Month: February 2016

Breaking SimpliSafe Security Systems With Software Defined Radio

February 23, 2016 by 49 Comments

The SimpliSafe home security system is two basic components, a keyboard and a base station. Sensors such as smoke detectors, switches, and motion sensors can be added to this system, all without a wired installation. Yes, this security system is completely wireless. Yes, you can still buy a software defined radio for ten dollars. Yes, the device has both “simple” and “safe” in its name. We all know where this is going, right?

Last week, [Andrew Zonenberg] at IOActive published a security vulnerability for the SimpliSafe wireless home security system. As you would expect from an off-the-shelf, wireless, DIY security system, the keypad and base station use standard 433 MHz and 315 MHz ISM band transmitters and receivers. [Dr. Zonenberg]’s attack on the system didn’t use SDR; instead, test points on the transmitters were tapped and messages between the keypad and base station were received in cleartext. When the correct PIN is entered in the keypad, the base station replies with a ‘PIN entered’ packet. Replaying this packet with a 433 MHz transmitter will disable the security system.

[Michael Ossmann] took this one step further with a software defined radio. [Ossmann] used a HackRF One to monitor the transmissions from the keypad and turned to a cheap USB SDR dongle to capture packets. Replaying keypad transmissions were easy, but with a little bit more work new attacks can be found. The system can be commanded to enter test mode even when the system is armed bypassing notifications to the owner.

It’s a hilarious failure of wireless security, especially given the fact that this exploit can be performed by anyone with $100 in equipment. With a little more effort, an attacker can execute a PIN replay from a mile away. Sadly, failures of security of this magnitude are becoming increasingly common. There will assuredly be more attacks of this kind in the future, at least until hardware manufacturers start taking the security (of their security products) seriously.

A Slew Of Open-Source Synthesizers

February 23, 2016 by 57 Comments

Hackaday reader [Jan Ostman] has been making microcontroller-based DIY synthesizers for quite a while now. Recently, he’s opened up the source for a lot of them so that you can play along at home. All of these virtual-analog synths and soundmakers can be realized on an Arduino or AVR ATmega328 if you happen to have one lying around.

Extra parts like a keyboard, some pushbuttons, or some potentiometer knobs to twiddle won’t hurt if you’d like to make something more permanent or more obviously playable, like [Jan] does. On the other hand, if you’d just like to get your feet wet, I’ve tweaked his code to be more immediately plug-and-play. The code is straightforward enough that it’s a good learning platform. So let’s take a quick tour through three drum machines and a string synth, each of which you can build on a breadboard in just a few minutes.

To install on an Arduino UNO, fetch the zip file from this GitHub repository, and move each subfolder to your Arduino sketch directory. You’re ready to play along.

Continue reading “A Slew Of Open-Source Synthesizers”

Sputnik’s Transmitter Beeps Again

February 23, 2016 by 36 Comments

Sputnik. The first artificial satellite, the launch of which precipitated the space race. Without the frenetic pace of technological advancement as the USA and the USSR vied with each other during the decade following its launch it is safe to say that we might not yet have many of the tools and components we take for granted as electronics enthusiasts and makers today.

[Frank Waarsenburg PA3CNO] has taken on the interesting task of recreating one of the Sputnik radio transmitters using a set of the original Russian tubes.

Sputnik itself was an astounding achievement for the team of engineers and scientists who put it into orbit, but the drive to beat the USA to the post within the 1957 International Geophysical Year meant that it was a surprisingly simple device. A sphere pressurised with nitrogen and with those iconic whip antennas mounted on its outside, containing a battery, 20 and 40 MHz tube radio transmitters, and a fan cooling system. Its design was a Soviet state secret, but in 2013 [Oleg, RV3GM] located the schematic used for the transmitter.

The tubes are slightly unusual, being a wire-ended design with all electrodes mounted on rods the length of the glass envelope. This design feature gave them a resistance to acceleration and vibration, making them suitable for use in aircraft, missiles, and rockets.

[Frank] faced one or two hurdles during his construction, including the development of a suitable power supply and finding an unfortunate bug in the Russian schematic. If you speak Dutch or are prepared to use a translation tool his full write-up can be found in the Dutch-language RAZzies magazine, December issue featuring the power supply (PDF, Dutch), and January issue featuring the transmitter (PDF, Dutch).

