ZERO DAILY

Hacking, AppSec, and Bug Bounty newsletter

2017-04-12| PINlogger.js, Project Zero wifi exploit part deux, and Jenkins security update

Wednesday, April 12

Hack the planet!

TODAY’S TOP STORY

  • If you tilt it juuust right… boom, passwords appear! No, really. PINs and passwords can be stolen just by watching the way a phone tilts. PINlogger.js was tested on 50 phones and by the 3rd attempt achieved 99.5% accuracy to guess a user’s mobile PIN. It works by listening to the motion and orientation sensor streams of the mobile device, analysing these streams, and inferring the user’s PIN using an artificial neural network.

HACKTIVITY

You can see all the latest and greatest disclosures and bounties on hackerone.com/hacktivity.

TWEET OF THE DAY

  • Trump at CEO meeting today, per pool report - @ericgeller

OTHER ARTICLES WE’RE READING

ABOUT ZERO DAILY

Zero Daily is a daily newsletter that highlights application security, bug bounty, and hacker focused topics. The content is curated with love by @luketucker and brought to you by HackerOne.

Friends don’t keep good things to themselves - forward this to your homies and co-workers. BTW, want to see who runs bug bounties?

Have a news tip / story to highlight? We’d love to hear about it. Email: zerodaily@hackerone.com

FYI man, alright. You could sit at home, and do like absolutely nothing, and your name goes through like 17 computers a day. 1984? Yeah right, man. That's a typo. Orwell is here now. He's livin' large. We have no names, man. No names. We are nameless!

20th Century Philosopher, Cereal Killer