In a little less than two weeks, the biannual HOPE conference in NYC will be in full swing. Attendance is more than likely to put you on a list somewhere, so of course we’ll be setting up shop, enjoying the sights and sounds, and throwing swag at hundreds of attendees.
Highlights of HOPE X include a keynote from [Daniel Ellisburg], a video conference with [Edward Snowden], a Q&A with the EFF, a talk I’ll certainly be attending, and the always popular talk on social engineering headed up by [Emmanuel Goldstein].
As with all our extracurriculars, Hackaday will be giving out some swag (200+ tshirts, stickers, and THP goodies), and manning a vendor booth. Look for the eight foot Hackaday flag held up with duct tape. We’ll also be doing the usual video and blog thing from HOPE, for all of you who can’t attend thanks to your company’s security reviews, and some super secret things I can’t believe the overlords signed off on.
In other 2600 news, they ain’t doin too good, with tens of thousands of dollars of debt thanks to rather crappy legal stuff with their distributors. Buying a ticket would help the 2600 guys out, as would buying July’s issue (also on Kindle).
There are thousands upon thousands of papers discussing various aspects of embedded hardware security, and dozens of books covering the same subject. The attacks discussed in the literature are very cool – things like side-channel power analysis and clock glitching used to extract keys from a system. The experimental setups in these papers are extraordinarily expensive – you can buy a new car for less. [coflynn] was disheartened with the price of these tools, and thought building his own would make for a great entry to The Hackaday Prize.
The hardware part of the ChipWhisperer includes a breakout board with an FPGA, ADC, and connectors for a lot of different probes, adapters, breakout boards, and a target board, With all these tools, it’s not unreasonable to say that [coflynn] could carry out a power analysis attack on a lot of embedded hardware.
Open source hardware is just one part of this entry. The biggest focus of this project is the open source software for analyzing whatever the probes and target boards record. With this software, anyone can monitor the power used when a chip runs a cryptographic function, or glitch a clock for some unintended functionality in a device. In keeping with the academic pedigree of all the literature on these attacks, there are a ton of tutorials for the ChipWhisperer for all those budding security researchers out there. Very cool stuff, and arguably one of the most technical entries to The Hackaday Prize.
The project featured in this post is an entry in The Hackaday Prize. Build something awesome and win a trip to space or hundreds of other prizes.
Continue reading “THP Entry: Embedded Hardware Security With The ChipWhisperer”
We’ve all been there. Your roommate is finally out of the house and you have some time alone. Wait a minute… your roommate never said when they would be back. It would be nice to be warned ahead of time. What should you do? [Mattia] racked his brain for a solution to this problem when he realized it was so simple. His roommates have been warning him all along. He just wasn’t listening.
Most Hackaday readers probably have a WiFi network in their homes. Most people nowadays have mobile phones that are configured to automatically connect to these networks when they are in range. This is usually smart because it can save you money by not using your expensive 4G data plan. [Mattia] realized that he can just watch the wireless network to see when his roommates’ phones suddenly appear. If their devices appear on the network, it’s likely that they have just arrived and are on their way to the front door.
Enter wifinder. Wifinder is a simple Python script that Mattia wrote to constantly scan the network and alert him to new devices. Once his roommates are gone, Mattia can start the script. It will then run NMap to get a list of all devices on the network. It periodically runs NMap after this, comparing the new host list to the old one. If any new devices show up, it alerts with an audible beep and a rather hilarious output string. This type of scanning is nothing new to those in the network security field, but the use case is rather novel.
RFID security systems have become quite common these days. Many corporations now use RFID cards, or badges, in place of physical keys. It’s not hard to understand why. They easily fit inside of a standard wallet, they require no power source, and the keys can be revoked with a few keystrokes. No need to change the locks, no need to collect keys from everyone.
[Shawn] recently set up one of these systems for his own office, but he found that the RFID cards were just a bit too bulky for his liking. He thought it would be really neat if he could just use his cell phone to open the doors, since he always carries it anyways. He tried searching for a cell phone case that contained an RFID tag but wasn’t able to come up with anything at the time. His solution was to do it himself.