The Sputnik satellite has not appeared on its own in these pages before, but we have recently featured the early OSCAR amateur radio satellites and the revival of a piece of space-race-era Soviet rocket technology.

Via [Stefan, HB9TWS], whose English-language coverage of the transmitter was of great help.

Worlds Collide: Hot Rodders And Hackers

February 23, 2016 by 59 Comments

When we think of the average hot rodder, we think of guys and gals that love anything on four wheels. They’re good with hand tools, fabrication and know the ins and outs of the internal combustion engine. Their tools of the trade are welders, grinders and boxed-end wrenches. But their knowledge of electric circuits doesn’t go beyond wiring up a 12 volt DC tail light. On the surface, the role of a hot rodder would seem quite different from that of a hardware hacker. But if you abstract what they do, you find that they take machines and modify their design to make them do something more than they were originally designed to do. When viewed in this light, hot rodders are hackers.
Continue reading “Worlds Collide: Hot Rodders And Hackers”

Turn Your Laser Cutter Into An SLS 3D Printer

February 23, 2016 by 18 Comments

Filament style 3D printers are great, but typically are rather size limited. Laser sintering printers offer huge print beds, but also come with quarter million dollar price tags. What are we supposed to do? Well, thanks to OpenSLS, it might just be possible to turn your laser cutter into your very own SLS 3D printer.

We’ve covered OpenSLS a few times before, but it looks like it’s finally becoming a more polished (and usable) solution. A research article was just recently published on the Open-Source Selective Laser Sintering (OpenSLS0 of Nylon and Biocompatible Polycaprolactone (PDF) that goes over the design and construction of a powder handling module that drops right into a laser cutter.

The team has created the hardware to turn a laser cutter with a bed size of 60cm x 90cm into an SLS printer. The beauty? The majority of the hardware is laser cut which means you already have the means to convert your laser cutter into a 3D printer.

The design files are available on their GitHub. Hardware will likely cost you around $2000, which is peanuts compared to the commercial laser sintering printers. There is tons of info in their article — too much for us to cover in a single post. If you end up building one, please let us know!

555 Teardown And Analysis

February 23, 2016 by 9 Comments

If you are even remotely interested in electronics, chances are the number ‘555’ is immediately recognizable. It is, after all, one of the most popular IC’s ever built, with billions of units sold to date. Designed way back in 1970 by Hans Camenzind, it is still widely available and frequently used for various applications. [Ken Shirriff] does a teardown and analysis of a 555 and gives us a look at the internal structure of this oldie.

A metal can package allowed him to just chop off the top and get access to the die, which was way safer and easier than to etch out the black epoxy of a DIP package. He starts by giving us a quick run down on how the chip works, showing us the two comparators, the output flip-flop and the capacitor discharge circuitry that make up most of the chip. He then puts the die under a metallurgical microscope, and starts identifying the various sections of the chip. Combining pictures of individual elements with cross-sectional diagrams, he identifies the construction of the transistors and resistors, the use of a current mirror to replace bulky resistors, and the differential pair that makes up the comparators.

He wraps it up by providing an interactive map of the die and the schematic, where you can click on various parts and the corresponding component is highlighted along with an explanation of what it does. There’s some interesting trivia about how a redesigned, improved version – the ZSCT1555 – couldn’t survive the popularity and success of the 555. He wraps it up with a useful list of notes and references. While de-capping blog posts are interesting on their own, [Ken] does a great job by giving us a detailed look at the internals.

Thanks [Vikas] for sending in this tip.

Lego Nuclear Reactor Uses Arduino

February 22, 2016 by 45 Comments

Before the NSA deletes this post, we’ll be clear: We’re talking about a model of a nuclear reactor, not the real thing. Using Legos, [wgurecky] built a point kinetic reactor model that interfaces with the reactor simulator, pyReactor.

Even without the Lego, the Python code demonstrates reactor control in several modes. In power control mode, the user sets a power output, and the reactor attempts to maintain it. In control rod mode, the user can adjust the position of the control rods and see the results.

If things get out of hand, there’s a SCRAM button to shut the reactor down in a hurry. The Lego model uses an Arduino to move the rods up and down (using a servo) and controls the simulated Cherenkov radiation (courtesy of blue LEDs).

We’ve been excited to see more high schools with significant engineering programs. This would be a good project for kids interested in nuclear engineering. It certainly is a lot safer than one of our previous reactor projects.