Author: Mike Szczys

6403 Articles

TP-LINK’s WiFi Defaults To Worst Unique Passwords Ever

January 27, 2016 by 82 Comments

This “security” is so outrageous we had to look for hidden cameras to make sure we’re not being pranked. We don’t want to ruin the face-palming realization for you, so before clicking past the break look closely at the image above and see if you can spot the exploit. It’s plain as day but might take a second to dawn on you.

The exploit was published on [Mark C.’s] Twitter feed after waiting a couple of weeks to hear back from TP-LINK about the discovery. They didn’t respond so he went public with the info.

Continue reading “TP-LINK’s WiFi Defaults To Worst Unique Passwords Ever”

Finally, A Modern Theremin

January 24, 2016 by 28 Comments

Ever wanted to own your own Theremin but couldn’t justify dropping hundreds of dollars on one? Now you can build your own, or buy it for a quintuplet of Hamiltons. The Open.Theremin.UNO project has built up antenna-based oscillator control around the ubiquitous Arduino Uno board.

So what’s the Arduino in there for? This is a digital Theremin, but check out the video below and you’ll agree that it sounds amazing and has excellent response. The aluminum antennas used for volume and pitch are attached to the top portion of the shield but it sounds like they’re not included in the kit. Don’t fret, you can use a variety of materials for this purpose. On the bottom you need to connect a speaker cable, and also a ground wire if that cable’s not grounded.

As the name implies, this is Open Hardware and we’re quite happy with the documentation on their site and the BOM (found on the GitHub repo). This design was shown off back in 2013 hiding in a pack of cigarettes. If you don’t want to build your own they’re selling kits on their site for 48 Euro delivered, or on Tindie for $55.

Okay, we’ve screwed this up so many times that we’re going to try to get it right here: the Theremin was not heard in the opening of Star Trek the original series, or in the opening of Doctor Who. It wasn’t featured in “Good Vibrations” either. As far as we can tell, it’s not used for anything in pop culture at all… but recognizing the sound and knowing what one is remains core geek knowledge.

If you want a Theremin to play using your entire body you need the Theremin Terpsitone.

Continue reading “Finally, A Modern Theremin”

Tie-Fighter Quadcopters Anyone Can Build

January 23, 2016 by 25 Comments

These are things of beauty, and when in flight, the Tie Fighter Quadcopters look even better because the spinning blades become nearly transparent. Most of the Star Wars-themed quadcopter hacks we’ve seen are complicated builds that we know you’re not even going to try. But [Cuddle Burrito’s] creations are for every hacker in so many different ways.

tie-fighter-drone-partsFirst off, he’s starting with very small commodity quadcopters that are cheap (and legal) for anyone to own and fly. Both are variations of the Hubsan X4; the H107C and the H107L. The stock arms of these quadcopters extend from the center of the chassis, but that needs to change for TFFF (Tie Fighter Form Factor). The solution is of course 3D Printing. The designs have been published for both models and should be rather simple to print.

ABS is used as the print medium, which makes assembly easy using a slurry of acetone and ABS to weld the seams together. Motor wires need to be extended and routed through the printed arms, but otherwise you don’t need anything else. Even the original screws are reused in this design. Check out test flights in the video after the break As for the more custom builds we mentioned, there’s the Drone-enium Falcon.

Continue reading “Tie-Fighter Quadcopters Anyone Can Build”

Hackaday Europe: Call For Proposals

January 21, 2016 by 38 Comments

Hackaday is coming to Europe in April. The world’s most superb conference on hardware creation starts with you. Please submit your proposal to present a talk or workshop at 2016 Hackaday | Belgrade, Hackaday’s first-ever European conference.

Put it on your calendar: Saturday, April 9th in Belgrade, Serbia. We have a lineup spanning from 10am to 2am, and we’re building on the best of the inaugural SuperConference we held last November: a single track of hardware talks which will run concurrently with a set of hands-on workshops. The surprise hit from that conference was badge hacking, which will be expanded and extended into the wee hours of the morning. While that is in progress, a party with two stages will spin up with performances by Infinite Jest, Grupa TI, and DJ sets.

