Opt-Out Fitness Data Sharing Leads to Massive Military Locations Leak

People who exercise with fitness trackers have a digital record of their workouts. They do it for a wide range of reasons, from gathering serious medical data to simply satisfying curiosity. When fitness data includes GPS coordinates, it raises personal privacy concerns. But even with individual data removed, such data was still informative enough to spill the beans on secretive facilities around the world.

Strava is a fitness tracking service that gathers data from several different brands of fitness tracker — think Fitbit. It gives athletes a social media experience built around their fitness data: track progress against personal goals and challenge friends to keep each other fit. As expected of companies with personal data, their privacy policy promised to keep personal data secret. In the same privacy policy, they also reserved the right to use the data shared by users in an “aggregated and de-identified” form, a common practice for social media companies. One such use was to plot the GPS data of all their users in a global heatmap. These visualizations use over 6 trillion data points and can be compiled into a fascinating gallery, but there’s a downside.

This past weekend, [Nathan Ruser] announced on Twitter that Strava’s heatmap also managed to highlight exercise activity by military/intelligence personnel around the world, including some suspected but unannounced facilities. More worryingly, some of the mapped paths imply patrol and supply routes, knowledge security officers would prefer not to be shared with the entire world.

This is an extraordinary blunder which very succinctly illustrates a folly of Internet of Things. Strava’s anonymized data sharing obsfucated individuals, but didn’t manage to do the same for groups of individuals… like the fitness-minded active duty military personnel whose workout habits are clearly defined on these heat maps. The biggest contributor (besides wearing a tracking device in general) to this situation is that the data sharing is enabled by default and must be opted-out:

“You can opt-out of contributing your anonymized public activity data to Strava Metro and the Heatmap by unchecking the box in this section.” —Strava Blog, July 2017

We’ve seen individual fitness trackers hacked and we’ve seen people tracked through controlled domains before, but the global scope of [Nathan]’s discovery puts it in an entirely different class.

[via Washington Post]

More Than Just An Atari Look-Alike

The Raspberry Pi has been a boon for hackers with a penchant for retro gaming. Redditor [KaptinBadkruk] Wanted to get on board the game train and so built himself an Atari 2600-inspired Raspberry Pi 3 console!

A key goal was the option to play Nintendo 64 titles, so [KaptinBadkruk] had to overclock the Pi and then implement a cooling system. A heatsink, some copper pads, and a fan from an old 3D printer — all secured by a 3D printed mount — worked perfectly after giving the heatsink a quick trim. An old speaker and a mono amp from Adafruit — and a few snags later — had the sound set up, with the official RPi touchscreen as a display.

After settling on an Atari 2600-inspired look, [KaptinBadkruk] laboured through a few more obstacles in finishing it off — namely, power. He originally intended for this  project to be portable, but power issues meant that idea had to be sidelined until the next version. However — that is arguably offset by [KaptinBadkruk]’s favourite part: a slick 3D Printed item box from Mario Kart front and center completes the visual styling in an appropriately old-meets-new way.

That item block isn’t the first time a lightshow has accompanied an Atari console, but don’t let that stop you from sticking one in your pocket.

[Via /r/DIY]

Hackaday Links: January 28, 2018

In case you haven’t heard, we have a 3D printing contest going on right now. It’s the Repairs You Can Print Contest. The idea is simple: show off how you repaired something with a 3D printer. Prizes include $100 in Tindie credit, and as a special prize for students and organizations (think hackerspaces), we’re giving away a few Prusa i3 MK3 printers.

[Drygol] has made a name for himself repairing various ‘home’ computers over the years, and this time he’s back showing off the mods and refurbishments he’s made to a pile of Amiga 500s. This time, he’s installing some new RAM chips, fixing some Guru Meditations by fiddling with the pins on a PLCC, adding a built-in modulator, installing a dual Kickstart ROM, and installing a Gotek floppy adapter. It’s awesome work that puts all the modern conveniences into this classic computer.

Here’s an FPGA IoT Controller. It’s a Cyclone IV and a WiFi module stuffed into something resembling an Arduino Mega. Here’s the question: what is this for? There are two reasons you would use an FPGA, either doing something really fast, or doing something so weird normal microcontrollers just won’t cut it. I don’t know if there is any application of IoT that overlaps with FPGAs. Can you think of something? I can’t.

Tide pods are flammable.

You know what’s cool? Sparklecon. It’s a party filled with a hundred pounds of LEGO, a computer recycling company, a plasmatorium, and a hackerspace, tucked away in an industrial park in Fullerton, California. It’s completely chill, and a party for our type of people — those who like bonfires, hammer Jenga, beer, and disassembling fluorescent lamps for high voltage transformers.

A few shoutouts for Sparklecon. The 23b Hackerspace is, I guess, the main host here, or at least the anchor. Across the alley is NUCC, the National Upcycled Computing Collective. They’re a nonprofit that takes old servers and such, refurbishes them, and connects them to projects like Folding@Home and SETI@Home. This actually performs a service for scientists, because every moron is mining Bitcoin and Etherium now, vastly reducing the computational capabilities of these distributed computing projects. Thanks, OSH Park, for buying every kind of specialty pizza at Pizza Hut. I would highly encourage everyone to go to Sparklecon next year. This is the fifth year, and it’s getting bigger and better every time.

