Year: 2019

Be Better Bracelet Breaks Bad Habits, Fosters Favorable Fixations

August 23, 2019 by 15 Comments

Do you want to be a better person? Maybe you want to curse less, drink more water, or post fewer inflammatory comments on the internet. You could go the old school route by wearing a rubber band around your wrist and snapping it every time you slip, or literally pat yourself on the back when you do the right thing. While these types of reinforcement methods may deter bad behavior and encourage good, they are quite lean on data. And who wants that?

After an unpleasant conference call, [Darian] cursed a blue streak that left his coworkers shocked and speechless. This inciting incident began the hero’s journey that will end with a kinder, gentler [Darian], as long as he has his trusty Be Better Bracelet. He tried involving Alexa when at home, and various apps elsewhere to track these venomous utterances, but he yearned for a single solution that’s always available.

The sole purpose of this bracelet is low-cost, unobtrusive habit tracking. Though tied to a phone, it won’t tell time, predict the weather, or alert the user to incoming what-have-yous. It will simply record button presses, which are assigned meaning in the app settings. It’s up to the user to set goals, analyze the data, and reward or punish themselves accordingly.

[Darian] is still working out the design kinks to make this as small and cheap as possible. If you have suggestions, let him know.

The HackadayPrize2019 is Sponsored by:

Airport Runways And Hashtags — How To Become A Social Engineer

August 23, 2019 by 11 Comments

Of the $11.7 million companies lose to cyber attacks each year, an estimated 90% begin with a phone call or a chat with support, showing that the human factor is clearly an important facet of security and that security training is seriously lacking in most companies. Between open-source intelligence (OSINT) — the data the leaks out to public sources just waiting to be collected — and social engineering — manipulating people into telling you what you want to know — there’s much about information security that nothing to do with a strong login credentials or VPNs.

There’s great training available if you know where to look. The first time I heard about WISP (Women in Security and Privacy) was last June on Twitter when they announced their first-ever DEFCON Scholarship. As one of 57 lucky participants, I had the chance to attend my first DEFCON and Black Hat, and learn about their organization.

Apart from awarding scholarships to security conferences, WISP also runs regional workshops in lockpicking, security research, cryptography, and other security-related topics. They recently hosted an OSINT and Social Engineering talk in San Francisco, where Rachel Tobac (three-time DEFCON Social Engineering CTF winner and WISP Board Member) spoke about Robert Cialdini’s principles of persuasion and their relevance in social engineering.

Cialdini is a psychologist known for his writings on how persuasion works — one of the core skills of social engineering. It is important to note that while Cialdini’s principles are being applied in the context of social engineering, they are also useful for other means of persuasion, such as bartering for a better price at an open market or convincing a child to finish their vegetables. It is recommended that they are used for legal purposes and that they result in positive consequences for targets. Let’s work through the major points from Tobac’s talk and see if we can learn a little bit about this craft.

Continue reading “Airport Runways And Hashtags — How To Become A Social Engineer”

Hackaday Podcast 032: Meteorite Snow Globes, Radioactive Ramjet Rockets, Autonomous Water Boxes, And Ball Reversers

August 23, 2019 by No comments

Hackaday Editors Mike Szczys and Elliot Williams recorded this week’s podcast live from Chaos Communication Camp, discussing the most interesting hacks on offer over the past week. I novel locomotion news, there’s a quadcopter built around the coanda effect and an autonomous boat built into a plastic storage bin. The radiation spikes in Russia point to a nuclear-powered ramjet but the idea is far from new. Stardust (well… space rock dust) is falling from the sky and it’s surprisingly easy to collect. And 3D-printed gear boxes and hobby brushless DC motors have reached the critical threshold necessary to mangle 20/20 aluminum extrusion.

Take a look at the links below if you want to follow along, and as always tell us what you think about this episode in the comments!

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (60 MB or so.)

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 032: Meteorite Snow Globes, Radioactive Ramjet Rockets, Autonomous Water Boxes, And Ball Reversers”

OTA Flash Tool Makes Fitness Tracker Hacking More Accessible

August 23, 2019 by 25 Comments

Over the last several months, [Aaron Christophel] has been working on creating a custom firmware for cheap fitness trackers. His current target is the “D6 Tracker” from a company called MPOW, which can be had for as little as $7 USD. The ultimate goal is to make it so anyone will be able to write their own custom firmware for this gadget using the Arduino IDE, and with the release of his new Android application that allows wirelessly flashing the device’s firmware, it seems like he’s very close to realizing that dream.

Previously, [Aaron] had to crack open the trackers and physically connect a programmer to update the firmware on the NRF52832-based devices. That might not be a big deal for the accomplished hardware hacker, but it’s a bit of a hard sell for somebody who just wants to see their own Arduino code running on it. But with this new tool, he’s made it so you can easily switch back and forth between custom and original firmware on the D6 without even having to take it off your wrist.

After the break, you can see the video that [Aaron] has put together which talks about the process of flashing a new firmware image. It’s all very straightforward: you simply pick the device from the list of detected BLE devices, the application puts the tracker into bootloader mode, and then you select the DFU file you want to flash.

