Amazon Echo Show

Back in May, Amazon announced the Echo Show, its new version of Alexa with a 7 inch touchscreen. The Echo Show is an interesting device, but will the great unwashed masses pony up $229 to buy the show? That’s $50 more than the original Echo, or $180 more than the Echo Dot. With 5.2 million units sold in 2016, Echo has been a resounding success. This has been in part due to Amazon’s open approach to the API. Anyone can build an Alexa compatible device using a Raspberry Pi. Google has (finally) followed suit with their Home device.

It’s not just the hardware that is accessible. Skills Kit, the programmer interface for extending Echo’s functionality, is also open. At CES this year, Alexa was the belle of the ball. Third party devices are being introduced from all corners, all of them connecting to Amazon’s cloud and responding to the “Alexa” keyword.

The Echo Show takes the family in a new direction. Adding a touch screen gives the user a window on the the world not available with voice interactions. Echo Show also includes a camera, which opens up a whole new set of privacy and security questions. Amazon touts it as a device for viewing security cameras, watching YouTube videos, and making video calls. This puts Echo Show dangerously close to the internet appliance category, essentially a barren wasteland littered with the corpses of previous devices. Does anyone remember when Palm tried this with the 3Com Ergo Audrey? How about the i-Opener? Will Alexa persevere and succeed where others have failed? A lot of it will depend on the third party developers, and how Amazon treats them.

Continue reading “Amazon Echo Show”

Victorians and Fiber, Louisville’s Quest For Fast Internet

It was a dark and stormy afternoon, the kind you get on the east side of the country. I was drinking a coffee, sitting in a camping chair in front of my door, and watching like a hawk for the treacherous cable man to show up. This day there would be no escape. There would be no gently rapping the door with a supple sheepskin leather glove before scurrying away for another union mandated coffee break. I was waiting, I was kind of grumpy, and by God today would be the day. Today would be the day that after hours on hold, after three missed appointments, after they lost my records twice; I would get an answer on whether or not they could actually service internet to my apartment. If I was lucky, and the answer was yes, then approximately two to three thousand years later they would run a cable from the telephone pole to my house and I could stop commandeering WiFi from the pizza shop across from me.

It’s important to note that I was in the middle of the city. I wasn’t out in the boonies. Every house on the block but mine had cable. While this is dumb, it begins to make more sense when you dive into the history. Louisville, Kentucky is a strange place. It used to be the gateway to the west. Ships would crawl up its river until they reached the falls. Then porters would charge an exorbitant fee to carry all those goods down to the bottom of the falls where they would be loaded on a ship and be sent ever westward. Resulting in every rich merchant, captain, and manufacturer in the region having a nice house there. Ever wonder why the Derby is in Louisville and the Queen comes to visit sometimes? It probably has something to do with it having the highest concentration of Victorian buildings and mansions outside of New York City.

Continue reading “Victorians and Fiber, Louisville’s Quest For Fast Internet”

Retrotechtacular: Tom Carter Revolutionized your Phone

It is hard to remember, but there was a time when you couldn’t hook much to a telephone line except a telephone. Although landlines are slowly falling out of favor, you can still get corded and wireless phones, answering machines, and even dial up modems. Alarm systems sometimes connect to the phone system along with medical monitoring devices and a host of other accessories.

All of that’s possible because of a Texan named Tom Carter. Tom Carter was the David that stood up to one of the biggest Goliath’s of his day: the phone company. The phone company had a legal monopoly on providing phone service. The reasoning was that it didn’t make sense to have multiple competing companies trying to run wires to every house and business in the country. Makes sense, right?

Continue reading “Retrotechtacular: Tom Carter Revolutionized your Phone”

Bad Code Results in Useless Passwords

[HeadlessZeke] was excited to try out his new AT&T wireless cable box, but was quickly dismayed by the required wireless access point that came bundled with it. Apparently in order to use the cable box, you also need to have this access point enabled. Not one to blindly put unknown devices on his network, [HeadlessZeke] did some investigating.

The wireless access point was an Arris VAP2500. At first glance, things seemed pretty good. It used WPA2 encryption with a long and seemingly random key. Some more digging revealed a host of security problems, however.

It didn’t take long for [HeadlessZeke] to find the web administration portal. Of course, it required authentication and he didn’t know the credentials. [HeadlessZeke] tried connecting to as many pages as he could, but they all required user authentication. All but one. There existed a plain text file in the root of the web server called “admin.conf”. It contained a list of usernames and hashed passwords. That was strike one for this device.

[HeadlessZeke] could have attempted to crack the passwords but he decided to go further down this rabbit hole instead. He pulled the source code out of the firmware and looked at the authentication mechanism. The system checks the username and password and then sets a cookie to let the system know the user is authenticated. It sounds fine, but upon further inspection it turned out that the data in the cookie was simply an MD5 hash of the username. This may not sound bad, but it means that all you have to do to authenticate is manually create your own cookie with the MD5 hash of any user you want to use. The system will see that cookie and assume you’ve authenticated. You don’t even have to have the password! Strike two.

Now that [HeadlessZeke] was logged into the administration site, he was able to gain access to more functions. One page actually allows the user to select a command from a drop down box and then apply a text argument to go with that command. The command is then run in the device’s shell. It turned out the text arguments were not sanitized at all. This meant that [HeadlessZeke] could append extra commands to the initial command and run any shell command he wanted. That’s strike three. Three strikes and you’re out!

