Author: Roger Cheng

169 Articles

Warshipping: A Free Raspberry Pi In The Mail Is Not Always A Welcome Gift

August 19, 2019 by 39 Comments

Leading edge computer security is veiled in secrecy — a world where novel attacks are sprung on those who do not yet know what they need to protect against. Once certain tactics have played out within cool kids’ circles, they are introduced to the rest of the world. An IBM red team presented what they’re calling “warshipping”: sending an adversarial network to you in a box.

Companies concerned about security have learned to protect their internet-accessible points of entry. Patrolling guards know to look for potential wardrivers parked near or repeatedly circling the grounds. But some are comparatively lax about their shipping & receiving, and they are the ideal targets for warshipping.

Bypassing internet firewalls and security perimeters, attack hardware is embedded inside a shipping box and delivered by any of the common carriers. Security guards may hassle a van bristling with antennas, but they’ll wave a FedEx truck right through! The hardware can be programmed to stay dormant through screening, waiting to probe once inside the walls.

The presentation described several ways to implement such an attack. There is nothing novel about the raw hardware – Raspberry Pi, GPS receiver, cellular modems, and such are standard fare for various projects on these pages. The creative part is the software and in how they are hidden: in packing material and in innocuous looking plush toys. Or for persistence, they can be hidden in a wall mounted plaque alongside some discreet photovoltaic panels. (Editor’s note: What? No Great Seals?)

With this particular technique out in the open, we’re sure others are already in use and will be disclosed some years down the line. In the meantime, we can focus our efforts on more benign applications of similar technology, whether it is spying on our cat or finding the nearest fast food joint. The hardware is evolving as well: a Raspberry Pi actually seems rather heavyweight for this, how about a compact PCB with both an ESP32 and a cellular modem?

Via Ars Technica.

Orphaned Amazon Dash Buttons Ripe For Hacking

August 5, 2019 by 35 Comments

Amazon Dash buttons were the ultimate single purpose networked device; it really can’t get much simpler than a push button that sends a single message to a fixed endpoint. It was an experiment in ultimate convenience, an entry point to a connected home, and a target for critics of consumerism excess and technological overkill.

But soon they’ll be little more than a footnote in the history of online shopping, as CNet reports Amazon will take the order system offline at the end of the month. With the loss of their original intended usage, there’s nothing to stop us from hacking any Dash buttons we can get our hands on.

Of course, this decision should come as little surprise. Amazon’s in-home retail point of sale has graduated from these very limited $5 buttons to Alexa-powered voice controlled devices. Many people also carry a cell phone at all times capable of submitting Amazon orders. While there are many good reasons to be skeptical of internet connected appliances, they’re undeniably finding a niche in the market and some have integrated their own version of a Dash button to re-order household supplies.

But are hackers still interested in hacking Dash buttons? Over the lifespan of Amazon Dash buttons, our project landscape has shifted as well. We’re certainly still interested in the guts an Echo Dot. But if we wanted to build a simple networked button, we can use devices like an ESP8266 which are almost as cheap and far easier to use. Using something intended for integration means we don’t have headaches like determining which generation hardware we have.

Despite those barriers, we’ve had many Dash button hacks on these pages. A to-do list updater was the most recent and we doubt it will be the last, especially as Amazon’s deactivation should mean a whole new flood of these buttons will become available for hacking.

[via Ars Technica]

The Not Quite USB-C Of Nintendo Switch Accessories

August 4, 2019 by 10 Comments

Historically gaming consoles are sold at little-to-no profit in order to entice customers with a low up-front price. The real profits roll in afterwards from sales of games and accessories. Seeking a slice of the latter, aftermarket accessory makers jump in with reverse-engineered compatible products at varying levels of “compatible”.

When the Nintendo Switch was released with a standard USB-C port for accessories, we had hoped those days of hit-or-miss reverse engineering were over, but reality fell short. Redditor [VECTORDRIVER] summarized a few parts of this story where Nintendo deviated from spec, and accessory makers still got things wrong.

Officially, Nintendo declared the Switch USB-C compliant. But as we’ve recently covered, USB-C is a big and complicated beast. Determined to find the root of their issues, confused consumers banded together on the internet to gather anecdotal evidence and speculate. One theory is that Nintendo’s official dock deviated from official USB-C dimensions in pursuit of a specific tactile feel; namely reducing tolerance on proper USB-C pin alignment and compensating with an internal mechanism. With Nintendo playing fast and loose with the specs, it makes developing properly functioning aftermarket accessories all the more difficult.

But that’s not the only way a company can slip up with their aftermarket dock. A teardown revealed Nyko didn’t use a dedicated chip to manage USB power delivery, choosing instead to implement it in software running on ATmega8. We can speculate on why (parts cost? time to market?) but more importantly we can read the actual voltage on its output pins which are too high. Every use becomes a risky game of “will this Switch tolerate above-spec voltage today?” We expect that as USB-C becomes more common, it would soon be cheapest and easiest to use a dedicated chip, eliminating the work of an independent implementation and risk of doing it wrong.

These are fairly typical early teething problems for a new complex technology on their road to ubiquity. Early USB keyboard and mice didn’t always work, and certain combination of early PCI-Express cards and motherboards caused damage. Hopefully USB-C problems — and memories of them — will fade in time as well.

