A White Hat Virus for the Internet of Things

The Internet of Things is going gangbusters, despite no one knowing exactly what it will be used for. There’s more marketing money being thrown at IoT paraphernalia than a new soda from Pepsi. It’s a new technology, and with that comes a few problems: these devices are incredibly insecure, and you only need to look at a few CCTV camera streams available online for proof of that.

The obvious solution to vulnerable Internet of Things things would be to get people to change the login credentials on their devices, but that has proven to be too difficult for most of the population. A better solution, if questionable in its intentions, would be a virus that would close all those open ports on routers, killing Telnet, and reminding users to change their passwords. Symantec has found such a virus. It’s called Wifatch, and it bends the concept of malware into a force for good.

Wifatch is a bit of code that slips through the back door of routers and other IoT devices, closes off Telnet to prevent further infection, and leaves a message telling the owner to change the password and update the device firmware. Wifatch isn’t keeping any secrets, either: most of the code is written in unobfuscated Perl, and there are debug messages that enable easy analysis of the code. This is code that’s meant to be taken apart, and code that includes a comment directed at NSA and FBI agents:

To any NSA and FBI agents reading this: please consider whether defending
the US Constitution against all enemies, foreign or domestic, requires you
to follow Snowden's example.

Although the designer of Wifatch left all the code out in the open, and is arguably doing good, there is a possible dark side to this white hat virus. Wifatch connects to a peer-to-peer network that is used to distribute threat updates. With backdoors in the code, the author of Wifatch could conceivably turn the entire network of Wifatch-infected devices into a personal botnet.

While Wifatch is easily removed from a router with a simple restart, and re-infection can be prevented by changing the default passwords, this is an interesting case of virtual vigilantism. It may not be the best way to tell people they need to change the password on their router, but it’s hard to argue with results.

[Image source: header, thumb]

The Pi 2 Means Faster GPIO

The Raspberry Pi is a great machine to learn the ins and outs of blinking pins, but for doing anything that requires blinking pins fast, you’re better off going with a BeagleBone. This has been the conventional wisdom for years now, and now that the updated Raspberry Pi 2 is out, there’s the expectation that you’ll be able to blink a pin faster. The data are here, and yes, you can.

The method of testing was connecting a PicoScope 5444B to a pin on the GPIO pin and toggling between zero and one as fast as possible. The original test wasn’t very encouraging; Python maxed out at around 70 kHz, Ruby was terrible, and only C with the native library was useful for interesting stuff – 22MHz.

Using the same experimental setup, the Raspberry Pi 2 is about 2 to three times faster. The fastest is still the C native library, topping out at just under 42 MHz. Other languages and libraries are much slower, but the RPi.GPIO Python library stukk sees a 2.5x increase.

Oinker is Twitter for HAMs


Have you ever wanted to send a quick message to your HAM radio buddies over the air but then realized you forgot your radio at home? [Troy] created Oinker to remedy this problem. Oinker is a Perl script that turns emails into audio.

The script monitors an email account for new messages and then uses the Festival text-to-speech engine to transform the text into audio. [Troy] runs Oinker on a Raspberry Pi, with the Pi’s audio output plugged directly into an inexpensive ham radio. The radio is then manually tuned to the desired transmit frequency. Whenever Oinker see’s a new email, that message is converted into speech and then output to the transmitter.

The script automatically appends your HAM radio call sign to the end of every message to ensure you stay within FCC regulations. Now whenever [Troy] runs into some bad traffic on the road, he can send a quick SMS to his email address and warn his HAM radio buddies to stay clear of the area.

Gritz: An Open Source Speed Reading Tool

Here’s a hack to help you increase your reading speed. Gritz is an open source text file reader, which reduces the need to look around the screen. Words pop up one at a time, but at a configurable pace.

