16/08/2014 Click


Similar Content

Browse content similar to 16/08/2014. Check below for episodes and series from the same categories and more!



one of the biggest hacking conferences in the world. Click


takes a look behind the show to find out just how safe your tech is.


Is everything all right? This week on Click we'll find out


just how easy it is to control the everyday appliances around your


home. Prepare to get arty, as we enjoy a very different kind of


gallery visit. And we discover a way to fight off spam in Webscape.


Welcome to Click. More and more of us are using our mobile devices to


do pretty much everything in our lives these days. When you switch


them on the chances of... Are we in? This should be yours. A keycode, if


you like, that you have to enter. It's yours. It's yours. Don't worry.


I actually do work for the BBC and Mike has come along for the ride. We


want to show you something they didn't want to show you ` a hack and


a serious hack at the world's most important hacking convention.


Defcon. Running since the early '90s, Las Vegas hosts this annual


semi secretive shindig for the world's hackers. It only let cameras


in three years ago. We're going in under the wire, literally, to the


casino resort where government agents rub keyboards with cyber


criminals. Everybody is told to play nicely.


There is a record 16,000 people expected to be in that queue over


the next few days. At the moment it takes 3.5 hours to get to the front


when you get one of these, probably the flashiest badge I've ever seen


at one of these conferences. It looks like something we might want


to hack. Mike, you're our security expert. What would you do with this?


It's designed to be hacked. There's a microprocessor here, a USB port,


various places you can solder on new devices and a competition to see who


can hack in, in the most crazy and ingenious way. Have you turned the


Wi`Fi off on your mobile phone? No. This is no ordinary gathering. Leave


your phone connected to Wi`Fi and it's likely that you will be hacked


and it will be posted here on the Wall of Sheep, for all to see.


Everyone here should know better. The world's most hostile network and


anything within the Defcon Network is here. There is an etiquette, but


people will be trying stuff out. Of course, visitors don't just hack


each other. Some of the best talks in cyber security go on here with


presenters going public on how to bring down anything from a toaster


to an aircraft. These guys specialise in cars. They've tested


25 models and ranked them on how easy they are to hack. In the past


they have taken over the brakes and steering controls by plugging in


their laptop. Here is the no brake attack. I can't


stop right now. I'm moving along here. Obviously that's a very


dangerous attack. So far there's not a lot of risk. It's pretty hard to


hack your car. But we're looking five years out and seeing that in


five years more cars will be on the internet and be connected and we


want to get car manufacturers fixing things now, rather than waiting


until there's a problem. This year they showed just how dumb


our so`called smart cities could be. Imagine the traffic in Las Vegas


grinding to a halt. This is now no longer the fantasy of films. This


guy can do this for real, with a laptop and off the shelf kit costing


less than $100. Cesar has discovered a specific wireless traffic


monitoring system sends all its data unencrypted. Sensors embedded in the


road detect cars and send that information to receivers. The data


is used to switch the traffic lights to avoid congestion. Without


encryption of that data, it's possible to send fake information


that could lead to a traffic jam or accident. And even to upload new


software to do the job remotely. He's released all the information


publicly at Defcon and insists publishing the hack is the right


thing to do. This is not my fault. I'm just


pointing out the problem. I'm not creating it. If I keep quiet, the


problem will remain there. Sooner or later someone else will know it ` it


could be someone with bad intentions. Pretty scary stuff. What


do you make of that? It is pretty scary, isn't it? We have devices out


there in our roads that are vulnerable to very, very basic


attacks so there's no authentication on the devices. There is no


encryption. Everyone at home uses encryption on the wireless. That's


inexcusable. Governments are not checking the security of these. It


makes me wonder what else is out there. Defcon is also about having


fun. There are rooms where you can test your lock picking or wireless


hacking skills. You can hack your hat. Or your hair. Often it's people


who are the weakest link to data security, so over to the social


engineering room where two actors were making fake calls to real


companies trying to illicit compromising information. It's


illegal to film this conversation in the US, but both attempts we


witnessed hit gold. Last call we found out this company


still uses Windows XP, still is on Internet Explorer, a lower version.


