Month: September 2020

COVID-tracing Framework Privacy Busted By Bluetooth

September 3, 2020 by 60 Comments

[Serge Vaudenay] and [Martin Vuagnoux] released a video yesterday documenting a privacy-breaking flaw in the Apple/Google COVID-tracing framework, and they’re calling the attack “Little Thumb” after a French children’s story in which a child drops pebbles to be able to retrace his steps. But unlike Hänsel and Gretl with the breadcrumbs, the goal of a privacy preserving framework is to prevent periodic waypoints from allowing you to follow anyone’s phone around. (Video embedded below.)

The Apple/Google framework is, in theory, quite sound. For instance, the system broadcasts hashed, rolling IDs that prevent tracing an individual phone for more than fifteen minutes. And since Bluetooth LE has a unique numeric address for each phone, like a MAC address in other networks, they even thought of changing the Bluetooth address in lock-step to foil would-be trackers. And there’s no difference between theory and practice, in theory.

In practice, [Serge] and [Martin] found that a slight difference in timing between changing the Bluetooth BD_ADDR and changing the COVID-tracing framework’s rolling proximity IDs can create what they are calling “pebbles”: an overlap where the rolling ID has updated but the Bluetooth ID hasn’t yet. Logging these allows one to associate rolling IDs over time. A large network of Bluetooth listeners could then trace people’s movements and possibly attach identities to chains of rolling IDs, breaking one of the framework’s privacy guarantees.

This timing issue only affects some phones, about half of the set that they tested. And of course, it’s only creating a problem for privacy within Bluetooth LE range. But for a system that’s otherwise so well thought out in principle, it’s a flaw that needs fixing.

Why didn’t the researchers submit a patch? They can’t. The Apple/Google code is mostly closed-source, in contrast to the open-source nature of most of the apps that are running on it. This remains troubling, precisely because the difference between the solid theory and the real practice lies exactly in those lines of uninspectable code, and leaves all apps that build upon them vulnerable without any recourse other than “trust us”. We encourage Apple and Google to make the entirety of their COVID framework code open. Bugs would then get found and fixed, faster.

Continue reading “COVID-tracing Framework Privacy Busted By Bluetooth”

3D-Printed Flight Controls Use Magnets For Enhanced Flight Simulator 2020 Experience

September 3, 2020 by 23 Comments

We have seen quite a few DIY joystick designs that use Hall effect sensors, but [Akaki Kuumeri]’s controller designs (YouTube video, embedded below) really make the most of 3D printing to avoid the need for any other type of fabrication. He’s been busy using them to enhance his Microsoft Flight Simulator 2020 experience, and shares not just his joystick design, but makes it a three-pack with designs for throttle and pedals as well.

Hall effect sensors output a voltage that varies in proportion to the presence of a magnetic field, which is typically provided by a nearby magnet. By mounting sensors and magnets in a way that varies the distance between them depending on how a control is moved, position can be sensed and communicated to a host computer.

In [Akaki]’s case, that communication is done with an Arduino Pro Micro (with ATmega32U4) whose built-in USB support allows it to be configured and recognized as a USB input device. The rest is just tweaking the physical layouts and getting spring or elastic tension right. You can see it all work in the video below.

Continue reading “3D-Printed Flight Controls Use Magnets For Enhanced Flight Simulator 2020 Experience”

Don’t Slack Off On Updating Your Status

September 2, 2020 by 16 Comments

Displaying an accurate status in Slack (or whatever other employer-provided collaboration program you may be forced to run) is crucial in 2020. If you need to make a sandwich or take the dog out real quick, but you don’t update your status to show yourself as away, you might come back to a string of increasingly concerned or frustrated messages with lots of annoying question marks and the occasional interrobang.

[Becky Stern] decided that a physical interface would be a far more fun way to keep tabs on her status, and an excellent visual reminder to actually do it. We totally agree. Inside the box is a NodeMCU which is using [Brian Lough]’s Slack API library for Arduino. This made it easy for [Becky] to create a switch/case selector of statuses, and in each of these she can set the presence token as auto or away, and show a custom message with an appropriate emoji. These of course match the emoji semi-circling the selector, which is a rotary switch with a really nice knob.

While we’re on the subject of Slack notifiers, how about a companion cat to wave when you’ve been mentioned?

Continue reading “Don’t Slack Off On Updating Your Status”

Fog-Free Mask Hack Solves Mask Versus Glasses Conundrum With Superb Seal

September 2, 2020 by 35 Comments

If you have worn a mask and glasses together for more than a quarter of a second, you are probably annoyed that we don’t have a magical solution for foggy lenses. Moisture-laden air is also a good indicator of where unfiltered air is escaping. Most masks have some flexible metal across the nose bridge that is supposed to seal the top, but it is woefully inadequate. The Badger Seal by [David Rothamer] and [Scott Sanders] from the University of Wisconsin-Madison College of Engineering is free to copy during the COVID-19 pandemic, even commercially. It works by running an elastic cord below the jaw and a formable wire over the nose to encourage contact all around both mouth and nose.

