Ten-year old hacker finds vulnerabilities in mobile games

zynga-farmville-logo-opening-screen

A 10-year old California girl is the world’s newest famous hacker. Going by the name CyFi, the preteen found a way to exploit a vulnerability in numerous mobile apps by tinkering with mobile devices’ system clocks.

 She presented her work at the first ever DefCon Kids conference, a new part of Defcon, the world’s most famous hacker conference. Ïn her talk, called “Apps – A Traveler of Both Time and Space (And What I Learned About Zero-Days and Responsible Disclosure),” CyFi explained that she was able to circumvent common security measures that prevent users from manipulating apps by changing their device’s system clock.

 At its core, it’s one of the oldest tricks in the book. For example, imagine a piece of demo software that lets you use it for a restricted period of time. After 30 days, it locks up unless you pay for it. So why not just roll back your computer clock so the app still thinks its the day you bought it?

 While tricks like that used to work, developers have long built systems to prevent that from happening, especially on mobile devices that have regular access to the Internet to cross-check the date. However, CyFi found that in some FarmVille-style task-based games, she was able to circumvent the built-in waiting process that slows users’ abilities to level up. Basically, she got bored with waiting the requisite hours to harvest her crops, and just bumped her system clock forward to trick the game.

It wasn’t quite that simple. Those mobile games, like most others, do have systems in place to prevent exactly those kinds of cheats. But CyFi, through some clever experimentation, found a combination of techniques that let her beat the system, including change the time by small bits or by disconnecting her devices from networks in between time changes.

 In keeping with the spirit of the security conference, CyFi didn’t present all the specifics of her findings, nor did she name the specific apps involved. Instead, she informed the developers themselves of the issues and will hold all the details until the vulnerabilities can be fixed.

Emerging Tech

What would it take to build a Matrix-level simulation of reality?

What would it take, technologically speaking, to build a real version of the Matrix? We definitely don't have the technical abilities to do that now, but we're rapidly approaching the point that we will. In this article, MIT computer…
Emerging Tech

Whose name should we etch on the Mars 2020 rover? NASA wants a vote

Dream of making it to Mars? NASA has opened up a new public outreach program to let people send their names to the Red Planet, as an engraving on a silicon chip launched with the Mars 2020 rover.
Emerging Tech

Watch live as SpaceX tries, for the third time, to launch 60 Starlink satellites

SpaceX is having another go at launching the first 60 satellites for its ultra-ambitious Starlink internet constellation. Here's how you can tune in live to watch it all go down today.
Emerging Tech

SpaceX joins internet-from-space race with launch of 60 Starlink satellites

SpaceX has launched a Falcon 9 rocket carrying its first batch of Starlink satellites for its ambitious internet-from-space project. The payload, SpaceX's heaviest to date, successfully deployed an hour after liftoff.
Emerging Tech

The best solar chargers for your phone, tablet, and other battery-powered gear

Looking for a gizmo that can help you charge your phone while on the go? Here, we've outlined the best solar chargers on the market, whether you're looking to charge your phone once, twice, or three times over.
Emerging Tech

This plane-pulling robo-dog makes Boston Dynamics’ Spot look scrawny

A robot dog created by researchers at Italy’s Istituto Italiano di Tecnologia showed off its impressive ability to pull a three-ton airplane down a runway. Check it out in action.
Emerging Tech

Awesome Tech You Can’t Buy Yet: Tricked-out e-scooters and bike lights that lock

Check out our roundup of the best new crowdfunding projects and product announcements that hit the web this week. You may not be able to buy this stuff yet, but it's fun to gawk!
Emerging Tech

Scientists discover unexpected underwater volcano off the coast of Africa

Geologists first noticed something unusual in the Indian Ocean in November last year, when they detected a massive seismic event. Now further research has revealed that the source of the seismic activity is an enormous underwater volcano.
Emerging Tech

Jupiter’s vast magnetic field stretches over time, driven by atmospheric wind

Jupiter has the most powerful magnetic field in our Solar System, 18,000 times as strong as Earth's. Now scientists have discovered that the field changes over time, in an effect called secular variation.
Emerging Tech

Three rare exocomets spotted in orbit around a nearby star

Scientists have spotted three exocomets, or comets outside of our Solar System, in orbit around a bright young star called Beta Pictoris in the constellation of Pictor using NASA’s Transiting Exoplanets Survey Satellite (TESS).
Emerging Tech

Motion-sensing shrubs and robo-Venus flytraps: Inside the world of Cyborg Botany

From motion-sensing plants to a Venus Flytrap you control using a computer, Harpreet Sareen is the brains behind a weird field called Cyborg Botany. Here's why he believes it matters.
Emerging Tech

Scientists find organic matter from outer space in 3.3-billion-year-old rocks

Scientists have located organic matter that is extraterrestrial in origin, in 3.3 billion year old rocks. This supports the theory that organic chemicals arrived on our planet aboard a meteorite and created the building blocks for life.
Emerging Tech

This galaxy, Messier 90, appears blue because it’s traveling toward us

A new Hubble image has been released showing Messier 90, 60 million light-years away in the Virgo Cluster. An unusual feature of Messier 90 is it is traveling towards the Milky Way, not away from it.
Emerging Tech

Mars 2020 spacecraft survives 8 days in a freezing cold vacuum chamber

The Mars 2020 rover, has been put through its paces in a further round of testing, undergoing acoustic and thermal vacuum tests which simulate the conditions of launch and space to check the craft can withstand extreme environments.