[via Ars Technica]

[Main image source: iFixit Nintendo Switch Teardown]

USB-C: One Plug To Connect Them All, And In Confusion Bind Them

July 29, 2019 by 53 Comments

USB stands for Universal Serial Bus and ever since its formation, the USB Implementers Forum have been working hard on the “Universal” part of the equation. USB Type-C, which is commonly called USB-C, is a connector standard that signals a significant new chapter in their epic quest to unify all wired connectivity in a single specification.

Many of us were introduced to this wonder plug in 2015 when Apple launched the 12-inch Retina MacBook. Apple’s decision to put everything on a single precious type-C port had its critics, but it was an effective showcase for a connector that could handle it all: from charging, to data transfer, to video output. Since then, it has gradually spread to more devices. But as the recent story on the Raspberry Pi 4’s flawed implementation of USB-C showed, the quest for a universal connector is a journey with frequent setbacks.

Continue reading “USB-C: One Plug To Connect Them All, And In Confusion Bind Them”

Watch Earthquake Roll Across A Continent In Seismograph Visualization Video

July 22, 2019 by 23 Comments

If your only exposure to seismologists at work is through film and television, you can be forgiven for thinking they still lay out rolls of paper to examine lines of ink underĀ a magnifying glass. The reality is far more interesting in a field that has eagerly adopted all available technology. A dramatic demonstration of modern earthquake data gathering, processing, and visualization was Tweeted by @IRIS_EPO following a central California quake on July 4th, 2019. In this video can see the quake’s energy propagate across the continental United States in multiple waves of varying speed and intensity. The video is embedded below, but click through to the Twitter thread too as it has a lot more explanation.

The acronym IRIS EPO expands out to Incorporated Research Institutions for Seismology, Education and Public Outreach. We agree with their publicity mission; more people need to know how cool modern seismology is. By combining information from thousands of seismometers, we could see forces that we could not see from any individual location. IRIS makes seismic data available to researchers (or curious data science hackers) in a vast historical database or a real time data stream. Data compilations are presented in several different forms, this particular video is a GMV or Ground Motion Visualization. Significant events like the 4th of July earthquake get their own GMV page where we can see additional details, like the fact this visualization compiled data from 2,132 stations.

If this stirred up interest in seismology, you can join in the fun of networked seismic data. A simple seismograph can be built from quite humble components, but of course there are specially designed chips for the task as well.

Continue reading “Watch Earthquake Roll Across A Continent In Seismograph Visualization Video”

A Multi-Layered Spin On Persistence Of Vision

July 20, 2019 by 10 Comments

By taking advantage of persistence in human vision, we can use modest bits of hardware to create an illusion of a far larger display. We’ve featured many POV projects here, but they are almost always an exploration in two dimensions. [Jamal-Ra-Davis] extends that into the third dimension with his Volumetric POV Display.

Having already built a 6x6x6 LED cube, [Jamal] wanted to make it bigger, but was not a fan of the amount of work it would take to grow the size of a three-dimensional array. To sidestep the exponential increase in effort required, he switched to using persistence of vision by spinning the light source and thereby multiplying its effect.

The current version has six arms stacked vertically, each of which presents eight individually addressable APA102 LEDs. When spinning, those 48 LEDs create a 3D display with an effective resolution of 60x8x6.

We saw an earlier iteration of this project a little over a year ago at Bay Area Maker Faire 2018. (A demo video from that evening can be found below.) It was set aside for a while but has now returned to active development as an entry to Hackaday Prize 2019. [Jamal-Ra-Davis] would like to evolve his prototype into something that can be sold as a kit, and all information has been made public so others can build upon this work.

We’ve seen two-dimensional spinning POV LED display in a toy top, and we’ve also seen some POV projects taking steps into the third dimension. We like where this trend is going.

Continue reading “A Multi-Layered Spin On Persistence Of Vision”

A (Card) Table-Top Turing Machine Of Magic: The Gathering Cards

July 18, 2019 by 8 Comments

Within normal rules of collectible card game Magic: The Gathering a player may find themselves constrained to only a single legal course of action forward. It’s a situation players could craft to frustrate their opponents, though the victims usually break free after a few moves. But under a carefully crafted scenario, players would have no choice but to become the execution engine for a Turing-complete programming language written with Magic cards via techniques detailed in this paper.

One of the authors of this paper, [Alex Churchill], started working on this challenge in 2010. We covered an earlier iteration of his work here, and his own criticism that it was dependent on player cooperation. At various points, the game rules state a player “may” take certain actions and the construct falls apart if our player chooses the wrong thing. It would be as if a computer was built out of transistors that “may” switch as commanded or not, which would not be a very reliable method of computation.

To improve reliability of this particular Turing machine execution engine, the team combed through rules and cards to devise an encoding where the player is only ever presented with a single legal course forward. This ensures deterministic execution of the instruction stream, and now with proof of Turing-completeness in hand, we congratulate [Alex] on a successful conclusion to his decade-long quest.

We have a primer available for anyone who wants a refresher on Turing machines. They are utterly impractical but fun for hackers to build, and they are typically constructed of electronics and LEDs instead of ink on cardboard.

Via Ars Technica, who have presented their own analysis of this machine.

Main image: Unspecified set of Magic: The Gathering cards by [Robert] CC BY 2.0