Shut The Backdoor! More IoT Cybersecurity Problems

March 22, 2017 by Al Williams 30 Comments

We all know that what we mean by hacker around here and what the world at large thinks of as a hacker are often two different things. But as our systems get more and more connected to each other and the public Internet, you can’t afford to ignore the other hackers — the black-hats and the criminals. Even if you think your data isn’t valuable, sometimes your computing resources are, as evidenced by the recent attack launched from unprotected cameras connected to the Internet.

As [Elliot Williams] reported earlier, Trustwave (a cybersecurity company) recently announced they had found a backdoor in some Chinese voice over IP gateways. Apparently, they left themselves an undocumented root password on the device and — to make things worse — they use a proprietary challenge/response system for passwords that is insufficiently secure. Our point isn’t really about this particular device, but if you are interested in the details of the algorithm, there is a tool on GitHub, created by [JacobMisirian] using the Trustwave data. Our interest is in the practice of leaving intentional backdoors in products. A backdoor like this — once discovered — could be used by anyone else, not just the company that put it there.

Continue reading “Shut The Backdoor! More IoT Cybersecurity Problems” →

Creepy Speaking Neural Networks

March 22, 2017 by Elliot Williams 37 Comments

Tech artist [Alexander Reben] has shared some work in progress with us. It’s a neural network trained on various famous peoples’ speech (YouTube, embedded below). [Alexander]’s artistic goal is to capture the “soul” of a person’s voice, in much the same way as death masks of centuries past. Of course, listening to [Alexander]’s Rob Boss is no substitute for actually watching an old Bob Ross tape — indeed it never even manages to say “happy little trees” — but it is certainly recognizable as the man himself, and now we can generate an infinite amount of his patter.

Behind the scenes, he’s using WaveNet to train the networks. Basically, the algorithm splits up an audio stream into chunks and tries to predict the next chunk based on the previous state. Some pre-editing of the training audio data was necessary — removing the laughter and applause from the Colbert track for instance — but it was basically just plugged right in.

The network seems to over-emphasize sibilants; we’ve never heard Barack Obama hiss quite like that in real life. Feeding noise into machines that are set up as pattern-recognizers tends to push them to the limits. But in keeping with the name of this series of projects, the “unreasonable humanity of algorithms”, it does pretty well.

He’s also done the same thing with multiple speakers (also YouTube), in this case 110 people with different genders and accents. The variation across people leads to a smoother, more human sound, but it’s also not clearly anyone in particular. It’s meant to be continuously running out of a speaker inside a sculpture’s mouth. We’re a bit creeped out, in a good way.

We’ve covered some of [Alexander]’s work before, from the wince-inducing “Robot Bites Man” to the intellectual-conceptual “All Prior Art“. Keep it coming, [Alexander]!

Continue reading “Creepy Speaking Neural Networks” →

Making More Of Me Money

March 22, 2017 by Brian Benchoff 28 Comments

For the last few years, Hackaday has really been stepping up our game with marketing materials. Our t-shirts and swag are second to none, and last year we introduced the ‘Benchoff Buck’ (featured above), a bill replete with Jolly Wrencher EURions that is not yet legal currency. At least until we get a sweet compound in the desert, that is.

[Andrew Sowa] created the Benchoff Nickel. It’s a visage of yours truly emblazoned on a PCB, rendered in FR4, silkscreen, gold, and OSHPark’s royal purple. In doing so, [Andrew] has earned himself a field commission to the rank of lieutenant and can now reserve the dune buggy for a whole weekend.

The Benchoff Nickel was created in KiCad using the Bitmap2Component functionality. Planning this required a little bit of work; there are only five colors you can get on an OSH Park PCB, from white to gold to beige to purple (soldermask on top of copper) to black (soldermask with no copper). Luckily, the best picture we have of me renders very well in five colors.

The Bitmap2Component part of KiCad will only get you so far, though. It’s used mainly to put silkscreen logos on a board, and messing around with copper and mask layers is beyond its functionality. To import different layers of my face into different layers of a KiCad PCB, [Andrew] had to open up Notepad and make a few manual edits. It’s annoying, but yes, it can be done.

OSH Park’s fabs apparently use two different tones of FR4

The Benchoff Nickel can be found on Github and as a shared project on OSH Park ($22.55 for three copies). One little curiosity of the OSH Park fabrication process presented itself with [Andrew]’s second order of Benchoff Nickels. OSH Park uses at least two board houses to produce their PCBs, and one of them apparently uses a lighter shade of FR4. This resulted in a lighter skin tone for the second order of Benchoff Nickels.

This is truly tremendous work. I’ve never seen anything like this, and it’s one of the best ‘artistic’ PCBs I’ve ever held in my hands. It was a really great surprise when [Andrew] handed me one of these at the Hackaday Unconference in Chicago. I’ll be talking to [Andrew] again this week at the Midwest RepRap festival, and we’re going to try and figure out some way to do a small run of Benchoff Nickels.

Edit: OSH Park revealed why there are different tones of FR4. In short, there aren’t. The lighter shade of skintone is actually FR408, which is used on 4-layer boards.