It’s quite common to have a timed lockout after entering several bad passwords. This simple form of security makes automated brute force attacks unfeasible by ballooning the time it would take to try every possible permutation. The lock screen on iOS devices like iPad and iPhone have this built in. Enter your code incorrectly several times and the system will make you wait 1, 5, 15, and 60 minutes between entries as you keep inputting the wrong code. But there is an exploit that gets around this. [Pierre Dandumont] is showing off his hardware-based iPad lock screen attack in the image above.
He was inspired to try this out after reading about some Mac EFI attacks using the Teensy 3. That approach used the microcontroller to spoof a keyboard to try every PIN combination possible. By using the camera kit for iPad [Pierre] was able to do the same. This technique lets you connect wired keyboards to the iPad, but apparently not the iPhone. A bluetooth keyboard can also be used. These external keyboards get around the timing lockout associated with the virtual lockscreen keyboard.
We’re of the opinion that this is indeed a security vulnerability. If you forget your passcode you can simply restore the device to remove it. That wipes all of your personal data which can then be loaded from an iTunes backup. Lockscreens are paramount if a device is stolen. They will give you the time you need to change any online credentials which might be remembered by the device.
Continue reading “iOS keyboard exploit allows brute force iPad lock screen attack”
The round-about way this iPhone garage door opener was put together borders on Rube Goldberg. But it does indeed get the job done so who are we to judge? Plus you have to consider that the Apple products aren’t quite as hacker friendly as, say, Android phones — so this may have been the easiest non-Jailbreak way.
The main components that went into it are the iPhone, a Wemo WiFi outlet, and a 110V rated mechanical relay. But wait, surely it can’t be that simple? You’re correct, just for added subterfuge [Tall-drinks] rolled IFTTT into the mix.
You may remember hearing about If This Then That from the Alert Tube project. It’s a web-based natural language scripting service. Throw everything together and it works like this: The iPhone sends a text message which IFTTT converts to a Wemo command. A power cord connects the Wemo outlet to the 110V electrodes on the relay. The normally open connection of the relay is attached to the same screw terminals of the garage door opener as the push button that operates it. When the relay closes, the garage door goes up or down.
The biggest problem we have with this is the inability to know if your garage door is open or closed.
The Vine app is all the rage these days. It lets you shoot six-second videos on your iPhone and easily post them on the Internet. The problem is that [Sean Hodgins] doesn’t find the time limit to be useful for traditional video. But you can cram a lot more info into a half-dozen seconds if you make it a time-lapse video. The rig above is his solution to making the Vine app act as a time-lapse recorder.
The trick is in how the app itself works. It only records video when you’re touching the screen. So you record one second of video, then remove your finger and it ‘pauses’ the recording until you’re ready for the next scene. [Sean] automated this by adding a servo motor and a stylus. An Arduino drives the servo, making quick taps on the screen to get as many different frames into the six seconds as possible. He had a bit of trouble registering quick taps at first. His solution was to inject 3.3V into the stylus he gutted for the project. Click through the link above to see some example videos, or watch this embedded video to see the hardware at work:
Continue reading “Vine app hack on iPhone makes time-lapse movies”
We mourn the loss of the physical keyboard with the advent of tablets. After all, we do a bit of typing getting all of these features posted throughout the week. And we kind of blame tablets for the decline of the netbook industry (we still use a Dell Vostro A90 when not at home). But we’re trying to keep an open mind that we may not need a physical keyboard anymore. If someone can come up with an innovative alternative to the Qwerty layout that we are able to learn and can use with speed and without physical strain we’ll be on board. Our question is, do you think we are close to a screen typing breakthrough?
This question came to mind after seeing the Minuum keyboard shown above. It compresses all of the rows of a Qwerty into a single row, monopolizing less screen space than conventional smartphone input methods. The demo video (embedded after the break) even shows them hacking the concept into a distance sensor and using a graphite-on-paper resistor. Pretty cool. But what happens when you type a word not in the dictionary, like this author’s last name?
You can actually try out the Minuum style thanks to [Zack’s] in-browser demo hack. He’s not affiliated with Minuum, but has done quite a bit of alternative keyboard input work already with his ASETNIOP chorded typing project. It’s another contender for changing how we do things.
Continue reading “Ask Hackaday: Are we close to reinventing the keyboard for touchscreens?”
CrashBangLabs in Regina recently got their hands on a laser cutter. The Full Spectrum cutter was donated by a local company, who were upgrading to a larger machine.
With no laser cutting experience, [Brett] decided that his first project would be laser engraving his iPhone 5. This is a bit of an ambitious first project, since the power and speed would have to be set correctly to get a good contrast level, and you only have one try to get it right. Also, using too much power might have turn the phone into a laser etched brick.
[Brett] used an older aluminium iPod for testing. Once the laser speed and power was dialed in, he loaded up the artwork for the real thing. The cutter did a pretty good job at etching the art, but as the etching started it became clear that an alignment error had occurred. Fortunately [Brett] decided to not interrupt the cutter, and ended up with a good looking phone, with a slight alignment issue.
After the break, check out a time lapse of the laser cutter doing its thing.
Continue reading “Laser Etching an iPhone 5″
Before assuming that the title should be “web crawler,” just shush your shussins’ and check out the video after the break. The Pinoccio, as previously noted, is a board in development as a sort of web-enabled by default Arduino. This makes it perfect for a project like this one where a little rover is controlled from 10,000 Kilometers away, or around 6000 Miles for those of us that dwell in the US.
This setup uses a cell-phone accelerometer in Brazil to allow control of this robot in Nevada. Although close, the control isn’t quite real time, so that has to be accounted for. Something like this could be easily used for a telepresence ‘bot.
If you want to build your own, the assembly time is estimated at 1 hour. Instructions, as well as source code can be found on their page after the video. Although the Pinoccio board won’t be available until at least this summer, maybe this will give someone inspiration to try something similar in the mean time! Continue reading “Pinoccio Web Rover”
[Elvis Impersonator] spent three full days but in that time he managed to hand control of everything in his house over to Siri. The technique used is a familiar one. A Raspberry Pi running SiriProxy listens for commands from the iPhone and acts on them based on [Elvis’] predefined configuration. The difference here is that it’s not just a single device (read: lamp) that is being controlled to prove the concept. His video (embedded after the break) shows him operating an entire range of devices in his home.
The demonstration starts off with his garage door being opened and closed. From the YouTube video description we know that he’s using Trendnet IP cameras and it looks like one of them lets him see if he remembered to close the garage. Next he disarms his home security system as shown in the image above. From there he adjusts the Nest thermostat, switches off the living room lights, and changes the TV channels.
We think the need to give voice commands would get old pretty quickly. But that aside we applaud his work to pull everything together into one single interface.
Continue reading “Complete Siri home automation controls everything but the kitchen sink”