A treadmill with a doorbell alert in one of the cup holders.

See Them Knocking With A Doorbell Alert

June 21, 2024 by 8 Comments

Picture it: you’re on the treadmill, running through a forest, sweating like a pig, and the doorbell rings because a package is being delivered. Would you even hear it? Chances are, if you’re rocking out to music on headphones and your treadmill is as noisy as [Antonio]’s, you wouldn’t, and you’d once again face the dreaded ‘we’ll try later’ slip.

The guts of the doorbell alert in a pink 3D-printed enclosure.What you need is something that thing listens for the doorbell and flashes a giant 20 mm red LED to alert you. Could this be done with a 555? Yes, in fact, [Antonio] used a pair of them in the form of the 556 on the alert side.

The first 555 is wired up in astable mode to control the tempo of the flashing light, and the second timer is in monostable mode to control the length of time the light flashes. Power comes from the doorbell’s 9V, which is wired up through an existing Ethernet jack.

Now whenever the doorbell rings, [Antonio] has 60 seconds of flashing light in order to react, stop the treadmill, and jump off to answer the door. To conserve power when [Antonio] is relaxing, there’s an on/off switch.

This Week In Security: The Time Kernel.org Was Backdoored And Other Stories

May 17, 2024 by 1 Comment

Researchers at Eset have published a huge report on the Ebury malware/botnet (pdf), and one of the high profile targets of this campaign was part of the kernel.org infrastructure. So on one hand, this isn’t new news, as the initial infection happened back in 2011, and was reported then. On the other hand, according to the new Eset report, four kernel.org servers were infected, with two of them possibly compromised for as long as two years. That compromise apparently included credential stealing or password cracking.

The Ebury attackers seem to gain initial access through credential stuffing — a huge list of previously captured credentials are tried one at a time. However, once the malware has a foothold in the network, a combination of automated and manual steps are taken to move laterally. The most obvious is to grab any private SSH keys from that system, and try using them to access other machines on the local network. Ebury also replaces a system library that gets called as a part of sshd, libkeyutils.so. This puts it in a position to quietly capture credentials.

For a targeted attack against a more important target, the people behind Ebury seem to go hands-on-keyboard, using techniques like Man-in-the-Middle attacks against SSH logins on the local network using ARP spoofing. In this case, someone was doing something nasty.

And that doesn’t even start to cover the actual payload. That’s nasty too, hooking into Apache to sniff for usernames and passwords in HTTP/S traffic, redirecting links to malicious sites, and more. And of course, the boring things you might expect, like sending spam, mining for Bitcoin, etc. Ebury isn’t exactly easy to notice, either, since it includes a rootkit module that hooks into system functions to hide itself. Thankfully there are a couple of ways to get a clean shell to look for the malware, like using systemd-run or launching a local shell on the system console.

And the multi-million dollar question: Who was behind this? Sadly we don’t know. A single arrest was made in 2014, and recovered files implicated another Russian citizen, but the latest work indicates this was yet another stolen identity. The rest of the actors behind Ebury have gone to great lengths to remain behind the curtain.

Continue reading “This Week In Security: The Time Kernel.org Was Backdoored And Other Stories”

Custom Dog Door Prevents Culinary Atrocities

April 17, 2024 by 32 Comments

Riley, an 8 lb pug, has more beauty than brains, and a palate as unrefined as crude oil. While we hate criticizing others’ interests and tastes, his penchant for eating cat poop needed to stop. After a thorough exploration of a variety of options, including cat food additives that make its excrement taste worse (HOW? WHY? Clearly taste wasn’t the issue!), automatic litter boxes that stow the secretions, and pet doors that authenticate access to the room with the litter box, [Science Buddies] eventually settled on a solution that was amenable to all members of the family.