You can build your own in three ways. Each configuration is uniquely suited to a different situation. The first design is the easiest to make and should work for most people. The second is best for folks who need a better seal on the lower half of their face, like someone sporting a beard. It can also have ear loops, and that means your 3D printed ear savers have another use. The Madison campus of the University of Wisconsin also has fun with lock cracking and graphene experiments.
Continue reading “Fog-Free Mask Hack Solves Mask Versus Glasses Conundrum With Superb Seal”

Flipper Zero Blasts Past Funding Goal And Into Our Hearts

September 2, 2020 by 22 Comments

There’s never been a better time to be a hardware hacker: the tools are cheap, the information is free, and the possibilities are nearly endless. But that doesn’t mean there isn’t room for improvement. The Flipper Zero was developed to make the world of hardware hacking even more accessible, and as of this writing, has officially ended its Kickstarter campaign after raising a staggering $4.8 million. To say the community is excited about this little gadget is perhaps an understatement.

So what does the Flipper Zero do that’s gotten everyone so worked up? Well, for one, it’s not so much what it can do as how it does them. Taking inspiration from the already popular pwnagotchi project, the Flipper Zero gamifies the normally rather mundane tasks of sniffing for 433 MHz signals and flashing EEPROMs with the addition of an animated dolphin that’s sustained by your hacking. If you want the little fellow to grow and be happy, you need to keep poking and prodding around at any piece of hardware you come across.

If you’re looking for a comprehensive list of features, that’s a little harder to nail down. Partially because the device has picked up a number of new tricks (such as support for Bluetooth and NFC) thanks to the fact it made better than 8,000% of its original funding goal, but also because it can be expanded with additional hardware and software which obviously won’t get developed until the community gets their hands on the core device.

But even the core functionality, demonstrated in the video after the break, is quite compelling. The Flipper Zero’s CC1101 transceiver chip (anyone else thinking of the IM-ME right now?) allows it to record, analyze, and play back RF signals from 300 to 928 MHz, meaning you can instantly take over remote control systems that aren’t using a rolling code for authentication. It can also read and emulate many different RFID cards, record and transmit IR signals, emulate a USB HID device and run programmable payloads, and act as a USB to UART/SPI/I2C adapter. All contained in a sleek and pocket-sized enclosure that looks like a proper cyberpunk hacking gadget.

We’re extremely interested in seeing what the community can do with the Flipper Zero, especially now that the extra windfall has allowed the team to create a formal Developer Program for people who want to help work on the core platform or produce add-on modules. After banking nearly $5 million, this will be the yardstick by which all other crowd sourced hacking gadgets are measured for years to come; let’s hope they make it count.

Continue reading “Flipper Zero Blasts Past Funding Goal And Into Our Hearts”

Building An Open Source ThinkPad Battery

September 2, 2020 by 13 Comments

If you own a laptop that’s got a few years on the clock, you’ve probably contemplated getting a replacement battery for it. Which means you also know how much legitimate OEM packs cost compared to the shady eBay clones. You can often get two or three of the knock-offs for the same price as a single real battery, but they never last as long as the originals. If they even work properly at all.

Which is why [Alexander Parent] decided to take the road less traveled and scratch built a custom battery for his ThinkPad T420. By reverse engineering how the battery pack communicated with the computer, he reasoned he would be able to come up with an open source firmware that worked at least as well as what the the third party ones are running. Which from the sounds of it, wasn’t a very high bar. From a more practical standpoint, it also meant he’d be able to create a higher capacity battery pack than what was commercially available should he chose to.

A logic analyzer wired in between one of the third party batteries and a spare T420 motherboard allowed [Alexander] to capture all the SMBus chatter between the two. From there he wrote some Arduino code that would mimic a battery as a proof of concept. He was slowed down a bit by an undocumented CRC check, but in the end he was able to come up with a fairly mature firmware that even allows you to provide a custom vendor name and model number for your pack.

The code was shifted over to an ATtiny85, with a voltage divider wired up to one of the pins so it can read the pack voltage. [Alexander] says his firmware still doesn’t do a great job of reporting the actual battery capacity remaining, but it’s close enough for his purposes. He came up with a simple PCB design to hold the MCU and support components, which eventually he plans on putting inside of a 3D printed case that actually plugs into the back of his T420.

This project is obviously still in a relatively early stage, but we’re very interested to see [Alexander] take it all the way. The ThinkPad has long been the hacker’s favorite laptop, and we can think of no machine more worthy of a fully open hardware and software battery pack.

Pause Your Tunes When It Is Time To Listen Up!

September 2, 2020 by 9 Comments

“Sorry. I had music playing. Would you say that again?” If we had a money-unit every time someone tried talking to us while we were wearing headphones, we could afford a super-nice pair. For an Embedded C class, [extremerockets] built Listen Up!, a cutoff switch that pauses your music when someone wants your attention.

The idea was born while sheltering in place with his daughter, who likes loud music, but he does not want to holler to get her attention. Rather than deny her some auditory privacy, Listen Up! samples the ambient noise level, listens for a sustained rise in amplitude, like speech, and sends a pause signal to the phone. Someday, there may be an option to route the microphone’s audio into the headphones, but for now there is a text-to-speech module for verbalizing character strings. It might be a bit jarring to hear a call to dinner in the middle of a guitar riff, but we don’t like missing dinner either, so we’re with [extremerockets] on this one.

We don’t really need lots of money to get fun headphones, and we are not afraid of making our own.

The HackadayPrize2020 is Sponsored by:
Supplyframe
Digi-Key
Microchip
Arm