Year: 2017

Half Baked IoT Stove Could Be Used As A Remote Controlled Arson Device

April 20, 2017 by 37 Comments

[Pen Test Partners] have found some really scary vulnerabilities in AGA range cookers. They are connected by SMS by which a mobile app sends an unauthenticated SMS to the AGA to give it commands for instance preheat the oven, You can also just tell your AGA to turn everything on at once.

The problem is with the web interface; it allows an attacker to check if a user’s cell phone is already registered, allowing for a slow but effective enumeration attack. Once the attacker finds a registered device, all they need to do is send an SMS, as messages are not authenticated by the cooker, neither is the SIM card set up to send the messages validated when registered.

This is quite disturbing, What if someone left a tea towel on the hob or some other flammable material before leaving for work, only to come back to a pile of ashes?  This is a six-gazillion BTU stove and oven, after all. It just seems the more connected we are in this digital age the more we end up vulnerable to attacks, companies seem too busy trying to push their products out the door to do simple security checks.

Before disclosing the vulnerability, [Pen Test Partners] tried to contact AGA through Twitter and ended up being blocked. They phoned around trying to get in contact with someone who even knew what IoT or security meant. This took some time but finally they managed to get through to someone from the technical support. Hopefully AGA will roll out some updates soon. The company’s reluctance to do something about this security issue does highlight how sometimes disclosure may not be enough.

[Via Pen Test Partners]

Hackaday Prize Entry: DIY ARM Scientific Calculator

April 20, 2017 by 59 Comments

What does a hacker do when he or she wants something but can’t afford it? They hack one together, of course. Or, in the case of [Ramón Calvo], they thoughtfully plan and prototype. [Ramón Calvo] wanted a scientific calculator, but couldn’t afford one, so he designed and built one himself.

[Ramón] started off with Arduino but upgraded initially to Freescale’s Freedom KL25Z development board upgraded to an ARM Cortex-M0+ programmed using mbed. The display is an Electronic Assembly DOGL-128 128×64 pixel LCD. [Ramón] did a couple of iterations on the PCB, going from a large DIY one in order for the Arduino version to work, to the current, smaller version for the ARM chip with hand soldered SMD components. After that, [Ramón] looked into the algorithms needed to parse mathematical input. He settled on the shunting-yard algorithm, which converts the input into Reverse Polish Notation (RPN), which is easier for the software to work with.

[Ramón] has a ton of features working, including your standard add, subtract, multiply and divide operations, square root, nth root and exponentiation, trigonometry, log and log10, and factorial(!) There are a few things still on the to-do list, such as low power and a graphing mode, and there are a couple of bugs still in the system, but the overall system is up and running. [Ramón] has put up the schematic and KiCAD files up on his Hackaday.io project page along with the bill of materials.

We’ve had a few Hackaday prize entries in the form of calculators, such as this one with Nixie tubes and this one that emulates 70’s HP calculators.

The HackadayPrize2017 is Sponsored by:

Pi Network Attenuators: Impedance Matching For The Strong Of Signal

April 20, 2017 by 29 Comments

If you catch a grizzled old radio amateur propping up the bar in the small hours, you will probably receive the gravelly-voiced Wisdom of the Ancients on impedance matching, antenna tuners, and LC networks. Impedance at RF, you will learn, is a Dark Art, for which you need a lifetime of experience to master. And presumably a taste for bourbon and branch water, to preserve the noir aesthetic.

It’s not strictly true, of course, but it is the case that impedance matching at RF with an LC network can be something of a pain. You will calculate and simulate, but you will always find a host of other environmental factors getting in the way when it comes down to achieving a match. Much tweaking of values ensues, and probably a bit of estimating just how bad a particular voltage standing wave ratio (VSWR) can be for your circuit.

Continue reading “Pi Network Attenuators: Impedance Matching For The Strong Of Signal”

Giant Solderless LEGO NES Controller Gives Everyone Tiny Hands

April 20, 2017 by 13 Comments

If you were thinking “I should spend $130 on LEGO bricks and build a giant USB NES controller just to see what that would be like,” but you were afraid of spending that much money, [BrownDogGadgets] has you covered. He built a giant NES controller out of LEGO. The controller is designed in LEGO Digital Designer, which lets you create a virtual model, then get a full list of parts which can be ordered online.

