Remember when kids used to play with plastic toys and run around playing tag outside? It seems that kids these days are getting more involved with technology more than ever. Back in Sunday, a 10-year old hacker that goes by the moniker CyFi revealed a certain exploit in DefCon Kids, a part of DefCon 19 conference which is a hacking oriented event. The exploit that the 10-year old girl from California discovered is a zero-day exploit which is found in various iOS and Android games.
According to the report of CNet, CyFi first discovered this vulnerability with games back in January 2011 when she was starting to get bored by the pace of real-time based farm-style games. According to the girl, "It was hard to make progress in the game, because it took so long for things to grow. So I thought, 'Why don't I just change the time?"
If you have been a social networking or mobile gamer, then you are familiar with simulation games that depends on time in order to make the game progress. The most common example is FarmVille. The process involves planting crops and then waiting for several hours or even days before you can harvest them. For a casual gamer who only puts no more than a few minutes while playing, this should be the perfect setup. But for an active gamer or impatient ones, the process of waiting can really mar the gaming experience.
But with the zero day exploit, what you need to do is simply manually advance the system clock of your iOS or Android device and force the game to progress. CyFi said that many games have already blocked this type of vulnerability but somehow she has found a workaround. You can either disable the WiFi or make incremental adjustments to the clock instead of advancing it all at once in order to trick the game. Like a true ethical hacker, CyFi refused to reveal the games that can be exploited using this flaw so that it can give the developers of said games some time to patch the exploit.
At the end of the young hacker's presentation at DefCon Kids, the mother of CyFi offered a $100 reward to any young hacker who manages to find the most games that have the said exploit within 24 hours. The reward is sponsored by AllClearID, an identity protection company who also happens to be sponsoring DefCon Kids.
This particular type of exploit that allows you to gain progress in games by altering the system clock is not really new. But for a 10-year old girl to discover it on her own makes this feat much more impressive. The future is definitely bright for this young hacker.
DefCon is one of the world's largest hacker conventions that takes place every year. The event first took place in June 1993 and is held in Las Vegas, Nevada since then. Most of the attendees of DefCon includes hackers, computer security professionals, crackers, journalists, lawyers and so on. DefCon Kids is the first event of its kind which introduces kids between the age of 8 and 16 to the hacking world. [via CNet]Contact Us for News Tips, Corrections and Feedback