3D Printed WiFi Reflectors Custom Designed for the Building

Are you a wizard at antenna design? Chances are you’ve never even given it a try, but this tool could change that. Most home-made WiFi signal boosting antenna plans around the Internet share one feature: they are directional antennas or reflectors. But WiPrint is a tool for designing custom WiFi reflectors that map to the specific application.

If we want to increase the signal strength in two or three different locations the traditional solution is an omnidirectional antenna. The problem is, although a good omnidirectional antenna increases the signal power in those locations we want, it also increases the signal power where we don’t want.

A team of researchers led by Dartmouth College created WiPrint to allow users to input a floor plan, the location of the WiFi access point and a desired signal map into the system. The software uses an optimization algorithm to produce a custom reflector shape for that floor plan. The reflector can then be fabricated and placed next to the access point antenna to reflect and concentrate the signal in the specified area, while decreasing signal strength outside of it. The best thing is: you can actually 3D print the reflector and just glue tin foil on it!

The results show that optimized reflectors can weaken or enhance signals in target areas by up to 10 or 6 dB, respectively, and resulting in throughput changes by up to -63.3% or 55.1%. That is not the only advantage, as the researchers point out:

Our approach provides four benefits. First, it provides strong physical security by limiting the physical reach of wireless signals, hence creating a virtual wall for wireless signals. Second, it relies on a low-cost ($35), reproducible 3D reflector, which can be easily replaced upon substantial changes in the environment or coverage requirement. Third, it offers an easily accessible and easy-to-configure solution to non-expert users. Users only need to specify coverage requirements and a coarse environment model, with which our system computes a reflector shape tailored to the built environment. Finally, it is applicable to commodity low-end Wi-Fi APs without directional or multiple antennas.

The sad part is that, for now, no software is available. The study and results have just been presented at ACM’s BuildSys 2017. It would be great to see something like this open-sourced. Meanwhile, this is further proof that [Brian Benchoff] knew what he was doing when he told you to use duct tape for superior WiFi range.

Is Intel’s Management Engine Broken yet?

Our own [Brian Benchoff] asked this same question just six months ago in a similar headline. At that time, the answer was no. Or kind of no. Some exploits existed but with some preconditions that limited the impact of the bugs found in Intel Management Engine (IME). But 2017 is an unforgiving year for the blue teams, as lot of serious bugs have been found throughout the year in virtually every fields of computing. Researchers from Positive Technologies report that they found a flaw that allows them to execute unsigned code on computers running the IME. The cherry on top of the cake is that they are able to do it via a USB port acting as a JTAG port. Does this mean the zombie apocalypse is coming?

Before the Skylake CPU line, released in 2015, the JTAG interface was only accessible by connecting a special device to the ITP-XDP port found on the motherboard, inside a computer’s chassis. Starting with the Skylake CPU, Intel replaced the ITP-XDP interface and allowed developers and engineers to access the debugging utility via common USB 3.0 ports, accessible from the device’s exterior, through a new a new technology called Direct Connect Interface (DCI). Basically the DCI provides access to CPU/PCH JTAG via USB 3.0. So the researchers manage to debug the IME processor itself via USB DCI, which is pretty awesome, but USB DCI is turned off by default, like one of the researchers states, which is pretty good news for the ordinary user. So don’t worry too much just yet.

Continue reading “Is Intel’s Management Engine Broken yet?”

Super Low Tech Mario

Browsing around the depths of the Internet we came across a super low tech version of Super Mario from [Sata Productions]. The video presents a complete tutorial on how to make a playable, cardboard version of the famous Super Mario game. If you are a fan, you probably going to like this.

You basically need cardboard, a hot glue gun, a ball bearing, a couple of DC motors, some iron BBs, some magnets, batteries, some wires… it sounds just like shopping list for a MacGuyver episode. But it works and it’s playable. It has a wired remote control, you control Mario to move and make him jump up and down in a kind of turning dashboard game. It even has a game over screen when Mario dies. Yes, Mario can die in this cardboard version. If you want to make a custom version you can always print a bigger level and resize the cardboard box.

Super Mario has had its shares of hacks, like this interface hack using a Kinect to control Mario or this super tricky jailbreak hack that allows players to run their own game mods, but this one is just on another level: a low tech approach. It seems like it could be a fun weekend project, especially if you have kids. If you’re not into Super Mario, it’s possible to just print a different game, the supporting platform is pretty generic and could support several simplified platform games.