Hacking is a family business here. Children are allowed in and


encouraged to steal each other's passwords.


You could break into their account. Jeff Moss created both Defcon and


Black Hat and defends blowing the cover on all this information.


Organised crime don't tell us what they're doing. We have to try and


protect ourselves. Conferences like this, whether they're in the UK,


France or America, they're one of the few ways we have the information


out to what's going on that's not being filtered by a company or a


government. This is what's really happening. Back at DefCon, this guy


who didn't want to be filmed has managed to bling up his entry badge


and get it to make other badges flash on his command. It turns out


it's just as easy to manipulate the stuff in our homes too. This is one


of the coolest talks I've seen today. We have a group of guys who


have taken things in the home, TVs, baby monitors, fridges, and breaking


them, making them do things they're not meant to do. The coolest bit is


this will all be on the web after this talk and anyone will be able to


do it. It's not actually that difficult.


Perhaps "drink all the booze", "hack all the things" sums up this


gathering. But, for the most part, these aren't the bad guys. They love


making things work even better and exposing vulnerabilities for


companies who ought to know better to fix. And intercepting satellite


broadcasts, yeah, that's included. Cheers. We'll have to wait to see


whether the manufacturers include it in their latest updates. I hope you


found that as fascinating as I did. Coming up next, a look at this


week's tech news. What? What do you mean they didn't see it?


British football club Manchester United have banned fans from


bringing tablets and laptops to matches at its stadium. The move


comes after similar rules were brought into effect at airports. The


club said the changes were not related to concerns about fans


recording matches, but rather in response to unspecified security


intelligence. On the plus side, at least you'll be able to see the


match without all those slabs blocking your view. Speaking of


Sony, several months after its announcement, the company has


finally revealed the launch date and price for its PlayStation TV. It


Consul has already the available in Japan since last


year. `` the consol. It will now go on sale in the US on August 14. In


the UK, a full month later. Finally, behold the salmon cannon. This


vacuum and tube system helps salmon migrate upstream. The concept relies


on a change in pressure within the tube, forcing the fish to accelerate


upwards. Originally designed to transport fragile goods like fresh


fruit, the new system can transport up to 45 salmon per minute and can


be streamlined to allow for voluntary entry.


So then, how much do you trust the gadgets in your house? After our


piece from Defcon there, I'd say not as far as you could throw them, even


if they aren't plugged in. A report now on an unsettling take on the


internet of things. Homes should be the safest place to


connect your tech, but just in case there's something creepy on the net


after this tale ` password reset. Welcome to the haunted house of


hacking horrors. Won't you please come inside?


Yes, around every corner of this suburban home lurks a hacker, and if


your device connects to the internet, they will gain control of


it. For example, this Bluray player has to go online to update its


programme guide or get more content, but divert that connection and you


can then inject your own code. You see, if a command looks like it's


coming from the home network, the device doesn't ask for


authentication, which means this wireless plug controller is obeying


the hacker. Spooky. It's all down to so`called protocol, the way machines


talk to each other. They're running under the assumption


they're in somebody's house and therefore people can't really do


anything with them. What we've been able to do is look at those


protocols and tweak them, bend them to our will, as such, so that we can


take control of the player, turn the television on, flash lights and play


spooky music throughout the house. If it wasn't obvious, these people


aren't really hackers, they're penetration testers. They're paid by


companies to get into things. It turns out gaining access to devices


is easy when you know how. This haunted house requires the user name


and password of the Wi`Fi and they assure me that's reasonably easy to


attain. Once you've attained it, you can do some very interesting things.


