Steve Collins: When Things Go Wrong In Space

[Steve Collins] is a regular around Hackaday. He’s brought homebrew LIDARs to our regular meetups, he’s given a talk on a lifetime’s worth of hacking, and he is the owner of the most immaculate Hackaday t-shirt we’ve ever seen.

For the 2016 Hackaday SuperConference,  [Steve] took a break from his day job of driving spacecraft around the Solar System. As you can imagine, NASA plans on things going wrong. How do you plan for that? [Steve] answers all your questions by telling you what happens when things go wrong in space.

Continue reading “Steve Collins: When Things Go Wrong In Space”

Shmoocon 2017: The Ins And Outs Of Manufacturing And Selling Hardware

Every day, we see people building things. Sometimes, useful things. Very rarely, this thing becomes a product, but even then we don’t hear much about the ins and outs of manufacturing a bunch of these things or the economics of actually selling them. This past weekend at Shmoocon, [Conor Patrick] gave the crowd the inside scoop on selling a few hundred two factor authentication tokens. What started as a hobby is now a legitimate business, thanks to good engineering and abusing Amazon’s distribution program.

The product in question is the U2F Zero, an open source U2F token for two-factor authentication. It’s built around the Atmel/Microchip ATECC508A crypto chip and is, by all accounts, secure enough. It’s also cheap at about $0.70 a piece, and the entire build comes to about $3 USD. All of this is hardware, and should be extremely familiar to the regular Hackaday reader. This isn’t the focus of [Conor]’s talk though. The real challenge is how to manufacture and sell these U2F dongles, a topic we looked in on back in September.

The circuit for this U2F key is basically just a crypto chip and a USB microcontroller, each of which needs to be programmed separately and ideally securely. The private key isn’t something [Conor] wants to give to an assembly house, which means he’s programming all these devices himself.

For a run of 1100 units, [Conor] spent $350 on PCB, $3600 for components and assembly, $190 on shipping and tariffs from China, and an additional $500 for packaging on Amazon. That last bit pushed the final price of the U2F key up nearly 30%, and packaging is something you have to watch if you ever want to sell things of your own.

For distribution, [Conor] chose Fulfillment By Amazon. This is fantastically cheap if you’re selling a product that already exists, but of course, [Conor]’s U2F Zero wasn’t already on Amazon. A new product needs brand approval, and Amazon would not initially recognize the U2F Zero brand. The solution to this was for [Conor] to send a letter to himself allowing him to use the U2F Zero brand and forward that letter to the automated Amazon brand bot. Is that stupid? Yes. Did it work? Also yes.

Sales were quiet until [Conor] submitted a tip to Hacker News and sold about 70 U2F Zeros in a day. After that, sales remained relatively steady. The U2F Zero is now a legitimate product. Even though [Conor] isn’t going to get rich by selling a dozen or so U2F keys a day, it’s still an amazing learning experience and we’re glad to have sat in on his story of bootstrapping a product, if only for the great tip on getting around Amazon’s fulfillment policies.

Shmoocon 2017: Software Defined Radio for Terahertz Frequencies

Before Bluetooth, before the Internet of Things, and before network-connected everything, infrared was king. In the 90s, personal organizers, keyboards, Furbys, and critical infrastructure was built on infrared. Some of these devices are still around, hiding in plain sight. This means there’s a lot of opportunities for some very fun exploits. This was the focus of [Mike Ossmann] and [Dominic Spill]’s talk at this year’s Shmoocon, Exploring The Infrared World. What’s the hook? Using software-defined radio with terahertz frequencies.

irtra
[Dominic]’s infrared detector
Infrared communication hasn’t improved since the days of IrDA ports on laptops, and this means the hardware required to talk to these devices is exceptionally simple. The only thing you need is an IR phototransistor and a 4.7k resistor. This is enough to read signals, but overkill is the name of the game here leading to the development of the Gladiolus GreatFET neighbor. This add-on board for the GreatFET is effectively a software defined IR transceiver capable of playing with IrDA, 20 to 60 kHz IR remote control systems, and other less wholesome applications.

Demos are a necessity, but the world seems to have passed over IR in the last decade. That doesn’t mean there still aren’t interesting targets. A week before Shmoocon, [Mike Ossmann] put out the call on Twitter for a traffic light and the associated hardware. Yes, police cars and ambulances use infrared signaling to turn traffic lights green. You shouldn’t. You can, but you shouldn’t.

What was the takeaway from this talk? IR still exists, apparently. Yes, you can use it to send documents directly from your PalmPilot to a laser printer without any wires whatsoever. One of the more interesting applications for IR is an in-car wireless headphone unit that sends something almost, but not quite, like pulse coded audio over infrared. The demo that drew the most applause was an infrared device that changed traffic lights to green. The information to do that is freely available on the web, but you seriously don’t want to attempt that in the wild.

Shmoocon 2017: Dig Out Your Old Brick Phone

The 90s were a wonderful time for portable communications devices. Cell phones had mass, real buttons, and thick batteries – everything you want in next year’s flagship phone. Unfortunately, Zach Morris’ phone hasn’t been able to find a tower for the last decade, but that doesn’t mean these phones are dead. This weekend at Shmoocon, [Brandon Creighton] brought these phones back to life. The Motorola DynaTAC lives again.

[Brandon] has a history of building ad-hoc cell phone networks. A few years ago, he was part of Ninja Tel, the group that set up their own cell phone network at DEF CON. That was a GSM network, and brickphones are so much cooler, so for the last few months he’s set his sights on building out a 1G network. All the code is up on GitHub, and the hardware requirements for building a 1G tower are pretty light; you can roll your own 1G network for about $400.

