Author: Elliot Williams

1450 Articles

How A Hacker Remembers A PIN

May 10, 2017 by 98 Comments

If you have more than a few bank cards, door-entry keycodes, or other small numeric passwords to remember, it eventually gets to be a hassle. The worst, for me, is a bank card for a business account that I use once in a blue moon. I probably used it eight times in five years, and then they gave me a new card with a new PIN. Sigh.

Quick, What’s My PIN?

How would a normal person cope with a proliferation of PINs? They’d write down the numbers on a piece of paper and keep it in their wallet. We all know how that ends, right? A lost wallet and multiple empty bank accounts. How would a hacker handle it? Write each number down on the card itself, but encrypted, naturally, with the only unbreakable encryption scheme there is out there: the one-time pad (OTP).

The OTP is an odd duck among encryption methods. They’re meant to be decrypted in your head, but as long as the secret key remains safe, they’re rock solid. If you’ve ever tried to code up the s-boxes and all that adding, shifting, and mixing that goes on with a normal encryption method, OTPs are refreshingly simple. The tradeoff is a “long” key, but an OTP is absolutely perfect for encrypting your PINs.

The first part of this article appears to be the friendly “life-hack” pablum that you’ll get elsewhere, but don’t despair, it’s also a back-door introduction to the OTP. The second half dives into the one-time pad with some deep crypto intuition, some friendly math, and hopefully a convincing argument that writing down your encrypted PINs is the right thing to do. Along the way, I list the three things you can do wrong when implementing an OTP. (And none of them will shock you!) But in the end, my PIN encryption solution will break one of the three, and remain nonetheless sound. Curious yet? Read on.

Continue reading “How A Hacker Remembers A PIN”

DIY Tiny Single-PCB Synthesizer

May 9, 2017 by 20 Comments

[Jan Ostman] has been pushing the limits of sound synthesis on the lowly AVR ATMega microcontrollers, and his latest two project is so cute that we just had to write it up. The miniTS shares the same basic sound-generation firmware with his previous TinyTS, which we’ve covered here before, but adds a lot more keys, an OLED, and MIDI, while taking away some of the knobs.

Both feature keyboards that are just copper pads placed over a ground plane, and the code does simple capacitive-sensing to figure out if they’re being touched or not. The point here is that you could pick up a PCB from [Jan] on the cheap, and experiment around with the code. Or you could just take the code and make a less refined version for yourself with a cheapo Arduino and some copper plates.

Either way, we like the combination of minimal materials and maximum tweakability, and think it’s cool that [Jan] shares the code, if not also the PCB designs. Anyone with PCB layout practice could get a clone worked up in an afternoon, although it’s going to be cheaper to get these made in bulk, and you’re probably better off just buying one from [Jan].

Make Munich Was Awesome

May 8, 2017 by 8 Comments

It was a good weekend to be geeky in Bavaria. In addition to our own Hackaday Prize Bring-a-Hack party, there was the reason that we scheduled it in the first place, Munich’s independent DIY expo, Make Munich.

If you’re a loyal Hackaday reader, many of the projects would seem uncannily familiar. I walked in and was greeted by some beautiful word clocks in both German and English, for instance. Still, seeing the Open Theremin being sold with an “as seen on Hackaday” sticker made us smile. And then we had a great conversation about [Urs Gaudenz]’s other project: DIY biological apparatus, also seen on Hackaday.

There were robots galore. Someone (from Gmünd?) was driving around a graffiti-bot and spraying the floor with water instead of paint or chalk to very nice effect. The full evolution of the Zoobotics robot family was on display. Even the Calliope (a German version of the micro:bit) booth had this cute Bluetooth vibrobot. Join me after the break as I dive into all of the great stuff on display over the weekend.

Continue reading “Make Munich Was Awesome”

Hackaday Prize Bring-a-Hack Munich Was Great

May 6, 2017 by 9 Comments

Thanks to everyone who came to the Hackaday Prize Make Munich Meetup and Bring-a-Hack last night! We had a great time, and there were a bunch of cool projects on display, some of which we even got pictures of. Frankly, we were enjoying chatting too much to be peering through a camera lens.

