Monitor All the Laundry Things with this Sleek IoT System

If like us you live in mortal fear of someone breaking into your house when you’re on vacation and starting a dryer fire while doing laundry, this full-featured IoT laundry room monitor is for you. And there’s a school bus. But don’t ask about the school bus.

In what [seasider1960] describes as “a classic case of scope creep,” there’s very little about laundry room goings on that escapes the notice of this nicely executed project. It started as a water sensor to prevent a repeat of a leak that resulted in some downstairs damage. But once you get going, why not go too far? [seasider1960] added current sensing to know when the washer and dryer are operating, as well as to tote up power usage. A temperature sensor watches the dryer vent and warns against the potential for the aforementioned tragedy by sounding an obnoxious local alarm — that’s where the school bus comes in. The whole system is also linked into Blynk for IoT monitoring, with an equally obnoxious alarm you can hear in the video below. Oh, and there are buttons for testing each alarm and for making an Internet note to reorder laundry supplies.

We’ve seen a spate of laundry monitoring projects lately, all of which have their relative merits. But you’ve got to like the fit and finish of [seasider1960]’s build. The stainless face plate and in-wall mount makes for a sleek, professional appearance which is fitting with the scope-creepy nature of the build.

Continue reading “Monitor All the Laundry Things with this Sleek IoT System”

Hacking on the Weirdest ESP Module

Sometimes I see a component that’s bizarre enough that I buy it just to see if I can actually do something with it. That’s the case with today’s example, the ESP-14. At first glance, you’d ask yourself what AI Thinker, the maker of many of the more popular ESP8266 modules, was thinking.

The ESP-14 takes the phenomenally powerful ESP8266 chip and buries it underneath one of the cheapest microcontrollers around: the 8-bit STM8S003 “value line” chip. Almost all of the pins of the ESP chip are locked inside the RF cage’s metal tomb — only the power, bootloader, and serial TX/RX pins see the light of day, and the TX/RX pins are shared with the STM8S. The rest of the module’s pins are dedicated to the STM8S. Slaving the ESP8266 to an STM8S is like taking a Ferrari and wrapping it inside a VW Beetle.

I had never touched an STM8 chip before, and just wanted to see what I could do with this strange beast. In the end, ironically, I ended up doing something that wouldn’t be too far out of place on Alibaba, but with a few very Hackaday twists: a monitor for our washer and dryer that reports power usage over MQTT, programmed in Forth with a transparent WiFi serial bridge into the chip for interactive debugging without schlepping down into the basement. Everything’s open, tweakable, and the Forth implementation for the STM8S was even developed here on Hackaday.io.

It’s a weird project for the weirdest of ESP modules. I thought I’d walk you through it and see if it sparks you to come up with any alternative uses for the ESP8266-and-STM8S odd couple that is the ESP-14.

Continue reading “Hacking on the Weirdest ESP Module”

Printer Vulnerabilites Almost as Bad as IoT

Recently ZDNet and Gizmodo published articles outlining a critical flaw in a large array of personal printers. While the number of printers with this flaw is staggering, the ramifications are even more impressive. Ultimately, any of these printers could have documents sent to them stolen even if the document was only intended to be printed as a hard copy.

Luckily the people responsible for this discovery are white-hat in nature, and the release of this information has been made public so the responsible parties can fix the security flaws. Whether or not the “responsible party” is the manufacturer of the printer, though, is still somewhat unclear because part of the exploit takes advantage of a standard that is part of almost all consumer-grade printers. The standard itself may need to be patched.

Right now, however, it doesn’t seem clear exactly how deep the rabbit hole goes. We all remember the DDoS attack that was caused by Internet of Things devices that were poorly secured, and it seems feasible that networked printers could take some part in a similar botnet if a dedicated user really needed them. At the very least, however, your printed documents might not be secure at all, and you may be seeing a patch for your printer’s firmware in the near future.

 

Quick and Easy IoT Prototyping with Involt

IoT, web apps, and connected devices are all becoming increasingly popular. But, the market still resembles a wild west apothecary, and no single IoT ecosystem or architecture seems to be the one bottle of snake oil we’ll all end up using. As such, we hackers are keen to build our own devices, instead of risking being locked into an IoT system that could become obsolete at any time. But, building an IoT device and interface takes a wide range of skills, and those who are lacking skill in the dark art of programming might have trouble creating a control app for their shiny new connected-thing.

Enter Involt, which is a framework for building hardware control interfaces using HTML and CSS. The framework is built on Node-Webkit, which means the conventions should be familiar to those with a bit of web development background. Hardware interactions (on Arduinos) are handled with simple CSS classes. For example, a button might contain a CSS class which changes an Arduino pin from high to low.

Involt can take that CSS and convert it into a function, which is then sent to the Arduino via serial or Bluetooth communication. For more advanced functionality, Javascript (or really any other language) can be used to define what functions are generated — and, in turn, sent to the Arduino. But, all that is needed for the basic functionality necessary for many IoT devices (which might only need to be turned on and off, or set to a certain value) is a bit of HTML and CSS knowledge. You’ll create both the interface and the underlying hardware interactions all within an HTML layout with CSS styling and functionality.

