Developed on Hackaday: Let’s Build Some Hardware!

2013-12_Developed_on_Hackaday

We’re pretty sure that most of you already know that a few months ago Hackaday was bought by SupplyFrame, who therefore became our new evil overlords. We do hope you’ve noticed that they’re actually quite nice, and in their divine goodness they recently gave the go-ahead on this series called Developed on Hackaday.

A new project will be made by the Hackaday staff & community and will hopefully be brought to the consumer market. For those who don’t have the time/experience to get involved in this adventure, we want to show and document what it takes to bring an idea to the marketable product stage. For the others, we would like to involve you in the design/development process as much as possible. Obviously, this project will be open source hardware/software. This time around, the hardware will mainly be developed by yours truly. You may already know me from the whistled platform (currently sold on Tindie) or from all the different projects described on my website, which makes this new adventure far from being my first rodeo.

What’s in it for the contributors? During all the steps of this project, we’ll offer many rewards as well as hand-soldered first prototypes of the device so you can start playing/testing it. Nothing is set in stone so every suggestion is welcome. Should we make a Kickstarter-like campaign to manufacture the final product, we’ll only do so once our prototype is final, our partners are chosen and all details of the production process are set and confirmed. In that case, we will just need to gather the required funds to make the device a reality. What are we going to build? Keep reading to find out.

Continue reading “Developed on Hackaday: Let’s Build Some Hardware!”

Wireless Encryption Between Galileo and a MSP430

[Mark] recently finished his latest project, where he encrypts wireless communications between the new Intel Galileo and a Texas Instruments MSP430. The wireless interfaces used are the very common nRF24L01+ 2.4GHz transceivers, that had a direct line of sight 15 feet range during [Mark]’s tests. In his demonstration, the MSP430 sends an encrypted block of data representing the state of six of its pins configured as inputs. This message is then received by a sketch running on the Galileo and stored in shared memory. A python script then wakes up and is in charge of decrypting the message. The encryption is done using AES-128bits in Electronic Codebook mode (ECB) and semaphores are used to prevent simultaneous accesses to the received data. As it is the first project using an Intel Galileo we received, don’t hesitate to send us a tip if you found other ones.

Trust hacking: How the Bitcoin system works

how-bitcoin-network-functions

[Scott Driscoll] sent us a link to his Bitcoin explanation a couple of weeks ago. We glanced at it but moved on rather quickly. It’s been popping up here and there and we finally gave it the time it deserved. This video is interesting in that it doesn’t just focus on what the Bitcoin actually is, but how the Bitcoin system works when it comes time for money to change hands.

Quite early on in the explanation he mentions that “The Bitcoin system is amazingly designed so that no trust is needed”. That’s a powerful statement. For instance, if you sell your car, one of your friends will probably tell you not to take a check. That’s because a check means you’re trusting that the buyer actually has a balance in their account to cover the transaction. With Bitcoin the transaction carries its own proof that the currency is available by including information about the past transactions through which those Bitcoins were acquired.

If you have some idea of what public/private key pairs are you’re already equipped to understand [Scott’s] lecture. After you make it through the 22 minute video maybe you should get down to work doing some Bitcoin mining at home.

Ask Hackaday: How are these thieves exploiting automotive keyless entry?

A new attack on automotive keyless entry systems is making headlines and we want to know how you think it’s being done. The Today Show reports that vehicles of different makes and models are being broken into using keyless entry on the passenger’s side of the car. It sounds like thieves steal items found inside rather than the vehicles themselves which makes these crimes distinctly different from the keyless ignition thefts of a year ago.

So how are they doing this? Here are the clues: The thieves have been filmed entering only the passenger side of the car. They hold a small device in their hand to unlock the doors and disable the alarm. And there is evidence that it doesn’t work on 100% of vehicles they try. Could it be some hidden manufacturer code reset? Has an encryption algorithm been hacked to sniff the keyfob identifier at a previous time? Or do you think we’re completely off track? Let us know your opinion by leaving a comment.

[Thanks Mom]

LV0 encryption key cracks current and future PlayStation 3 firmware

It looks like the security of the PlayStation 3 has been cracked wide open. But then again we’ve thought the same thing in the past and Sony managed to patch those exploits. The latest in the cat and mouse game is the release of the LV0 encryption codes for the PS3 console. The guys who discovered the magic strings of characters supposedly intended to keep them a secret, but have gone public after there was a leak and some black-hats now intend to use them for profit.

The keys are the bottom layer of security when pushing firmware updates to the PS3. With keys in hand, current and future upgrades can be unencrypted, altered, and repackaged without the gaming rig putting up a fuss. Our only real beef with the tight security came when Sony removed the ability to install Linux on systems marketed with this option. The availability of these keys should let you install just about whatever you want on your hardware.

[Thanks Kris via Phys]

7400 project encrypts and decrypts data

[Nakul], [Nikilesh], and [Nischal] just finished posting about their entry in the 2012 Open 7400 Logic competition. It’s an encryption system based entirely on 7400 logic chips. The device operates on 8-bit binary numbers, which limits its real-world applications. But we bet they learned a lot during the development process.

The encryption algorithm is based on a the concept of cellular automaton. This is a something with which we’re already familiar having seen many Conway’s Game of Life projects around here. What we’re not familiar with is this particular wing of the concept called ‘Rule 30‘. It works well with this project because a complex pattern can be generated from simple beginnings.

After conceptualizing how the system might work the team spent some time transferring the implementation to the chips they had available. The end result is a quartet of chip-packed breadboards and a rat’s nets of wires, but the system is capable of both encrypting and decrypting data.

Token authentication for Gmail using a eZ430 Chronos watch

Two-factor authentication allows you to use your chosen password, as well as a one-time password to help keep your services secure. The one-time passwords traditionally come from a dedicated piece of hardware, but there are also solutions for smart phones. [Patrick Schaumont] shows how a TI eZ430 Chronos Watch can be used to generate authentication tokens. After walking through the process he uses it to beef up his gmail login.

This method of token authentication is often called Time-based One Time Passwords (TOTP). It’s part of the Open Authentication (OATH) initiative, which seeks to sort out the password-hell that is modern computing. A portable device generates a password by applying an algorithm and a private encryption key to an accuarte time-stamp. On the server side of things a public key is used to verify the one-time password entered based on the server’s own time-stamp. In this case the portable device is the Chronos watch and the server is Google’s own TOTP service.

You can do this with other simple microcontrollers, we’ve even seen an Arduino implementation. But the wrist-watch form factor seen here is by far the most convenient — as long as you always remember to wear the watch.

[Thanks Oxide]