Oh Great, WPA2 Is Broken

WPA2, the standard security for Wi-Fi networks these days, has been cracked due to a flaw in the protocol. Implications stemming from this crack range from decrypting Wi-Fi, hijacking connections, and injecting content. It’s fair to say, WPA2 is now Considered Harmful. The paper is available here (PDF).

This is a proof-of-concept exploit, and like all headline-making network security stories, it has a name. It’s called KRACK, for Key Reinstallation Attack. The key insight to this exploit is a vulnerability in the handshaking between routers and devices to establish a secure connection.

This is not …read more

LEGO-compatible Electronics Kits Everywhere!

Within the last few years, a lot of companies have started with the aim to disrupt the educational electronics industry using their LEGO-compatible sets. Now they’re ubiquitous, and fighting each other for their slice of space in your child’s box of bricks. What’s going on here?

Raison D’Être

The main reason for LEGO-compatibility is familiarity. Parents and children get LEGO. They have used it. They already have a bunch. When it comes to leveling up and learning about electronics, it makes sense to do that by adding on to a thing they already know and understand, and it means they …read more

Building The Hackaday Superconference Badge

The best hardware conference is just a few weeks away. This is the Hackaday Superconference, and it’s two days of talks, an extra day of festivities, soldering irons, and an epic hardware badge. We’ve been working on this badge for a while now, and it’s finally time to share some early details. This is an awesome badge and a great example of how to manufacture electronics on an extremely compressed timetable. This is badgelife, the hardware demoscene of electronic conference badges.

So, what does this badge do? It’s a camera. It has games, and it’s designed by [Mike Harrison] of …read more

Happy Ada Lovelace Day!

Today is Ada Lovelace Day, a day to celebrate and encourage women in the fields of science and technology. The day is named after Augusta Ada King-Noel, Countess of Lovelace, born Byron. (You can see why we just call her Ada Lovelace.) She was a brilliant mathematician, and the writer of what’s probably the first real computer program — it computed the Bernoulli series. At least according Charles Babbage, in correspondence to Michael Faraday, she was an “enchanted math fairy”. Not only a proto-coder, she wrote almost all of the existing documentation about Babbage’s computation engine. She’s a stellar example …read more

Our Reactions to the Treatment of Robots

Most of us have seen employees of Boston Dynamics kicking their robots, and many of us instinctively react with horror. More recently I’ve watched my own robots being petted, applauded for their achievements, and yes, even kicked.

Why do people react the way they do when mechanical creations are treated as if they were people, pets, or worse? There are some very interesting things to learn about ourselves when considering the treatment of robots as subhuman. But it’s equally interesting to consider the ramifications of treating them as human.

The Boston Dynamics Syndrome

Shown here are two snapshots of Boston …read more

See all blog entries

Echo Dot Finds Swanky New Home In Art Deco Speaker
3 Comments
By Tom Nardi | October 16, 2017

The phrase “They don’t make them like they used to” is perhaps best exemplified by two types of products: cars and consumer electronics. Sure, the vehicles and gadgets we have now are so advanced that they may as well be classified as science-fiction when compared to their predecessors, but what about that style. Our modern hardware can rarely hold a candle to the kind of gear you used to be able to buy out of the “Sears, Roebuck and Company” catalog.

So when [Democracity] came into possession of a wickedly retro art deco speaker, it’s no surprise he saw …read more
Aussies Propose Crackdown On Insecure IoT Devices
15 Comments
By Jenny List | October 16, 2017

We’ve all seen the stories about IoT devices with laughably poor security. Both within our community as fresh vulnerabilities are exposed and ridiculed, and more recently in the wider world as stories of easily compromised baby monitors have surfaced in mass media outlets. It’s a problem with its roots in IoT device manufacturers treating their products as appliances rather than software, and in a drive to produce them at the lowest possible price.

The Australian government have announced that IoT security is now firmly in their sights, announcing a possible certification scheme with a logo that manufacturers would be able …read more
Hackaday Prize Entry: Giving Phones Their Tactile Buttons Back
3 Comments
By Brian Benchoff | October 16, 2017

In the before-times, we could send text messages without looking at our phones. It was glorious, and something 90s Kids™ wish we could bring to our gigantic glowing rectangles stuck in our pocket. For his Hackaday Prize Entry, [Kyle] is bringing just a little bit of this sightless functionality back to the modern smartphone. He’s building a tactile remote control for smartphones. With this device, you can navigate through icons, push buttons, and even zoom in on maps with real, physical controls.

This keyboard is built around a handful of Cherry MX mechanical key switches for a great tactile feel, …read more
Active Discussion About Passive Components
17 Comments
By Bob Baddeley | October 16, 2017

People talk about active and passive components like they are two distinct classes of electronic parts. When sourcing components on a BOM, you have the passives, which are the little things that are cheaper than a dime a dozen, and then the rest that make up the bulk of the cost. Diodes and transistors definitely fall into the cheap little things category, but aren’t necessarily passive components, so what IS the difference? …read more
The Fine Art of Heating And Cooling Your Beans
21 Comments
By Tom Nardi | October 16, 2017

They say that if something is worth doing, it’s worth doing right. Those are good words to live by, but here at Hackaday we occasionally like to adhere to a slight variation of that saying: “If it’s worth doing, it’s worth overdoing”. So when we saw the incredible amount of work and careful research [Rob Linnaeus] was doing just to roast coffee beans, we knew he was onto something.

The heart of his coffee roaster is a vortex chamber with an opening on the side for a standard heat gun, and an aperture in the top where an eight cup …read more
Inside Two-Factor Authentication Apps
39 Comments
By Elliot Williams | October 16, 2017

Passwords are in a pretty broken state of implementation for authentication. People pick horrible passwords and use the same password all over the place, firms fail to store them correctly and then their databases get leaked, and if anyone’s looking over your shoulder as you type it in (literally or metaphorically), you’re hosed. We’re told that two-factor authentication (2FA) is here to the rescue.

Well maybe. 2FA that actually implements a second factor is fantastic, but Google Authenticator, Facebook Code Generator, and any of the other app-based “second factors” are really just a second password. And worse, that second password …read more
Oh Great, WPA2 Is Broken
98 Comments
By Brian Benchoff | October 16, 2017

WPA2, the standard security for Wi-Fi networks these days, has been cracked due to a flaw in the protocol. Implications stemming from this crack range from decrypting Wi-Fi, hijacking connections, and injecting content. It’s fair to say, WPA2 is now Considered Harmful. The paper is available here (PDF).

This is a proof-of-concept exploit, and like all headline-making network security stories, it has a name. It’s called KRACK, for Key Reinstallation Attack. The key insight to this exploit is a vulnerability in the handshaking between routers and devices to establish a secure connection.

This is not …read more

← Older posts

See all projects

Magic Frame : Everything is a Touch Area

by jean.perardel

'Flea Ohm' FPGA Project

by Valentin Angelovski