.

Every time I hit "Save" in Movable Type I pause and mouth "Bingo".

It's true, too, though I've seen him jazz it up with a squinted blow to his finger guns.

UPDATE: For whatever reason, Current video doesn't like our site. So either check out the clip HERE or over at bbGadgets. Your call. [via bbGadgets]