The electronics are based on a Teensy LC programmed to appear as a USB keyboard, and the buttons are standard push buttons. The insides are wired together with nylon conductive tape. LEGO was an appropriate choice because the Teensy and switches are built on top of LEGO compatible PCBs, so components are just snapped in place. The system is called Crazy Circuits and is a pretty neat way to turn electronics into a universal and reusable system.

If that controller is too big, they’ve also used the same circuit with some laser cut parts for your own controller. If you do want to go even bigger, take a look at [Baron von Brunk’s] LEGO NES controller, which used the electronics from a real controller.

Continue reading “Giant Solderless LEGO NES Controller Gives Everyone Tiny Hands”

Automate The Freight: Drones Across The Sea

April 20, 2017 by 105 Comments

When you think about which of the many technological advances of the 20th century had the most impact on the global economy, which one would you rank as the most important? Would it be the space program, which gave rise to advances in everything from communications satellites to advanced composite materials? Or would it be the related aerospace industry, which stitched the world together so tightly that you can be almost anywhere on the planet within 24 hours? Or perhaps it’s the Internet, the global platform for buying almost anything from almost anyone.

Those are all important, but for the most economically impactful technology of the 20th century, I’d posit that the lowly shipping container and the containerized cargo industry that grew around it win, hands down.

Continue reading “Automate The Freight: Drones Across The Sea”

E-ink Display Driven DIY

April 20, 2017 by 44 Comments

E-ink displays are awesome. Humans spent centuries reading non-backlit devices, and frankly it’s a lot easier on the eyes. But have you looked into driving one of these critters yourself? It’s a nightmare. So chapeau! to [Julien] for his FPGA-based implementation that not only uses our favorite open-source FPGA toolchain, and serves as an open reference implementation for anyone else who’s interested.

Getting just black and white on an E-ink display is relatively easy — just hit the ink pixels with the same signal over and over until they give up. Greyscale is made by applying much more nuanced voltages because the pixels are somewhat state-dependent. If the desired endpoint is a 50% grey, for instance, you’d hit it with a different pulse train if the pixel were now white versus if it were now black. (Ever notice that your e-book screen periodically does a white-black flash? It’s resetting all the pixels to a known state.) And that’s not even taking into account the hassles with the various crazy voltages that E-ink displays require, which [Julien] wisely handed off to a dedicated chip.

In the end, the device has to make 20-50 passes through the screen for one user-visible refresh. [Julien] found that the usual microcontrollers just weren’t capable of the speed that he wanted, hence the FPGA and custom waveform tables. We’ve seen E-ink hacks before, and [Julien] is standing on the shoulders of giants, most notably those of [Petteri Aimonen] and [Sprite_tm]. [Julien]’s hack has the fastest updates we’ve ever seen.

We still can’t wait for the day that there is a general-purpose E-ink driver chip out there for pennies, because nearly every project we make with a backlit display would look better, and chew through the batteries slower, with E-ink. In the meantime, [Julien]’s FPGA implementation is pretty close, and it’s fully open.

Continue reading “E-ink Display Driven DIY”

Learn A Language, One Moment At A Time

April 20, 2017 by 20 Comments

There’s a lot of times in an average day when you’ll find yourself waiting. Waiting for your morning brew at the cafe, or for an email to show up — it’s often just a few minutes, many times a day. It’s far too short a time to get any real work done, but it adds up at the end of the week.

Enter WaitSuite, a language learning tool developed by MIT’s CSAIL. It’s a language learning tool, which aims to teach users words in a foreign language in these “micromoments” — the short periods of time spent waiting each day. The trick to WaitSuite here is in its ultralightweight design which integrates into other tasks and software on your computer and smartphone. Rather then having to launch a separate app, which takes time and effort, WaitSuite hovers in the background, ready to go when it detects a short period of wait time. Examples given are hitting refresh in Gmail, or waiting for a connection to a WiFi network.

The team behind the project calls this concept wait-learning; you can read the paper here. If you’d like to try it out, use the Chrome extension called WaitChatter. It quizzes you while you’re waiting on a response in GChat. We’d love to see the rest of the WaitSuite released publicly soon.

It’s a tidy piece of software that’s great for those looking for an alternative to compulsively refreshing social media while loitering. It probably won’t help you learn French overnight, but it could be a useful way to pick up some extra vocab without having to carve more time out of your schedule.

We don’t see a whole lot of language learning hacks here, but you might like to check out Adafruit’s take on the Babel Fish.