There are a couple of ready-made firmwares you can put on the D6 right now, but where’s the fun in that? [Aaron] has put together a customized version of the Arduino IDE that provides everything you need to start writing and flashing your own firmware. If you’ve ever dreamed about creating a wearable device that works exactly the way you want, it’s hard to imagine a cheaper or easier way to get in on the action.

When we last heard from [Aaron] earlier this year, he was working on the IWOWN I6HRC tracker. But it looks like the availability of those devices has since dried up. So if you’re going to try your hand at hacking the MPOW D6, it might be wise to buy a few now while they’re still cheap and easy to find.

Continue reading “OTA Flash Tool Makes Fitness Tracker Hacking More Accessible”

This Week In Security: KNOB, Old Scams Are New Again, 0-days, Backdoors, And More

August 23, 2019 by 12 Comments

Bluetooth is a great protocol. You can listen to music, transfer files, get on the internet, and more. A side effect of those many uses is that the specification is complicated and intended to cover many use cases. A team of researchers took a look at the Bluetooth specification, and discovered a problem they call the KNOB attack, Key Negotiation Of Bluetooth.

This is actually one of the simpler vulnerabilities to understand. Randomly generated keys are only as good as the entropy that goes into the key generation. The Bluetooth specification allows negotiating how many bytes of entropy is used in generating the shared session key. By necessity, this negotiation happens before the communication is encrypted. The real weakness here is that the specification lists a minimum entropy of 1 byte. This means 256 possible initial states, far within the realm of brute-forcing in real time.

The attack, then, is to essentially man-in-the-middle the beginning of a Bluetooth connection, and force that entropy length to a single byte. That’s essentially it. From there, a bit of brute forcing results in the Bluetooth session key, giving the attacker complete access to the encrypted stream.

One last note, this isn’t an implementation vulnerability, it’s a specification vulnerability. If your device properly implements the Bluetooth protocol, it’s vulnerable.

CenturyLink Unlinked

You may not be familiar with CenturyLink, but it maintains one of the backbone fiber networks serving telephone and internet connectivity. On December 2018, CenturyLink had a large outage affecting its fiber network, most notable disrupting 911 services for many across the United States for 37 hours. The incident report was released on Monday, and it’s… interesting.
Continue reading “This Week In Security: KNOB, Old Scams Are New Again, 0-days, Backdoors, And More”

Alarm System Defeated By $2 Wireless Dongle, Nobody Surprised

August 23, 2019 by 83 Comments

It seems a bit unfair to pile on a product that has already been roundly criticized for its security vulnerabilities. But when that product is a device that is ostensibly deployed to keep one’s family and belongings safe, it’s plenty fair. And when that device is an alarm system that can be defeated by a two-dollar wireless remote, it’s practically a responsibility.

The item in question is the SimpliSafe alarm system, a fully wireless, install-it-yourself system available online and from various big-box retailers. We’ve covered the system’s deeply flawed security model before, whereby SDRs can be used to execute a low-effort replay attack. As simple as that exploit is, it looks positively elegant next to [LockPickingLawyer]’s brute-force attack, which uses a $2 RF remote as a jammer for the 433-MHz wireless signal between sensors and the base unit.

With the remote in close proximity to the system, he demonstrates how easy it would be to open a door or window and enter a property guarded by SimpliSafe without leaving a trace. Yes, a little remote probably won’t jam the system from a distance, but a cheap programmable dual-band transceiver like those offered by Baofeng would certainly do the trick. Not being a licensed amateur operator, [LockPickingLawyer] didn’t test this, but we doubt thieves would have the respect for the law that an officer of the court does.

The bottom line with alarm systems is that you get what you pay for, or sadly, significantly less. Hats off to [LockPickingLawyer] for demonstrating this vulnerability, and for his many other lockpicking videos, which are well worth watching.

Continue reading “Alarm System Defeated By $2 Wireless Dongle, Nobody Surprised”

When Toothbrushes, Typewriters, And Credit Card Machines Form A Band

August 23, 2019 by 5 Comments

Many everyday objects make some noise as a side effect of their day job, so some of us would hack them into music instruments that can play a song or two. It’s fun, but it’s been done. YouTube channel [Device Orchestra] goes far beyond a device buzzing out a tune – they are full fledged singing (and dancing!) performers. Watch their cover of Take on Me embedded after the break, and if you liked it head over to the channel for more.

The buzz of a stepper motor, easily commanded for varying speeds, is the easiest entry point into this world of mechanical music. They used to be quite common in computer equipment such as floppy drives, hard drives, and flatbed scanners. As those pieces of equipment become outdated and sold for cheap, it became feasible to assemble a large number of them with the Floppotron being something of a high-water mark.

After one of our more recent mentions in this area, when the mechanical sound of a floppy drive is used in the score of a motion picture, there were definite signs of fatigue in the feedback. “We’re ready for something new” so here we are without any computer peripherals! [Device Orchestra] features percussion by typewriters, vocals by toothbrushes, and choreography by credit card machines with the help of kitchen utensils. Coordinating them all is an impressive pile of wires acting as stage manager.

We love to see creativity with affordable everyday objects like this. But we also see the same concept done with equipment on the opposite end of the price spectrum such as a soothing performance of Bach using the coils of a MRI machine.

[Thanks @Bornach1 for the tip]

Continue reading “When Toothbrushes, Typewriters, And Credit Card Machines Form A Band”