Retrofitted Retro Radio

In a world full of products that are only used for a brief time and then discarded, it gives a lot of us solace to know that there was a time when furniture was made out of solid wood and not particle board, or when coffee makers were made out of metal and not plastic. It’s hard to say exactly what precipitated the change to our one-time-use culture, but in the meantime there are projects that serve to re-purpose those old, durable products from another time so that they can stay relevant in today’s ever-changing world. [Jose]’s new old radio is a great example of this style of hack.

[Jose] had a 1970s-era single-speaker radio that he found in a thrift store. The first thought that he had to get the aesthetically pleasing radio working again was to install a Bluetooth receiver into the radio’s amplifier. This proved to be too time-consuming of a task, and [Jose] decided to drive the Bluetooth module off of the power circuit for the light bulb. He built a 6V AC to 4.2V DC circuit, swapped over the speaker cable, and started listening to his tunes. The modifications he made aren’t destructive, either. If he wants, he will be able to reconnect the original (and still functional) circuitry back to the speaker and pretend he’s back in 1970.

While this isn’t the most intricate hack we’ve ever featured, it’s always refreshing to see someone get use out of an old piece of technology rather than send it off to the landfill with all of our Pentium IIs or last year’s IKEA shelves that have already fallen apart. And even if the 70s aren’t your era of choice, perhaps something newer will inspire you to bust a move.

Bluetooth HID Gamepad And HC-05 Serial Hack

“Which came first, the chicken or the egg?” Don’t bother us with stupid questions, they both co-evolved into the forms that we now serve up in tasty sandwiches or omelets, respectively. “Which came first, the HC-05 serial-flash-hack, or the wireless Bluetooth Gamepad?” Our guess is that [mitxela] wanted to play around with the dirt-cheap Bluetooth modules, and that building the wireless controller was an afterthought. But for that, it’s a well-done afterthought! (Video below the break.)

It all starts with the HC-05 Bluetooth module, which is meant to transfer serial data, but which can be converted into a general-purpose device costing ten times as much with a simple Flash ROM replacement. The usual way around this requires bit-banging over a parallel port, but hackers have worked out a way to do the same thing in bit-bang mode using a normal USB/Serial adapter. The first part of [mitxela]’s post describes this odyssey.

Continue reading “Bluetooth HID Gamepad And HC-05 Serial Hack”

The Terrible Security Of Bluetooth Locks

Bluetooth devices are everywhere these days, and nothing compromises your opsec more than a bevy of smartphones, smart watches, fitbits, strange electronic conference badges, and other electronic ephemera we adorn ourselves with to make us better people, happier, and more productive members of society.

Bluetooth isn’t limited to wearables, either; deadbolts, garage door openers, and security systems are shipping with Bluetooth modules. Manufacturers of physical security paraphernalia are wont to add the Internet of Things label to their packaging, it seems. Although these devices should be designed with security in mind, most aren’t, making the state of Bluetooth smart locks one of the most inexplicable trends in recent memory.

At this year’s DEF CON, [Anthony Rose] have given a talk on compromising BTLE locks from a quarter-mile away. Actually, that ‘quarter mile’ qualifier is a bit of a misnomer – some of these Bluetooth locks are terrible locks, period. The Kwikset Kevo Doorlock – a $200 deadbolt – can be opened with a flathead screwdriver. Other Bluetooth ‘smart locks’ are made of plastic.

The tools [Anthony] used for these wireless lockpicking investigations included the Ubertooth One, a Bluetooth device for receive-only promiscuous sniffing, a cantenna, a Bluetooth USB dongle, and a Raspberry Pi. This entire setup can be powered by a single battery, making it very stealthy.

The attacks on these Bluetooth locks varied, from sniffing the password sent in plain text to the lock (!), replay attacks, to more advanced techniques such as decompiling the APK used to unlock these smart locks. When all else fails, brute forcing locks works surprisingly well, with quite a few models of smart lock using eight digit pins. Even locks with ‘patented security’ (read: custom crypto, bad) were terrible; this patented security was just an XOR with a hardcoded key.

What was the takeaway from this talk? Secure Bluetooth locks can be made. These locks use proper AES encryption, a truly random nonce, two factor authentication, no hard-coded keys, allow the use of long passwords, and cannot be opened with a screwdriver. These locks are rare. Twelve of the sixteen locks tested could be easily broken. The majority of Bluetooth smart locks are not built with security in mind, which, by the way, is the entire point of a lock.

