This bar code tattoo was sent into us by [Lifespan]. Before going under the needle, [Lifespan] didn’t care much for tattoos. After seeing this video he realized that a tattoo could have dynamic content through domain redirection.

[Lifespan] spent a lot of time going over the different styles of 2D bar codes. QR codes were deemed ugly because of the three large squares in the corners. An EZ Code, like the one in his YouTube inspiration, are a proprietary format that must be read with a ScanLife app. He eventually settled on a Data Matrix bar code because of its open format and ubiquity in business and industry. To make the tattoo dynamic, [Lifespan] made the tattoo point to 5id5.com. With a little bit of smart phone wizardry, that domain can be redirected to any URL in a moments notice.

Like all well-planned tattoos, he found himself a very good artist to do the piece. [Connor Moore] managed to ink some skin at 15 dpi, which was a little risky, but the results came out great. While it’s not scarification via a laser cutter, barring fading this tattoo is technologically future proof.

[Scott Harden] came across a few posts about QR code matrix barcodes coming through on the 40m baud radio band. A few operators had captured the signals and assembled them into the code block seen above but they weren’t able to get a clear enough shot for a smartphone to decode the image. [Scott] took on the challenge and decoded the mysterious message himself. He tried some graphic editing to separate and enhance the color channels in order to up the contrasts of the image. This helped, but still couldn’t be read automatically. In a move similar to those seen in Hackaday’s own barcode challenges he dropped the image into Inkscape so that he could manually clean it up. Once it was overlaid on a grid the job was pretty simple. the left side did require some more image manipulation and precision”squinting” to eliminate interference from the vertical banding, but he managed to get the message. We won’t spoil it here in case you want to take on the challenge yourself. Good luck!

Playing store just got really, really fun because you can now build your own LEGO barcode scanner. As you can see after the break, it works well and it’s fast like a real barcode scanner. Unfortunately it doesn’t scan real barcodes. Or at least not traditional ones. As we learned in the Barcode Challenge, standard barcodes are a set of white and black bars that make up the ones and zeros of the code. This system uses the same white and gray bar system but it seems that it’s only the number of bars that identify an item, not a code created by a particular combination of light and dark. The items above are all scannable because the scanner counts the 2, 3, 4, 5 or 6 white beams on the bottom of each package. Still, it’s incredibly clever and a great toy for the young hackers to build if they have a little help.

[via Tinkernology]

Whenever someone manages to expose vulnerabilities in everyday devices, we love to root for them. [Adrian] over at Irongeek has been inspired to exploit barcodes as a means to attack a POS database. Based on an idea from a Pauldotcom episode, he set out to make a rapid attack device, using an LED to spoof the signals that would be received by scanning a barcode. By exposing the POS to a set of generic database attacks, including XSS, SQL Injection, and other errors easily solved by input sanitation, he has created the first version of an automated system penetration device. In this case the hardware is simple, but the concept is impressive.

With the hardware explained and the source code provided, as well as a basic un-sanitized input cheat sheet, the would-be barcode hackers have a great place to start if they feel compelled to provide a revision two.

[Thanks Robert W.]

Hacking with Gum got their hands on one of the persistence of vision display fans that Cenzic was giving away at Blackhat this year. It’s not the biggest fan-based POV display we’ve seen but it’s still a fun device to tinker with. They hacked into the EEPROM on the device in order to change the message the fan displayed.

This is very similar to the other EEPROM reading/writing we’ve seen recently. Hacking with Gum read the data off of the EEPROM and then disassembled it to discover how the message data is stored on the chip. This was made easier by noting the messages displayed when the fan is running. The first byte of data shows the number of words in the message, then each chunk of word data is preceded by one byte that represents the number of letters in that work. Data length was calculated based on the number of pixels in each display character. Once he knew the data-storage scheme, it was just a matter of formatting his own messages in the same way and overwriting the chip.

This is a great write-up if you’re looking for a primer on reverse engineering an unknown hardware system. If you had fun trying out our barcode challenges perhaps deciphering EEPROM data from a simple device should be your next quest.

[Thanks James]

This morning we logged into Google to find a Barcode instead of the normal logo (how strange that Google would change their graphic!). Apparently today is the anniversary of the Barcode. This method of easily labeling items for computer scanning is used for every type of commodity in our society. But do you know how to get the cryptic information back out of the Barcode?

Here’s the challenge:  The image at the top of the post was created by the devious writers here at Hack a Day. Leave us a comment that tells us what the message says and explains how you deciphered it. There are programs that will do this for you and some smartphones can do this from a picture of the code, but we’re looking for the most creative solutions.

The winner will be decided in a totally unfair and biased way and gets their name plastered all over Hack a Day (and possibly slandered a bit).  So get out there and start decoding that machine-readable image.

Update: We’ve announced a winner for this challenge.

We’ve recently been getting a lot of new comments on our Bokode post from a while back, and with good reason.  [M@] has managed to find a way to replicate Bokode at home, using $0 worth of equipment (before the price of microprint). To accomplish Bokode at home, it seems all you need is and old webcam lens assembly and an LED.  Of course the his version is not as thin as a regular barcode so it probably wont be replacing anything in the near future, but the concept of from MIT to home within such a short period of time is amazing.

Reader [Nikolaus] decided that instead of using an existing image based bar code decoder, he would write his own. Using the Processing language he created a scanner that parsed the black and white pattern when a bar code was centered on the image. His code then parsed that data and compared it with the initializing character to provide a reference. Currently his scanner supports three character sets of the Code 128 encoding, and provided his complete code so that others could add as they see fit. He admits that the code is a bit messy due to the lengthy character tables, but very straight forward.

The MIT Camera Culture Group utilized Bokeh, an effect where the lens is purposely placed out of focus, in order to vastly improve current 2D barcode technology. Dubbed Bokode, the team claims that an off the shelf camera can read data 2.5 microns from a distance of over 4 meters, compared to today’s average barcode reader’s maximum distance of only a foot or so. What looks most interesting is the ability to produce a smoother and more accurate distance and angle calculations (relative to the camera): allowing for a better augmented reality. It also seems to be more secure than traditional 2D barcodes, that is of course until the hacker community gets a hold of it.

[Thanks Talin]

AndroidAndMe is running a bounty program for Android applications. Users can request a specific application and pledge money to be awarded to the developer who delivers the functional app. [Alec Holmes] just fulfilled the first request by creating Torrent Droid. You can use the app to scan media barcodes and then download the related torrent. It uses the phone’s camera to capture the product’s UPC barcode (similar to Compare Everywhere‘s price lookup) and then searches major torrent sites like The Pirate Bay to find a copy that can be downloaded. After getting the .torrent file, the app can submit it to uTorrent‘s web interface for remote downloading. The app will be released later this month and you can see a screenshot tour of it on Alec’s blog. It’s doubtful that an application like this would ever clear Apple’s App Store approval process.

[via TorrentFreak]

[nico] just received his credentials for an upcoming conference. On each badge, there’s a 2D barcode with the participant’s bio and contact info. These are meant to be scanned by vendors for future contact. [nico] isn’t so interested in that and plans on updating his personal info by generating a new barcode. To this end, he’s collected a number of links to help out barcode hackers. He used the SWIPE toolkit to identify the format and decode (it has an online component too). There are also several online encoders you can use, like this one from [Terry Burton]. If you’re wondering what sort of shenanigans you can get into faking barcodes, check out [fx]‘s presentation from 24C3.

[photo: seanbonner]

Check out the video to find out more silliness involving DVD rentals, boarding passes, asset management, and SQL injection via the scanner. You can even find higher res versions in the 24C3 media archives.