Check out the video:

Continue reading “Super Low Tech Mario”

Skynet will have Bobcats

There are so many autonomous devices nowadays that can run Skynet Inside(TM) that it’s hard to keep track. But one was still missing: the versatile Bobcat. When we say “Bobcat”, we mean track loader — it’s just one of those things that the name and the brand stoke together so strongly that it’s hard to actually recall the technical name. A company by the name of Built Robotics is betting on autonomous track loaders as being a big part of the future of construction.

The tractor can navigate, excavate, and carry a 1,000 pound load with 1 cm precision using its LIDAR, specially designed to work with high-vibration, high-impact environment of construction excavation. Additionally, the lasers also allow the robot to measure the amount of material it has scooped up. But the precision does not come from the LIDAR alone. To position the robot, Built Robotics uses augmented GPS, which combines an on-site base station and GPS satellites to produce accurate location data.

It is supposed to be completely autonomous: given a location and holes to dig, it can plan and execute the work. It resembles a self-driving car, but the challenges are actually quite different. Cars are mean to drive around and reach a destination without touching anything. Like the CEO of Built Robotics says:

“If a car is changing the environment around it, then something’s gone really wrong.”

Continue reading “Skynet will have Bobcats”

About That Giant Robot Battle Last Night

Two years ago we wrote about a giant robot battle between the USA and Japan. After two years in the making, MegaBots (team USA) and Suidobashi (team Japan) were finally ready for the first giant robot fight. If you are into battle bots, you probably did not miss the fight that happened around 7:00 pm PST. If you missed it, you can watch the whole thing here.

There were two duels. First it was Iron Glory (MkII) vs. Kuratas, and after that it was Eagle Prime (MkIII) vs. Kuratas.

Be warned, spoilers ahead.

Continue reading “About That Giant Robot Battle Last Night”

Practical Public Key Cryptography

Encryption is one of the pillars of modern-day communications. You have devices that use encryption all the time, even if you are not aware of it. There are so many applications and systems using it that it’s hard to begin enumerating them. Ranging from satellite television to your mobile phone, from smart power meters to your car keys, from your wireless router to your browser, and from your Visa to your Bitcoins — the list is endless.

One of the great breakthroughs in the history of encryption was the invention of public key cryptography or asymmetrical cryptography in the 70’s. For centuries traditional cryptography methods were used, where some secret key or scheme had to be agreed and shared between the sender and the receiver of an encrypted message.

Asymmetric cryptography changed that. Today you can send an encrypted message to anyone. This is accomplished by the use of a pair of keys: one public key and one private key. The key properties are such that when something is encrypted with the public key, only the private key can decrypt it and vice-versa. In practice, this is usually implemented based on mathematical problems that admit no efficient solution like certain integer factorization, discrete logarithm and elliptic curve relationships.

But the game changer is that the public key doesn’t have to be kept secret. This allows cryptography to be used for authentication — proving who someone is — as well as for encryption, without requiring you to have previously exchanged secrets. In this article, I’ll get into the details of how to set yourself up so that anyone in the world is able to send you an e-mail that only you can read.
Continue reading “Practical Public Key Cryptography”

Microsoft Bug Tracking Hacked

It seems that the database containing descriptions of critical and unfixed bugs and/or vulnerabilities in some of the most widely used software in the world, including the Windows operating system, was hacked back in 2013. This database is basically gold for any security researcher, regardless of the color of their hat. To know which programs fail and the preconditions for that to happen is half an exploit right there.

Microsoft discovered the database breach in early 2013 after the highly skilled hacking group Morpho a.k.a. Butterfly a.k.a. Wild Neutron broke into computers at a number of major tech companies, including Apple, Facebook, and Twitter. The group exploited a flaw in the Java programming language to penetrate employees’ Apple Macintosh computers and then use them as pivots into the company internal network.

Official sources say that the Microsoft bug database was poorly protected, with access possible via little more than a password. Four years later, we have official confirmation that it happened. To measure the breach impact, Microsoft started a study to correlate the potential flaws in their databases and subsequent attacks. The study found that the flaws in the stolen database were actually used in cyber attacks, but Microsoft argued the hackers could have obtained the information elsewhere, and that there’s “no evidence that the stolen information had been used in those breaches.”

There is really no way to know besides asking the actual hacking group, which will most likely not happen… unless they are HaD readers, in this case they can feel free to comment.

[via Reuters]