[Anthony]’s work going forward will concentrate expanding his library of scripts to exploit these locks, and evaluate the Bluetooth locks on ATMs. Yes, ATMs also use Bluetooth locks. The mind reels.

Sniffing Bluetooth Devices With A Raspberry Pi

Hackaday was at HOPE last weekend, and that means we got the goods from what is possibly the best security conference on the east coast. Some of us, however, were trapped in the vendor area being accosted by people wearing an improbable amount of Mr. Robot merch asking, ‘so what is Hackaday?’. We’ve all seen The Merchants Of Cool, but that doesn’t mean everyone was a vapid expression of modern marketing. Some people even brought some of their projects to show off. [Jeff] of reelyActive stopped by the booth and showed off what his team has been working on. It’s a software platform that turns all your wireless mice, Fitbits, and phones into a smart sensor platform using off the shelf hardware and a connection to the Internet.

[Jeff]’s demo unit (shown above) is simply a Raspberry Pi 3 with WiFi and Bluetooth, and an SD card loaded up with reelyActive’s software. Connect the Pi to the Internet, and you have a smart space that listens for local Bluetooth devices and relays the identity and MAC address of all Bluetooth devices in range up to the Internet.

The ability to set up a hub and detect Bluetooth devices solves the problem Bluetooth beacons solves — identifying when people enter a space, leave a space, and with a little bit of logic where people are located in a space — simply by using what they’re already wearing. Judging from what [Jeff] showed with his portable reelyActive hub (a Pi and a battery pack) a lot of people at HOPE are wearing Fitbits, wireless headphones, and leaving the Bluetooth on the phone on all the time. That’s a great way to tell where people are, providing a bridge between the physical world and the digital.

DIY Smart Home Device Means No More Fumbling in the Dark

Smart home tech is on the rise, but cost or lack of specific functionality may give pause to prospective buyers. [Whiskey Tango Hotel] opted to design their own system using a Raspberry Pi and Bluetooth device connectivity. Combining two ubiquitous technologies provides a reliable proximity activation of handy functions upon one’s arrival home.

Electrical Wiring Diagram

The primary function is to turn on a strip of LEDs when [Whiskey Tango Hotel] gets home to avoid fumbling for the lights in the dark, and to turn them off after a set time. The Raspberry Pi and Bluetooth dongle detect when a specified discoverable Bluetooth device comes within range — in this case, an iPad — after some time away. This toggles the Pi’s GP10 outputs and connected switching relay while also logging the actions to the terminal and Google Drive via IFTTT.

Continue reading “DIY Smart Home Device Means No More Fumbling in the Dark”

Bluetooth and Arduino Vaporizer Upends Stoner Stereotypes

Back in the day, stoners were content to sit around, toke on a joint, mellow out, and listen to the Grateful Dead or something. Nowadays, they practically need a degree in electrical engineering just to get high. [Beiherhund] sent us his VapeBox build. Like so many projects on Hackaday, we’re not going to make one ourselves, but we appreciate a well-done project.

First off, there’s a home-built induction heater. A 30A current sensor and switch-mode power supply regulate the amount of juice going to the coil that surrounds the heating chamber. [Beiherhund] discovered that brass doesn’t have enough internal resistance to heat up in an induction heater, so he built a stainless steel insert into the chamber. Optimal temperature is monitored from outside the chamber by a MLX90614 IR thermometer.

Fans, controlled by PWM, keep the box cool. Lights, an LCD, an HC-05 Bluetooth unit, and everything else are all tied to the obligatory Arduino that serves as the brains. A cell-phone application lets [Beiherhund] control all the functions remotely. (We’re guessing, just because he could.) It’s wrapped up in a nice acrylic case. The video, embedded below, starts with real details at 4:28.

Before you loyal Hackaday commenteers get on your high horses (tee-hee!) bear in mind that smoking dope is legal in a number of states in the USA, and that Hackaday has an international readership. We don’t encourage drug abuse or soldering in shorts and flip-flops.

Robomintoner Badminton Bot To Defeat Amateur Humans

Watching robots doing sports is pretty impressive from a technical viewpoint, although we secretly smile when we compare these robots’ humble attempts to our own motoric skills. Now, a new robot named Robomintoner seeks to challenge human players, and it’s already darn good at badminton.

Continue reading “Robomintoner Badminton Bot To Defeat Amateur Humans”