Day: March 28, 2016

HVAC Techs – Hackers Who Make House Calls

March 28, 2016 by 44 Comments

It’s been said that hackers are enamored with complex networks. In the 60s and 70s, the telephone network was the biggest around, singing a siren song to an entire generation of blue-boxing phone phreaks. I started a bit closer to the house. As a child I was fascinated by the heating system in the basement of our home: a network of pipes with a giant boiler in the middle. It knew when to come on to provide heat, and when to kick on for hot water. I spent hours charting the piping and electrical inputs and outputs, trying to understand how everything worked. My parents still tell stories of how I would ask to inspect the neighbors heating systems. I even pestered the maintenance staff at my nursery school until they finally took me down to see the monstrous steam boiler which kept the building warm.

My family was sure I would grow up to be a Heating Ventilation and Air Conditioning (HVAC) tech. As it turned out, electronics and embedded systems were my calling. They may not have been too far from the truth though, as these days I find myself designing systems for a major manufacturer of boiler controls and thermostats.

Recently a house hunt led me to do some HVAC research on the web. What I found is that HVAC techs have created a great community on the internet. Tradesmen and women from all over the world share stories, pictures, and videos on websites such as HVAC-Talk and HeatingHelp.

Continue reading “HVAC Techs – Hackers Who Make House Calls”

Tearing Down An IP Camera

March 28, 2016 by 17 Comments

So you bring home a shiny new gadget. You plug it into your network, turn it on, and it does… well, whatever it wants. Hopefully, it does what you expect and no more, but there is no guarantee: it could be sending your network traffic to the NSA, MI5 or just the highest bidder. [Jelmer] decided to find out what a new IP camera did, and how easy it was to find out by taking a good poke around inside.

In his write-up of this teardown, he describes how he used Wireshark to see who the camera was talking to over the Interwebs, and how he was able to get root access to the device itself (spoilers: the root password was 1234546). He did this by using the serial interface of the Ralink RT3050 that is the brains of the camera to get in, which provided a nice console when he asked politely. A bit of poking around found the password file, which was all too easily decrypted with John the ripper.

This is basic stuff, but if you’ve never opened up an embedded Linux device and gotten root on it, you absolutely should. And now you’ve got a nicely written lesson in how to do it. Go poke around inside the things you own!

Raspberry Pi Art Frame Using OpenFrame

March 28, 2016 by 12 Comments

Digital picture frames were a fad awhile back, and you can still pick them up at the local big box store. [Ishac Bertran] and [Jonathan Wohl] decided to go open source with digital frames and create the openframe project. The open-source project uses a Raspberry Pi with WiFi and either an HDMI monitor or a monitor that the Pi can drive (e.g., a VGA with an HDMI adapter).

You are probably thinking: Why not just let the Pi display images? The benefit of openframe is you can remotely manage your frames at the openframe.io site. You can push images, websites (like Hackaday.com) or shaders out to any of your frames. You can also draw on public streams of artwork posted by other users.

Continue reading “Raspberry Pi Art Frame Using OpenFrame”