Around 30 people made it over to the Munich CCC, including some familiar faces from the last time we had a party in Munich. Although it was a mostly local crowd, we also had visitors from Switzerland, Austria, and even the US of A: TV-B-Gone inventor, HaD Prize judge, and mad hacker [Mitch Altmann] was in the house.

After we got a little food and drink, we opened up the floor for the projects, lightning-talk style. The largest projects were probably a tie between an own-design CoreXY 3D printer and a boombox with some serious sound output. One guest’s automated bacterial culture apparatus probably wouldn’t have fit on the table, so it’s OK that it got left in the lab. The smallest hack? Probably [Alex]‘s super-mini USB LED clock gizmo, complete with hand-soldered 0402 LEDs, and “even smaller stuff on the backside”.

Continue reading “Hackaday Prize Bring-a-Hack Munich Was Great”

Don’t Forget: Bring A Hack Munich Is Tonight

May 5, 2017 by 4 Comments

If you’re in Munich, Germany this weekend and you’ve got a sweet hack to show off and a thirst for beer and/or good geeky company, then you’re in luck! Come join Hackaday at the muCCC for a Hackaday Prize Bring a Hack.

The location is Schleißheimer Str. 41, a short walk west along Heßstraße from the Theresienstraße U-Bahn. No reservation is needed, but it’d be swell if you’d let us know in the comments that you’re coming (or better yet, click the “join this event” button in the upper right of the event page) so that we have enough pizza on hand.

The party starts at 20:00, not entirely coincidentally as soon as exhibitor setup at Make Munich closes. So if you’re setting up a booth, come on over to the other side of town where you can show off a small project to a select audience of fellow hackers. If you’re only going to be attending Make Munich, this is a great warm up.

Hackaday’s [Elliot Williams] will be there and taking photos if you’ve got something portable that you’d like to show the world! Otherwise, relax and hang out with kindred spirits. Need a time and place to get a team together for the Hackaday Prize? Here, with beer! (Or Spezi, but nothing rhymes with Spezi.)

Many thanks again to our hosts at Munich’s CCC.

The HackadayPrize2017 is Sponsored by:

Hands-On The Hot New WeMos ESP-32 Breakout

May 3, 2017 by 39 Comments

Just two weeks ago our favorite supplier of cheap ESP8266 boards, WeMos, released the long-awaited LOLIN32 ESP-32 board, and it’s almost a killer. Hackaday regular [deshipu] tipped us off, and we placed an order within minutes; if WeMos is making a dirt-cheap ESP32 development board, we’re on board! It came in the mail yesterday. (They’re out of stock now, more expected soon.)

If you’ve been following the chip’s development, you’ll know that the first spin of ESP-32s had some silicon bugs (PDF) that might matter to you if you’re working with deep sleep modes, switching between particular clock frequencies, or using the brown-out-reset function. Do the snazzy new, $8, development boards include silicon version 0 or 1? Read on to find out!

Continue reading “Hands-On The Hot New WeMos ESP-32 Breakout”

Linger Keeps You Around After You’ve Gone

April 29, 2017 by 40 Comments

We’re not sure if this is art, anti-snooping guerilla warfare, or just a cheeky hack, but we do know that we like it! [Jasper van Loenen]’s Linger keeps the SSIDs that your cell phone (for example) spits out whenever it’s not connected to a WiFi network, and replays them after you’re gone.

Some retail stores and other shady characters use MAC addresses and/or the unique collection of SSIDs that your phone submits in probe requests to fingerprint you and track your movement, either through their particular store or across stores that share a tracking provider. Did you know that you were buying into this when you enabled “location services”? Did the tracking firms ask you if that was ok? Of course not. What are you going to do about it?

Linger replays the probe requests of people who have already moved on, making it appear to these systems as if nobody ever leaves. Under the hood, it’s a Raspberry Pi Zero, two WiFi dongles, and some simple Python software that stores probe requests in a database. There’s also a seven-segment display to indicate how many different probe-request profiles Linger has seen. We’re not sure the price point on this device is quite down to “throwie” level, but we’d love to see some of these installed in the local mall.  Continue reading “Linger Keeps You Around After You’ve Gone”