[Peter Feuerer] got the idea for Gritz from Spritz, a commercial product for speed reading. The creators of Spritz took three years to develop their software, and recently released a demo. They claim people can read at 1000 WPM using this technology. Spritz is taking applications for access to their APIs, which will allow developers to integrate the software into their own applications. However, a fully open source version with no restrictions would be even better.

Using Gritz, [Peter] claims to have read a book with a 75% improvement in his reading speed. He admits it’s not perfect, and there’s still much development to do. Gritz is written in Perl, uses Gtk2 for its GUI, and comes with instructions for running on Linux, OS X, and Windows. It’s released under the GPL, so you can clone the Github repo and start playing around with accelerated reading.

Sniffing Data from Radio-Controlled Bus Stop Displays

A few weeks ago in Finland [Oona] discovered a radio data stream centered around 76KHz in a FM broadcast and she recently managed to decode it. This 16,000bps stream uses level-controlled minimum-shift keying (L-MSK) which detection can be quite tricky to implement. She therefore decoded the stream by treating the received signal as non-coherent binary FSK, which as a side effect increased the bit error probability. [Oona] then understood that the stream she was getting was the data broadcast by Helsinky buses to the nearby bus stop timetable displays. She even got lucky when she observed a display stuck in the middle of its bootup sequence, displaying a version string. This revealed that the system is called IBus and made by the Swedish company Axentia. However their website didn’t provide the specs for their proprietary protocol. After many hours of sniffing and coding, [Oona] successfully implemented the five layer protocol stack in Perl and can now read the arrival times of the nearby buses from her apartment.

Connecting an old scope to a computer


A friend of [Michael]’s said his company was getting rid of some old lab equipment and asked him if he wanted a very large and very old digital storage oscilloscope. A ‘hell yes’ and we’re sure a few beers later, [Michael] found an old Gould 200 MHz four-channel scope on his bench. Even 20 years after its production it’s still a capable tool, but the serial ports on the back got [Michael] wondering – would it be possible to plot the screen of the scope on his computer?

The scope has three ports on the back – GPIB, miscellaneous I/O, and RS423. The latter of those ports is similar enough to RS232 that a USB to Serial converter just might work, and with the help of a null modem cable and a terminal, [Michael] was able to connect to this ancient scope.

In the manual, [Michael] found a the serial commands for this scope. The most useful of these is a command that prints out the contents of the scope’s trace memory as a series of 1-byte integers. With a short bit of PERL programming, [Michael] can create a PDF plot of whatever is on the scope’s screen. It’s formatted perfectly for Gnuplot, MATLAB, or even Excel.

Awesome work, and especially useful given these old scopes are slowly making their way to a technological boneyard somewhere.

Physical orangered notifies you of Reddit messages

Anyone who has been around Reddit enough to anger the hive mind is familiar with the orangered, the envelope icon right next to your username that lights up in a beautiful orangered hue whenever you receive a new message. [Brad] wanted an orangered that was a little more visible, so he created a standalone Reddit message indicator to sit on his desk and light up whenever a new message has been delivered.

The case for [Brad]’s new orangered notifier was taken from a cheap thrift store clock. After dispensing of the mechanical movement, [Brad] loaded up the beautiful wooden case with an Arduino, a trio of LEDs, a speaker, and, of course, a small envelope logo reminiscent of Reddit’s message icon.

The Arduino is connected to a laptop running this Perl script. The script scrapes the JSON returned from the Reddit API and sends a command over the serial port to the Arduino if new messages have been received (source for the Arduino and the notes.h header file). When a new message is received, the Arduino lights up the envelope icon and plays a short sound on the attached speaker.

There are a few improvements [Brad] plans to add to his orangered indicator. First up is getting an Ethernet shield and discarding the server attached to the Arduino. Next up is different lights and tones for different types of messages (PMs, comment replies, and mod mail). Of course the top of our list for [Brad]’s future improvements is actually making the LEDs orangered, but it’s still a very awesome build to allow [Brad] to waste even more time on the Internet’s time sink.

Video after the break.

Continue reading “Physical orangered notifies you of Reddit messages”