Rooting The Nest Thermostat

nest-300x293 A few months ago, Google bought a $3.2 billion dollar thermostat in the hopes it would pave the way for smart devices in every home. The Nest thermostat itself is actually pretty cool – it’s running Linux with a reasonably capable CPU, and adds WiFi to the mix for some potentially cool applications. It can also be rooted in under a minute,

As [cj] explains, the CPU inside the Nest has a Device Firmware Update mode that’s normally used for testing inside the Nest factory. This DFU mode can also be used to modify the device without any restrictions at all.

With a simple shell script, [cj] plugs the Nest into his laptop’s USB port, puts the device into DFU mode, and uploads a two-stage booloader to enable complete control over the Linux-powered thermostat.

As a bonus, the shell script also installs an SSH server and enables a reverse SSH connection to get around most firewalls. This allows anyone to remotely control the Nest thermostat, a wonderful addition to the Nest that doesn’t rely on iPhone apps or a cloud service to remotely control your Internet enabled thermostat.

Video of the rooting process below.

Continue reading “Rooting The Nest Thermostat”

An Introduction To The BeagleBone PRU

BBB While the BeagleBone is usually compared to the Raspberry Pi, there are a few features that make the ‘Bone a vastly more capable single board computer. There is a small difference in the capabilities of the processor, but the real power of the BeagleBone comes from the PRUs available: two small cores that give the BeagleBone the hardware equivalent of bitbanging pins. [Texane] has put up two great tutorials for using the PRU in the BeagleBone that should be required reading for every BeagleBone owner.

The first tutorial goes over the capabilities of the PRUs in the BeagleBone and setting up the software environment to develop your own hardware interfaces with the PRU. While writing code for the PRU has usually involved the Beagleboard packages, TI has recently released a version of Code Composer Studio that gives the option to compile C code for the PRU.

[Texane] used this C compiler to rehash the earlier, assembly only PRU program, making development significantly easier. There’s still a bit of inline assembly, and the inline assembly support isn’t as advanced as in GCC, but it’s still much easier than the assembly only variant.

While [Texane] is using the PRU in his BeagleBone to develop something at a synchrotron facility, three are a few things where really fast hardware bitbanging comes in handy: it can be used to make a video card for a vintage mac, or any sort of VGA video card, really. Very cool stuff, especially now that you can write something in C.

BeagleBone Blacks Still Not Available, Here’s Blue Steel

zoolander

The BeagleBone Black has been featured in an improbable number of awesome project, ranging from driving thousands of LEDs for a video display, to 3D printer controller boards. There’s a lot you can do with a tiny Linux board that’s much more powerful than the Raspberry Pi – if you can find one, that is. The BeagleBone Black has been out of stock everywhere for months now, with little sign of when distributors will receive some new stock.

Luckily, the BeagleBone Black is open source. Anyone can make them. Finally, someone did. It’s called Blue Steel, and notwithstanding the inevitable Zoolander references, it’s pretty much the same as the BeagleBone Black we all know and love.

There are a few differences between Blue Steel and the BeagleBone Black: Blue Steel doesn’t have an HDMI output, and the 4GB of on-board Flash featured on the BeagleBone isn’t found on Blue Steel. Still, it has the same processor, same amount of RAM, and the same connectors found in the BeagleBone Black.

You can pre-order Blue Steel here, with the boards eventually shipping at the end of the month. It’s the same price as the BeagleBone Black, not ideal considering the missing HDMI port and Flash storage. Still, you can actually buy it now, something you can’t say about the BeagleBone.

Fight the Google Glass Cyborgs with Glasshole.sh

Glasshole script

We live in a connected world where social media is ubiquitous and many people feel compelled to share every waking moment with anyone who will listen. In this type of world, wearable computers like Google Glass allow us to share experiences like never before. A Glass user can take photos, record video and audio, or potentially even stream video live on the Internet with the greatest of ease. That might be great for the Glass user, but what about the rest of us? As wearable computing becomes more and more mainstream, people are naturally going to become divided on the issue of privacy. Is it a good thing to have “cyborgs” with wearable computers and cameras constantly at the ready, or is it a privacy nightmare? The cyborg war is coming, and [Julian] has already chosen his side.

It would seem that [Julian] lands on the side of the privacy advocates, based on his “glasshole” script. Glasshole is a relatively simple bash script that relies on some other common network security tools to take care of the heavy lifting. The basic premise relies on the fact that every manufacturer of network interface devices is assigned their own MAC prefix. This is a piece of the MAC address that is unique to that manufacturer.

