Putting Pi In Infrared Doohickies

The Raspberry Pi Zero W is a tiny, cheap Linux computer with WiFi. It’s perfect for Internet of Things things such as controlling ceiling fans, window blinds, LED strips, and judgmental toasters. This leads to an obvious question: how do you attach your ceiling fan and LED strips to a Pi Zero? A lot of these things already have infrared remotes, so why not build an infrared hat for the Pi? That’s what [Leon] did, and it’s Open Hardware with documentation.

[Leon]’s Anavi Infrared Pi Hat does exactly what you think it should do. There’s an IR receiver, two IR LEDs, and UART pins for debugging. That’s all you need to control infrared doohickies over the Internet, and [Leon] wrapped it up in a nice neat package that’s the same size as a Raspberry Pi Zero. Add on some documentation and you have something we rarely see: a project meant to be used by other people.

This focus on allowing people to actually use what [Leon] created can lead to only one cynical conclusion: he’s probably selling these things somewhere. The cynic is never surprised. [Leon] has a crowdfunding campaign going, that’s over 400% funded with a month to go. That’s okay, though: all the design files are available so if you want to build your own without supporting people who build useful devices, have at it.

Friday Hack Chat: Raspberry Pi Principal Hardware Engineer Roger Thornton

rpichat1-01Have you heard about the new Raspberry Pi Zero W which now includes WiFi and Bluetooth? Of course you have. Want to know what went into the addition to the popular design? Now’s the time to ask when this week’s Hack Chat is led by Roger Thornton, chief hardware engineer for Raspberry Pi.

Raspberry Pi was born on February 29th, 2012 and has seen a remarkable number of hardware flavors and revisions. Throughout, the hardware has been both dependable and affordable — not an easy thing to accomplish. Roger will discuss the process his team uses to go from concept, all the way through to the hands of the user. It’s an excellent chance to ask any questions you have from soup to nuts.

The Hack Chat is scheduled for Friday, March 3rd at noon PST (20:00 GMT).

Here’s How To Take Part:

join-hack-chatOur Hack Chats are live community events on the Hackaday.io Hack Chat group messaging.

Log into Hackaday.io, visit that page, and look for the ‘Join this Project’ Button. Once you’re part of the project, the button will change to ‘Team Messaging’, which takes you directly to the Hack Chat.

You don’t have to wait until Friday; join whenever you want and you can see what the community is talking about.

Upcoming Hack Chats

Mark your calendar for Friday March 10th when Hack Chat features mechanical manufacturing with members from the Fictiv team.

Your Internet of Things Speaks Volumes About You

If only Marv and Harry were burglars today; they might have found it much easier to case houses and — perhaps — would know which houses were occupied by technically inclined kids by capitalizing on the potential  vulnerability that [Luc Volders] has noticed on ThingSpeak.

As an IoT service, ThingSpeak takes data from an ESP-8266, graphs it, and publicly displays the data. Some of you may already see where this is going. While [Volders] was using the service for testing, he realized anyone could check the temperature of his man-cave — thereby inferring when the house was vacant since the location data also happened to be public. A little sleuthing uncovered several other channels with temperature data or otherwise tied to a location that those with nefarious intent could abuse.

Continue reading “Your Internet of Things Speaks Volumes About You”

Friday Hack Chat: Security for IoT

securityforiot-01Over the last few weeks, our weekly Hack Chats on hackaday.io have gathered a crowd. This week, we’re talking about the greatest threat humanity has ever faced: toasters with web browsers.

The topic of this week’s Hack Chat is Security for IoT, because someone shut down the Internet with improperly configured webcams.

This chat is hosted by the Big Crypto Team at the University of Pittsburgh. [Wenchen Wang], [Ziyue Sun], [Brandon Contino], and [Nick Albanese] will be taking questions about lightweight devices connected to the Internet. Discussion will include building things that connect to larger networks securely.

The Big Crypto team at UP are thinking about the roadblocks people have to implement security in their projects, and if apathy or ignorance is the main reason security isn’t even considered in the worst IoT offenders.

The Hack Chat is scheduled for Friday, February 24th at noon PST (20:00 GMT).

Here’s How To Take Part:

join-hack-chatOur Hack Chats are live community events on the Hackaday.io Hack Chat group messaging.