While Involt isn’t the only framework to simplify hardware interaction (it’s not even the only Node.js based method), the simplicity is definitely laudable. For those who are just getting started with these sorts of devices, Involt can absolutely make the process faster and less painful. And, even for those who are experienced in this arena, the speed and efficiency of prototyping with Involt is sure to be useful.

Popular Printers Pwned In Prodigious Page Prank

A new day dawns, and we have another story involving insecure networked devices. This time it is printers of all makes and descriptions that are causing the panic, as people are finding mystery printouts bearing messages such as this:

Stackoverflowin has returned to his glory, your printer is part of a botnet, the god has returned

Well that’s it then, you can’t argue with a deity, especially one who has apparently created a botnet from the world’s printing devices. Printer owners the world over are naturally worried about their unexpected arrival, and have appeared on support forums and the like to express their concern.

We are of course used to taking everything our printers tell us at face value. Low on ink? I hear you, my inanimate reprographic friend! But when our printer tells us it’s part of a botnet perhaps it’s time to have a little think. It is entirely possible that someone could assemble a botnet of compromised printers, but in this case we smell a rat. Only in farcical crime dramas do crooks announce their crimes in such a theatrical fashion, you might say it’s the point of a botnet not to be detected by its host. Reading some of the reports it seems that many of the affected systems have port 9100 open to the world, that’s the standard TCP printer port, so it seems much more likely that someone has written a little script that looks for IP addresses with port 9100 open, and trolls them with this message.

The real message here is one with which we expect Hackaday readers will be very familiar, and which we’ve covered before. Many network connected appliances have scant regard for security, and are a relative push-over for an attacker. The solution is relatively straightforward to those of a technical inclination, be aware of which services the devices is exposing, lock down services such as uPNP and close any open ports on your router. Unfortunately these steps are probably beyond many home users, whose routers remain with their default manufacturer’s settings for their entire lives. It’s a shame our printer troll didn’t add a link to basic router security tips.

If you want to have a little fun, some of the printed pages include an email address for ‘the god’. It would be fun to figure out who this is, right?

Dash With Arduino

Amazon Dash is a handy service, and when Amazon released their AWS IoT platform, [Brian Carbonette] felt that it left out all the hardware hackers from the tinkering fun. Seeking justice, he put together a guide for an Arduino Dash button aimed at hardware hackers and those who are still easing into the world.

For his build, [Carbonette] used an Arduino MKR1000, laying out a few different configuration options for building your button. He has also gone to great lengths to help all comers tackle the Arduino-Dash API communication process by building an AmazonDRS Arduino Library, which handles all the “boring details,” so you can focus on the hardware. With the warning that the software-side setup is tedious the first time around, [Carbonette] has included a detailed manual for setting up the aforementioned AmazonDRS library, some example code, and a breakdown thereof. He also suggests implementing other features — such as a notification if the item is out of stock on Amazon — to tie the project together.

Continue reading “Dash With Arduino”

IoT-ify All Things: LG Has Gone Overboard

If you been following Hackaday lately, you’ve surely noticed an increased number of articles about IoT-ifying stuff. It’s a cool project to take something old (or new) and improve its connectivity, usually via WiFi, making it part of the Internet of Things. Several easy to use modules, in particular the ESP8266, are making a huge contribution to this trend. It’s satisfactory to see our homes with an ESP8266 in every light switch and outlet or to control our old stereo with our iPhone. It gives us a warm fuzzy feeling. And that’s completely fine for one’s personal projects.

But what happens when this becomes mainstream? When literally all our appliances are ‘connected’ in the near future? The implications might be a lot harder to predict than expected. The near future, it seems, starts now.

This year, at CES, LG Electronics (LG) has introduced Smart InstaView™, a refrigerator that’s powered by webOS smart platform and integrated with Amazon’s Alexa Voice Service.

… with webOS, consumers can also explore a host of WiFi-enabled features directly on the refrigerator, creating a streamlined and powerful food management system all housed directly on the front of the fridge door. Amazon’s Alexa Voice Service gives users access to an intelligent personal assistant that, in addition to searching recipes, can play music, place Prime-eligible orders from Amazon.com…

This is ‘just’ a fridge. There are other WiFi-enabled appliances by now, so what?  Apparently, during the LG press conference last Wednesday, the company marketing VP David VanderWaal said that from 2017 on, all of LG’s home appliances will feature “advanced Wi-Fi connectivity”.

Notice the word advanced, we wonder what that means? Will ‘advanced’ mean complicated? Mesh? Secure? Intelligent? Will our toaster finally break the Internet and ruin it for everyone by the end of the year? Will the other big players in the home appliances market jump in the WiFi wagon? We bet the answer is yes.

Here be dragons.

[via Ars Technica]