Tickets go on sale the first week of February. Voja Antonic, who does amazing work with PCBs and badge designs, is building the conference badge. The cost of the admission will be just enough to cover the cost of the badge. We’re keeping the admission cost so low to help offset your travel costs. Belgrade is gorgeous in April, and getting there from other parts of Europe is very affordable. This event will sell out so get organized and make sure you and your fellow hardware hackers get tickets early.

Many of the Hackaday crew will be on hand. We’re likely to have a less-formal meetup (hangover brunch?) on Sunday. Check out the Hackaday | Belgrade planning page to discuss this and learn more about the conference as it comes together. See you in Belgrade!

Shmoocon 2016: Hackers For Charity

January 18, 2016 by 4 Comments

To one side of the “Chill Room” at this year’s Shmoocon were a few tables for Hackers for Charity. This is an initiative to make skills-training available for people in Uganda. The organization is completely supported by the hacker community.

Hackers for Charity was founded by Johnny Long about seven years ago. He had been working as a penetration tester but you perhaps know him better from his many books on hacking. Having seen the lack of opportunity in some parts of the world, Johnny started Hackers for Charity as a way to get used electronics and office equipment into the hands of people who needed it most. This led to the foundation of a school in Uganda that teaches technology skills. This can be life-changing for the students who go on to further schooling, or often find clerical or law enforcement positions. Through the charity’s donations the training center is able to make tuition free for about 75% of the student body.

The education is more than just learning to use a word processor. The group has adopted a wide range of equipment and digital resources to make this an education you’d want for your own children. Think Chromebooks, Raspberry Pi, robotics, and fabrication. One really interesting aspect is the use of RACHEL, which is an effort to distribute free off-line educational content. This is a searchable repository of information that doesn’t require an Internet connection. Johnny told me that it doesn’t stop at the schoolroom door; they have the system on WiFi so that anyone in the village can connect and use the resources whether they’re students or not.

Shmoocon does something interesting with their T-shirt sales. They’re not actually selling shirts at all. They’re soliciting $15 donations. You donate, and you get a shirt and a chit — drop you chit in a box to decide where your $15 should go. This year, Hackers for Charity, the EFF, and World Bicycle Relief were the charities to choose from. If you want to help out this 501c3 organization, consider clicking the donate button you’ll find on the sidebar and footer of their webpage.

Custom Siri Automation With HomeKit And ESP8266

January 17, 2016 by 11 Comments

Knowing where to start when adding a device to your home automation is always a tough thing. Most likely, you are already working on the device end of things (whatever you’re trying to automate) so it would be nice if the user end is already figured out. This is one such case. [Aditya Tannu] is using Siri to control ESP8266 connected devices by leveraging the functionality of Apple’s HomeKit protocols.

HomeKit is a framework from Apple that uses Siri as the voice activation on the user end of the system. Just like Amazon’s voice-control automation, this is ripe for exploration. [Aditya] is building upon the HAP-NodeJS package which implements a HomeKit Accessory Server using anything that will run Node.

Once the server is up and running (in this case, on a raspberry Pi) each connected device simply needs to communicate via MQTT. The Arduino IDE is used to program an ESP8266, and there are plenty of MQTT sketches out there that may be used for this purpose. The most recent example build from [Aditya] is a retrofit for a fiber optic lamp. He added an ESP8266 board and replaced the stock LEDs with WS2812 modules. The current version, demonstrated below, has on/off and color control for the device.

Continue reading “Custom Siri Automation With HomeKit And ESP8266”

Shmoocon 2016: GPUs And FPGAs To Better Detect Malware

January 17, 2016 by 40 Comments

One of the big problems in detecting malware is that there are so many different forms of the same malicious code. This problem of polymorphism is what led Rick Wesson to develop icewater, a clustering technique that identifies malware.

Presented at Shmoocon 2016, the icewater project is a new way to process and filter the vast number of samples one finds on the Internet. Processing 300,000 new samples a day to determine if they have polymorphic malware in them is a daunting task. The approach used here is to create a fingerprint from each binary sample by using a space-filling curve. Polymorphism will change a lot of the bits in each sample, but as with human fingerprints, patterns are still present in this binary fingerprints that indicate the sample is a variation on a previously known object.
Continue reading “Shmoocon 2016: GPUs And FPGAs To Better Detect Malware”