[HeadlessZeke] reported these vulnerabilities to Arris and they have now been patched in the latest firmware version. Something tells us there are likely many more vulnerabilities in this device, though.

[via Reddit]

Retrotechtacular: Ma Bell’s Advanced Mobile Phone Service (AMPS)

This gem from the AT&T Archive does a good job of explaining the first-generation cellular technology that AT&T called Advanced Mobile Phone Service (AMPS). The hexagon-cellular network design was first conceived at Bell Labs in 1947. After a couple of decades spent pestering the FCC, AT&T was awarded the 850MHz band in the late 1970s. It was this decision coupled with the decades worth of Bell System technical improvements that gave cellular technology the bandwidth and power to really come into its own.

AT&T’s primary goals for the AMPS network were threefold: to provide more service to more people, to improve service quality, and to lower the cost to subscribers. Early mobile network design gave us the Mobile Service Area, or MSA. Each high-elevation transmitter could serve a 20-mile radius of subscribers, a range which constituted one MSA. In the mid-1940s, only 21 channels could be used in the 35MHz and 150MHz band allocations. The 450MHz band was introduced in 1952, provided another 12 channels.

repeated channelsThe FCC’s allocation opened a whopping 666 channels in the neighborhood of 850MHz. Bell Labs’ hexagonal innovation sub-divided the MSAs into cells, each with a radius of up to ten miles.

The film explains quite well that in this arrangement, each cell set of seven can utilize all 666 channels. Cells adjacent to each other in the set must use different channels, but any cell at least 100 miles away can use the same channels. Furthermore, cells can be subdivided or split. Duplicate frequencies are dealt with through the FM capture effect in which the weaker signal is suppressed.

Those Bell System technical improvements facilitated the electronic switching that takes place between the Mobile Telephone Switching Office (MTSO) and the POTS landline network. They also realized the automatic control features required of the AMPS project, such as vehicle location and automatic channel assignment. The film concludes its lecture with step-by-step explanations of inbound and outbound call setup where a mobile device is concerned.

Continue reading “Retrotechtacular: Ma Bell’s Advanced Mobile Phone Service (AMPS)”

Hackaday Links: October 5th, 2014

Good news from CadSoft this week. They didn’t miss all the complaints about their decision to use a Node Lock License for EAGLE 7. This had meant that users of the popular PCB design software would be limit on how many machines they could use the software with a license. They have removed License Management from the package (and all the citizens rejoiced).

We’re tripping over the growing pile of hardware that boast the “next-big-thing” in getting devices onto a network. That’s not a complaint at all. This time around it’s a cell chip, the U-blox SARA-U260, which can connect to 3G on the AT&T network and is just 16x26mm. They call it world’s smallest but we have no idea if that’s true or not. Anyone have a source and/or pricing for these? [Thanks Austin]

This guy loves his Nixie tube. How much? To the extent that he built up a hardware and software interface that behaves much like a pet. It’s voice activated, and the infectious delight of [Glasslinger’s] video demo is in itself worth watching. [Thanks Morris]

Making this Magnetic Stripe Reader work as a USB device is really nothing more than adding a serial-to-USB converter. The journey to find the way to add the converter makes for a fun read though.

We know from watching Breaking Bad that you can kill power to a building by shorting the power lines outside with a huge bouquet of mylar balloons. This installation is a twist on the idea. Connecting one mylar balloon to a Van de Graaff generator and floating it next to another results in an oscillating repel-discharge-repel cycle. [Thanks filnt via NPR]

How to Upgrade Jasper’s Voice Recognition with AT&T’s Speech-to-Text API

Jarvis upgrade

Jasper is an open-source platform for developing always-on voice-controlled applications — you talk and your electronics listen! It’s designed to run on a Raspberry Pi. [Zach] has been playing around with it and wasn’t satisfied with Jasper’s built-in speech-to-text recognition system. He decided to take the advice of the Jasper development team and modify the system to use AT&T’s speech-to-text engine.

The built-in system works, but it has limitations. Mainly, you have to specify exactly which keywords you want Jasper to look out for. This can be problematic if you aren’t sure what the user is going to say. It can also cause problems when there are many possibilities of what the user might say. For example if the user is going to say a number between one and one hundred, you don’t want to have to type out all one hundred numbers into the voice recognition system in order to make it work.

The Jasper FAQ does recommend using the AT&T’s speech-to-text engine in this situation but this has its own downsides. You are limited to only one request per second and it’s also slower to recognize the speech. [Zach] was just fine with these restrictions but he couldn’t find much information online about how to modify Jasper to make the AT&T engine work. Now that he’s gotten it functional, he shared his work to make it easier for others.

The modification first requires that you have at AT&T developer account. Once that’s setup, you need to make some changes to Jasper’s module. That’s the only part of Jasper’s core that must be changed, and it’s only a few lines of code. Outside of that, there are a couple of other Python scripts that need to be added. We won’t go into the finer details here since [Zach] goes into great detail on his own page, including the complete scripts. If you are interested in using the AT&T module with your Jasper installation, be sure to check out [Zach’s] work. He will likely save you a lot of time.