Nytro

Tech Insight: Defending Point-of-Sale Systems John H. Sawyer US-CERT publishes advice on defending POS systems against attacks like those against Target, Neiman Marcus. Major hacks at retailers that include Target and Neiman Marcus have put a new spotlight on the security of point of sale (POS) systems. What may come as a surprise to some is that the memory-scraping malware attacks were nothing new. Last year, Visa published two "Visa Data Security Alerts" warning merchants of an increase in attacks targeting credit card data with specific references to memory-scraping malware. The alerts were published in April and August. The first stated that Visa has seen an increase in network intrusions involving grocery merchants since January 2013. August's update used nearly the same verbiage but mentioned retail instead of grocery. The part that's of particular interest is how the attackers were carrying out the attacks. "Once inside the merchant's network, the hacker will install memory parser malware on the Windows based cash register system in each lane or on Back-of-the-House (BOH) servers to extract full magnetic stripe data in random access memory (RAM)." With two notices earlier in the year, retailers breached in the 4th quarter had early notification that attacks specifically targeting POS systems had been seen increasing. The alerts from Visa even included details on how to protect POS and related PCI systems from the types of attacks being carried out. So how is it that companies who were considered PCI compliant had their POS devices and PCI environment compromised? From a penetration tester's perspective, it is all too common to find merchants considered compliant as not necessarily secure. As an industry, we've been saying for years that compliance does not equal security and these big data breaches are classic examples. It is easy to fill out a form that certain controls are in place, but the harsh reality is that rarely are those controls actually tested thoroughly to ensure their effectiveness at protecting cardholder data. US CERT, part of the Department of Homeland Security, issued Alert TA14-002A on January 2, 2014 titled "Malware Targeting Point of Sale Systems." The document discusses hardware and software attacks against POS systems and includes specific recommendations on protecting them. Unlike the Visa Alerts, US CERT has put together guidance that focuses specifically on security best practices without mentioning specialized hardware and software (i.e. EMV-enabled PIN-entry, SRED-enabled devices, PA-DSS compliant payment applications). Alert TA14-002A targets 6 areas that POS administrators should follow: Use Strong Passwords: During the installation of POS systems, installers often use the default passwords for simplicity on initial setup. Unfortunately, the default passwords can be easily obtained online by cybercriminals. It is highly recommended that business owners change passwords to their POS systems on a regular basis, using unique account names and complex passwords. Default passwords are the low-hanging fruit that penetration testers tend to go for first. It's amazing how often network devices and application servers are set up on a network with default passwords in place. Whether it's an administration interface for Apache Tomcat or something like HSRP for Cisco routers, it's difficult to find a network that doesn't have at least one system with a default password. A vulnerability scanner like Nessus or NeXpose can help with finding these default passwords, but manual verification should be done also, as vulnerability scanners don't have the default passwords for every device. Update POS Software Applications:Ensure that POS software applications are using the latest updated software applications and software application patches. POS systems, in the same way as computers, are vulnerable to malware attacks when required updates are not downloaded and installed on a timely basis. Keeping POS applications updated should be part of the patch management strategy for every merchant. The common hurdle is that new versions generally cost money, which causes companies to avoid upgrades until technical problems arise. While the risks to POS software can sometimes be mitigated through other security controls like host intrusion prevention software (HIPS) and firewalls, it's important that merchants remember that new versions also bring security and bug fixes that can help keep cardholder data safe -- they'll need to bite the bullet eventually and upgrade. Install a Firewall: Firewalls should be utilized to protect POS systems from outside attacks. A firewall can prevent unauthorized access to, or from, a private network by screening out traffic from hackers, viruses, worms, or other types of malware specifically designed to compromise a POS system. A key tenet of the PCI DSS is network segmentation and firewalls are essential. Host- and network-based firewalls should be utilized as part of a layered security approach. Traffic should only be allowed to and from the POS to systems that are similarly hardened against attack. Where possible, the traffic should also be monitored by an intrusion detection/prevention system to detect and/or prevent attacks. Use Antivirus: Antivirus programs work to recognize software that fits its current definition of being malicious and attempts to restrict that malware's access to the systems. It is important to continually update the antivirus programs for them to be effective on a POS network. US-CERT is on target with its advice to use updated antivirus, but anti-malware protections should not stop there. Merchants should consider implementing a full endpoint protection suite that includes antivirus, HIPS, firewall, traffic inspection, and application whitelisting. While these solutions are not foolproof, they raise the bar for exploitation considerably. Restrict Access to Internet: Restrict access to POS system computers or terminals to prevent users from accidentally exposing the POS system to security threats existing on the Internet. POS systems should only be utilized online to conduct POS-related activities and not for general Internet use. Unless the POS application specifically needs Internet access, then it should be completely firewalled off from the Internet. In the situation that the POS software does need to communicate with systems on the Internet, firewalls should be used to strictly block all traffic except that to authorized systems. Application proxies should be used to proxy and inspect traffic to and from the Internet. Disallow Remote Access: Remote access allows a user to log into a system as an authorized user without being physically present. Cybercriminals can exploit remote access configurations on POS systems to gain access to these networks. To prevent unauthorized access, it is important to disallow remote access to the POS network at all times. This is the only area of advice from US-CERT that might be considered overkill, as it's going to make authorized remote management impossible. With proper firewall configurations restricting access only to authorized management workstations and multi-factor authentication, remote access is perfectly acceptable. Of course, this is where companies get in trouble as they aren't always diligent in ensuring firewalls configurations are correct and the machines accessing them are secured. POS systems are not difficult to secure if merchants would simply follow the advice that has been put out by Visa and the US-CERT. Most of the advice is based on security best practices that have been around for years. Unfortunately, it often takes a data breach for companies to have their eyes opened to the impact their negligence can have on their customers and their brand. Will Target, Neiman Marcus, and other retailers' recent troubles be the impetus companies need to secure their systems or will they have to experience it firsthand? Sursa: Tech Insight: Defending Point-of-Sale Systems -- Dark Reading

