Hacklet #10 Cryptography and Reverse Engineering

10 In honor of DEFCON, this week we’re looking at some cryptography and reverse engineering projects over at Hackaday.io hardware reverse engineeringEvery hacker loves a hardware puzzle, and [Tom] has created a tool to make those puzzles. His Hardware Reverse Engineering Learning Platform consists of a shield with two ATmega328 chips and an I2C EEPROM. The two Atmel chips share a data bus and I2C lines. Right in the middle of all this is an ST Morpho connector, which allows an ST Nucleo board to act as a sniffer. The platform allows anyone to create a reverse engineering challenge! To successfully reversechip whisper engineer a board, it sure helps to have good tools. [coflynn] is giving that to us in spaces with The ChipWhisperer. ChipWhisperer is an open source security research platform. The heart of the system is a Xilinx Spartan 6 FPGA. The FPGA allows very high speed operations for things like VCC and clock glitching. ChipWhisperer is an entire ecosystem of boards – from LNA blocks to field probes. The entire system is controlled from an easy to use GUI. The end result is a powerful tool for hardware attacks. nsa-awayOn the Encryption side of the house, we start by keeping the Feds at bay. The [Sector67] hackerspace has collectively created NSA AWAY. NSA AWAY is a simple method of sending secure messages over an insecure medium – such as email. A one-time use pad is stored on two SD cards, which are used by two Android devices. The message sender uses an Android device to encrypt the message. On the receive side, the message can be decoded simply by pointing an android device’s camera at the encrypted data. So easy, even a grandparent could do it! buryitNext up is [Josh's] Bury it under the noise floor. “Bury it” is an education for cryptography in general, and steganographic software in particular. [Josh] explains how to use AES-256 encryption, password hashing, and other common techniques. He then introduces steganography  by showing how to hide an encrypted message inside an image. Anyone who participated in Hackaday’s ARG build up to The Hackaday Prize will recognize this technique. zrtphardphone[yago] gives us encrypted voice communications with his ZRTP Hardphone. The hardphone implements the ZRTP, a protocol for encrypted voice over IP communications. The protocol is implemented by a Raspberry Pi using a couple of USB sound cards. User interface is a 16×2 Line character LCD, a membrane keypad, and of course a phone handset. Don’t forget that you need to build two units,or  whoever you’re trying to call will  be rather confused! moolti-3

Finally we have the Mooltipass. Developed right here on Hackaday by [Mathieu Stephan] and the community at large, Mooltipass is a secure password storage system. All your passwords can be stored fully AES-256 encrypted, with a Smart Card key. Under the hood, Mooltipass uses an Arduino compatible ATmega32U4 microcontroller. UI is through a OLED screen and touch controls.     That’s it for this week! Be sure to check out next week’s Hacklet, when we bring you more of the best from Hackaday.io!

Retrotechtacular: We Heard You Like Tubes, So Here’s a Film About Tube Tubes from the Webtubes

EF80

This lovely little number is the EF80 pentode thermionic valve, or vacuum tube, made by Mullard beginning in 1950. They were used in radio and radar applications, but most of them wound up in VHF television sets. This week’s Retrotechtacular takes a close look at the assembly of and on-site materials production for the EF80 in particular.

The film begins with slow and careful hand assembly of an EF80. The cathode is inserted into a mica disc, and a series of three grids are placed over the cathode. The semicircular anode sits around the outermost grid. Another mica disc is placed on top which does triple duty as a spacer, a base for the getter/plate assembly, and a firewall against the getter flash.The dark lining of the upper part of the tube is the residue of the vaporized getter, which is heated after the first stage of air removal.

Before the vacuuming begins, the inner assembly is mounted on a glass base with nine pins that have been pre-bent to meet the inner assembly wires. The heater, dissipating shield, and a meshy cylinder are added, and then the getter on its plate. A tube is slipped over the assembly and fused to the base in a jig, forming an airtight seal. [Read more...]

Ask Hackaday: What Can Save RadioShack?

radioshackThe news for RadioShack is not good. The retail chain that we hackers hold near and dear to our hearts is in financial trouble, and could go under next year.  With just 64 million in cash on hand, it literally does not have enough capital to close the 1,100 stores it planned to in March of this year.

On May 27th, 2011, we asked you what RadioShack could do to cater to our community. They listened. Most of their retail stores now carry an assortment of Arduino shields, the under appreciated Parallax (why?), and even El Wire. Thanks to you. You made this happen.

