Blackhat: iOS device charger exploit installs and activates malware

ios-charger-malware

A team of researchers from Georgia Tech unveiled their findings yesterday at the Blackhat conference. Their topic is a power charger exploit that installs malware on iOS devices. Who would have thought that there’d be a security hole associated with the charging port on a device? Oh wait, after seeing hotel room locks exploited through their power jack this is an avenue that should be examined with all device security.

The demonstration used a charger and an BeagleBoard. Plugging in the charger is not enough to trigger the exploit, the user must unlock the screen while charging for it to go into action. But once that’s done the game is over. Their demo removes the Facebook app and replaces it with an infected impostor while leaving the icon in the same place on your home screen. They notified Apple of their findings and a patch will roll out with iOS7. So when would you plug your device into an untrusted charger? Their research includes a photo from an airport where an iPad is connected to the USB port of a public charging station.

The summary on the Blackhat site has download icons for the white paper and presentation slides. At the time of writing we had a hard time getting them to download but succeeded after several tries.

BeagleBone Black becomes a handheld classic gaming console

gaming

Over at TI, the 2013 Intern Design Challenge is underway, an opportunity for the interns of TI to flex their engineering muscle for a few prizes and a chance to have their designs turned into actual products. We’re thinking [Max] might just pull this one out with his BeagleBone Gaming Cape, an add-on to the BeagleBone Black that turns this ARM-powered Linux board into a retro gaming system.

The build was inspired by [Max]‘s earlier MSP430 Launchpad GamingPack, an add-on board for the Launchpad that put two NES controllers, a VGA out, and an FPGA to create a custom gaming console that’s up there with the brightest and best consoles of the 16-bit era. For the new BeagleBone-based build, [Max] eschewed off-board processing, but did manage to include a magnetometer/accelerometer and an audio codec IC to provide the best gaming experience for all those NES, Game Gear. Gameboy, GBA and Doom .wad games.

In addition to a fabulous piece of hardware, [Max] also has the case design down to a tee. He first printed out a dozen or so layers of his case, sandwiching the BeagleBone, his cape, battery holders, and LCD display. Once he knew the dimensions would work, he sent his files off to be laser cut out of a matte black delrin. The finished piece is a work of art, and considering how well everything goes together, we wouldn’t mind giving this new retro-gaming console a spin ourselves.

[Travis Goodspeed] starts a space agency in Southern Appalachia

travis-goodspeed-space-tracker

His space agency hardware might be in Southern Appalachia, but he can control it from anywhere in the world. That’s right, [Travis Goodspeed] started his own space agency — well kinda. The first piece of hardware operated by the organization is this dish for tracking moving targets in near space.

The main part of the build is a Felcom 82B dish which  was designed to be a satellite link for naval vessels. The image showing the back side of it exposes all of the extras he built into the system. Don’t worry though, a dome goes over the top to keep the weather out without encumbering its operation.He uses an SDR dongle to handle the radio communications. That connects to a BeagleBone which pipes the data to his handheld over the Internet.

It’s amazing to see this type of hobby project. It wasn’t that long ago that you needed an entire room of hardware to communicate with satellites.

RF wireless kernel module for Raspberry Pi, BeagleBone and others

rfm12b-kernel-module

If you’ve done any wireless work with hobby electronics you probably recognize this part. The green PCB is an RFM12B wireless board. They come in a few different operating bandwidths, the 433 MHz is probably the most common. They’re super easy to interface with a small microcontroller but what about an embedded Linux board? That is the focus of this project, which builds a kernel driver for the RF module.

You can get your own RFM12B for a few bucks. They’re quite versatile when paired, but a lot of inexpensive wireless consumer goods operate on this band so the board can be used to send commands to wireless outlets, light fixtures, etc. [Georg] has been working with the BeagleBone, BeagleBone Black, and Raspberry Pi. His software package lets you build a kernel module to add an entry for the device into the /dev directory of a Linux system. So far the three boards listed are all that’s supported, but if you have five I/O pins available it should be a snap to tailor this to other hardware.

Wondering what else you can do with the setup? This will get the receiving end of a text-messaging doorbell up and running in no time.

[Read more...]

Update: Live video played on LED strip display

update-live-video-on-led-strip-display

[Paul] took this LED display along with him to Maker Faire. To give it some interactivity he figured out a way to make it play live video. It is also activated using some stomp actuators built from piezo speaker elements and rubber floor mats.

This moves his original project in new directions. Back in February he was showing off the RGB LED strip display. He had it playing video but that was all dependent on using previously processed files. This upgrade uses a BeagleBone Black (the newest rendition of the ARM-based development board). [Paul] had tried using a Raspberry Pi board but had trouble with the webcam (mounted above the LED display) dropping frames. With the new board he is able to use the Video4Linux API to capture 30 frames per second and push them out to the display.

So far he’s had five out of the 1920 LEDs die on him. This shows off a couple of good things about using strips like this. A dead pixel doesn’t affect its neighbors. And replacement is as easy as cutting the ribbon on either side of the bad component, then soldering a new segment in place.

 

Deploying an open source pollution monitoring network

pollution-monitoring-network

[Kasey] and [Guyzmo] have been working for the past couple of years on a side project that lets them monitor pollution using a network of sensors. They’ve just decided to make the project open source, both hardware and software. The details of the system are available at their GitHub repository.

There are two main components to the system. On the right is a base station which collects the data from the array of sensor, one of which is shown on the left. Each sensor runs off of a battery, but features a PV solar panel which keeps the power source topped off. It uses an Arduino to drive the system, and an XBee radio for communications. Some info about the sensors can be found on this summary page. There’s a PM10 particle pollution sensor, temperature, sound, nitrogen, and oxygen sensors. We also wonder if any data can be gleaned from how much electricity the solar panel is able to harvest?

The base station also uses an XBee radio to poll the network, but it’s not driven by an Arduino. They’ve gone with the ARM-based BeagleBone to manage the data.

A Bitcoin mining example for the BeagleBone with an FPGA shield

beaglebone-fpga-bitcoin-mining

If you’ve got a BeagleBone and an FPGA board you should give this Bitcoin mining rig a try. The hardware uses brute-force to solve hashes, looking for the rare sets that can be used as digital currency. This particular example is designed for the LOGi-bone which is an FPGA shield for the BeagleBone. But we don’t see anything that would make this difficult to use with other FPGA hardware.

We’ve seen FPGA hardware bitcoin mining in the past. It doesn’t offer as much horsepower as an array of GPUs would, but the ARM/FPGA combo can be used in a cluster in order to speed up the process. This sounds like a fun group project to take on at the local Hackerspace.