Discovered first Win trojan to serve banking Android malware on mobile by paganinip on January 25th, 2014 Symantec experts recently came across a Windows malicious code that attempts to infect connected Android devices serving an Android malware. Researchers at Symantec antivirus firm have discovered a malicious code that is able to infect Android mobile device with a banking malware during synchronization. The Android malware that was designed to hit Windows user could compromise user’s Smartphone during file transfer, device syncing and backup management operation. The infection process starts with a trojan, dubbed by security experts Trojan.Droidpak, that drops a malicious DLL and it registers it as a system service. Droidpak then downloads a configuration file from the following remote server: http://xia2.dy[REMOVED]s-web.com/iconfig.txt The file contains the information to download a malicious APK and storing it to the following location on the infected PC: %Windir%\CrainingApkConfig\AV-cdk.apk The Android malware detected by the analysts seems to be specifically designed for the Korean population because the malicious APK searches for certain Korean online banking applications on the infected device. The communication between the mobile device and the compromised PC is realized by a software bridge called Android Debug Bridge (ADB), it is a command line tool that allows the malicious code to execute commands on Android Smartphone connected to the infected computer. The Android Debug Bridge is a legitimate tool included in the Android software development kit (SDK), when victim connect an Android device having USB debugging Mode enabled, it launches installation process and infect the Smartphone dropping the Android Malware. Once the Android malware has infected the device, it installs an app that will appear as a Google App Store. Android is the most targeted OS by cyber criminals because its large diffusion, numerous families of malware were created in 2013 to hit mobile users and an increasing number of hack tools was available in the underground to hack such powerful platform. The peculiarity of Trojan.Droidpak is that for the first time a Windows malware was used to install a banking trojan on a mobile device. The banking trojan, dubbed as Android.Fakebank.B, implements common features of this category of malware, including SMS interception and “MITM capabilities”. Researchers at Symantec discovered that the Android.Fakebank.B malware sends back data to the following attacker’s server: http://www.slmoney.co.kr[REMOVED] The experts provided a few suggestions to protect the user’s system from the Android malware while connecting to a windows based computer: Turn off USB debugging on your Android device, when you are not using it Avoid connecting your droid with public computers Only Install reputable security software Keep your System, Softwares and Antivirus up-to-date. Pierluigi Paganini (Security Affairs – Android Malware, Banking trojan) Sursa: https://www.facebook.com/