Log into Hackaday.io, visit that page, and look for the ‘Join this Project’ Button. Once you’re part of the project, the button will change to ‘Team Messaging’, which takes you directly to the Hack Chat.

You don’t have to wait until Friday; join whenever you want and you can see what the community is talking about.

Upcoming Hack Chats

These Hack Chats are becoming very popular, and that’s due in no small part to the excellent lineup of speakers we’ve hosted. Already, we’ve had [Lady Ada], [Sprite_tm], and [bunnie] — engineers, hackers, and developers who are at the apex of their field. We’re not resting on our laurels, though: in a few weeks we’ll be hosting Hack Chats with [Roger Thornton], an engineer with Raspberry Pi, and Fictiv, masters of mechanical manufacturing.

Printer Vulnerabilites Almost as Bad as IoT

Recently ZDNet and Gizmodo published articles outlining a critical flaw in a large array of personal printers. While the number of printers with this flaw is staggering, the ramifications are even more impressive. Ultimately, any of these printers could have documents sent to them stolen even if the document was only intended to be printed as a hard copy.

Luckily the people responsible for this discovery are white-hat in nature, and the release of this information has been made public so the responsible parties can fix the security flaws. Whether or not the “responsible party” is the manufacturer of the printer, though, is still somewhat unclear because part of the exploit takes advantage of a standard that is part of almost all consumer-grade printers. The standard itself may need to be patched.

Right now, however, it doesn’t seem clear exactly how deep the rabbit hole goes. We all remember the DDoS attack that was caused by Internet of Things devices that were poorly secured, and it seems feasible that networked printers could take some part in a similar botnet if a dedicated user really needed them. At the very least, however, your printed documents might not be secure at all, and you may be seeing a patch for your printer’s firmware in the near future.

 

Reverse Engineering Ikea’s New Smart Bulbs

Over in Sweden, Czech, Italy, and Belgium, Ikea is launching a new line of ‘smart’ light bulbs. These countries are apparently the test market for these bulbs, and they’ll soon be landing on American shores. This means smart Ikea bulbs will be everywhere soon, and an Internet of Light Bulbs is a neat thing to explore. [Markus] got his hands on a few of these bulbs, and is now digging into their inner workings (German Make Magazine, with a Google Translate that includes the phrase, ‘capering the pear’).

There are currently four versions of these Ikea bulbs, ranging from a 400 lumen bulb designed for track lights to a 980 lumen bulb that will probably work in an American Edison lamp socket. These lights are controlled via a remote, with each individual bulb paired to the remote by turning the lamp on, holding the remote close to the bulb, and pressing a button.

Inside these bulbs is a Silicon Labs microcontroller with ZigBee support, twelve chip LEDs, and associated electronics that look like they might pass the bigclivedotcom smoke test. After tearing apart this bulb and planting the wireless module firmly in a breadboard, [Markus] found he could dim a pair of LEDs simply by clicking on the remote. Somewhere in these bulbs, there’s a possibility of doing something.

As with all Internet of Things, we must ask an important question: will it become part of Skynet and shut down the Internet, like webcams did last summer? These Ikea bulbs look pretty safe in that regard, as the bulb is inexorably tied to the remote and must be paired by holding it close to the bulb. We’re sure there are a few more interesting exploits for these bulbs, so once they’re released in the US we’ll take a look at them.

Dash With Arduino

Amazon Dash is a handy service, and when Amazon released their AWS IoT platform, [Brian Carbonette] felt that it left out all the hardware hackers from the tinkering fun. Seeking justice, he put together a guide for an Arduino Dash button aimed at hardware hackers and those who are still easing into the world.

For his build, [Carbonette] used an Arduino MKR1000, laying out a few different configuration options for building your button. He has also gone to great lengths to help all comers tackle the Arduino-Dash API communication process by building an AmazonDRS Arduino Library, which handles all the “boring details,” so you can focus on the hardware. With the warning that the software-side setup is tedious the first time around, [Carbonette] has included a detailed manual for setting up the aforementioned AmazonDRS library, some example code, and a breakdown thereof. He also suggests implementing other features — such as a notification if the item is out of stock on Amazon — to tie the project together.

Continue reading “Dash With Arduino”