33C3: Breaking IoT Locks

Fast-forward to the end of the talk, and you’ll hear someone in the audience ask [Ray] “Are there any Bluetooth locks that you can recommend?” and he gets to answer “nope, not really.” (If this counts as a spoiler for a talk about the security of three IoT locks at a hacker conference, you need to get out more.)

btle_lockUnlocking a padlock with your cellphone isn’t as crazy as it sounds. The promise of Internet-enabled locks is that they can allow people one-time use or limited access to physical spaces, as easily as sending them an e-mail. Unfortunately, it also opens up additional attack surfaces. Lock making goes from being a skill that involves clever mechanical design and metallurgy, to encryption and secure protocols.

master_jtagIn this fun talk, [Ray] looks at three “IoT” locks. One, he throws out on mechanical grounds once he’s gotten it open — it’s a $100 lock that’s as easily shimmable as that $4 padlock on your gym locker. The other, a Master lock, has a new version of a 2012 vulnerability that [Ray] pointed out to Master: if you move a magnet around the outside the lock, it actuates the motor within, unlocking it. The third, made by Kickstarter company Noke, was at least physically secure, but fell prey to an insecure key exchange protocol.

Along the way, you’ll get some advice on how to quickly and easily audit your own IoT devices. That’s worth the price of admission even if you like your keys made out of metal instead of bits. And one of the more refreshing points, given the hype of some IoT security talks these days, was the nuanced approach that [Ray] took toward what counts as a security problem because it’s exploitable by someone else, rather than vectors that are only “exploitable” by the device’s owner. We like to think of those as customization options.

Bluetooth Speaker With Neopixel Visual Display!

Finding a product that is everything you want isn’t always possible. Making your own that checks off all those boxes can be. [Peter Clough] took the latter route and built a small Bluetooth speaker with an LED visualization display that he calls Magic Box.

A beefy 20W, 4Ohm speaker was screwed to the lid of a wooden box converted to the purpose. [Clough] cut a clear plastic sheet to the dimensions of the box, notching it 2cm from the edge to glue what would become the sound reactive neopixel strip into place — made possible by an electret microphone amplifier. There ended up being plenty of room inside the speaker box to cram an Arduino Pro Mini 3.3V, the RN-52 Bluetooth receiver, and the rest of the components, with an aux cable running out the base of the speaker. As a neat touch, neodymium magnets hold the lid closed.

Continue reading “Bluetooth Speaker With Neopixel Visual Display!”

Bluetooth Turns 5

Last week, the latest and greatest member of the Bluetooth family of wireless specifications was announced to the world: Bluetooth 5! What main changes are in store? Read the FAQ (PDF), or dig into the full spec (bigger PDF) at 2,800 pages.

Their big-print selling points include “up to 4x the range, 2x the speed, and 8x the broadcasting message capacity” to power the Internet of Things. Etcetera. [Akiba] pointed out via Twitter that they get the fourfold increase in range by adding an extra zero to the “Maximum Output Power” spec, going from 10 mW maximum power to 100 mW. That would do it.

In less snarky news, they’re also allowing for a lower-bitrate mode that will also increase range without simply boosting the power. The spec is actually being changed to let the user work out their optimal blend of power, range, and bitrate. We’re down with that. But you’re not getting 4x the range and 2x the speed without paying the bandwidth piper. That’s just physics.

If you use the beacon mode in Bluetooth Low Energy (BLE), you’ll be happy to hear that they’re lengthening the beacon packet from 31 bytes to 255, so you can send a bunch more data without consuming too much power. That’s the “8x”. Bluetooth 5.0 is also backwards compatible with Bluetooth 4.2, so you don’t have to redo anything if you don’t want to take advantage of the newer features. Your current BLE beacons will keep working.

Finally, there’s some contention-detection and other bandwidth optimizing going on, which is welcome in our crowded 2.4 GHz office spectrum. Our guess is that’s where the “2x speed” is largely coming from, but there are about 2,750 pages that we haven’t read yet, so if you’re digging into the spec, let us know what you find in the comments.

Thanks to [Akiba] for tipping us off to this via Twitter. Go check out his great talk on getting hacker stuff in Shenzhen that was presented at the SuperCon.

Game Controller Cuts the Rug

There’s an iconic scene from the movie Big where [Tom Hanks] and [Robert Loggia] play an enormous piano by dancing around on the floor-mounted keys. That was the first thing we thought of when we saw [jegatheesan.soundarapandian’s] PC joystick rug. His drum playing (see the video below) wasn’t as melodious as [Hanks] and [Loggia] but then again they probably had a musical director.

