Pen testing isn’t about evaluating inks. It is short for penetration testing — someone ensuring a system’s security by trying to break in or otherwise attack it. A company called Pen Test Partners made the news last week by announcing that high-end car alarm systems made by several vendors have a critical security flaw that could make the vehicles less secure. They claim about three million vehicles are affected.
The video below shows how alarms from Viper/Clifford and Pandora have a simple way to hijack the application. Once they have access, they can find the car in real time, control the door locks, and start or stop the car engine. They speculate a hacker could set off the alarm from a nearby chase car. You’d probably pull over if your alarm started going off. They can then lock you in your car, approach, and then force you out of the car.
Today we start a new series dedicated to amateur radio for cheapskates. Ham radio has a reputation as a “rich old guy” hobby, a reputation that it probably deserves to some degree. Pick up a glossy catalog from DX Engineering or cruise their website, and you’ll see that getting into the latest and greatest gear is not an exercise for the financially challenged. And thus the image persists of the recent retiree, long past the expense and time required to raise a family and suddenly with time on his hands, gleefully adding just one more piece of expensive gear to an already well-appointed ham shack to “chew the rag” with his “OMs”.
As I pointed out a few years back in “My Beef With Ham Radio”, I’m an inactive ham. My main reason for not practicing is that I’m not a fan of talking to strangers, but there’s a financial component to my reticence as well – it’s hard to spend a lot of money on gear when you don’t have a lot to talk about. I suspect that there are a lot of would-be hams out there who are turned off from the hobby by its perceived expense, and perhaps a few like me who are on the mic-shy side.
This series is aimed at dispelling the myth that one needs buckets of money to be a ham, and that jawboning is the only thing one does on the air. Each installment will feature a project that will move you further along your ham journey that can be completed for no more than $50 or so. Wherever possible, I’ll be building the project or testing the activity myself so I can pursue my own goal of actually using my license for a change.
In our modern connected age, our devices have become far more powerful and useful when they could draw upon resources of a global data network. The downside of a cloud-connected device is the risk of being over-reliant on computers outside of our own control. The people who brought a Jibo into their home got a stark reminder of this fact when some (but not all) Jibo robots gave their owners a farewell message as their servers are shut down, leaving behind little more than a piece of desktop sculpture.
Jibo launched their Indiegogo crowdfunding campaign with the tagline “The World’s First Social Robot For The Home.” Full of promises of how Jibo will be an intelligent addition to a high tech household, it has always struggled to justify its price tag. It cost as much as a high end robot vacuum, but without the house cleaning utility. Many demonstrations of a Jibo’s capabilities centered around its voice control, which an Amazon Echo or Google Home could match at a fraction of the price.
If you see one of these orphans in your local thrift store for a few bucks, consider adopting it. You could join the group hoping for something interesting down the line, but you’re probably more interested in its hacking potential: there is a Nvidia Jetson inside good for running neural networks. Probably a Tegra K1 variant, because Jibo used the Jetson TK1 to develop the robot before launch. Jibo has always promised a developer SDK for the rest of us to extend Jibo’s capabilities, but it never really materialized. The inactive Github repo mainly consists of code talking to servers that are now offline, not much dealing directly with the hardware.
Jibo claimed thousands were sold and, if they start becoming widely available inexpensively, we look forward to a community working to give new purpose to these poor abandoned robots. If you know of anyone who has done a teardown to see exactly what’s inside, or if someone has examined upgrade files to create custom Jibo firmware, feel free to put a link in the comments and help keep these robots out of e-waste.
If you want to experiment with power efficient neural network accelerators but rather work with an officially supported development platform, we’ve looked at the Jetson TK1 successors TX1 and TX2. And more recently, Google has launched one of their own, as has our friends at Beaglebone.
We’ll be perfectly honest: sitting inside a heated box sounds just a bit too much like torture for our tastes. But if we did somehow find ourselves in possession of a fancy new sauna, we’d more than likely follow in the footsteps of [Al Betschart] and make the thing controllable with the ESP8266. After all, if you’re going to be cooked alive, you might as well do it on your own terms.
The sauna itself was purchased as a kit, and included an electric heater controlled by a thermostat. As explained in his detailed documentation, [Al] integrated a Sonoff TH16 into the original heater circuit so he could control power to the coils remotely. The TH16 also includes support for a thermal sensor, which allowed him to get a reading on the sauna’s internal temperature. The new electronics were mounted in a weather-proof box on the back of the sauna, complete with an external WiFi antenna to help get a good signal back to the house.
At this point the project could technically be done if all you wanted was remote control, but [Al] wanted to create a replacement firmware for the Sonoff that was specifically geared towards the sauna. So he came up with some code that uses MQTT to connect the heater to his home automation system, and allows configuring things like the maximum temperature and how long the sauna will run before turning itself off.
Interestingly, the company who makes these saunas thought the work [Al] did to integrate their product into his home automation system was so impressive they actually interviewed him about it and put it up on their site for others who might be inspired by his work. We’ve covered a lot of hacks to consumer devices here at Hackaday, and it’s exceedingly rare for a company to be so supportive of customers fiddling around with their products (especially in a case like this where there’s a real chance of burning your house down), so credit where credit is due.