Hacker Factor

@[email protected]
48 Followers
5 Following
148 Posts
I'm Neal Krawetz, a computer security specialist and forensic researcher. I run FotoForensics, Hintfo, and RootAbout. Sleep is not necessary.
Websitehttps://hackerfactor.com/?social=defcon.social
Bloghttps://hackerfactor.com/blog/
FotoForensicshttps://fotoforensics.com/
Hintfohttps://hintfo.com/
Show threadHacker FactorSep 23, 2025
@mattblaze I had a few meetings cancelled today due to some folks not being able to attend. Does that count?
Hacker FactorSep 10, 2025

Google's Security Blog explains how the Pixel 10 has achieved "Assurance Level 2" and you can trust their pictures.
https://security.googleblog.com/2025/09/pixel-android-trusted-images-c2pa-content-credentials.html

Unfortunately, comments on their blog are restricted to "team members". I guess Google doesn't want to hear any criticisms. Such as: they don't protect any of the metadata, so anyone can trivially change the EXIF date, time, make, model, GPS, and more without breaking the cryptographic signature. I have working examples on my blog:
https://hackerfactor.com/blog/index.php?/archives/1077-Google-Pixel-10-and-Massive-C2PA-Failures.html

How Pixel and Android are bringing a new level of trust to your images with C2PA Content Credentials

Posted by Eric Lynch, Senior Product Manager, Android Security, and Sherif Hanna, Group Product Manager, Google C2PA Core At Made by Goo...

Google Online Security Blog
Hacker FactorApr 8, 2025
@malwaretech
Hacker FactorDec 1, 2024
@massgravel So basically, people will install old versions of Windows for decades longer than they should, because this makes it "free". Oh the malware, how it will spread...
Hacker FactorSep 30, 2024
@malwaretech Friends don't let friends use Node.js.
Show threadHacker FactorJul 9, 2024
@nop Not true! I'm an "ifs, ands"!
Hacker FactorJul 7, 2024
What's the going rate for a box of continuous dot matrix printer paper with the tear-off sprocket strips? (Cleaning up the office and found an unused box -- along with a dot matrix printer . The paper is unused and about 30 years old.)
Show threadHacker FactorJun 14, 2024
@Cyberkid1987 Is that still the case today? I'm usually seeing criminals register tons of cloud servers because it's easier than infecting user systems AND clouds have higher bandwidth than typical home users.
Show threadHacker FactorMay 24, 2024

@corbden

Neal:
43 61 6E 20 79 6F 75 20 72 65 61 64 20 74 68 69 73 3F

Google Gemini:
The provided hexadecimal string "43 61 6E 20 79 6F 75 20 72 65 61 64 20 74 68 69 73 3F" can be converted to ASCII text as follows:

Can you read this?

This is a simple question in English, asking if the recipient can read the message.

It is possible that the hexadecimal string is part of a larger message or code, and the context of the message would be needed to fully understand its meaning. However, based on the limited information provided, this is the most likely interpretation.

Show threadHacker FactorMay 16, 2024
@infochul If you have a step-by-step how to reproduce and/or how to observe it happening: Write it up clearly, along with the security implications and consider sharing it with Brian Krebs and/or Catalin Cimpanu / Risky Business.