Why Google Android software is not as free or open-source as you may think Basic Android software may be free, but it doesn’t include the apps that make up Google’s mobile services Android software is free and open-source, but without Google Play, a device will have minimal functionality. Photograph: Beawiharta/Reuters Charles Arthur and Samuel Gibbs Thursday 23 January 2014 16.44 GMT • This article was amended on 24 January 2014 to reflect a clarification from Google that it does not charge manufacturers for Android licenses. The idea that Google’s Android mobile software is both “free” and open-source is so often repeated that it is virtually an article of faith online. There’s only one problem: neither is strictly true. While the basic Android software is indeed available for free, and can be downloaded, compiled and changed by anyone, it doesn’t include the apps that make up Google’s mobile services - such as Maps, Gmail, and crucially Google Play, which allows people to connect to the online store where they can download apps. Without them, a device has only minimal functionality. To get the key apps, a manufacturer needs a “Google Mobile Services” (GMS) licence. GMS licences are issued on a per-model basis. While Google does not charge a fee for the licence, one of the integral steps in the licence-application process requires payment to authorised Android-testing factories. These factories, which include Foxconn and Archos, charge a fee for carrying out the testing required to obtain a GMS licence, which the Guardian understands is negotiated on a case-by-case, per-manufacturer basis. Google activates more than 1 million devices with GMS licences every day The Guardian understands that in one example, testing costs $40,000, payable 50% up front and 50% at the completion of testing for a model with an expected run of at least 30,000 units. The source said Google and its testing partners were being intentionally vague about the fact that a cost is associated with acquisition of a GMS licence, even if the licence itself is free. “It is a lot of money they make, but you can’t see it anywhere because that would tarnish their ‘Android open-source’ karma,” the source said. However, there’s no definitive price list for GMS licence process; the authorised testing factories are understood to vary this depending on the number of devices being ordered and the size of the manufacturer or retailer. “Deals are done on an individual basis and are very opaque,” one source in the Android device community, who didn’t want to be identified, told the Guardian. Google didn’t respond to a request for information about GMS pricing, and there is no publicly available list online. Haphazard and time-consuming But the process of getting GMS licences appears to be haphazard and time-consuming. “Installing Google Play without a GMS licence is illegal,” the source said. But, they explained, Google “don’t have the internal manpower to police it properly. It’s a volume game. Big OEMs [device manufacturers] pay. Smaller OEMs don’t register in Google’s radar, and they [Google] tend to turn a blind eye. Retailers get pressured by legal OEMs to make sure illegal installs of GMS are weeded out. It’s almost like crowdsourcing.” That “crowdsourcing” seems to have been KMS Components’ downfall. Argos complained to the Welsh company that the MyTablet which it had provided did not have a GMS licence. This was after Argos had publicly promoted the tablet as excitement about a “tablet Christmas” ramped up following Tesco’s announcement in September that it would sell its Hudl 7in tablet. Although Google could take out injunctions to prevent retailers selling unlicensed tablets that include GMS, there’s no record of it ever having done so. However in August 2010 Augen Electronics, the maker of a $150 tablet being sold through the giant American retail chain Kmart, abruptly withdrew it from sale there because it included “unauthorised versions” of the GMS suite. Compatibility club Separately, trial documents released from a dispute between Google and Skyhook, a provider of location services, in 2011 revealed internal emails in which Dan Morrill of Google told another staffer that it’s “obvious to the OEMs that we are using [GMS] compatibility as a club to make them do what we want.” Motorola, then an independent company, told Skyhook that Android devices are “approved essentially at Google’s discretion”. Skyhook had wanted Android device makers to use its location service rather than Google’s. Android compatibility testing is a key precursor step to being awarded a GMS licence. But such testing, and subsequently getting a licence from Google, can be a test in its own right, sources say. One described having to take the matter up with a senior Google vice-president to get the GMS licensing approved. “Smaller OEMs lose out, as they have a hard time getting the GMS licence, and therefore have little alternative but to go without it,” the source said. Yet it is possible to bypass that. End-users can legally install the GMS suite of apps if they know how to. The idea that Android is “open source” is partially true: the source code for the software is available online, via Google’s servers, and anyone can download it and make changes - as Amazon, for example, has done to create its own version for its Kindle line of tablets. But unlike the vast majority of widely used open-source projects such as Linux, MySQL, PHP or Python, which welcome outside contributors, only people working inside Google can make changes that will become part of the future direction of the software. Device manufacturers who want to get the upcoming version of Android have to wait for it to become available from Google’s servers. Sursa: Why Google Android software is not as free or open-source as you may think | Technology | theguardian.com

