[Owen] has a fairly big project in the works, where he’ll need to use infrared light to send data wirelessly between two nodes. The only problem with his grand plan is that he has never built anything of the sort. As a learning exercise, he decided to try his hand at building a wireless control interface for his laptop, which he uses to play music while doing homework.

His laptop usually sits across the room from [Owen], where it is connected to a speaker and amplifier. He hates getting up repeatedly to change songs, so he figured he might as well build an IR receiver to control Winamp that responds to commands from his TV’s remote control. Using his Open Bench logic sniffer and an IR receiver from an old VCR, he deciphered his remote’s encoding system. He then programmed an ATtiny13 to decode messages received by the IR sensor, sending them to his laptop via USB.

He packaged things inside a tiny mint tin, which he hangs from a desk lamp while in use. Now he can easily perform just about any action in Winamp with a few button presses on his remote. [Owen] says that he’s incredibly happy with the results, and now that he has a firm grasp of IR signaling concepts, we can’t wait to see what he builds next.

[Travis Goodspeed] wrote in to tell us about his work reverse engineering the Bluetooth communications on this SPOT module. He’s targeted the post as a general guide to sniffing Bluetooth transmissions, but was inspired to use the SPOT as an example after seeing this other SPOT hack. We know he’s a fan of getting things to work with his Nokia N900, and that’s exactly where he ended up with the project.

This module was manufactured to be controlled by an Android phone. But there’s no control app available for the Nokia handset. Since Android uses the open-source Bluez package for the Bluetooth protocol, it’s actually pretty easy to get your hands on the packets. After grabbing a few test sets he shows how he deciphered the packets, then wrote a quick Python script to test out his findings. After working his way through the various commands available (grabbing the SPOT serial number, getting position data from it, etc) [Travis] wrote up a frontend in QT mobility for use on the N900.

[Blaise Jarrett] has been grinding away to get the WebSocket protocol to play nicely with PIC microcontrollers. Here he’s using the PIC 18F4620 along with a Roving Networks RN-XV WiFi module to get the device on the network. He had started with a smaller processor but ran into some RAM restrictions so keep that in mind when choosing your hardware.

This project was spawned after seeing the mBed feature a few days back which combined that board along with a WebSocket library and HTML5 to pull off some pretty amazing stuff. [Blaise] doesn’t have quite as much polish on the web client yet, but he has recreated the data transfer method and improved on that project by moving to the newer version 13 of WebSockets. The protocol is kind of a moving target as it is still in the process of standardization.

The backend is a server called AutoBahn which is written in python. It comes along with client-side web server examples which gave him a chance to get up and running quickly. From there he got down to work with the WebSocket communications. They’re a set of strings that look very much like HTML headers. He outlines each command and some of the hangups one might run into with implementation. After reading what it takes to get this going it seems less complicated than we thought, but it’s obvious why you’ll need a healthy chunk of RAM to pull it off.

[Drug123] made the most out of this inconspicuous gray box on the gable end of his father’s home. It serves up a 3G Internet connection that was otherwise unavailable..

The project idea was sparked by the absence of wired or fiber optic broadband in the community where his dad lives. He knew some neighbors were using 3G connections, but he couldn’t get it to work inside the house. So he set about developing an external installation that would both communicate with the cellular network, and provide a WiFi connect to it. Hardware for that is relatively expensive; a USB 3G modem and a WiFi router with a USB port.

The box itself is made of plastic, but even without the Faraday cage effect that would have been formed by using a metal housing, the 3G modem’s internal antenna just doesn’t do the job. You can see that [Drug123's] solution was an external antenna which is mounted at the peak of the roofline. Inside the box there’s an exhaust fan to cool things off when they get too hot, as well as some power resistors which provide a heat source on the coldest nights. The low-cost build certainly fits the bill, and it’s not too hard on the eyes either.

The Nike+ hardware is obviously an interesting device.  We haven’t heard a whole lot about hacking one until now, but [Dimitry] has decided to change that. Many would assume that the data transmitted off of these sensors is quite simple, however there’s a bit more than meets the eye. Amongst other challenges, all the data packets coming out of the transceiver are encrypted. [Dimitry] claims to have decoded this data stream and made use of it.

This hack also outlines how one can use this without the stock iPod receiver using a 2.4 GHz chip from Sparkfun. A lot of work has been done to figure out how these packets are decoded and the process one goes through to do this is well outlined in this post. This could serve as a good example for those wanting to figure out similar devices.

One thing [Dimitry] hasn’t done yet is release the source code for this hack. He cites some ethical issues that might not seem obvious on first glance, including the ability to follow someone in a crowd or simply jamming their data. He does add though that if you have a good reason for wanting it, to simply email him. We’re looking forward to what [Dimitry] comes up with in the future using this setup!

The crew at the Netherlands-based Bitlair hackerspace love their music, and have set up a digital jukebox for their workshop using mpd and fookebox. One problem that you run into with a bunch of different people working in one place is that everyone has their own distinct taste in music. The rhythmic “wub wub wub” of Dubstep might be great for some while leaving others trying to solder while simultaneously covering their ears. To ensure that everyone can exercise a musical veto (a la Empire Records) now and again, they built a Skipbutton which allows members to change what’s playing.

The button allows users to skip to the next song in the queue. as well as to control the volume of the space’s sound system. It uses an Arduino pro mini to run the show, sending signals to the mpd daemon using a 433 MHz transmitter. Bitlair is pretty large and they often spend time outdoors, so they had to ensure that the Skipbutton worked wherever they did. To do this, they built a Yagi-Uda antenna at the receiving end to ensure that the button functions no matter where it’s being triggered from.

Check out their wiki if you’re interested in making a similar system for your home or hackerspace – all of the code and schematics are available for the taking.

It’s been a while since we checked in on [Travis Goodspeed]. His latest post makes RF sniffing with the Next HOPE badge more portable by ditching the need to display data on a computer. He’s built on the work he did at the beginning of the year, replacing the FTDI chip on the badge with a Bluetooth module. Now he can use his Nokia N900 as a GoodFET terminal to not only display the packets pulled from the air, but the control the badge as well.

Previously, the client running on the computer was communicating with the badge via a serial connection. To get it working on the N900 [Travis] transitioned from using py-serial over to using py-bluez. All of the code changes are available from the GoodFET repository.

He’s got a few other tricks planned for this concept. He put in a parts order to add Bluetooth to the Girltech IM-ME. The pretty pink pager has the same radio chip on board, so adding Bluetooth connectivity will allow it to be used in the same way. There are also plans in the works to add a couple other packet sniffing protocols to the bag of tricks, including ZigBee.

[Elliot] put together an intriguing proof-of-concept script that uses repeated deauthentication packet bursts to jam WiFi access points. From what we can tell it’s a new way to use an old tool. Aircrack-ng is a package often seen in WiFi hacking. It includes a deauthentication command which causes WiFi clients to stop using an access point and attempt to reauthenticate themselves. [Elliot's] attack involves sending repeated deauthenitcation packets which in essence never allows a client to pass any data because they will always be tied up with authentication.

After the break you can see a video demonstration of how this works. The script detects access points in the area. The attacker selects which ones to jam and the script then calls the Aircrack-ng command. If you’ve got an idea on how to protect against this type of thing, we’d love to hear about. Leave your thoughts in the comments.

Read the rest of this entry »