If you’ve ever watched one of those high production value YouTube videos and wondered how they’re able to get those smooth shots where the camera seems to be spinning around an object, you were probably looking at the product of an motorized camera motion system. There’s no question these rigs can produce visually striking shots, but their high cost usually keeps them out of the hands of us lowly hackers.
Unless of course you do like [Andy], and build your own. The latest version of this impressive rig features the ability to continuously rotate thanks to commercial 12-wire slip rings, with optical endstops so the machine can still be homed at the beginning of a move. An onboard Raspberry Pi and Arduino Uno are responsible for controlling the stepper motors, the configuration of which ends up being reminiscent of a standard 3D printer.
The software [Andy] has come up with lets him synchronize the camera rig with a small rotating platform he built, which allows for even more complex shots as demonstrated in the video below. It also supports a very slick MQTT-enabled remote controller that he built as a previous project, which makes taking direct control over the camera and monitoring its status much easier.
You probably immediately think, as the investigators did, that the visit to the website must be related to the compromise of the Oldsmar treatment plant. The timing is too suspect for it to be a coincidence, right? That’s the thing, the compromised site was only gathering browser fingerprints, seemingly later used to disguise a botnet. The attack itself was likely carried out over Teamviewer. I will note that the primary sources on this story have named Teamviewer, but call it unconfirmed. Assuming that the breach did indeed occur over that platform, then it’s very unlikely that the website visit was a factor, which is what Dragos concluded. On the other hand, it’s easy enough to imagine a scenario where the recorded IP address from the visit led to a port scan and the discovery of a VNC or remote desktop port left open. Continue reading “This Week In Security: Watering Hole Attackception, Ransomware Trick, And More Pipeline News”→
The mowing itself is done by a typical push-along garden mower with a gasoline engine. However, it’s fitted with twin DC gear motors harvested from a mobility scooter. The mowers original front wheels were also removed, replaced with casters from the same mobility scooter that donated the drive train. Off-the-shelf speed controllers were then used to run the motors, and hooked up to an RC receiver. The mower could then be steered via a radio controller set up with mixing to enable the twin-motor setup to steer and drive.
An FPV camera was then fitted on the front of the mower, sitting on a stack of kitchen sponges that act as a isolator to negate the effects of the engine vibrations on the camera. The result is a relatively smooth video feed, allowing the operator to sit at a comfortable distance and control the mower via radio and goggles.
It’s difficult to tell with our dull human senses, but everything around us is vibrating. Sure it takes more energy to get big objects like bridges and houses humming compared to a telephone pole or mailbox, but make no mistake, they’ve all got a little buzz going on. With their new automated laser, the team behind VibroSight++ believes they can exploit this fact to make city-scale sensing far cheaper and easier than ever before.
The key to the system is a turret mounted Class 3B infrared laser and photodetector that can systematically scan for and identity reflective surfaces within visual range. Now you might think that such a setup wouldn’t get much of a signal from the urban landscape, but as it so happens, the average city block is packed with retroreflectors. From street signs to road studs and license plates, the team estimates dense urban areas have approximately 7,000 reflectors per square kilometer. On top of those existing data points, additional reflectors could easily be added to particularly interesting devices that city planners might want to monitor.
Once VibroSight++ has identified its targets, the next step is to bounce the laser off of them and detect the minute perturbations in the returned signal caused by vibrations in the reflector. In the video below you can see how this basic concept could be put to practical use in the field, from counting how many cars pass over a certain stretch of road to seeing how popular a specific mailbox is. There’s a whole world of information out there just waiting to be collected, all without having to install anything more exotic than the occasional piece of reflective tape.