https://www.youtube.com/watch?v=ITR88wT8ekM&desktop_uri=%2Fwatch%3Fv%3DITR 88wT8ekM&app=desktop

Dupa astia cu SQL-I, asta e noua generatie de "hackeri". Se alege praful de lumea asta.

Sa ai acces la datele unei firme care valoreaza in jur de 100 de miliarde de dolari? Depinde cat si unde ai avea acces. Daca ai face un dump la tabelul facebook_users, valoarea sa ar trece usor de 10 milioane de $. Daca l-ai vinde Chinei sau Rusiei probabil ti-ai lua o insula exotica si cateva mii de virgine. Bine, nu doar utilizatorii, mai sunt si mesaje private, poze/videoclipuri private si multe alte lucruri utile: liste de prieteni, event-uri, locatii vizitate, adrese IP si cine mai stie ce date o pastra Facebook.

Facebook plateste bine, dar ganditi-va ce/cat ati putea face cu un SQL Injection sau Remote Code/Command Execution...

Asta e ca o vorba din popor: "Dupa ce te caci in mijlocul strazii, il mai iei si la palme".

Partea ciudata e urmatoarea: Adevarul spuneau in articolul lor ca in trecut acest tip a lucrat ca taximetrist.

"Cel mai cautat hacker din lume"

Cinci produse oferite gratuit de Ashampoo – Promotie limitata By Radu FaraVirusi(com) on January 20, 2014 Ashampoo ofera 5 produse de calitate cu licenta absolut gratuita. Este vorba despre Ashampoo WinOptimizer 2013, Ashampoo Burning Studio 2013 si Ashampoo Photo Commander 10, Ashampoo Snap 6, Ashampoo SlideshowStudio 2013. Bucurati-va de un sistem optimizat, crearea de discuri in orice tip de format si sistematizarea si aranjarea pozelor favorite folosind programele oferite mai sus. Folositi link-ul de mai jos pentru a beneficia de promotie: Your personal Ashampoo® gift Sursa: Cinci produse oferite gratuit de Ashampoo – Promotie limitata

Asa mai merge.

Stiu, nu e fun, dar e util.

30c3 - Mobile Network Attack Evolution Description: Mobile network attack evolution Mobile networks should protect users on several fronts: Calls need to be encrypted, customer data protected, and SIM cards shielded from malware. Many networks are still reluctant to implement appropriate protection measures in legacy systems. But even those who add mitigations often fail to fully capture attacks: They target symptoms instead of solving the core issue. This talks discusses mobile network and SIM card attacks that circumvent common protection techniques to illustrate the ongoing mobile attack evolution. The evolution is exemplified by new advanced attack vectors against mobile communication and SIM cards: Mobile calls and identities are known to be weakly protected, but network progressively rolled out patches to defeat hacking tools. We will discuss â and release â tools to measure whether these changes are effective. SIM cards were identified as a remote exploitation risk this year: Unnoticed by the victim, an attacker can take control over a card by sending a few binary SMS. Network operators started filtering binary SMS and patched some of their weak SIM card configurations in response to vulnerability research. The talk looks at filtering evasion techniques and discloses new configuration vulnerabilities present in many cards world-wide. For More Information please visit : - https://events.ccc.de/congress/2013/wiki/Main_Page Sursa: 30c3 - Mobile Network Attack Evolution