This programme looks around for things like sound like baby monitors


on the network. When it finds what it thinks is a baby monitor, you can


install the commercial app and listen. Another shocking example if


you haven't put a password on your internet viewable webcam, it's


possible for anyone to invite themselves in. They just need your


IP address, the internet equivalent of a post code. The problem is the


balance between ease of use and security.


Most of this tech is reasonably complicated and so the manufacturers


try to make it a bit easier to set up and configure. As people don't


understand security, it's the social configuration piece that kind of


really vulnerable. `` kind of makes them. We see it as a massive area


for compromise. Before panicking and throwing


everything away, this is easy to fix. Just change the default


username and password when you set these gadgets up and your password


should be hard for other people to figure out, because once hackers get


hold of them, they could even steal your car.


This BMWi3 is at the cutting edge of vehicle tech, allowing entry via an


app. We think there are some security issues with the way you


sign up to the app. If you know what you are doing and you know about


your victim, your target, you do a bit of research, there is potential


to intercept that information, configure something on your phone


and use that to unlock and steal a car. This works because most people


unwittingly give clues to their passwords on social media sites.


Pets, sport teams, and so on. With an easy to guess username on the BMW


app, Ken can not only get into his friend's vehicle, he can make off


with it! Come back! The main way to defend against these


hacks is to be more secure. The moral of the story, make your


password hard to guess. For social updates, post less. Perhaps then you


will feel more serene and guard from ghosts in your machine.


LJ Rich, monitoring the situation. Have you ever had a museum


completely to yourself? Me neither. But imagine what it would be like to


be able to roam the place after the doors have shut. Don't worry, there


are no hungry dinosaurs or even Ben Stiller to worry about. Just a horde


of robots and Lara Lewington. Fortunately, these bots aren't


trying to take over the world. They're just after a bit of culture.


For the last week, the main attraction in the Tate Britain's


Galleries hasn't been the Constables or the Hockneys, it's been four


remote controlled robots. Visitors to the Tate Britain's After Dark


website have been given the chance to explore galleries filled with 500


years of priceless art, all from their laptops. This isn't about


creating an alternative to actually visiting an art gallery, it's about


a totally different experience. How often is it that you actually


operate a robot anyway? The idea is that you can move around the


gallery, turning left or right, looking up or down. When you reach a


dead end, these sensors will light up red, which means you need to


reverse and replan your journey. It is perhaps more in some ways like an


unmanned vehicle or a space probe or submarine, remote`controlled


submarine, exploring the deepest parts of the ocean. It's as much


about the space as it is about the art. David and the rest of the team


won the ?70,000 IK Prize, a competition to encourage innovative


digital uses of the museum. We've been lucky enough to work on a


number of jobs with different museums recently. We are fortunate


because we get to walk around the galleries at night in the dark.


You're basically looking at these paintings by yourself and it's an


amazing experience. For a long time we wanted to make this project a


reality. A team of art experts have been on


hand to provide live commentary about anything interesting the bots


spot. Who hasn't dreamt of going around a


gallery after dark alone and encounter those wonderful art


objects and see what happens in the gallery after dark? It's something


that I, working in the gallery, have done, but the idea of extending that


to anybody sitting in an armchair at home is fantastic. What a brilliant


idea! A big challenge for the project was getting the video feed


from the robots to the web quickly. Too slow and your command to the


robots won't match up with what you are seeing. Rather than sending the


robot video feeds to a central server, this system makes a direct


connection between the drivers at home and the robots in the gallery.