Today, we are asking you again. But not for what RadioShack can do better. We’re asking what they can do to survive. To live. It makes no sense for RadioShack to compete in the brutal cell phone/tablet market, and makes every bit of sense for them take advantage of the rapidly growing hacker/builder/maker what-ever-you-want-to-call-us community. Let’s face it. We’re everywhere and our numbers are growing. From 3D printers to drones, the evidence is undeniable.

With 5,000 retail stores across the USA, they are in a perfect position to change their business model to a hacker friendly one. Imagine a RadioShack down the road  that stocked PICs, ARMs, Atmels, stepper motors, drivers, sensors, filament….like a Sparkfun retail store. Imagine the ability to just drive a few miles and buy whatever you needed. Would you pay a premium? Would you pay a little extra to have it now? I bet you would.

Now it’s time to speak up. Let your voices be heard. Let’s get the attention of the RadioShack board. You’ve done it before. It’s time to do it again. Hackers unite!

 

Hacklet #9 Bugs and Fire

9 This week on the Hacklet, we’re spending some time looking at bugs and fire! honeybeeFirst up we have [Noel] who is saving the bees with Bee-O-Neo-Tweet-O. Bees are incredibly important, both to Earth’s ecosystem and the food chain we humans need to survive. Unfortunately bees are also sensitive to some of the chemicals humans dump into the atmosphere. Sometimes it results in colored honey, but more often than not it’s detrimental to the bees.

Neonicotinoids are a class of insecticide that has been causing problems to hives near where they are used. [Noel] is banking on sensors created with bismuth electrodes to detect the chemical near the entrance to hives. The data can be collected by beekeepers all over the world and sent to a central server. He’s using an Arduino Yun as a WiFi connected base station. Each individual hive has an Adafriut Trinket and a 433MHz radio link to send data to the base. [Noel] is even hoping to detect individual bees by the sound of their wings beating.

hivemonitor

[Ken] is keeping his own bees, and wants to monitor more than just chemicals. His honeybee hive monitoring system keeps track of the temperature and weight (and thus the honey produced) by his hives. Rather than buy an expensive load cell setup, [Ken] modified a standard digital bathroom scale to suit his needs. The insects connect to the IOB (Internet of Bees) with a bit of help from the Apitronics platform and a BeagleBone Black. Ken even added a solar-powered weather station with the Apitronics system.

bug-killa[Mike] is taking a slightly different approach. He doesn’t want to save the bugs, he wants to kill the ones that bug him! [Mike] doesn’t want to get his hands dirty, so he’s created Lazy Killer 9000 for easy bug killing. Lazy Killer uses the business end of an electrified fly swatter to do its work. This project wouldn’t be complete without an Arduino, so [Mike] is adding one, as well as a WiFi shield. The entire system will have a friendly interface to turn the juice on. One of the best features of Lazy Killer is the internet connected kill count. [Mike] knows that there aren’t any bugs in the vacuum of space, so he’s entered Lazy Killer in The Hackaday Prize.

fire-charger

From bugs, we move on to Fire! [mr.jb.swe] needed a reliable portable power source. He found it in LiFePO4 batteries, but still needed a way to charge them. Toward that end he’s created The Multicharger, a watt meter and charger which can be powered from solar, wind, or thermometric power. A Powerpot X provides the fire and the power to charge the batteries. [mr.jb.swe's] charger converts that into the standard constant current->constant voltage charging system needed by lithium chemistry batteries. The Multicharger isn’t a complete battery management system yet, but it’s well on its way.

Unitycandle candles have become a staple at wedding ceremonies.[Quinn] has taken things to the next level and beyond with this take on the classic unity candle. This candle throws fireballs 30 feet into the sky! We covered the candle back in June, but [Quinn] has been busy since then. With over 20 updates, [Quinn] has created one of the most well documented projects on Hackaday.io. Of course, being that this project is dealing with propane and monstrous fires, [Quinn] mentions you shouldn’t try unless you really know what you’re doing. Don’t set any brides on fire! That’s it for this week’s Hacklet! Tune in next week, same hack time, same hack channel, for more of the best of Hackaday.io!

Developed on Hackaday: Beta Testers, Animation and Assembly Videos

3 mooltipass versions

We’re pretty sure that most of our readers already know it by now, but we’ll tell you anyway: the Hackaday community (writers and readers) is currently developing an offline password keeper, the Mooltipass. A month ago we published our first demonstration video and since then the development team has been fairly busy at work.

