[Matthew’s] recent blog post does a good job explaining the basics of the Raspberry Pi’s file system. The Linux operating system installed on a Pi is generally installed on two different partitions on an SD card. The first partition is a small FAT partition. All of the files on this partition are used for the initial booting of the Pi. This partition also includes the kernel images. The second partition is the root file system and is generally formatted as ext4. This partition contains the rest of the operating system, user files, installed programs, etc.
With that in mind you can deduce that in order to backup your Pi, all you really need to do is backup all of these files. [Matt] has written some scripts to make this a piece of cake (or pie). The first script will simply copy all of the files into a gzipped archive. You can save this to an external SD card, USB drive, or network share.
The second script is perhaps more interesting. This script requires that you have one free USB port and a USB SD card reader. The script will automatically format the extra SD card to contain the two critical partitions. It will then copy the “boot” files to the new boot partition and the root file system files to the new SD card’s root partition. When all is said and done, you will end up with an SD card that is an exact copy of your current running file system.
This can be very handy if you have multiple Pi’s that you want to run the same software, such as in a Pi cluster. Another good example is if you have spent a lot of time tweaking your Pi installation and you want to make a copy for a friend. Of course there are many ways to skin this cat, but it’s always fun to see something custom-built by a creative hacker.
Net neutrality is one of those topics we’ve been hearing more and more about in recent years. The basic idea of net neutrality is that all Internet traffic should be treated equally no matter what. It shouldn’t matter if it’s email, web sites, or streaming video. It shouldn’t matter if the traffic is coming from Wikipedia, Netflix, Youtube, etc. It shouldn’t matter which Internet Service Provider you choose. This is the way the Internet has worked since it’s inception. Of course, not everyone agrees that this is how things should stay. We didn’t always have the technology to filter and classify traffic. Now that it’s here, some believe that we should be able to classify internet traffic and treat it differently based on that classification.
It seems like much of the tech savvy community argues that net neutrality is a “given right” of the Internet. They believe that it’s the way the Internet has always been, and always should be. The other side of the argument is generally lobbied by Internet service providers. They argue that ISP’s have the right to classify Internet traffic that flows through their equipment and treat it differently if they so choose. As for everyone else, just about everyone these days relies on the Internet for business, banking, and entertainment but many of those people have no idea how the Internet works, nor do they really care. It’s like the electricity in their home or the engine in their car. As long as it’s working properly that’s all that matters to them. If they can check Facebook on their phone while watching Breaking Bad on Netflix in full HD, why should they care how that stuff gets prioritized? It work’s doesn’t it? Continue reading “Net Neutrality: FCC Hack is a Speed Bump on the Internet Fast Lane”
We live in a connected world where social media is ubiquitous and many people feel compelled to share every waking moment with anyone who will listen. In this type of world, wearable computers like Google Glass allow us to share experiences like never before. A Glass user can take photos, record video and audio, or potentially even stream video live on the Internet with the greatest of ease. That might be great for the Glass user, but what about the rest of us? As wearable computing becomes more and more mainstream, people are naturally going to become divided on the issue of privacy. Is it a good thing to have “cyborgs” with wearable computers and cameras constantly at the ready, or is it a privacy nightmare? The cyborg war is coming, and [Julian] has already chosen his side.
It would seem that [Julian] lands on the side of the privacy advocates, based on his “glasshole” script. Glasshole is a relatively simple bash script that relies on some other common network security tools to take care of the heavy lifting. The basic premise relies on the fact that every manufacturer of network interface devices is assigned their own MAC prefix. This is a piece of the MAC address that is unique to that manufacturer.
[Julian’s] script uses a utility called arp-scan to obtain a list of all MAC addresses on a given wireless network. It then loops through each address and compares it to the known Google Glass MAC prefix. If it finds a match, it will make an audible beeping noise to alert the script user. The script then launches aireplay-ng in de-authentication mode. This will send spoofed disassociate packets to the client (in this case the Google Glass device), hopefully forcing them to disconnect from the access point. The script runs continuously, ensuring that once the device reconnects to the network it will get booted off once again. The script is designed to be run on a small Linux computer such as a Raspberry Pi or a BeagleBone black. This way, the user can carry it around with them as a sort of portable defense mechanism.