[Julian's] script uses a utility called arp-scan to obtain a list of all MAC addresses on a given wireless network. It then loops through each address and compares it to the known Google Glass MAC prefix. If it finds a match, it will make an audible beeping noise to alert the script user. The script then launches aireplay-ng in de-authentication mode. This will send spoofed disassociate packets to the client (in this case the Google Glass device), hopefully forcing them to disconnect from the access point. The script runs continuously, ensuring that once the device reconnects to the network it will get booted off once again. The script is designed to be run on a small Linux computer such as a Raspberry Pi or a BeagleBone black. This way, the user can carry it around with them as a sort of portable defense mechanism.

How do you fit into the cyborg war? Will you stand proudly with your computer on your face for all to see? If so, what kind of countermeasures would you deploy to prevent this type of attack from working on you? If not, what other types of interesting attacks can you think of to keep the cyborgs at bay?

[Thanks Syed]

Interview: Inventing the Unix “sudo” command

It was just one of these nights. We were sitting at the O’Neil’s San Mateo Pub, taking a break after a long day at the Maker Faire. Hackaday was hosting an informal drink-up and a steady stream of colorful characters has just started flowing in. That’s when we met [Robert Coggeshall].

XKCD comic #149
[xkcd, 149]
It started off as a normal discussion – he runs Small Batch Assembly and does a lot of interesting things in the maker space. Then he brought up a fascinating detail - “Oh, did you know I also co-invented sudo back in the 80′s?”

If you ever did as much as touch a Unix system, you’ll know this is a big deal. What came as an even bigger surprise was that something like sudo had to be “invented” in the first place. When thinking about the base Unix toolkit, there is always this feeling that it all emerged from some primordial soup of ideas deep inside of Bell Labs, brought to life by the infinite wisdom of [Ken Thompson] and the rest of the gang. Turns out that wasn’t always the case. We couldn’t miss asking [Bob] for an interview, and he told us how it all came about…

Continue reading “Interview: Inventing the Unix “sudo” command”

A Tutorial on Using Linux for Real-Time Tasks

[Andreas] has created this tutorial on real-time (RT) tasks in Linux. At first blush that sounds like a rather dry topic, but [Andreas] makes things interesting by giving us some real-world demos using a Raspberry Pi and a stepper motor. Driving a stepper motor requires relatively accurate timing. Attempting to use a desktop operating system for a task like this is generally ill-advised. Accurate timing is best left to a separate microcontroller. This is why we often see the Raspi paired with an Arduino here on Hackaday. The rationale behind this is not often explained.

[Andreas] connects a common low-cost 28BYJ-48 geared stepper motor with a ULN2003 driver board to a Raspberry Pi’s GPIO pins. These motors originally saw use moving the louvers of air conditioners. In general, they get the job done, but aren’t exactly high quality. [Andreas] uses a simple program to pulse the pins in the correct order to spin the motor. Using an oscilloscope, a split screen display, and a camera on the stepper motor, [Andreas] walks us through several common timing hazards, and how to avoid them.

The most telling hazard is shown last. While running his stepper program, [Andreas] runs a second program which allocates lots of memory. Eventually, Linux swaps out the stepper program’s memory, causing the stepper motor to stop spinning for a couple of seconds. All is not lost though, as the swapping can be prevented with an mlockall() call.

The take away from this is that Linux is not a hard real-time operating system. With a few tricks and extensions, it can do some soft real-time tasks. The best solution is to either use an operating system designed for real-time operation, or offload real-time operations to a separate controller.

Continue reading “A Tutorial on Using Linux for Real-Time Tasks”

Retrotechtacular: Where the Linux/UNIX TTY Came From

retrotechtacular-tty-demystified

From time to time we realize that sayings which make sense to us probably will have no meaning for future generations. Two of the examples that spring to mind are “hang up the phone” or in a vehicle you might “roll down the window”. And so is the case for today’s Retrotechtacular. Linux users surely know about TTY, but if you look up the term you actually get references to “Teletypewriter”. What’s that all about?

[Linus Akesson] wrote a fantastic essay on the subject called The TTY Demystified. We often feature old video as the subject of this column, but we think you’ll agree that [Linus'] article is worth its weight in film (if that can be possible). The TTY system in Linux is a throwback to when computers first because interactive in real-time. They were connected to the typewriter-mutant of the day known as a teletype machine and basically shot off your keystrokes over a wire to the computer the terminal was controlling.

This copper pipeline to the processor is still basically how the terminal emulators function today. They just don’t require any more hardware than a monitor and keyboard. We consider ourselves fairly advanced Linux users, but the noob and expert alike will find nuggets and tidbits which are sure to switch on the lightbulb in your mind.

[Thanks Chuck]

Retrotechtacular is a weekly column featuring hacks, technology, and kitsch from ages of yore. Help keep it fresh by sending in your ideas for future installments.