In what was probably the cutest presentation with serious consequences at this year’s Las Vegas located DEF CON, a ten-year-old attendee stepped up and showed off her hack of farm-based games for Droid and iOS devices to all the other computer security professionals, journalists, lawyers, crackers, cyber-criminals, and hackers around. According to CNET, @CyFi’s zero-day exploit has since been confirmed by independent researchers, and some developers are already taking steps to block her hack.
Her motivation for discovering the exploit? Quite simple:
“It was hard to make progress in the game, because it took so long for things to grow. So I thought, ‘Why don’t I just change the time?'” Most of the games she discovered the exploit in have time-dependent factors. For example, planting corn might take 10 real-time hours to mature in the game. Manually advancing the phone or tablet’s clock forced the game further ahead than it really was, opening up the exploit.
Even some games that have taken stops to block this exploit remain vulnerable when they are not connected to a wifi signal or a 3G network.
Already an artist who has performed an improvised, 10-minute-long spoken word piece in front of 1,000 people at the San Francisco Museum of Modern Art, a Girl Scout, and a state-ranked downhill skier, CyFi revealed that she was only a little bit nervous about having to speak in front of the 100 or so expected attendees. She admitted that while it was probably different publicly speaking about a topic with such a specific focus, it would be hard for her to imagine what those differences might be. “Well, I haven’t done it yet,” she said.
While a “change the internal” clock hack is no Wikileaks, or cracked Assassin’s Creed DRM, or Gawker scandal; it’s pretty awesome to see that the hacker community is one that has a space for young girls to be encouraged and welcomed to participate. Today FarmVille, tomorrow… who knows?
(CNET via The Inquisitr.)