[h=1]Romanian Cybercriminals Launch “Decebal” POS Malware Written in VBScript[/h] January 18th, 2014, 09:53 GMT · By Eduard Kovacs esearchers from IT security firm IntelCrawler have identified a new malware, dubbed “Decebal,” that’s designed to steal information from point-of-sale (POS) systems. The threat has been written in VBScript and the functional code is less than 400 lines. Malware designed to target POS systems is becoming more and more popular, and the recent attacks aimed against Target, Neiman Marcus, and other US retailers demonstrate it. However, the Decebal malware – whose name stems from Decebalus, the king of Dacia, the historic region that today corresponds to Romania and Moldova – shows that such threats are constantly evolving. What’s interesting about Decebal is that it’s capable of checking to see if the computer on which it’s deployed is running any sandboxing or reverse engineering software. It’s also designed to validate payment card numbers. “There was also found Track 2 validation software, used by bad actors to check received compromised data by issuing bank by the first 6 digits (BIN), which has some phrases and text strings in Romanian, pointing on the original roots of possible authors,” IntelCrawler noted in its report. For instance, when an error occurs in the Track2 data validation process, the message “Esti beat?” is displayed in a pop-up. In Romanian, “Esti beat?” means “Are you drunk?” The strings “Select file” and “Validate” are also written in Romanian. The Decebal POS malware was first released on January 3, 2014. The threat has a very compact command and control server that acts as a gate for receiving data stolen from POS machines. “The code is pretty portable, scripting language is great advantage for easy infection to Point-of-Sale and is more flexible then binaries. This example shows that modern retailers environments can face with such threat and bad actors don't need to do lots of efforts for it,” explained Andrew Komarov, CEO of IntelCrawler. 14 hours ago, none of the antivirus engines from VirusTotal detected the threat. The sample was first checked on VirusTotal on January 12, but nothing has changed since then. Sursa: Romanian Cybercriminals Launch “Decebal” POS Malware Written in VBScript

De pe al cui cont Paypal oferi? Sugestie: nu faceti inca schimbul cu el, astept sa imi raspunda la intrebare.

Jailed terrorist gets extra time for refusing to divulge USB stick password by Lisa Vaas on January 17, 2014 A British man already in jail for terrorist activity was given another four months for refusing to give police the password to a memory stick that they couldn't crack. According to The Register, Judge Richard Marks QC sentenced Syed Hussain, 22, from Luton, for refusing to give up his password, contrary to section 53 of the Regulation of Investigatory Powers Act 2000 (RIPA), the UK's wiretapping law. The encrypted memory stick had been seized from Hussain's home during an April 2012 counter-terrorism operation. Hussain and three other men were jailed in 2012 after they admitted to discussing an attack on a local Territorial Army base headquarters. They had planned to send a homemade bomb to their targeted site via a remote controlled toy car, but the men were arrested before the attack could be carried out. Hussain's lawyers insisted that he couldn't remember the password to the memory stick, citing stress as the cause of his memory lapse. He kept up the "I forgot because I'm so stressed" argument for 11 months. During that time, police called in experts from GCHQ, the government's intelligence agency, but even they couldn't get at the stick's contents. So police and prosecutors set a deadline: they gave Hussain until last January to cough up the password. Then, 11 months after the deadline came and went, police told the convicted man's lawyers that they'd launched a fresh investigation: this one into alleged credit card fraud by Hussain. That seemed to jolt Hussain's memory. Within days, he handed over the password. It was "$ur4ht4ub4h8", which the Register reports is a play on words relating to a chapter of the Koran. When police used the password to unlock the contents of the memory stick, they found it held information relevant to the investigation into alleged fraud, but nothing relating to terrorism or national security. Sursa: Jailed terrorist gets extra time for refusing to divulge USB stick password | Naked Security

