Turning an $8 RFID reader into something useful

RFID

[Fabien] ran across a very, very inexpensive RFID reader on Deal Extreme a while ago and with money to burn, added it to his cart. When the USB RFID reader arrived, he noticed something fairly odd about it (French, Traduction). The RFID reader presented itself to his computer as a USB HID device that spit out characters into a text editor whenever an RFID card was waved above the coil. The only problem was these characters weren’t the hex values recorded on the RFID card. So what’s going on here?

As it turns out (Anglais), this random piece of Chinese electronica sends 10 bytes of data to the computer, just like this well-documented RFID reader. Apparently, both these RFID readers take the hex value of an RFID card, convert those bytes to base 10, and pass each digit through a lookup table. Exactly why it does this is anyone’s guess, but since [Fabien] figured out how it worked, he could also figure out how to reverse the process.

Unfortunately, the RFID reader in question is currently out of stock at Deal Extreme. Seeing as how most of the electronics available there are remarkably similar and differ only in the name printed on the enclosure, though, we wouldn’t be surprised if a nearly identical RFID reader was available elsewhere.

Cracking a SAM7XC cryptographic coprocessor

attacking-RFID-crypto-coprocessor

[Adam Laurie] spent time tearing into the security of the SAM7XC chip produced by Atmel. Even if he hadn’t found some glaring security holes just reading about his methodology is worth it.

The chip is used in a secure RFID system. The chip is added to the mix to do the heavy lifting required when using encryption. [Adam] grabbed a couple of open source libraries to put it to the test. The firmware is locked down pretty tight, but his explorations into the content of the RAM yield a treasure trove of bits. After investigating the sample code for the chip he’s shocked to learn that it uses RAM to store the keys at one point. The rest of his journey has him dumping the data and sifting through it until he gets to the “Master Diversification Key”. That’s the big daddy which will let him decrypt any of the tags used.

He reported his findings to Atmel in September of 2011. Their response is that they have no way of protecting RAM from exploit. [Adam] asserts that the problem is that the sample software wasn’t designed with the vulnerability of RAM in mind. The keys should never be stored there specifically because it is vulnerable to being dumped from a running system.

An attempt to replace multiple RFID cards with a single hacked-together tag

rfid-multipass

It’s kind of a convoluted title, but [Hudson's] attempt to replace multiple HID Prox cards with one AVR chip didn’t fully pan out. The project started when he wanted to reduce the number of RFID access cards he carries for work down to just one. The cards use the HID Proximity protocol which is just a bit different from the protocols used in most of the hobby RFID projects we see. He ended up taking an AVR assembly file that worked with a different protocol and edited it for his needs.

The device above is the complete replacement tag [Hudson] used. It’s just an AVR ATtiny85 and a coil made of enameled wire. The coil pics up current from the card reader’s magnetic field, and powers the chip through the leakage on the input pins (we’ve seen this trick a few times before). The idea he had was to store multiple codes on the device and send them all in a row. He was able to get the tag to work for just one code, but the particulars of the HID Prox reader make it difficult if not impossible to send multiple codes. The card must send the same code twice in a row, then be removed from the magnetic field before the reader will poll for another combination.

RFID emulator card includes a learning mode

rfid-emulator

This RFID card has a lot of nice features. But the one that stands out the most is the ability to learn the code from anther RFID tag or card.

You can see that the board includes an etched coil to interact with an RFID reader. This is the sole source of power for the device, letting it pick up enough induced current from the reader to power the PIC 12F683 seen on the upper left of the board. The underside of the PCB hosts just three components: an LED and two switches. One of the switches puts the device in learning mode. Just hold down that button as you move the board into the magnetic field of the reader. While in learning mode a second RFID tag is held up to the reader. It will identify itself and the emulator will capture the code sent during that interaction. This is all shown of in the video after the break. We wonder how hard it would be to make a version that can store several different codes selected by holding down a different button as the emulator is held up to the reader?

If you want to build your own card reader too here’s a project that does it from scratch.

[Read more...]

Real life Mario Karts react to launchable items

real-life-mario-kart

The team over at Waterloo Labs reasserts their reputation for creativity with this real life Mario Kart project. One of the team members must work at Austin’s Park because they seem to have had free rein when it comes to modifying the go-karts and filming the delightful video presentation found after the break.

It’s one thing to put on some costumes and head off to the go-kart track. It’s another to modify the vehicles to react to items launched by another rider. You can see the painted PVC launcher hardware to the right of each driver. By stuffing a plush item (banana, star, mushroom, etc.) in the barrel the driver can use compressed air to launch it quite a distance. Inside of each item is an RFID tag. When the RFID reader on a kart detects the tag it can take control of the steering, brake pedal, or speed limiter to inflict the appropriate actions.

If you don’t have this kind of insider access to your local go-kart track don’t fret. You just need to build your own set of karts.

[Read more...]

Color changing bag matches clothing color, tells you what’s inside

color-changing-shoulder-bag

Adding some lights to your everyday items will certainly give you a style leaning toward the world of Blade Runner. But if you can add functionality to control the blinky components you’ve actually got something. A great example of this is [Kathryn McElroy's] Chameleon Bag. It’s a shoulder bag with a light-up flap. It can color match your clothing, but she also built some features that will let you know what is inside of the bag.

The project started by using a cardboard template in the size and shape of the bag’s flap. After adding an Arduino to control the LEDs and an RFID reader for an interactive element she sewed a replacement flap that also acts as a diffuser. In the video after the break she demonstrates matching the color of her scarf by reading a tag sewn in the end of it. She then starts loading up all the stuff needed for a day away from home. As the keys, phone, and computer are placed in the bag their tags are read, resulting in different combinations of color. Once everything she needs is inside, the flap turns green and she heads out the door.

This will go great with your illuminated umbrella.

[Read more...]

Science fair project sorts recyclables

This crew of high schoolers built a sorting robot for the Smart Young Mindz challenge. We got pretty excited when hearing that it sorts plastic by its recycling code, but unfortunately this isn’t quite what it’s made out to be. The device uses an RFID code on each product to figure out where it goes. Their thinking is that at some point every product sold will have an embedded tag in it. For now this will not revolutionize the recycling industry, but the build is still impressive. We’re sure they learned a ton from all of the mechanical engineering that went into the project.

You can see the three laundry baskets that serve as the sorting bins. The white box above the bin on the right is the hopper in which a plastic container is placed. The box can then revolve around a central axis to position itself over the correct basket. The floor of the box is then retracted, dropping the refuse in the bin. Check out the video after the break for the satisfying cry of the servo motors at work.

We like seeing recycling robots, but so far most of what we’ve seen are aluminum can crushers.

[Read more...]

Follow

Get every new post delivered to your Inbox.

Join 92,295 other followers