3G to WiFi Bridge Brings the Internet

[Afonso]’s 77-year-old grandmother lives in a pretty remote location, with only AM/FM radio reception and an occasionally failing landline connecting her to the rest of the world. The nearest 3G cell tower is seven kilometers away and unreachable with a cell phone. But [Afonso] was determined to get her up and running with video chats to distant relatives. The solution to hook granny into the global hive mind? Build a custom antenna to reach the tower and bridge it over to local WiFi using a Raspberry Pi.

The first step in the plan was to make sure that the 3G long-shot worked, so [Afonso] prototyped a fancy antenna, linked above, and hacked on a connector to fit it to a Huawei CRC-9 radio modem. This got him a working data connection, and it sends a decent 4-6 Mbps, enough to warrant investing in some better gear later. Proof of concept, right?

On the bridging front, he literally burned through a WR703N router before slapping a Raspberry Pi into a waterproof box with all of the various radios. The rest was a matter of configuration files, getting iptables to forward the 3G radio’s PPP payloads over to the WiFi, and so on. Of course, he wants to remotely administer the box for her, so he left a permanent SSH backdoor open for administration. Others of you running remote Raspberry Pis should check this out.

We think it’s awesome when hackers take connectivity into their own hands. We’ve seen many similar feats with WiFi, and indeed [Afonso] had previously gone down that route with a phased array of 24 dBi dishes. In the end, the relatively simple 3G Pi-and-Yagi combo won out.

Part two of the project, teaching his grandmother to use an Android phone, is already underway. [Afonso] reports that after running for two weeks, she already has an Instagram account. We call that a success!

2017: The Year of the Dishwasher Security Patch

As if Windows Update wasn’t bad enough, one has to deal with a plethora of attention-hungry programs and utilities all begging for a continual stream of patches from the Internet. It’s exhausting, but unfortunately also par for the course. Many of these updates are to close security vulnerabilities that could otherwise expose your computer to undesirables. The Internet of Things will only expand the amount of hardware and software you need to keep updated and protected on a daily basis. Now, it’s your dishwasher that’s under attack.

The Register reports that Jens Regel discovered the bug in a Miele dishwasher with a webserver. It’s a basic directory traversal attack that can net the intruder the shadow password file. Armed with this, it’s simple to take over the embedded Linux system and wreak havoc on your local network.

It’s not particularly surprising – we’ve talked about IoT security and its pitfalls before. The problem is, a dishwasher is not a computer. Unlike Microsoft, or Google, or even the people behind VLC, Miele don’t have infrastructure in place to push out an update to dishwashers worldwide. This means that as it stands, your only real solutions are to either disconnect the dishwasher from your network, or lock it behind a highly restrictive firewall. Both are likely to impede functionality. Of course, as always, many will ask why a dishwasher needs to be connected to the Internet at all. Why indeed.

The Midwest RepRap Festival Spectacular

Every year, nestled between a swine auction and beef auction at the fairgrounds in Goshen, Indiana, the world’s greatest 3D-printing meetup happens. The Midwest RepRap Festival draws the greatest minds in 3D printing from around the world, with teams flying in from Prague, Oxford, and Hong Kong. This year was bigger than any other year. Over 1,000 people ventured forth into the sticks to attend this awesome festival dedicated to DIY printers.

What did we see this year? The PartDaddy, SeeMeCNC’s 18-foot-tall delta printer made an appearance. We saw a new extruder from E3D, and an announcement that Open Source filaments will soon be a reality. True color printing with a five filament CMYKW system is weird and cool. DIY resin printers using laser diodes and galvos are now a thing. An Easy Break Oven isn’t broken. Printers with an infinite build volume now exist, and it skirts around a MakerBot patent, too.

There was more to see at MRRF than a single weekend would allow. [Jason Kridner] from BeagleBone was there talking about the latest in fancy single-chip Linux computers. Hackerspaces were there talking about their coolest builds and doing the calculations necessary to strap model rocket engines to 3D printed rockets. A few local colleges sent teams out to talk about their efforts to bring additive manufacturing to their programs. YouTube personalities were there. Check out the rest of the goodies we saw below.

Continue reading “The Midwest RepRap Festival Spectacular”

Retrotechtacular: Stereo Records

The 20th century saw some amazing technological developments. We went from airplanes to the moon. We went from slide rules to digital computers. Crank telephones to cell phones. But two of the most amazing feats of that era were ones that non-technical people probably hardly think about. The transformation of radio and TV from mono and black and white, to stereo and color. What was interesting about both of these is that engineers managed to find a way to push the new better result into the same form as the old version and — this is the amazing part — do it in such a way that the old technology still worked. Maybe it is the rate that new technology moves today, but we aren’t doing that today. Digital TV required all-new everything: transmitters, receivers, frequencies, and recording gear. Good luck trying to play the latest video game on your 25-year-old PC.

