Crack free Coke vending machines: intelligent device streaking in front of hacker-hacker, geek-IT information

We see the vending machine every day, at the hands of hackers not minutes can "free" spit cans of drinks; smart socket remote control home appliances is easy, but at the same time a hacker control your home is very convenient ... ... XPwn at its first session that the General Assembly held in Beijing the day before yesterday, the next event on safe exploration, all entries of the domestic "geek" who succeeded in solving many well-known brands of smart hardware, increasing reliance on artificial intelligence facilities live audience "frightened".

Intelligent switch controlling a few minutes your home

Camera into a privacy disclosure "hole"

XPwn "Pwn" sounds similar to "bang" in geek culture refers to find hardware or software vulnerabilities: "Pwn" is a, is a device or system to overcome. On August 31 game, "Pwn" the voice sounded from time to time, exclaimed. A very well-known brand in the country the smart hardware, there are several smart devices, such as used to control home rice cookers, refrigerators, washing machines and so on of smart outlets, multifunctional gateway. But reporters saw a geek after turning on the computer, enter a series of laymen who don't understand the code, soon this socket very "obedient".

And according to site one very guest told reporter, actually now many intelligent home of things exists security vulnerability, like fingerprint security lock, is may was hacker captured Hou on put master lock in door outside; also some real networking of equipment, like family camera and so on, maybe on will was hacker from background invaded, original used to protection home security of camera, results into exposed himself privacy of channel. Even high-end hackers can easily invade your computer and cell phone, let the cameras for their use of these devices.

Most domestic vending machine has a loophole

More than 10 kinds of ways free Coke

In recent years, the vending machines become more and more popular, the subway, bus stop, almost everywhere, saving both human and is also convenient for customers. But few people are aware of is that most vending machines there is a security vulnerability. At the XPwn meeting, all entries of the geek contestants by writing code in the form of on site, to test its vending machines placed throughout the site. Results found, automatically vending machine in hardware end, and equipment APP end, and service end are exists large of vulnerability, according to site very guest said on has more than 10 more species way can "black" has automatically vending machine, which some very simple, using these vulnerability, eventually can achieved less money, even not money purchase commodity, as long as simple operation Xia, without payment, a tank tank coke on can automatically roll out has.

After hearing a little, want to know where vulnerabilities? Don't bother, based on XPwn format, a player when a vulnerability is found, to contact vendors and help resolve the vulnerability.

Top Geek year can reach millions of

Professional make vulnerability can take big bonuses

Nanjing, one of the technicians in the industry told the Yangtze evening news reporter, now the country's top geek masters annual salary ranges about hundreds of thousands of millions of Yuan, it still falls short of demand, data show that security practitioners demand gap in China reach hundreds of thousands of graduates each year lack of network security graduate million, less that meet enterprise requirements.

Despite a million felt very high, in fact, network security situation is very grim. According to incomplete statistics, online fraud and extortion, the annual direct losses of 15 billion yuan, in comparison to the figure, if Geeks online ahead of vulnerabilities patched in advance through various means, avoid Internet users more fraud, million is not much. Many large technology companies in the country are also very aware of network security, products from companies like geeks find bugs, you can get bonuses of 100,000 yuan, and many Internet companies in China are in combating online fraud, established the cloud protection, for example, release the black sites, black and black phone numbers, and so on, can hope to achieve online and offline "a world without thieves."

破解自动售货机免费喝可乐：智能设备在黑客面前裸奔 - 黑客,极客 - IT资讯

我们天天见到的自动售货机，在黑客手下不要几分钟就能“免费”吐出一罐罐饮料；家里的智能插座虽然遥控家电很方便，但同时黑客控制你家也很方便……第一届XPwn大会前日在北京举办，这场未来安全探索盛会上，参赛的国内顶级“极客”们成功破解了众多知名品牌的智能硬件，让越来越依赖人工智能各种便利生活的观众们“心惊胆战”。

智能开关几分钟控制你家

摄像头变成隐私泄露“孔”

XPwn中的“Pwn”发音类似“砰”，在极客文化中是指找到硬件或软件的漏洞：“Pwn”的一声，设备或系统被攻克。在8月31日的比赛现场，“Pwn”的声音不时响起，引来阵阵惊呼。一种在国内非常知名品牌的智能硬件，有多个智能设备，比如用来控制家里电饭煲、冰箱、洗衣机等等的智能插座、多功能网关等。但是记者看到，在极客打开电脑后，输入一连串外行们看不懂的编码，很快这个智能插座就非常“听话”。

而据现场一位极客告诉记者，其实现在很多智能家居的东西存在安全漏洞，比如指纹安全锁，很可能被黑客攻陷后就把主人锁在门外；还有一些物联网的设备，比如家庭摄像头等等，说不定就会被黑客从后台侵入，原来用来保护家里安全的摄像头，结果变成暴露自己隐私的通道。甚至高端黑客还能轻松侵入你的电脑和手机，让这些设备的摄像头为自己所用。

国内大多售货机都有漏洞

十多种途径可免费喝可乐

近年来，自动售货机越来越普及，地铁里，公交站台上，几乎遍地都是，既节省了人力，也方便了顾客。但是少有人知道的是，大部分自动售货机存在安全漏洞。在此次XPwn大会上，参赛的极客选手通过现场写代码的形式，对放置在现场的自动售货机进行测试。结果发现，自动售货机在硬件端、设备APP端、服务端均存在大量的漏洞，据现场极客说就有十多种途径可以“黑”了自动售货机，其中有些非常简单，利用这些漏洞，最终可以实现少花钱，甚至不花钱购买商品，只要简单操作下，不用付款，一罐罐可乐就能自动滚出来了。

听完是不是有点心动，想知道漏洞在哪？不用费心了，根据XPwn的赛制，选手发现漏洞后，要第一时间联系厂商，并帮助解决漏洞。

顶级极客年薪能达百万

专业找补漏洞可拿高额奖金

南京一位业界技术人员告诉扬子晚报记者，现在国内顶尖的极客高手年薪大约在几十万元到上百万元不等，就这样还是供不应求，数据显示，中国安全从业人员的需求缺口达到数十万，而每年毕业的网络安全专业毕业生不足万人，符合企业要求的就更少了。

别看一个年薪百万就觉得很高了，其实现在网络安全形势是很严峻的。据不完全统计，网上各种诈骗和敲诈，年直接损失就在150亿元，因此相对这个数字来说，如果能有极客提前发现网上的漏洞，通过各种手段来提前修补，避免网民遭遇更多欺诈，年薪百万都不算多。在国内很多大型科技公司也非常注意网络安防，比如有极客如果从公司产品发现漏洞，就能获得10万元的奖金，同时国内的很多互联网公司也都在联手打击网络诈骗，建立云上防护，比如公布黑网址、黑电话、黑卡号等等，希望能做到网上网下都“天下无贼”。