Recomandarea SIE c?tre demnitari: V? rug?m frumos nu vorbi?i pe mobil, mai ales în str?in?tate Recomandarea SIE c?tre demnitarii români este de a nu vorbi de pe telefoane mobile obi?nuite, mai ales atunci când se afl? în str?in?tate, ?i de a folosi liniile de comunica?ii de la misiunile diplomatice române?ti. Directorul Serviciului de Informa?ii Externe, Teodor Mele?canu, a declarat, la Digi 24, în contextul în care comenta scandalul iscat de dezv?luirile lui Eduard Snowden, c? 95% din totalul sateli?ilor declara?i ca fiind "de studiu" sunt sateli?i de spionaj. "Evident c? se ascult?. 95% din sateli?ii care se învârt în spa?iul extraatmosferic pentru «studierea pa?nic? a Cosmosului» sunt sateli?i de spionaj. Dac? lumea s-a sup?rat pentru asta, înseamn? c? e infantil?. Aaa, dac? sup?rarea a fost de cum a fost posibil s? se afle ?i a?a mai departe, asta e altceva", a spus Mele?canu. Directorul SIE a ad?ugat c? nu interceptarea mesajelor este problema, ci decriptarea lor. "Tot ce este semnal audio, video ?i a?a mai departe ?i iese în atmosfer? este interceptat. Majoritatea sunt îns? criptate ?i problema e dac? po?i s? le decriptezi. Dar de interceptat, se intercepteaz?. ?i noi facem asta, ?i toat? lumea (...) Sigur, dac? sunt criptate, ajungi mai greu la ele. Înseamn? c? au valoare mai mare", a punctat Teodor Mele?canu. Întrebat dac? ?i SIE ascult? deciden?i politici din alte ??ri, directorul institu?iei a r?spuns: "Nu, dar de multe ori ajung asemenea semnale ?i la noi". ?eful SIE a precizat c? România, odat? intrat? în NATO, s-a obligat prin tratat s? nu aib? opera?iuni pe teritoriul altor state "nici de interceptare, nici de alt tip". Pe de alt? parte, Mele?canu a dat de în?eles c? este posibil ca deciden?i români s? fi fost asculta?i de servicii str?ine, mai ales dac? au avut convorbiri din str?in?tate, de pe telefoane necodificate. "Eu, personal, nu exclud. Mai ales dac? au vorbit din str?in?tate pe telefoane mobile obi?nuite, e foarte posibil (...) Noi facem aceast? recomandare tuturor beneficiarilor: v? rug?m frumos nu vorbi?i pe telefonul mobil, mai ales dac? sunte?i în str?in?tate, într-o deplasare. Ave?i ceva de vorbit? E o ambasad?, sunt posibilit??i de a comunica. Dac? beneficiarul respect? sau nu, sigur c? e op?iunea lui", a declarat Teodor Mele?canu. Sursa: Recomandarea SIE c?tre demnitari: V? rug?m frumos nu vorbi?i pe mobil, mai ales în str?in?tate - Mediafax

Da. Daca vreti sa faceti teste pe alte conturi (decat al vostru), incercati dintr-un "Private window" sau dati "Clear cookies" inainte.

Nu e tocmai ceva nou, dar nu e de ajuns pentru a schimba parola. Am incercat si eu acum ceva timp pe contul unei prietene si am reusit sa obtin acces identificand 5 prieteni ai sai: am nimerit vreo 3 + vreo 2 pe care ii stiam. Altcineva ii schimbase parola prin aceeasi metoda si eu i-am recuperat contul. Incercai si azi si dadui peste 2 optiuni: 1. Sa trimita un cod catre 3 persoane si sa obtii acele coduri 2. Raspuns la intrebarea de securitate Poate merge in anumite conditii dar sansele sunt destul de mici.

Use this SSL Converter to convert SSL certificates to and from different formats such as pem, der, p7b, and pfx. Different platforms and devices require SSL certificates to be converted to different formats. For example, a Windows server exports and imports .pfx files while an Apache server uses individual PEM (.crt, .cer) files. To use the SSL Converter, just select your certificate file and its current type (it will try to detect the type from the file extension) and then select what type you want to convert the certificate to and click Convert Certificate. For more information about the different SSL certificate types and how you can convert certificates on your computer using OpenSSL, see below. https://www.sslshopper.com/ssl-converter.html