At the heart of the project is, of course, an Arduino. An HC-05 provides a Bluetooth connection back to the PC. We thought perhaps an Arduino with USB input capability like the Leonardo might be in use, but instead, [jegatheesan] has a custom Visual Basic program on the PC that uses SendKeys to do the dirty work.

The switches are more interesting made with old CDs, foil, and sponges. The sponge holds the CDs apart until you step on them and the foil makes the CDs conductive. He uses a lot of Fevicol in the project–as far as we can tell, that’s just an Indian brand of PVA glue, so Elmer’s or any other white glue should do just as well.

Continue reading “Game Controller Cuts the Rug”

Make Your Eyes Louder With Bluetooth Speaker Goggles

Your eyes are cool, but they aren’t very loud. You can remedy that with this build from [Sam Freeman]: a pair of Bluetooth speaker goggles. Combine a pair of old welders goggles with a Bluetooth receiver, a small amp and a couple of cheap speaker drivers and you’re well on your way to securing your own jet set radio future.

[Sam] found a set of speaker drivers that were the same size as the lenses of the goggles, as if they were designed for each other. They don’t do much for your vision, but they definitely look cool. [Sam] found that he could run the speakers for an hour or so from a small Lithium Ion battery that’s hidden inside the goggles, along with a large lever switch for that throwback electronics feel. The total cost of this build is a reasonably-low at $40, or less if you use bits from your junk pile.

The real trick is watching them in action and deciding if there’s any motion happening. Don’t get us wrong, they look spectacular but don’t have the visual feedback component of, say, the bass cannon. Look for yourself in the clip below. We might add a pair of googly eyes on the speakers that dance as they move, but that would get away from the more serious Robopunk look that [Sam] is going for. What would you add to build up the aesthetic of these already iconic goggles?

Continue reading “Make Your Eyes Louder With Bluetooth Speaker Goggles”

Star Trek Phone Dock Might as Well Be From Picard’s Night Stand

Star Trek is often credited with helping spur the development of technologies we have today — the go-to example being cell phones. When a Star Trek April Fool’s product inspires a maker to build the real thing? Well, that seems par for the course. [MS3FGX] decided to make it so. The 3D printed Star Trek-themed phone dock acts as a Bluetooth speaker and white noise generator. The result is shown off in the video below and equals the special effects you expect to find on the silver screen.

Taking a few liberties from the product it’s based on — which was much larger and had embedded screens — makes [MS4FGX]’s version a little more practical. Two industrial toggle switches control a tech cube nightlight and the internal Bluetooth speaker. An NFC tag behind the phone dock launches the pre-installed LCARS UI app and turns on the phone’s Bluetooth. Despite being a challenge for [MS3FGX] to design, the end product seems to work exactly as intended.

Continue reading “Star Trek Phone Dock Might as Well Be From Picard’s Night Stand”

Retrofitting Smoke Alarms With Bluetooth

Everybody should have a few smoke alarms in their house, and everyone should go check the battery in their smoke alarm right now. That said, there are a few downsides to the traditional smoke alarm. They only work where you can hear them, and this problem has been solved over and over again by security companies and Internet of Things things.

Instead of investing in smart smoke alarms, [Johan] decided to build his own IoT smoke alarm. It’s dead simple, costs less than whatever wonder gizmo you can buy at a home improvement store, and reuses your old smoke alarm. In short, it’s everything you need to build an Internet-connected smoke alarm.

Smoke alarms, or at least ionization-based alarms with a tiny amount of radioactive americium, are very simple devices. Inside the alarm, there’s a metal can – an ionization chamber – with two metal plates. When smoke enters this chamber, a few transistors sound the alarm. If you’ve ever taken one apart, you can probably rebuild the circuit from memory.

Because these alarms are so simple, it’s possible to hack in some extra electronics into a design that hasn’t changed in fifty years. For [Johan]’s project, he’s doing just that, tapping into one of the leads on the ionization chamber, measuring the current through the buzzer, and adding a microcontroller with Bluetooth connectivity.

For the microcontroller and wireless solution, [Johan] has settled on TI’s CC2650 LaunchPad. It’s low power, relatively cheap, allows for over the air updates, and has a 12-bit ADC. Once this tiny module is complete, it can be deadbugged into a smoke alarm with relative ease. Any old phone can be used as a bridge between the alarm network and the Internet.

The idea of connecting a smoke alarm to the Internet is nothing new. Security companies have been doing this for years, and there are dozens of these devices available at Lowes or Home Depot. The idea of retrofitting smarts into a smoke alarm is new to us, and makes a lot of sense: smoke detectors are reliable, cheap, and simple. Why not reuse what’s easy and build out from there?