Day: July 24, 2020

USB-C Where It Was Never Intended To Be

July 24, 2020 by 25 Comments

The USB-C revolution is well under way, as first your new phone, then your single-board computer, and now your laptop are likely so sport the familiar reversible round-cornered connector. We’re still in the crossover period of requiring to keep micro USB, proprietary laptop, and USB-C power supplies at hand, but the promise of a USB-C-only world is tantalisingly close. For [Purkkaviritys] that’s a little bit closer now, as he’s modified his Thinkpad T440s to take a USB charger instead of its proprietary Lenovo square-plug part. (Video, embedded below.)

At its heart is a USB-PD emulator module that does all the hard work of negotiation with the power supply, giving the laptop the DC voltage it needs. It’s not quite that simple though, because a resistor is required to reassure the laptop that it’s got a genuine power supply. The module is encased in a carefully-designed surround that neatly takes the space vacated by the original connector, and since this laptop has its internal power connector on a short cable it is made very straightforward to fit into the case. If you didn’t know it was a home-made upgrade, you could be forgiven for thinking that this laptop left the factory with a USB-C power socket.

The USB-C module used here is a versatile part. We’ve previously seen it in a soldering iron conversion.

Continue reading “USB-C Where It Was Never Intended To Be”

This Week In Security: Iran’s ITG18, ProcMon For Linux, And Garbage Collection Fail

July 24, 2020 by 4 Comments

Even top-tier security professionals make catastrophic mistakes, and this time it was the operators at Iran’s ITG18. We’re once again talking about the strange shadowy world of state sponsored hacking. This story comes from the IBM X-Force Incident Response Intelligence Services (IRIS). I suspect a Deadpool fan must work at IBM, but that’s beside the point.

A server suspected to be used by ITG18 was incorrectly configured, and when data and training videos were stored there, that data was publicly accessible. Among the captured data was records of compromised accounts belonging to US and Greek military personnel.

The training videos also contained a few interesting tidbits. If a targeted account used two factor authentication, the attacker was to make a note and give up on gaining access to that account. If a Google account was breached, the practice was to start with Google Takeout, the service from Google that allows downloading all the data Google has collected related to that account. Yoiks. Continue reading “This Week In Security: Iran’s ITG18, ProcMon For Linux, And Garbage Collection Fail”

A Complete Raspberry Pi Power Monitoring System

July 24, 2020 by 60 Comments

As the world has become more environmentally conscious, we’ve seen an uptick in projects that monitor or control home energy use. At a minimum one of these setups involves a microcontroller and some kind of clamp-on current sensor, but if you’re looking for resources to take things a bit farther, this Raspberry Pi energy monitoring system created by [David00] would be a great place to start.

This project includes provides software and hardware to be used in conjunction with the Raspberry Pi to keep tabs on not just home energy consumption, but also production if your home has a solar array or other method of generating its own power. Data is pulled every 0.5 seconds from a MCP3008 ADC connected to up to five six current sensors to provide real-time utilization statistics, and visualized with Grafana so you can see all of the information at a glance.

While [David00] has already done the community a great service by releasing the hardware and software under an open source license, he’s also produced some absolutely phenomenal documentation for the project that’s really a valuable resource for anyone who wants to roll their own monitoring system. He’s even offering hardware kits for anyone who’s more interested in experimenting with the software side of things than building the PCB.

Home energy monitoring projects are certainly nothing new, but the incredible advances we’ve seen in the type of hardware and software available for DIY projects over the last decade has really pushed the state-of-the-art forward. With so many fantastic resources available now, the only thing standing between you and your own home energy monitoring dashboard is desire and a long weekend.

TinyPilot Provides KVM-over-IP, With Low Cost And Even Lower Latency

July 24, 2020 by 45 Comments

Remote access is great, but if the machine stops booting, ceases to connect to the network, or needs low-level interaction like BIOS settings or boot management, remote access is worthless because it’s only available once the host computer is up and running. The usual solution is to drag a keyboard and monitor to the machine in question for physical access.

Ubuntu laptop (right) being accessed over IP, via web browser on the left.

For most people, swapping cables in this way is an infrequent task at best. But for those who work more closely with managing hardware or developing software, the need to plug and unplug a keyboard and monitor into machines that otherwise run headless can get tiresome. The modern solution is KVM (keyboard, video, mouse) over IP, but commercial options are expensive. [Michael Lynch]’s TinyPilot on the other hand clocks in at roughly $100 of parts, including a Raspberry Pi and USB HDMI capture device. It does have to drop the ‘M’ from KVM (meaning it does not support a mouse yet) but the rest of it hits all the bases, and does it all from a web browser.

What exactly does TinyPilot do? It provides remote access via web browser, but the device is an independent piece of hardware that — from the host computer’s point of view — is no different from a physical keyboard and monitor. That means keyboard and video access works before the host machine even boots, so even changing something like BIOS settings is no problem.

[Michael] demonstrates his design in the video embedded below, but we encourage you to check out the project page for a fascinating exploration of all the challenges that were part of TinyPilot’s development.

Continue reading “TinyPilot Provides KVM-over-IP, With Low Cost And Even Lower Latency”