DIY Smart Home Device Means No More Fumbling in the Dark

Smart home tech is on the rise, but cost or lack of specific functionality may give pause to prospective buyers. [Whiskey Tango Hotel] opted to design their own system using a Raspberry Pi and Bluetooth device connectivity. Combining two ubiquitous technologies provides a reliable proximity activation of handy functions upon one’s arrival home.

Electrical Wiring Diagram

The primary function is to turn on a strip of LEDs when [Whiskey Tango Hotel] gets home to avoid fumbling for the lights in the dark, and to turn them off after a set time. The Raspberry Pi and Bluetooth dongle detect when a specified discoverable Bluetooth device comes within range — in this case, an iPad — after some time away. This toggles the Pi’s GP10 outputs and connected switching relay while also logging the actions to the terminal and Google Drive via IFTTT.

Continue reading “DIY Smart Home Device Means No More Fumbling in the Dark”

Face-slapping security gaff in stored-value cards

The laundry machines at [Hans Viksler’s] apartment were converted over from coin operation to stored value cards. We’ve all dealt with these cards before and [Hans] thought it would be fun to do a little sniffing around at how this particular company implements them. We’ve covered how to read these cards and there have been several stories regarding how to bypass the security that they use.

But [Hans] wasn’t interested in stealing value, just in seeing how things work. So he stuck the card in his reader and after looking around a bit he figured out that they use the Atmel AT88SC0404C chip. He downloaded the datasheet and started combing through the features and commands. The cards have a four-wrong-password lockout policy. He calculated that it would take an average of over two million cards to brute force the chip’s stored password. But further study showed that this is a moot point. He fed the default password from the datasheet to his card and it worked.

We know it takes quite a bit of knowledge for the average [Joe] to manipulate these cards at home, but changing the default password is literally the very least the company could have done to protect their system.