Virtual Software Defined Radio

Software defined radio or SDR has changed the radio landscape forever. But to use one you need to buy some kind of hardware right? Maybe not. As [Tech Minds] shows in a recent video there are plenty of SDRs publically available on the Internet. We know that isn’t news, but the video does cover several different methods of finding and using SDR receivers including many that run totally in the browser.

Of course, there are a lot of reasons you might want to borrow an alien radio receiver, even if you have your own hardware. Maybe you don’t have a great antenna or maybe you want to hear a signal — maybe even your own — from a different location.

Continue reading “Virtual Software Defined Radio”

Tired Of Regular Keebs? Might Be Time To Split

No matter how much geek cred your old vintage keyboard pulls, it’s not worth suffering through wrist pain or any other discomfort while using it. Especially now, when there are so many points of entry into the rabbit hole world of DIY mechanical keebs.

Once the wrist pain started, [Ben Congdon] switched from a big old Apple keeb to a Kinesis Freestyle — it’s basically a regular keyboard, but in two halves that can be placed far enough apart that [Ben]’s wrists are straight while typing. Comfortable as that split rectangle may be, it’s just not that cool looking, and he was ready to build something new, as long as it had enough keys.

[Ben] settled on building a Keebio Sinc, a new board which comes mostly soldered already and supports a handful of layouts. In the spirit of leaving doors open, [Ben] soldered in hot-swap sockets instead of permanently attaching the key switches to the PCB. This way, those Gateron reds can be easily switched out for something else, for instance should [Ben] want to try a little tactility down the road.

We think the Sinc is a cool offering precisely because it is such a full keyboard. Not everyone is ready to jump into 60% layouts or thumb clusters, and it’s nice to have options. This is entry-level ergo and DIY all at once. What’s not to like? Even if you want to go for something small and ortholinear, there are options. Here’s a build we saw recently that starts with a breakaway PCB that lets you choose between small and smaller.

Via reddit

HAWT Wind Turbine Is Mostly 3D Printed

Wind turbines are a great source of renewable energy, and a great DIY project, too. They can be built with all kinds of materials and the barrier for entry is low for the beginner. [Fab] has built just such a device, taking advantage of modern construction techniques, and dubbed it the WinDIY.

The WinDIY design is mostly 3D printed, with a familiar three-bladed design. The diameter of the rotor is 1.2 m, meaning that braking and regulating the turbine is required for safety in high winds. [Fab] is aiming to achieve this control with a combination of mechanical and electronic braking, as well as variable-pitch blades. The benefit of 3D printing the design is it allows iterations to be made quickly, particularly of parts with complex geometries that would be too time-consuming or expensive to machine otherwise.

[Fab]’s writeup goes into great detail on topics like the design of the pitch control systems and other minutae, which should serve as a great reference for anyone else working on a similar project. If you’re looking for something with more of a sci-fi future vibe, consider attempting a vertical-axis build instead.

Hands-On: AND!XOR Unofficial DC28 Badge Embraces The Acrylic Stackup

Still hot from the solder party, a new AND!XOR badge just landed on my desk courtesy of the hacking crew that has been living the #badgelife for the past five years. Originally based on the Futurama character Bender, the design has morphed to the point that it’s no longer recognizable as a descendant of that belligerent robot. Instead we have a skeletal midget whose face is half covered by a gear-themed mask.

Continue reading “Hands-On: AND!XOR Unofficial DC28 Badge Embraces The Acrylic Stackup”

Separation Between WiFi And Bluetooth Broken By The Spectra Co-Existence Attack

This year, at DEF CON 28 DEF CON Safe Mode, security researchers [Jiska Classen] and [Francesco Gringoli] gave a talk about inter-chip privilege escalation using wireless coexistence mechanisms. The title is catchy, sure, but what exactly is this about?

To understand this security flaw, or group of security flaws, we first need to know what wireless coexistence mechanisms are. Modern devices can support cellular and non-cellular wireless communications standards at the same time (LTE, WiFi, Bluetooth). Given the desired miniaturization of our devices, the different subsystems that support these communication technologies must reside in very close physical proximity within the device (in-device coexistence). The resulting high level of reciprocal leakage can at times cause considerable interference.

There are several scenarios where interference can occur, the main ones are:

  • Two radio systems occupy neighboring frequencies and carrier leakage occurs
  • The harmonics of one transmitter fall on frequencies used by another system
  • Two radio systems share the same frequencies

To tackle these kind of problems, manufacturers had to implement strategies so that the devices wireless chips can coexist (sometimes even sharing the same antenna) and reduce interference to a minimum. They are called coexistence mechanisms and enable high-performance communication on intersecting frequency bands and thus, they are essential to any modern mobile device. Despite open solutions exist, such as the Mobile Wireless Standards, the manufacturers usually implement proprietary solutions.

Spectra

Spectra is a new attack class demonstrated in this DEF CON talk, which is focused on Broadcom and Cypress WiFi/Bluetooth combo chips. On a combo chip, WiFi and Bluetooth run on separate processing cores and coexistence information is directly exchanged between cores using the Serial Enhanced Coexistence Interface (SECI) and does not go through the underlying operating system.

Spectra class attacks exploit flaws in the interfaces between wireless cores in which one core can achieve denial of service (DoS), information disclosure and even code execution on another core. The reasoning here is, from an attacker perspective, to leverage a Bluetooth subsystem remote code execution (RCE) to perform WiFi RCE and maybe even LTE RCE. Keep in mind that this remote code execution is happening in these CPU core subsystems, and so can be completely invisible to the main device CPU and OS.

Join me below where the talk is embedded and where I will also dig into the denial of service, information disclosure, and code execution topics of the Spectra attack.

Continue reading “Separation Between WiFi And Bluetooth Broken By The Spectra Co-Existence Attack”

Hackaday Podcast 079: Wobble Sphere, Pixelflut, Skeeter Traps, And Tracing Apps

Hackaday editors Mike Szczys and Elliot Williams gaze upon the most eye-popping projects from the past week. Who would have known that springy doorstops could be so artistic? Speaking of art, what happens if you give everyone on the network the chance to collectively paint using pixels? There as better way to catch a rat, and a dubious way to lure mosquitoes. We scratch our heads at sending code to the arctic, and Elliot takes a deep look at the contact tracing apps developed and in use throughout Europe.

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (60 MB or so.)

Continue reading “Hackaday Podcast 079: Wobble Sphere, Pixelflut, Skeeter Traps, And Tracing Apps”

This Week In Security: Garmin Ransomware, KeePass , And Twitter Warnings

On July 23, multiple services related to Garmin were taken offline, including their call center and aviation related services. Thanks to information leaked by Garmin employees, we know that this multi-day outage was caused by the Wastedlocker ransomware campaign. After four days, Garmin was able to start the process of restoring the services.

It’s reported that the requested ransom was an eye-watering $10 million. It’s suspected that Garmin actually paid the ransom. A leaked decryptor program confirms that they received the decryption key. The attack was apparently very widespread through Garmin’s network, as it seems that both workstations and public facing servers were impacted. Let’s hope Garmin learned their lesson, and are shoring up their security practices. Continue reading “This Week In Security: Garmin Ransomware, KeePass , And Twitter Warnings”