It is hard to remember when stores were full of all sorts of audio and video media. We’ve noticed that all forms of media are starting to vanish. Everything audio and video are all streamed or downloaded these days. Records, 8-tracks, cassettes, and even CDs and DVDs are vanishing. However, vinyl records have made a come back in the last few years for their novelty or nostalgic value.

Continue reading “Retrotechtacular: Stereo Records”

Next Weekend: The Vintage Computer Festival East

Next weekend is the Vintage Computer Festival East in Wall, New Jersey. We’re going, and you should be there too.

The VCF East is the largest gathering of retrocomputing aficionados on the east coast. It’s three days of talks, exhibits, a flea market, and a pow-wow of the greatest minds buried under obsolete technology. No VCF is complete without a few talks, and this year is shaping up to be great. Keynotes will include [Bjarne Stroustrup], designer / implementor / inventor of C++. Computer historian [Bill Degnan] will give a review of 40 years of ‘appliance computers’, and [Tom Perera], Ph.D. will be giving a talk on the Enigma machine.

The exhibits at VCF are always the star of the show, and this year is no different. Highlights include mechanical computers, the finest from Silicon Graphics, and a version of Unix published by Microsoft. The individual exhibits are always great; last year the world’s first digital camera made an appearance. If you’re in the area, this isn’t an event to miss. VCF is going down at InfoAge, a science center at the former Camp Evans — a military installation that is best described as, ‘DARPA before World War II’.

Hackaday is proud to once again sponsor VCF East. This has been going on for a couple of years now and our Art Director, [Joe Kim] has created some incredible art as part of the sponsorship. Click on the thumbnail of this year’s art to embiggen. The VCF West art from last year is a stunning take on the Macintosh and last year’s VCF East art reflected the retro hackathon we sponsored.

Russian Hackers Domain Fronting

FireEye just put out a report on catching the Russian hacker group “Advanced Persistent Threat 29” (APT29, for lack of a better code name) using the meek plugin for TOR to hide their traffic. If you’re using meek with meek-reflect.appspot.com, you’ll find it’s been shut down. If all of this is gibberish to you, read on for a breakdown.

meek is a clever piece of software. Imagine that you wanted to communicate with the Tor anonymizing network, but that you didn’t want anyone to know that you were. Maybe you live in a country where a firewall prevents you from accessing the full Web, and blocks Tor entry nodes as part of their Great Firewall. You’d want to send traffic somewhere innocuous first, and then bounce it over to Tor, in order to communicate freely.

That’s what meek does, but it goes one step further. The reflector server is hosted using the same content-delivery network (CDN) as a popular service, say Google’s search engine. The CDN has an IP address, like every other computer on the Internet, but it delivers content for any of the various services it hosts. Traffic to the CDN, encrypted with TLS, looks the same whether it’s going to the meek reflector or to Google, so nobody on the outside can tell whether it is a search query or packets destined for Tor. Inside the CDN, it’s unencrypted and passed along to the reflector.

Anyway, meek was invented to help bring the uncensored Internet to people who live in oppressive regimes, and now cybersecurity researchers have observed it being used by Russian state hackers to hide their tracks. Sigh. Technology doesn’t know which side it’s on — the same backdoor that the FBI wants to plant in all our communications can be used by the mafia just as easily. Plugins that are meant to bring people freedom of speech can just as easily be used to hide the actions of nation-state hackers.

What a strange world we live in.

Source Parts on TaoBao: An Insider’s Guide

For hardware aficionados and Makers, trips to Shenzhen’s Huaqiangbei have become something of a pilgrimage. While Huaqiangbei is a tremendous and still active resource, increasingly both Chinese and foreign hardware developers do their sourcing for components on TaoBao. The selection is vastly greater and with delivery times rarely over 48 hours and frequently under 24 hours for local purchases it fits in nicely with the high-speed pace of Shenzhen’s hardware ecosystem.

For overseas buyers, while the cost of Taobao is comparable to, or slightly less than AliExpress and Chinese online stores, the selection is again, many, many times the size. Learning how to effectively source parts from Taobao will be both entertaining and empowering.

Continue reading “Source Parts on TaoBao: An Insider’s Guide”