That could mean the difference between a smooth viewing experience


and just getting stuck. This sculpture may be safely encased in


glass but for anything that's a bit more exposed there will be safety


barriers put around. Plus the actual shape of the robot should stop it


from banging into anything valuable. The robots also have built in


proximity sensors that can kill power and movement if they touch


anything in the gallery. While this could be the easiest way to spend a


night in a museum, it is not claiming to be the experience of


visiting a gallery yourself. Lara Lewington spending a night at


the museum, virtually, of course. This month This month marks the


100th anniversary of the outbreak of the First World War. More than 16


million people died in the fighting and while it can be difficult to


comprehend the magnitude of that event, one BBC show is using modern


techniques to try to make the conflict relevant to a modern


audience. Muddy trenches, bullets through the


air. Life or death decisions that have to be made in seconds. This is


Our World War, another programme aiming to show the First World more


from their point of view of the soldiers who fought in it. It might


look like a period drama but the team behind it have also created


what they call an interactive episode. It brings elements of a


game and stories together to present you with an experience that, if you


are 16 to 24, you recognise and perhaps become more engaged with it


because you have a role to play. You go from being viewer to participants


and that should be satisfying. This episode will be available on


tablet and desktop and invites the viewer to make choices that could


affect the story. Participants can also unlock bonus footage and


experience animated back stories, as well as feedback and analytics on


the decisions they've made. I chose to take the injured soldier


prisoner. Apparently, that was the correct decision to make. I have no


idea whether the decisions I just made will lead to a bad or not quite


so bad result. The decisions become harder and harder as you work your


way through. The last decision is really critical and very difficult.


Unbeknownst to you, what's been happening is we have been scoring


your tactics and morale. But the main antagonist in the film also has


an opinion on your decisions and this is perhaps the cleverest bit.


He will or will not help you in your last decision, I won't give it away,


depending on the decisions you've made. If he thinks you are right all


the way through and his morale has been high then he will help you. If


not, he won't help you. The episode has been put together


with the help of CGI and animation studio MI, who have designed the


user interface and hope to offer a seamless video experience. The


programme makers even believe this could bring in a new era of


interactive entertainment, that combines the best elements of gaming


and drama. No matter how safe you try to be,


whenever you sign up to an online service you're leaving yourself open


to receiving lots of lovely spam, because apparently you asked for it


when you gave them your address. Kate Russell has a brilliant


solution for that next, in Webscape. Yes, Spencer, this really is the


simplest solution. If you are fed up with getting spam from websites that


ask you for an e`mail address to confirm your registration, try ten


Minute Mail instead. It serves you up a temporary inbox to grab that


registration link before it vanishes into the ether. I've had a free


e`mail account for years that I've used to try out new services for


Webscape but it's got so crazy now that I receive hundreds of spam


messages a week. Not only is that a pain to empty, but I do lose the


occasionally important message in amongst all of the guff. Bear in


mind that you won't get any future e`mail updates, but if you aren't


planning to interact with the website that much, it's enough time


to confirm signup. If you do need more time, there's the option to


extend for ten minutes. About 50 earthquakes a day are registered


globally. But it's estimated millions occur


each year that are too weak to be recorded. Iseismometer is a free app


that turns your smartphone into a seismometer, detecting vibrations in


real time and displays the strength of the tremor on a graph. So, the


next time someone asks you if the earth moved, you can get an accurate


reply. Boinc is an android app that lets


you harness the newest computing power of your handset to study


diseases, predict global warming or discover distant pulsars. There is a


good selection of well and lesser`known scientific projects to


sign up with, covering disciplines like astrophysics, cosmology,


mathematics and seismology. The app won't have your phone doing any


computing until it's connected to a power supply and charged to 90%. So,


there's no risk of running your battery dry unexpectedly. After the


excitement of the Rosetta project last week, could the crowd help find


more interesting rocks in space? Asteroid Zoo wants to help


scientists scan our solar system for asteroids containing useful


resources. This could be very valuable information in the years


ahead. Thank you, Kate. That's it for this


week but remember we're always keen to hear your thoughts on anything


going on in your world, well, that's tech related. We don't want to know


what you had for dinner and no more pictures of cats, please! You can


get in touch with us at Google+, Facebook and Twitter. We're also on


e`mail. Thanks for watching. See you next time. No cats, thanks.


I know we're in the in the middle of August but it will feel like early


autumn in the next few days. Blustery winds coming down from the


north, bringing in cool air.


Download Subtitles