How do you fit into the cyborg war? Will you stand proudly with your computer on your face for all to see? If so, what kind of countermeasures would you deploy to prevent this type of attack from working on you? If not, what other types of interesting attacks can you think of to keep the cyborgs at bay?
Do it yourself garage door openers must be all the rage nowadays. We just got word of another take on this popular idea. [Giles] was commissioned by his friend to find a way to control the friend’s garage door using a smart phone. The request was understandable, considering the costly garage door remote and the fact that the buttons on the expensive remote tended to fail after a while. The inspiration for this project came from some YouTube videos of other similar projects. Those projects all paired an Arduino with a Bluetooth headset in order to control the door from a mobile phone. [Giles] understood that while this would get the job done, it wouldn’t be very secure. Bluetooth headsets typically connect to mobile phones using a four digit PIN. Many of them have known default PINs and even if the default is changed, it wouldn’t take very long to guess a four digit PIN. [Giles] knew he had to find a more secure way.
Continue reading “Arduino Garage Door Opener is Security Minded”
Here’s something we’re sure SEO specialists, PR reps, and other marketeers already know: how to write a script to game reddit.
The course of upvotes and downvotes controls which submission makes it to the front page of reddit. These submissions are voted on by users, and new accounts must log in and complete a CAPTCHA to vote. [Ian] discovered that reddit’s CAPTCHA is not really state-of-the-art, and figured out how to get a bot to solve it
The method exploits the 8-bit nature of the distorted grid in the CAPTCHA. Because this grid isn’t pure black or pure white, it’s at a lower intensity than the letters in the CAPTCHA. Putting the CAPTCHA through a threshold filter, deleting any blocks of pixels smaller than 20 pixels, and running it through a classifier (PDF there), a bot can guess what the letters of the CAPTCHA should be.
Out of the 489 CAPTCHAs [Ian] fed into his algorithm, only 28 – or 5.73% – were guessed correctly. However, because he knows which CAPTCHAs had failed segmentation, ignoring those can increase the success rate to 10%. Theoretically, by requesting new CAPTCHAs, [Ian] can get the accuracy of his CAPTCHA bot up to about 30%.
Combine this with a brilliant auto voting script that only requires someone to enter CAPTCHAs, and you’ve got the recipe for getting anything you want directly to the front page of reddit. Of course you could do the same with a few memes and pictures of cats, but you knew that already.
We’ve come across extremely expensive photocopiers that also fax, scan to email, and generally have too many features to list. [Eduardo Luis] figured out how to implement some of this type office magic using very inexpensive components. Specifically, he can press one button to scan a document and send it to an email address.
The user controls patch into the RPi GPIO header. There’s the button we already mentioned, a red LED for “System Busy”, and a green one for “System Status”. A set of scripts montor the button and drive the LEDs. When it’s time to scan, the RPi uses the scanimage package to capture a .PNM file, then converts it to .JPG before sending it via email using the mutt package.
We’d love to see a character LCD and a few more buttons added to the setup. This way you could select between different recipients (or even send via fax). And there’s always the possibility of connecting a printer to the other USB port on the RPi to make it work as a photocopier too.
You can catch a demo video after the jump.
Continue reading “One-button scan to email using Raspberry Pi”
[Tinkerer] bought a small cupboard from an antique store to fit nicely into his kitchen decor. After getting it home, he realized that some of the cubbyholes had originally housed drawers. The originals were long gone but this provided an opportunity for him to make the replacements seen above.
The first design approach that popped into [Tinkerer’s] mind was to draw the pieces in an editor like Inkscape. Some consultation with others at the local Hackerspace led him to this script-based parametric SVG design tool. We jumped right in to give it a whirl, clicking on Load –> Construction (category) –> Better Box. Once you’ve chosen the script, click on ‘Parameters’ on the left column and enter the sizing you want for your box. When all values are correct, click the renter tab, then export it as a Scalable Vector Graphic.
We’ve lamented time and again about our lack of a laser cutter, so we were unable to test this out. But we can’t see why it wouldn’t reproduce the same results that [Tinkerer] achieved.