Antivirus Evasion: Lessons Learned – thelightcosine Derbycon 2013 Description: Over the past year, the speaker has spent alot of time talking with people in the infoSec Community and doing research on antivirus evasion techniques. Learning what works and what doesn't. There are a lot of good ideas floating around out there. In this talk we're going to pull those ideas all together. We'll discuss the basics of the AV evasion problem, what techniques work, which ones don't and why. The talk will have a particular focus on AV evasion as it relates to Metasploit payloads. Bio: David "thelightcosine" Maloney is a Senior Software Engineer on the Metasploit team at Rapid7. Before that he was a Penetration Tester for some large Corporations, specializing in Web Applications and was a longtime contrutor to the Metasploit Framework. He is a member of the Corelan Security Team, and sort of an auxiliary member of the FALE locksport group. He is one of the founders of Hackerspace Charlotte in NC. Sursa: Antivirus Evasion: Lessons Learned – thelightcosine Derbycon 2013 (Hacking Illustrated Series InfoSec Tutorial Videos)

[h=1]How to «open» microchip and what's inside?[/h]Microchips - are indeed can be considered a black box - as long as it's working you normally don't look inside. But what if you want to? Today we'll show how to "open" chips and what's inside. WARNING! All operations with concentrated (and especially hot) acids are extremely dangerous. Only trained persons should work with them using required protective equipment (acid-prof gloves, protection glasses, protective suit, fume hood and more). Remember that you only have 2 eyes! This article is for educational purposes only, do not try to repeat!. [h=1]Opening microchips[/h]Take some microchips of interest and add concentrated sulfuric acid. Container should be closed, but not airtight, so that fumes can escape (that is extremely important). Heat it to boiling temperature (300 °C). White substance at the bottom is baking soda - it's here to neutralize accidental spills and part of fumes. After 30-40 minutes, acid "burns" plastic to carbon: After it cools down, we can sort what is ready for next step and what needs another acid bath (thick, bulky packages usually need 2-3 rounds): If pieces of carbon stuck to the microchip itself and cannot be removed mechanically, one can remove them in hot concentrated nitric acid (temperature is much lower, ~110-120 °C): [h=1]Taking a look[/h]Images are clickable (beware of 5-25Mb JPEG's). Colors are enhanced, in reality they are much less saturated. PL2303HX — USB<>RS232 converter, chips like this are used in Arduino-like boards for example: LM1117 — low-dropout linear regulator: 74HC595 — 8-bit shift register: NXP 74AHC00 — quad 2-input NAND gate. This is a nice example that 'old' tech nodes (1µm and older) are still in use. Also, note how many spare via are there for improved yield.. Micron MT4C1024 — 1 mebibit (220 bit) dynamic ram. Widely used in 286 and 386-era computers, early 90's. Die size - 8662x3969µm. AMD Palce16V8h GAL is an 32x64 array of AND elements. GAL(Generic array logic) microchips are FPGA and CPLD grandfathers. Die size - 2434x2079µm, 1µm technology. ATtiny13A — one of the smallest Atmel's microcontrollers: only 1kb of flash and 32 bytes of SRAM. Die size though appeared to be unexpectedly big (1620x1640 µm). 500nm technology node. ATmega8 — one of the most popular 8-bit microcontrollers. Die size - 2855x2795µm, technology node 500nm. KR580IK80A (later renamed to KR580VM80A) - one of the most widespread soviet processors. Contrary to popular belief, it appeared to be not an Intel 8080A (or 8080) clone, but a code-compatible redesign (while several parts are quite similar, routing is different as well as pad placement). Thinnest lines are 6µm. STM32F100C4T6B — is the smallest microcontroller made by STMicroelectronics based on ARM Cortex-M3 core. Die size - 2854x3123µm. Altera EPM7032 — Altera EPM7032 - CPLD that have seen a lot... One of the last using 5V supply. Die size - 3446x2252µm, technology node 1µm. MIFARE chip, used in Moscow's subway RFID tickets. Die size - 640x620 µm. Now black box is open Follow us on Twitter @Zeptobars or subscribe to our RSS feed - we'll continue opening chips. Sursa: How to «open» microchip and what's inside? : ZeptoBars