Securing your Keurig with RFID

keurig-hacking

[Andrew Robinson] and his co-workers are lucky enough to have a Keurig coffee maker in their office, though they have a hard time keeping track of who owes what to the community coffee fund. Since K-Cups are more expensive than bulk coffee, [Andrew] decided that they needed a better way to log everyone’s drinking habits in order to know who needs to cough up the most cash at the end of the month.

He started by tearing down the Keurig B40, making note of the various PCBs inside while identifying the best way to go about hacking the device. The coffee maker is controlled by a PIC, and rather than try to re-engineer things from the bottom up, he left the core of the machine intact and focused on the control panel instead.

He disconnected all of the unit’s buttons from the control board, routing them through an Arduino before reconnecting them to the machine. This essentially rendered the machine inoperable unless triggered by the Arduino, giving [Andrew] control over the brewing process. He wired in an RFID reader from SparkFun, then got busy coding his security/inventory system. Now, when someone wants coffee, they merely need to swipe their office access card over the machine, which enables the use of its control panel.

As you can see in the video below the system seems to work well. If we were to offer some constructive criticism, we would suggest ditching the laptop and rolling the RFID reading/verification into the Arduino instead – other than that, we think it’s great.

[Read more...]

Researchers claim that HP laser printers can be hijacked to steal data and catch fire

hp-laserprinter-security-holes

The news was abuzz yesterday with coverage of a study released by Columbia University researchers warning consumers that HP laser printers are wide open to remote tampering and hacking. The researchers claim that the vast majority of printers from HP’s LaserJet line accept firmware updates without checking for any sort of digital authentication, allowing malicious users to abuse the machines remotely. The researchers go so far as to claim that modified firmware can be used to overheat the printer’s fuser, causing fires, to send sensitive documents to criminals, and even force the printers to become part of a botnet.

Officials at HP were quick to counter the claims, stating that all models built in 2009 and beyond require firmware to be digitally signed. Additionally, they say that all of the brand’s laser printers are armed with a thermal cutoff switch which would mitigate the fuser attack vector before any real fire risk would present itself. Despite HP’s statements, the researchers stand by their claims, asserting that vulnerable printers are still available for purchase at major office supply stores.

While most external attacks can easily be prevented with the use of a firewall, the fact that these printers accept unsigned firmware is undoubtedly an interesting one. We are curious to see if these revelations inspire anyone to create their own homebrew LaserJet firmware with advanced capabilities (and low toner warning overrides), or if this all simply fizzles out after a few weeks.

RFID reading and spoofing

Locks are always temporary hindrances. After deciding to open the RFID-secured lock in his department, [Tixlegeek] built a device to read and spoof RFID tags (French, Google translate here).

The system is built around an ATMega32 microcontroller with a 16×2 LCD display. A commercial RFID reader module takes care of all the sniffing/cloning duties, and a small modulation circuit handles pumping those bits over to a lock. Right now, the spoofer can only handle reading and spoofing 125kHz RFID tags with no encryption or authorization. A tag that’s more complex than the duct tape RFID tag doesn’t work.

[Tixlegeek]‘s little project does open up a few interesting avenues of exploring stuff that’s most certainly illegal. A smaller version of the project could be emplaced near a door or other RFID reader and left to crack a lock with a 32+62 bit password at 125 kilohertz. It wouldn’t be the fastest safecracker in the business, but it would work automatically as long as there is power.

If you’ve got any other ideas on what [Tixlegeek]‘s RFID spoofer could do, leave a note in the comments.

Beer security system keeps freeloaders out of your stash

beer-security

The crew at the Milwaukee Hackerspace are pretty serious about their beer. They used to have a fridge filled with cans, available to all at the hackerspace, but they decided to beef things up and create a secured beer dispensing system.

Like many others we have seen, their kegerator is built into an old refrigerator, complete with a tap built into the door. To ensure that interlopers are kept from their precious brew, they have secured the refrigerator using an Arduino and RFID tags to grant access. They use the same RFID key fobs members carry to gain access to the space for tracking beer consumption, unlocking the tap whenever a valid tag is swiped past the sensor.

They are still in the midst of tweaking and revising the system, but it looks good so far. It’s a great way to keep uninvited guests from their beer stash, while giving them a way to track consumption at the same time. We’re looking forward to seeing more details and code once things are completely wrapped up.

[via BuildLounge]

Simple circuit reminds you to lock the door as you rush out of the house

door_lock_minder

It seems that [pppd] is always rushing out of his apartment to catch the bus, and he finds himself frequently questioning whether or not he remembered to lock the door. He often doubles back to check, and while he has never actually forgotten to lock the door, he would rather not deal with the worry.

Since he finally had some free time on his hands, he decided to put together a simple device that would help end his worry once and for all. Using an ATtiny13, [pppd] designed a circuit that would detect when his door has been unlocked and opened, beeping every few seconds until the lock is reengaged. The circuit relies on a reed switch installed inside the door frame, which is tripped by the magnet he glued to his door’s deadbolt.

He says that the system works well so far, though he does have a few improvements in mind already.

Security system gives you a call when it senses intruders

gsm_motion_detector_alarm_system

[Dimitris] decided to build a homemade alarm system, but instead of triggering a siren, sending an SMS message, or Tweeting about an intrusion, he preferred that his system call him when there was trouble afoot. He says that he preferred a call over text messaging because there are no charges associated with the call if the recipient does not pick up the line, which is not the case with SMS.

The system is based around an off the shelf motion detector that was hacked to work with an old mobile phone. The motion detector originally triggered a siren, but he stripped out the speaker and wired it to a bare bones Arduino board he constructed. The Arduino was in turn connected to the serial port of an unused Ericssson T10s mobile phone. This allows the Arduino to call his mobile phone whenever the motion detector senses movement.

The system looks to be quite useful, and while [Dimitris] didn’t include all of the code he used, he says others should be able to replicate his work without too much trouble.

Gyroscope-based smartphone keylogging attack

smartphone_keylogging_with_gyroscopes

A pair of security researchers have recently unveiled an interesting new keylogging method (PDF Research Paper) that makes use of a very unlikely smartphone component, your gyroscope.

Most smart phones now come equipped with gyroscopes, which can be accessed by any application at any time. [Hao Chen and Lian Cai] were able to use an Android phone’s orientation data to pin down what buttons were being pressed by the user. The attack is not perfect, as the researchers were only able to discern the correct keypress about 72% of the time, but it certainly is a good start.

This side channel attack works because it turns out that each button on a smart phone has a unique “signature”, in that the phone will consistently be tilted in a certain way with each keypress. The pair does admit that the software becomes far less accurate when working with a full qwerty keyboard due to button proximity, but a 10 digit pad and keypads found on tablets can be sniffed with relatively good results.

We don’t think this is anything you should really be worried about, but it’s an interesting attack nonetheless.

[Thanks, der_picknicker]