First things first: we heard (well, read) the comments you left in our previous articles and decided to make a small animation video that will hopefully explain why having an offline password keeper is a good thing. We welcome you to have a look at our script draft and let us know what you think. We updated our GitHub readme and more importantly our FAQs, so feel free to tell us if there are still some questions you have that we didn’t answer. We finally found a short but yet interesting paper about software based password keepers possible security flaws.

Secondly, a little more than 20 prototypes have successfully been assembled and some beta testers actually already received them. As they financially contributed to their units we offered them the possibility to pick a blue, green, yellow or white OLED screen (see picture above). We therefore expect things to gain speed as we’ll have users (or rather bosses) pushing us to improve our current platform and implement much needed features.

Finally, as I figured some of our readers may be interested, I made a quick video of the prototype assembly process (embedded below). It is still a little sketchy and a few changes will be made to make it simpler for production. We expect these next weeks to be full of interesting events as our beta testers / Hackaday readers will be able to judge the work we’ve been doing for so long. We highly recommend you to subscribe to our official Google group to stay updated with our adventures.

Retrotechtacular: Designing and Building RCA Televisions

waveformWhile it’s almost cliché to say they don’t make things like they used to, this week’s Retrotechtacular offers fairly conclusive proof that, at the very least, they used to put more time and effort into manufacturing consumer electronics. Gather your homemade wisecrackin’ robots and settle in front of this 1959 film entitled “The Reasons Why”, a rah-rah film created for new employees of the RCA Victor television division.

It may open with a jingle, but things quickly turn serious. Quality is no laughing matter for the men and women devoted to bringing you the best television set for your money. This type of unmatched excellence begins with tireless R&D into improving sound and picture quality. Every transformer is tested at five times the rated voltage, and every capacitor at two times the rating. Every switch undergoes a series of mechanical tests, including a pressured steam bath to ensure they will hold up even if you drag your set out to the porch some unbearably hot deep South August night.

hot august nights

Cabinet design is just as important—what’s the use in housing a chassis and kinescope that’ll last for 60 years in some cheap box? Woods from all over the world are carefully considered for their beauty and durability. A television set is, after all, the centerpiece of the American family room furniture group. These carefully selected woods are baked in a series of ovens to prove they’ll stand up to hours of continuous use.

[Read more...]

Hackaday Links: July 27, 2014

hackaday-links-chain

Taking apart printers to salvage their motors and rods is a common occurrence in hacker circles, but how about salvaging the electronics? A lot of printers come with WiFi modules, and these can be repurposed as USB WiFi dongles. Tools required? And old printer, 3.3 V regulator, and a USB cable. Couldn’t be simpler.

The Raspberry Pi has a connector for a webcam, and it’s a very good solution if you need a programmable IP webcam with GPIOs. How about four cameras?. This Indiegogo is for a four-port camera connector for the Raspi. Someone has a use for this, we’re sure.

The one flexible funding campaign that isn’t a scam. [Kyle] maintains most of the software defined radio stack for Arch Linux, and he’s looking for some funds to improve his work. Yes, it’s basically a ‘fund my life’ crowdfunding campaign, but you’re funding someone to work full-time on open source software.

Calibration tools for Delta 3D printers. It’s just a few tools that speed up calibration, made for MATLAB and Octave.

[Oona] is doing her usual, ‘lets look at everything radio’ thing again, and has a plan to map microwave relay links. If you’ve ever seen a dish or other highly directional antenna on top of a cell phone tower, you’ve seen this sort of thing before. [Oona] is planning on mapping them by flying a quadcopter around, extracting the video and GPS data, and figuring out where all the other microwave links are.

PowerPoint presentations for the Raspberry Pi and BeagleBone Black. Yes, PowerPoint presentations are the tool of the devil and the leading cause of death for astronauts*, but someone should find this useful.


* Yes, PowerPoint presentations are the leading cause of death for astronauts. The root cause of the Columbia disaster was organizational factors that neglected engineer’s requests to use DOD space assets to inspect the wing, after which they could have been rescued. These are organizational factors were, at least in part, caused by PowerPoint.

Challenger was the same story, and although PowerPoint didn’t exist in 1986, “bulletized thinking” in engineering reports was cited as a major factor in the disaster. If “bulletized thinking” doesn’t perfectly describe PowerPoint, I don’t know what does.

As far as PowerPoint being the leading cause of death for astronauts, 14 died on two shuttles, while a total of 30 astronauts died either in training or in flight.

Follow

Get every new post delivered to your Inbox.

Join 91,338 other followers