The first step in building a 1G network, properly referred to as an AMPS network, is simply reading the documentation. The entire spec is only 136 pages, it’s simple enough for a single person to wrap their head around, and the concept of a ‘call’ really doesn’t exist. AMPS looks more like a trunking system, and the voice channels are just FM. All of this info was translated into GNU Radio blocks, and [Brandon] could place a call to an old Motorola flip phone.

As far as hardware is concerned, AMPS is pretty lightweight when compared to the capabilities of modern SDR hardware. The live demo setup used an Ettus Research USRP N210, but this is overkill. These phones operate around 824-849 MHz with minimal bandwidth, so a base station could easily be assembled from a single HackRF and an RTL-SDR dongle.

Yes, the phones are old, but there is one great bonus concerning AMPS. Nobody is really using these frequencies anymore in the US. That’s not to say building your own unlicensed 1G tower in the US is legally permissible, but if nobody reports you, you can probably get away with it.

Raspberry Pi Launches Compute Module 3

The forgotten child of the Raspberry Pi family finally has an update. The Raspberry Pi Compute Module 3 has been launched.

The Pi 3 Compute Module was teased all the way back in July, and what we knew then is just about what we know now. The new Compute Module is based on the BCM2837 processor – the same as found in the Raspberry Pi 3 – running at 1.2 GHz with 1 gigabyte of RAM. The basic form factor SODIMM form factor remains the same between the old and new Compute Modules, although the new version is 1 mm taller.

The Compute Module 3 comes with four gigabytes of eMMC Flash and sells for $30 on element14 and RS Components. There’s also a cost-reduced version called the Compute Module 3 Light that forgoes the eMMC Flash and instead breaks out those pins to the connector, allowing platform integrators to put an SD card or Flash chip on a daughter (mother?) board. The CM3 Lite version sells for $25. Continue reading “Raspberry Pi Launches Compute Module 3”

Hackaday Links: January 15, 2017

What’s more expensive than a car and a less useful means of transportation? A 747 flight simulator built in a basement. There’s a project page where a few more details are revealed. There’s a 180 degree wrap-around screen for the main display, a glass cockpit, and the controls and gauges are ‘good enough’ to feel like the real thing. The simulator is running a highly customized version of FS9 (Microsoft’s flight sim from the year 2004).

For the last few years, Google has been experimenting with high altitude balloons delivering Internet to remote populations. This is Project Loon, and simply by the fact that Google hasn’t shuttered this Alpha-bit, we can assume the project is a success. A Project Loon balloon recently crashed in Panama, which means we can get an up-close look at the hardware. These balloon base stations are a lot bigger than you would think.

We’ve seen beautiful PCBs before, but [Blake] is taking this to another level entirely. He’s developed a process to convert bitmaps into files suitable to send to a PCB manufacturer. The results are… strange, and very cool. Check out a video of the process here.

If you want to dial out from behind the great firewall of China, you’re probably going to use a VPN. Here’s an idea that doesn’t work as well as a VPN. Use an acoustic coupler with your iPhone. Will it work? Of course it will – modems have been standardized for fifty years. Will it work well? No, I can speak faster than 300 baud.

Do you sell on Tindie? We have a dog park. Tindie sellers around the world will be meeting up on Hackaday.io next Friday to discuss Tindie and Tindie-related activities. Join in!

A quick aside relating to Hackaday and Tindie swag. 1) The Tindie dog as a stuffed animal. 2) A Hackaday logo t-shirt where the skull is decorated like a Día de Muertos sugar skull. Pick one, leave your response in the comments.

Shmoocon 2017: A Simple Tool For Reverse Engineering RF

Anyone can hack a radio, but that doesn’t mean it’s easy: there’s a lot of mechanics that go into formatting a signal before you can decode the ones and zeros.

At his Shmoocon talk, [Paul Clark] introduced a great new tool for RF Reverse Engineering. It’s called WaveConverter, and it is possibly the single most interesting tool we’ve seen in radio in a long time.

If you wanted to hack an RF system — read the data from a tire pressure monitor, a car’s key fob, a garage door opener, or a signal from a home security system’s sensor — you’ll be doing the same thing for each attack. The first is to capture the signal, probably with a software defined radio. Take this data into GNU Radio, and you’ll have to figure out the modulation, the framing, the encoding, extract the data, and finally figure out what the ones and zeros mean. Only that last part, figuring out what the ones and zeros actually do, is the real hack. Everything before that is just a highly advanced form of data entry and manipulation.

[Paul]’s WaveConverter is the tool built for this data manipulation. Take WaveConverter, input an IQ file of the relevant radio sample you’d like to reverse engineer, and you have all the tools to turn a radio signal into ones and zeros at your disposal. Everything from determining the preamble of a signal, figuring out the encoding, to determining CRC checksums is right there.

All of this is great for reverse engineering a single radio protocol, but it gets even better. Once you’re able to decode a signal in WaveConverter, it’s set up to decode every other signal from that device. You can save your settings, too, which means this might be the beginnings of an open source library of protocol analyzers. If someone on the Internet has already decoded the signals from the keyfob of a 1995 Ford Taurus, they could share those settings to allow you to decode the same keyfob. This is the very beginnings of something very, very cool.

The Github repo for WaveConverter includes a few sample IQ files, and you can try it out for yourself right now. [Paul] admits there are a few problems with the app, but most of those are UI changes he has in mind. If you know your way around programming GUIs, [Paul] would appreciate your input.