[Pen Test Partners] have found some really scary vulnerabilities in AGA range cookers. They are connected by SMS by which a mobile app sends an unauthenticated SMS to the AGA to give it commands for instance preheat the oven, You can also just tell your AGA to turn everything on at once.
The problem is with the web interface; it allows an attacker to check if a user’s cell phone is already registered, allowing for a slow but effective enumeration attack. Once the attacker finds a registered device, all they need to do is send an SMS, as messages are not authenticated by the cooker, neither is the SIM card set up to send the messages validated when registered.
This is quite disturbing, What if someone left a tea towel on the hob or some other flammable material before leaving for work, only to come back to a pile of ashes? This is a six-gazillion BTU stove and oven, after all. It just seems the more connected we are in this digital age the more we end up vulnerable to attacks, companies seem too busy trying to push their products out the door to do simple security checks.
Before disclosing the vulnerability, [Pen Test Partners] tried to contact AGA through Twitter and ended up being blocked. They phoned around trying to get in contact with someone who even knew what IoT or security meant. This took some time but finally they managed to get through to someone from the technical support. Hopefully AGA will roll out some updates soon. The company’s reluctance to do something about this security issue does highlight how sometimes disclosure may not be enough.
[Via Pen Test Partners]
A few weeks ago we covered a (probably) bogus post about controlling a TV with the IR from a flame. That got us thinking about what the real origin of the remote control was. We knew a story about the 38 kHz frequency commonly used to modulate the IR. We’ve heard that it was from sonar crystals used in earlier sonic versions of remotes. Was that true? Or just an urban myth? We set out to find out.
Surprise! Remotes are Old!
If you are a younger reader, you might assume TVs have always had remotes. But for many of us, remotes seem like a new invention. If you grew up in the middle part of the last century it is a good bet you were your dad’s idea of a remote control: “Get up and turn the channel!” Turns out remotes have been around for a long time, though. They just weren’t common for a long time.
If you really want to stretch back, [Oliver Lodge] used a radio to move a beam of light in 1894. In 1896, [Marconi] and some others made a bell ring by remote control. [Tesla] famously showed a radio-controlled boat in 1898. But none of these were really remote controls like we think of for a television.
Of course, TV wouldn’t be around for a while, but by the 1930’s many radio manufacturers had wired remotes for radios. People didn’t like the wires, so Philco introduced the Mystery Control in 1939. This used digital pulse coding and a radio transmitter. That’s a fancy way of saying it had a dial like an old telephone. As far as we can tell, this was the first wireless remote for a piece of consumer equipment.
Continue reading “Retrotechtacular: How Old is the Remote?”
We recently published an article where someone apparently controlled their TV by simulating a remote with merely a lighter and a sheet of paper. The paper had a barcode like cutout for a supposed “Universal Standby Signal”. The video rightfully attracted a substantial crowd, some awestruck by its simplicity, others sceptical about its claims.
Coming from some generic “Viral Life Hack” production house, the characteristic blare of background music, more suited to an underground rave than a technical video, certainly did not do it any favours. As any moderately experienced campaigner would know, modern televisions and remotes have been carefully engineered to prevent such mishaps. Many of us at Hackaday, were under the impression that it would take something slightly more sophisticated than a fluorescent-bodied lighter and a crisp sheet of A4 to deceive the system. So we tested it out. Our verdict? Unlikely, but not impossible. (And we’re pretty sure that the video is a fake either way.) But enough speculation, we’re here to do science.
Continue reading “HackBusting: Can you Fake a TV Remote with a Lighter and some Paper?”
There are individuals who push tools, materials, and craftsmanship to the limit in the world of micro RC aircraft, and [Martin Newell] gives some insight into the kind of work that goes into making something like a 1:96 scale P-51 Mustang from scratch. The tiny plane is 100% flyable. It even includes working navigation lights and flashing cannons (both done with 0402 LEDs) and functional, retractable landing gear. It weighs an incredible 2.9 grams. Apart from the battery, everything in the plane was built or assembled from scratch. A video is embedded below.
Continue reading “A Micro RC Plane Builder Shares His Tricks”
Cut slots into a piece of paper to represent the IR remote control bitstream for putting your TV into standby. Insert it between your TV’s IR receiver and the flame from a lighter, and pull the slots along to generate the coded pattern. Get it just right and you have a paper and lighter remote control. That’s just what [ViralVideoLab] did and you can see it in action in the video below.
Think of this as just the germ of an idea. Imagine how you’d automate this and extend it to include more commands. A wheel with the various bitstreams cut into the circumference comes to mind. A servo would turn the wheel to the desired command and something else would fire up the lighter just as the slots pass by. Now take it a little further. You already have a remote control with keypad and IR light. Hack that to talk to a microcontroller which would control the servo and the IR light. And there you go. A useless but fun hack (hint hint).
Continue reading “Faking TV Remote Control with Paper and a Lighter”
So you’ve had your first child. Congratulations; your life will never be the same again. [Dusan] was noticing how the introduction of his children into his life altered it by giving him less time for his hobbies in his home laboratory, and decided to incorporate his children into his hacks. The first one to roll out of his lab is a remote-controlled baby stroller.
After some engineering-style measurements (lots of rounding and estimating), [Dusan] found two motors to drive each of the back wheels on a custom stroller frame. He created a set of wooden gears to transfer power from the specialized motors to the wheels. After some batteries and an Arduino were installed, the stroller was ready to get on the road. At this point, though, [Dusan] had a problem. He had failed to consider the fact that children grow, and the added weight of the child was now too much for his stroller. After some adjustments were made (using a lighter stroller frame), the stroller was eventually able to push his kid around without any problems.
This is an interesting hack that we’re not sure has much utility other than the enjoyment that came from creating it. Although [Dusan]’s kid certainly seems to enjoy cruising around in it within a close distance to its operator. Be sure to check out the video of it in operation below, and don’t forget that babies are a great way to persuade your significant other that you need more tools in your work bench, like a CNC machine for example.
Continue reading “Baby’s First Hands-Free Stroller”
Shards of silicon these days, they’re systematically taking what used to be rather complicated and making it dead simple in terms of both hardware and software. Take, for instance, this IR to HID Keyboard module. Plug it into a USB port, point your remote control at it, and you’re sending keyboard commands from across the room.
To do this cheaply and with a small footprint used to be the territory of bit-banging software hacks like V-USB, but recently the low-cost lines of microcontrollers that are anything but low-end have started speaking USB in hardware. It’s a brave new world.
In this case we’re talking about the PIC18F25J50 which is going to ring in at around three bucks in single quantity. The other silicon invited to the party is an IR receiver (which demodulates the 38 kHz carrier signal used by most IR remotes) with a regulator and four passives to round out the circuit. the board is completely single-sided with one jumper (although the IR receiver is through-hole so you don’t quite get out of it without drilling). All of this is squeezed into a space small enough to be covered by a single key cap — a nice touch to finish off the project.
[Suraj] built this as a FLIRC clone — a way to control your home-built HTPC from the sofa. Although we’re still rocking our own HTPC, it hasn’t been used as a front-end for many years. This project caught our attention for a different reason. We want to lay down a challenge for anyone who is attending SuperCon (or not attending and just want to show off their chops).
This is nearly the same chip as you’ll find on the SuperCon badge. That one is a PIC18LF25K50, and the board already has an IR receiver on it. Bring your PIC programmer and port this code from MikroC over to MPLAB X for the sibling that’s on the badge and you’ll get the hacking cred you’ve long deserved.
[via Embedded Lab]