Developed on Hackaday: Vote for your Favorite Card Art

A few weeks ago we asked our dear readers if they were interested in coming up with some card art for the Mooltipass project. We received more than a dozen of them and a few days ago the HaD project Mooltipass followers/Mooltipas Google group recipients voted for their favorite ones.

Today we’ll present you the three popular ones and ask you to pick your favorite, so please follow us after the break…

[Read more...]

Developed on Hackaday: 2 Days Left to Submit your Design!

We’re sure that many of Hackaday readers already know that one of the two main components of the Mooltipass project is a smart card, containing (among others) the AES-256 encryption key. Two weeks ago we asked if you’d be interested coming up with a design that will be printed on the final card. As usual, many people were eager to contribute and recently sent us a few suggestions. If you missed the call and would like to join in, it’s not too late! You may still send your CMYK vector image at mathieu[at]hackaday[dot]com by sunday. More detailed specifications may be found here.

In a few days we’ll also publish on Hackaday a project update, as we recently received the top and bottom PCBs for Olivier’s design. The low level libraries will soon be finished and hopefully a few days later we’ll be able to ship a few devices to developers and beta testers. We’re also still looking for contributors that may be interested in helping us to develop browser plugins.

The Mooltipass team would also like to thank our dear readers that gave us a skull on Hackaday projects!

Developed on Hackaday: Need Card Art — Who Likes to Draw?

Our offline password keeper project (aka Mooltipass) is quite lucky to have very active (and very competent) contributors. [Harlequin-tech] recently finished our OLED screen low level graphics library which (among others) supports RLE decompression, variable-width fonts and multiple bit depths for fonts & bitmaps. To make things easy, he also published a nice python script to automatically generate c header files from bitmap pictures and another one to export fonts.

[Miguel] finished the AES encryption/decryption schemes (using AES in CTR mode) and wrote an awesome readme which explains how everything works and how someone may check his code using several standardized tests. We highly encourage readers to make sure that we didn’t make any mistake, as it was one of you that suggested we migrate to CTR mode (thanks [mate]!).

On the hardware side, we launched into production the top & bottom PCBs for Olivier’s design. We’re also currently looking for someone that has many Arduino shields to make sure that they can be connected to the Mooltipass. A few days ago we successfully put the Arduino bootloader inside our microcontroller and made the official Arduino Ethernet shield work with it.

Finally, as you may have guessed from the picture above our dear smart card re-sellers can pretty much print anything on them (these are samples). If one of you is motivated to draw something, please contact me at mathieu[at]!

On a (way) more childish note, don’t hesitate to give a skull to the mooltipass on HaD projects so it may reclaim its rightful spot as “most skulled“.

Chameleon Emulates Contactless Smart Cards


Researchers at Ruhr University of Bochum in Germany have been busy working with RFID and related devices for quite some time now. They call the fruit of their labors Chameleon, a versatile Contactless Smart Card Emulator. Contactless Smart Cards are RFID style devices that also contain a smart card style memory. These cards are often used for payment, replacing mag strip style credit cards. Philips MIFARE Classic cards are a common example of contactless smart cards. The Chameleon is set up to emulate any number of cards using the common 13.56MHz frequency band. Adding a new card is as simple as loading up a new CODEC  and application to the firmware. Currently Chameleon can emulate MIFARE cards using the ISO14443A.

The Chameleon is completely open source, and can be built for around $25 USD. The heart of the system is an Atmel ATxmega192A3 microcontroller. The 192 is a great microcontroller for this task because it contains hardware accelerators for both DES and AES-128. An FTDI USB interface chip is used to provide an optional communication link between a host computer and the ATxmega. The link can be used for debugging, as well as manipulating data in real-time. A host PC is not necessary for use though – the Chameleon will operate just fine as a stand alone unit. We definitely like this project – though we’re going to be doubling down on the shielding in our RF blocking wallets.

Developed on Hackaday: Let’s Build Some Hardware!


We’re pretty sure that most of you already know that a few months ago Hackaday was bought by SupplyFrame, who therefore became our new evil overlords. We do hope you’ve noticed that they’re actually quite nice, and in their divine goodness they recently gave the go-ahead on this series called Developed on Hackaday.

A new project will be made by the Hackaday staff & community and will hopefully be brought to the consumer market. For those who don’t have the time/experience to get involved in this adventure, we want to show and document what it takes to bring an idea to the marketable product stage. For the others, we would like to involve you in the design/development process as much as possible. Obviously, this project will be open source hardware/software. This time around, the hardware will mainly be developed by yours truly. You may already know me from the whistled platform (currently sold on Tindie) or from all the different projects described on my website, which makes this new adventure far from being my first rodeo.

What’s in it for the contributors? During all the steps of this project, we’ll offer many rewards as well as hand-soldered first prototypes of the device so you can start playing/testing it. Nothing is set in stone so every suggestion is welcome. Should we make a Kickstarter-like campaign to manufacture the final product, we’ll only do so once our prototype is final, our partners are chosen and all details of the production process are set and confirmed. In that case, we will just need to gather the required funds to make the device a reality. What are we going to build? Keep reading to find out.

[Read more...]

Signal sniffing some laundry pay cards

It seems that [Limpkin] was up to no good this weekend. He decided to snoop around inside a smart-card laundry machine. He posted about his larceny  adventure and shared the details about how card security works with this machine.

We’re shocked that the control hardware is not under lock and key. Two screws are all that secures the panel to which this PCB is mounted. We know that machines using coins have a key lock, but perhaps there isn’t much need for that if there’s no currency to steal. [Limpkin] made a pass-through connector for the ribbon cable coming in from the card reader. That’s the rainbow cable you can see above and it’s being fed to his logic sniffer. He used the ‘card detect’ signal as a trigger and captured enough data to take back to his lair for analysis. Using what he found and a Bus Pirate to test the smart card he laid bare all the data that’s being sent and received by the controller.

RFID reader gets user inputs and smart card write capability

[Navic] added a slew of abilities to his RFID reader. It’s now a full-featured RFID reader and smart card writer with extras. When we looked at it last time the unit was just an RFID and smart card reader in a project enclosure. You could see the RFID code of a tag displayed on the LCD screen, but there wasn’t a lot more to it than that.

The upgrade uses the same project enclosure but he’s added four buttons below the display. These allow him to access the different features that he’s implemented. The first one, which is shown in the video after the break, allows him to store up to six tags in the EEPROM of the Basic Stamp which drives the unit. He can dump these tag codes to a smart card (pictured above), but also has the option of interfacing with a PC to read from and write to that card.

We don’t think you can directly write RFID tags with the device, but we could be wrong.

[Read more...]