Month: December 2016

Improving Raspberry Pi Disk Performance

December 29, 2016 by 31 Comments

Usually, you think of solid state storage as faster than a rotating hard drive. However, in the case of the Raspberry Pi, the solid state “disk drive” is a memory card that uses a serial interface. So while a 7200 RPM SATA drive might get speeds in excess of 100MB/s, the Pi’s performance is significantly less.

[Rusher] uses the Gluster distributed file system and Docker on his Raspberry Pi. He measured write performance to be a sluggish 1MB/s (and the root file system was clocking in at just over 40MB/s).

There are an endless number of settings you could tweak, but [Rusher] heuristically picked a few he thought would have an impact. After some experimentation, he managed 5MB/s on Gluster and increased the normal file system to 46 MB/s.

Continue reading “Improving Raspberry Pi Disk Performance”

Jukebox Gets Raspberry Pi Update, But It’s Not For Streaming

December 28, 2016 by 7 Comments

Here’s a retro-electronic rehab with a twist. Normally we’d expect a jukebox Raspberry Pi project to replace the obsolete electromechanical guts with streamed music, but an intact jukebox with a Raspberry Pi remote control is a nice change.

Old-time jukes like [revnhoj]’s 1954 AMI F120 are electromechanical marvels. Stocked with 60 45-rpm discs in a horizontal rack, an arm mounted on a track would retrieve the correct disc and place it on the turntable to play the selected song. The unit in the video below was the main jukebox, which supported “wall boxes” mounted at booths so patrons could select tunes without leaving their tables. [revnhoj] simulated a wall box with a Raspberry Pi connected to the original wall box interface through relays. The Pi serves up a GUI that can be accessed via a tablet, the correct contacts are tickled, and [revnhoj]’s collection of 45s is played through the original mechanism and amplifier, in all its “Sonoramic Sound” majesty. It’s a pretty neat hack that adds new functionality while being true to the original platform.

The chatter on the reddit thread where we spotted this hack was trending toward adding streaming audio, but we truly hope the juke stays intact and serving only vinyl. We’ve seen jukeboxes gutted before, and while it might make sense for some, we like the old school approach better.

Continue reading “Jukebox Gets Raspberry Pi Update, But It’s Not For Streaming”

33C3: Understanding Mobile Messaging And Its Security

December 28, 2016 by 17 Comments

If you had to explain why you use one mobile messaging service over another to your grandmother, would you be able to? Does she even care about forward secrecy or the difference between a private and public key is? Maybe she would if she understood the issues in relation to “normal” human experiences: holding secret discussions behind closed doors and sending letters wrapped in envelopes.

Or maybe your grandmother is the type who’d like to completely re-implement the messaging service herself, open source and verifiably secure. Whichever grandma you’ve got, she should watch [Roland Schilling] and [Frieder Steinmetz]’s talk where they give both a great introduction into what you might want out of a secure messaging system, and then review what they found while tearing apart Threema, a mobile messaging service that’s popular in Germany. Check out the slides (PDF). And if that’s not enough, they provided the code to back it up: an open workalike of the messaging service itself.

This talk makes a great introduction, by counterexample, to the way that other messaging applications work. The messaging service is always in the middle of a discussion, and whether they’re collecting metadata about you and your conversations to use for their own marketing purposes (“Hiya, Whatsapp!”) or not, it’s good to see how a counterexample could function.

The best quote from the talk? “Cryptography is rarely, if ever, the solution to a security problem. Cryptography is a translation mechanism, usually converting a communications security problem into a key management problem.” Any channel can be made secure if all parties have enough key material. The implementation details of getting those keys around, making sure that the right people have the right keys, and so on, are the details in which the devil lives. But these details matter, and as mobile messaging is a part of everyday life, it’s important that the workings are transparently presented to the users. This talk does a great job on the demystification front.

Adding MIDI Out To The Casio PX410R

December 28, 2016 by 12 Comments

Since the 1980s, MIDI has been a great way to send data between electronic musical instruments. Beginning as a modified serial interface running through optoisolaters and DIN sockets, these days, your hardware is more likely to carry its MIDI data over USB instead. This is great if you want to hook up to a computer without a cumbersome interface, but not so great when you want to connect a bunch of instruments to each other.

The Roland Integra 7 is a rack mount synthesizer with classic MIDI ports. [adriangin] wanted to control the synthesizer over MIDI, but their Casio keyboard only had MIDI over USB available. To get around this, [adriangin] set out to add a standard MIDI Out port to the Casio PX410R.

Continue reading “Adding MIDI Out To The Casio PX410R”

33C3: Breaking IoT Locks

December 28, 2016 by 16 Comments

Fast-forward to the end of the talk, and you’ll hear someone in the audience ask [Ray] “Are there any Bluetooth locks that you can recommend?” and he gets to answer “nope, not really.” (If this counts as a spoiler for a talk about the security of three IoT locks at a hacker conference, you need to get out more.)

btle_lockUnlocking a padlock with your cellphone isn’t as crazy as it sounds. The promise of Internet-enabled locks is that they can allow people one-time use or limited access to physical spaces, as easily as sending them an e-mail. Unfortunately, it also opens up additional attack surfaces. Lock making goes from being a skill that involves clever mechanical design and metallurgy, to encryption and secure protocols.

master_jtagIn this fun talk, [Ray] looks at three “IoT” locks. One, he throws out on mechanical grounds once he’s gotten it open — it’s a $100 lock that’s as easily shimmable as that $4 padlock on your gym locker. The other, a Master lock, has a new version of a 2012 vulnerability that [Ray] pointed out to Master: if you move a magnet around the outside the lock, it actuates the motor within, unlocking it. The third, made by Kickstarter company Noke, was at least physically secure, but fell prey to an insecure key exchange protocol.

Along the way, you’ll get some advice on how to quickly and easily audit your own IoT devices. That’s worth the price of admission even if you like your keys made out of metal instead of bits. And one of the more refreshing points, given the hype of some IoT security talks these days, was the nuanced approach that [Ray] took toward what counts as a security problem because it’s exploitable by someone else, rather than vectors that are only “exploitable” by the device’s owner. We like to think of those as customization options.

Open Source Art Encourages Society To Think Inclusively

December 28, 2016 by 56 Comments

Kate Reed has a vision for elevating the less talked about parts of ourselves, and of society. Through her art, she wants people to think about a part of themselves that makes them feel invisible, and to anonymously share that with the community around them. The mechanism for this is Invisible, a campaign to place translucent sculptures in public places around the world. The approach that she has taken to the project is very interesting — she’s giving the art away to empower the campaign. Check out her talk from the Hackaday SuperConference.

Continue reading “Open Source Art Encourages Society To Think Inclusively”

Review: Digilent Analog Discovery 2

December 28, 2016 by 57 Comments

I recently opened the mailbox to find a little device about the size of White Castle burger. It was an “Analog Discovery 2” from Digilent. It is hard to categorize exactly what it is. On the face of it, it is a USB scope and logic analyzer. But it is also a waveform generator, a DC power supply, a pattern generator, and a network analyzer.

I’ve looked at devices like this before. Some are better than others, but usually all the pieces don’t work well at the same time. That is, you can use the scope or you can use the signal generator. The ones based on microcontrollers often get worse as you add channels even. The Analog Discovery 2 is built around an FPGA which, if done right, should get around many of the problems associated with other small instrumentation devices.

I’d read good things about the Discovery 2, so I was anxious to put it through its paces. I will say it is an impressive piece of gear. There are a few things that I was less happy with, though, and I’ll try to give you a fair read on what I found both good and bad.

Continue reading “Review: Digilent Analog Discovery 2”