[Shawn] first needed to get the RFID tag out of the plastic card without damaging the chip or antenna coil. He knew that acetone can be used to melt away certain types of plastic and rubber, and figured he might as well try it out with the RFID card. He placed the card in a beaker and covered it with acetone. He then sealed the beaker in a plastic bag to help prevent the acetone from evaporating.
After around 45 minutes of soaking, [Shawn] was able to peel the plastic layers off of the electronics. He was left with a tiny RFID chip and a large, flat copper coil. He removed the cover from the back of his iPhone 4S and taped the chip and coil to the inside of the phone. There was enough room for him to seal the whole thing back up underneath the original cover.
Even though the phone has multiple radios, they don’t seem to cause any noticeable interference. [Shawn] can now just hold his phone up to the RFID readers and open the door, instead of having to carry an extra card around. Looking at his phone, you would never even know he modified it.
[Thanks Thief Dark]
Do it yourself garage door openers must be all the rage nowadays. We just got word of another take on this popular idea. [Giles] was commissioned by his friend to find a way to control the friend’s garage door using a smart phone. The request was understandable, considering the costly garage door remote and the fact that the buttons on the expensive remote tended to fail after a while. The inspiration for this project came from some YouTube videos of other similar projects. Those projects all paired an Arduino with a Bluetooth headset in order to control the door from a mobile phone. [Giles] understood that while this would get the job done, it wouldn’t be very secure. Bluetooth headsets typically connect to mobile phones using a four digit PIN. Many of them have known default PINs and even if the default is changed, it wouldn’t take very long to guess a four digit PIN. [Giles] knew he had to find a more secure way.
Continue reading “Arduino Garage Door Opener is Security Minded”
[Frank] knows how important backups are for data security, but his old method of plugging a hard drive in to take manual backups every so often is not the most reliable or secure way of backing up data. He realized he was going to need a secure, automated solution. He didn’t need a full-sized computer with a ton of power; why waste electricity for something so simple? His solution was to use a Raspberry Pi as the backup computer.
The main problem he faced with the Pi was finding a way to make it rack mountable. [Frank] started with an empty 1U server case. He then had to bend a few metal plates in order to securely mount the backup drive into the case. A couple of small rubber pads help dampen any vibrations caused by the hard drive.
The computer power supply was able to put out the 12V needed for the hard disk, but not the 5V required to run the Pi. [Frank’s] solution was to use an LM2596 based switching supply to turn the 12V into 5V. He soldered the power supply wires directly to the Pi, thinking that a USB plug might vibrate loose over time. Mounting the Pi to the computer case should have been the trickiest part but [Frank] made it easy by simply gluing the Pi’s plastic case to the inside of the computer case. When all was said in done, the backup server pulls 29W under full load, 9W with the disk spinning, and only about 2W in an idle state.
On the software side of things, [Frank’s] backup box uses bash shell scripts to get the job done. The Pi connects to his main server via VPN and then the bash scripts use rsync to actually collect the files. The system not only saves backups every night, but also keeps week old backups just in case. If you are really paranoid about your backups, try hooking up a custom battery backup solution to your Pi. If a Pi just isn’t doing it for you, you can always try one of many other methods.
We’re sure that many of Hackaday readers already know that one of the two main components of the Mooltipass project is a smart card, containing (among others) the AES-256 encryption key. Two weeks ago we asked if you’d be interested coming up with a design that will be printed on the final card. As usual, many people were eager to contribute and recently sent us a few suggestions. If you missed the call and would like to join in, it’s not too late! You may still send your CMYK vector image at mathieu[at]hackaday[dot]com by sunday. More detailed specifications may be found here.
In a few days we’ll also publish on Hackaday a project update, as we recently received the top and bottom PCBs for Olivier’s design. The low level libraries will soon be finished and hopefully a few days later we’ll be able to ship a few devices to developers and beta testers. We’re also still looking for contributors that may be interested in helping us to develop browser plugins.
The Mooltipass team would also like to thank our dear readers that gave us a skull on Hackaday projects!