Inside Two-Factor Authentication Apps

Passwords are in a pretty broken state of implementation for authentication. People pick horrible passwords and use the same password all over the place, firms fail to store them correctly and then their databases get leaked, and if anyone’s looking over your shoulder as you type it in (literally or metaphorically), you’re hosed. We’re told that two-factor authentication (2FA) is here to the rescue.

Well maybe. 2FA that actually implements a second factor is fantastic, but Google Authenticator, Facebook Code Generator, and any of the other app-based “second factors” are really just a second password. And worse, that second password …read more

Oh Great, WPA2 Is Broken

WPA2, the standard security for Wi-Fi networks these days, has been cracked due to a flaw in the protocol. Implications stemming from this crack range from decrypting Wi-Fi, hijacking connections, and injecting content. It’s fair to say, WPA2 is now Considered Harmful. The paper is available here (PDF).

This is a proof-of-concept exploit, and like all headline-making network security stories, it has a name. It’s called KRACK, for Key Reinstallation Attack. The key insight to this exploit is a vulnerability in the handshaking between routers and devices to establish a secure connection.

This is not …read more

LEGO-compatible Electronics Kits Everywhere!

Within the last few years, a lot of companies have started with the aim to disrupt the educational electronics industry using their LEGO-compatible sets. Now they’re ubiquitous, and fighting each other for their slice of space in your child’s box of bricks. What’s going on here?

Raison D’Être

The main reason for LEGO-compatibility is familiarity. Parents and children get LEGO. They have used it. They already have a bunch. When it comes to leveling up and learning about electronics, it makes sense to do that by adding on to a thing they already know and understand, and it means they …read more

Building The Hackaday Superconference Badge

The best hardware conference is just a few weeks away. This is the Hackaday Superconference, and it’s two days of talks, an extra day of festivities, soldering irons, and an epic hardware badge. We’ve been working on this badge for a while now, and it’s finally time to share some early details. This is an awesome badge and a great example of how to manufacture electronics on an extremely compressed timetable. This is badgelife, the hardware demoscene of electronic conference badges.

So, what does this badge do? It’s a camera. It has games, and it’s designed by [Mike Harrison] of …read more

Happy Ada Lovelace Day!

Today is Ada Lovelace Day, a day to celebrate and encourage women in the fields of science and technology. The day is named after Augusta Ada King-Noel, Countess of Lovelace, born Byron. (You can see why we just call her Ada Lovelace.) She was a brilliant mathematician, and the writer of what’s probably the first real computer program — it computed the Bernoulli series. At least according Charles Babbage, in correspondence to Michael Faraday, she was an “enchanted math fairy”. Not only a proto-coder, she wrote almost all of the existing documentation about Babbage’s computation engine. She’s a stellar example …read more

See all blog entries

Exploiting Weak Crypto on Car Key Fobs
10 Comments
By Christian Trapp | October 18, 2017

[tomwimmenhove] has found a vulnerability in the cryptographic algorithm that is used by certain Subaru key fobs and he has open-sourced the software that drives this exploit. All you need to open your Subaru is a RasPi and a DVB-T dongle, so you could complain that sharing this software equates to giving out master keys to potential car thieves. On the other hand, this only works for a limited number of older models from a single manufacturer — it’s lacking in compatibility and affordability when compared to the proverbial brick.

This hack is much more useful as a case study …read more
Hackaday Prize Entry: Unlock Your PC The RFID Way
9 Comments
By Jenny List | October 18, 2017

Sometimes we see projects whose name describes very well what is being achieved, without conveying the extra useful dimension they also deliver. So it is with [Prasanth KS]’s Windows PC Lock/Unlock Using RFID. On the face of it this is a project for unlocking a Windows PC, but when you sit down and read through it you discover a rather useful primer for complete RFID newbies on how to put together an RFID project. Even the target doesn’t do it justice, there is no reason why this couldn’t be used with any other of the popular PC operating systems besides …read more
Retrotechtacular: Weather Station Kurt
11 Comments
By Jenny List | October 18, 2017

Sometimes when researching one Hackaday story we as writers stumble upon the one train of thought that leads to another. So it was with a recent look at an unmanned weather station buoy from the 1960s, which took us on a link to a much earlier automated weather station.

Weather Station Kurt was the only successful installation among a bold attempt by the German military during the Second World War to gain automated real-time meteorological data from the Western side of the Atlantic. Behind that simple sentence hides an extremely impressive technical and military achievement for its day. This was …read more
Friday Hack Chat: Energy Harvesting
10 Comments
By Brian Benchoff | October 18, 2017

Think about an Internet-connected device that never needs charging, never plugs into an outlet, and will never run out of power. With just a small solar cell, an Internet of Thing module can run for decades. This is the promise of energy harvesting, and it opens the doors to a lot of interesting questions.

Joining us for this week’s Hack Chat will be [John Tillema], CTO and co-founder of TWTG. They’re working on removing batteries completely from the IoT equation. They have a small device that operates on just 200 lux — the same amount of light that can be …read more
About That Giant Robot Battle Last Night
36 Comments
By Pedro Umbelino | October 18, 2017

Two years ago we wrote about a giant robot battle between the USA and Japan. After two years in the making, MegaBots (team USA) and Suidobashi (team Japan) were finally ready for the first giant robot fight. If you are into battle bots, you probably did not miss the fight that happened around 7:00 pm PST. If you missed it, you can watch the whole thing here.

There were two duels. First it was Iron Glory (MkII) vs. Kuratas, and after that it was Eagle Prime (MkIII) vs. Kuratas.

Be warned, spoilers ahead. …read more
Practical Public Key Cryptography
13 Comments
By Pedro Umbelino | October 18, 2017

Encryption is one of the pillars of modern-day communications. You have devices that use encryption all the time, even if you are not aware of it. There are so many applications and systems using it that it’s hard to begin enumerating them. Ranging from satellite television to your mobile phone, from smart power meters to your car keys, from your wireless router to your browser, and from your Visa to your Bitcoins — the list is endless.

One of the great breakthroughs in the history of encryption was the invention of public key cryptography or asymmetrical cryptography in the 70’s. …read more
Rescuing An Antique Saw Set
12 Comments
By Adam Fabio | October 18, 2017

Who doesn’t like old tools? Even if they aren’t practical to use for production, plenty of old tools still have a life to offer the hobbyist or home worker. Some tools might seem a bit too far gone – due to age, rust, or practicality, to use. That’s where [Hand Tool Rescue] comes in. [HTR] finds rusty, dirty old tools, and brings them back to life. Sometimes they’re practical tools, other times, they’re a bit out there. In a recent video, he restored a BeMaCo automatic saw set from the 1940’s. Saw sets are tools which bend each tooth of …read more

← Older posts

See all projects

Magic Frame : Turn Everything into a Touch Area

by jean.perardel

'Flea Ohm' FPGA Project

by Valentin Angelovski