ESP32 Makes for World’s Worst Radio Station

We can say one thing for [bitluni]: the BOMs for his projects, like this ESP32 AM radio transmitter, are always on the low side. That’s because he leverages software to do jobs traditionally accomplished with hardware, always with instructive results.

In this case, the job at hand is creating an RF oscillator in the broadcast AM band and modulating some audio onto it. From his previous experience using an ESP32 to watch video on an oscilloscope, [bitluni] knew that the microcontroller’s DACs were up to the task of producing an 800-kHz signal, and he managed to produce a more-or-less sine wave carrier with some clever code. His sketch takes data from a header file, modulates it onto the carrier, and sends it out over the ether using a short stub of wire for an antenna. The range is severely limited, but for what it is, it gets the job done and shows the basics. And as a bonus, [bitluni] included a bit of JavaScript that turns an audio file into a header file that’s ready to go out over the airwaves for all your trolling needs.

If you’re looking for a little more range for your low power transmitter and you’re a licensed amateur operator, you might want to explore the world of QRP radio.

Continue reading “ESP32 Makes for World’s Worst Radio Station”

Arcade Style Computer Hotkeys

Prolific maker [Sean Hodgins] has taken the wraps off of his latest one-day build, and as usual, it takes the kind of spare parts most people reading Hackaday will have in their parts bins and turns it into something fun and useful. This time around, he takes a bunch of spare arcade-style buttons he had from a previous project and combines them with an Adafruit Trinket (SAMD21 flavor) to make a USB input device for his computer.

[Sean] uses 1/4 inch acrylic to make the case, though he does mention that it could just as easily be 3D printed. But using the acrylic is easy and gives a nice glossy look to the final hardware. With a saw and a drill press you can make some very professional cases out of acrylic, which goes to show that you don’t necessarily need to have a high end 3D printer to create great looking enclosures.

As explained in the video, the Adafruit Trinket is not strictly necessary for this build, it’s just what [Sean] had lying around. Any microcontroller that can present itself to the operating system as a USB Human Interface Device (HID) will work fine for a project like this.

Software wise, a modified Arduino demo program is used to equate the states of the digital pins to pre-defined key combinations to be sent to the computer. In this simple example the key combinations are hard-coded into the Trinket’s source code, but a future enhancement could be adding a method of setting up new key combinations with a configuration tool.

We’ve covered our fair share of non-traditional USB input devices, all operating on largely the same principle. As it turns out, hackers have quite a pension for making oddball input devices.

Continue reading “Arcade Style Computer Hotkeys”

The Tiniest Working 68K System

68000 microprocessors appeared in the earliest Apple Macintoshes, the Commodore Amiga and Atari ST, and the Sega Genesis/Mega Drive among other familiar systems. If you were alive during the 16-bit era, there is a good chance that you will have owned a Motorola 68000 or one of its derivatives in a computer or game console. By the end of the 1990s it was clear that the 68K line had had its day on the desktop, but a new life for it at the consumer level was found in the PDA market. The first Motorola Dragonball was a 68000 series system-on-chip, and it was a few of these in a BGA package that [Plasmode] had in stock after ordering them in error believing them to be in a different package.

The Dragonball 68328 has an interesting bootstrap mode allowing it to run with no external ROM or RAM, and with only a serial connection to the outside world. Recognising this as having the potential for the smallest possible 68K system, he proceeded to make it happen with some impressive soldering direct to the solder balls of an upturned BGA package.

On a piece of PCB material are simply the 68328, a 32.768kHz crystal and capacitors, a MAX232 circuit for an RS232 serial connection, a reset button, and a power regulator. Using the Motorola DOS debug software which is still available for download after all these years, he was able to connect to his tiny 68K computer and run code. It’s not entirely useful, but of all the possible 68K configurations it has to be the smallest.

This isn’t the first minimal computer using only a processor chip and serial link, in the past we’ve shown you a PDP-11 in the same vein.

Biologic Additive May Lead to Self-Healing Concrete

If you get a cut or break a bone, your body heals itself. This everyday miracle is what inspired [Congrui Jin] to try to find a way to make concrete self-healing. The answer she and her colleagues are working on might surprise you. They are adding fungus to concrete to enable self-repair.

It isn’t just any fungus. The conditions in concrete are very harsh, and after testing twenty different kinds, they found that one kind — trichoderma reesei — could survive inside concrete as spores. This fungus is widespread in tropical soil and doesn’t pose any threat to humans or the ecology. Mixing nutrients and spores into concrete is easy enough. When cracks form in the concrete, water and oxygen get in and the spores grow. The spores act as a catalyst for calcium carbonate crystals which fill the cracks. When the water is gone, the fungi go back to spores, ready to repair future cracking.

Continue reading “Biologic Additive May Lead to Self-Healing Concrete”