The trick was in creating a door mechanism with a blacklist of sorts rather than a whitelist. As the cat didn’t like to push the door open itself, the solution needed to have the pet door open by default. A magnet on Riley’s collar would trip a sensor attached to an Arduino that would control servos to swing the door shut immediately if he attempted to access the defecated delights. Of course safety was a consideration with the door swinging in Riley’s face.

We’ve covered a few pet screeners, including one for the same purpose that used IR sensors (but a much bigger dog also named Riley), and a flock of solutions for chickens. We’ve also seen [Science Buddies] in previous posts, so they’re not on the tips line blacklist.

Continue reading “Custom Dog Door Prevents Culinary Atrocities”

Garage Door Automation With No Extra Hardware

April 11, 2024 by 10 Comments

Home automation projects have been popular as long as microcontrollers have been available to the general public. Building computers to handle minutiae so we don’t have to is one of life’s great joys. Among the more popular is adding some sort of system to a garage door. Besides adding Internet-connected remote control to the action of opening and closing, it’s also helpful to have an indicator of the garage door state for peace-of-mind. Most add some sensors and other hardware to accomplish this task but this project doesn’t use any extra sensors or wiring at all.

In fact, the only thing added to the garage door for this build besides some wiring is the microcontroller itself. After getting the cover of the opener off, which took some effort, a Shelly Uni was added and powered by the 12V supply from the opener itself. The garage door opener, perhaps unsurprisingly, has its own way of detecting when the door is fully open or closed, so some additional wire was added to these sensors to let the microcontroller know the current state. Shelly Uni platforms have a WiFi module included as well, so nothing else was needed for this to function as a complete garage door automation platform.

[Stephen] uses Home Assistant as the basis for his home automation, and he includes all of the code for getting this platform up and running there. It wouldn’t be too hard to get it running on other openers or even on other microcontroller platforms; the real key to this build is to recognize that sometimes it’s not necessary to reinvent the wheel with extra sensors, limit switches, or even power supplies when it’s possible to find those already in the hardware you’re modifying. This isn’t always possible, though, especially with more modern devices that might already be Internet-connected but probably don’t have great security.

Security Alert: Potential SSH Backdoor Via Liblzma

March 29, 2024 by 34 Comments

In breaking news that dropped just after our weekly security column went live, a backdoor has been discovered in the xz package, that could potentially compromise SSH logins on Linux systems. The most detailed analysis so far seems to be by [Andres Freund] on the oss-security list.

The xz release tarballs from 5.6.0 in late February and 5.6.1 on March 9th both contain malicious code. A pair of compressed files in the repository contain the majority of the malicious patch, disguised as test files. In practice, this means that looking at the repository doesn’t reveal anything amiss, but downloading the release tarballs gives you the compromised code.

This was discovered because SSH logins on a Debian sid were taking longer, with more CPU cycles than expected. And interestingly, Valgrind was throwing unexpected errors when running on the liblzma library. That last bit was first discovered on February 24th, immediately after the 5.6.0 release. The xz-utils package failed its tests on Gentoo builds.

Continue reading “Security Alert: Potential SSH Backdoor Via Liblzma”

This Week In Security: Apple Backdoors Curl, Tor’s New Bridge, And GhostRace

March 15, 2024 by 8 Comments

OK, that headline is a bit of a cheap shot. But if you run the curl binary that Apple ships, you’re in for a surprise if you happen to use the --cacert flag. That flag specifies that TLS verification is only to be done using the certificate file specified. That’s useful to solve certificate mysteries, or to make absolutely sure that you’re connecting to the server you expect.

What’s weird here is that on a MacOS, using the Apple provided curl binary, --cacert doesn’t limit the program to the single certificate file. On an Apple system, the verification falls back to the system’s certificate store. This is an intentional choice by Apple, but not one that’s aimed particularly at curl. The real magic is in Apple’s SSL library, which forces the use of the system keychain.

The current state of things is that this option is simply not going to do the right thing in the Apple provided binary. It’s documented with the note that “this option is supported for backward compatibility with other SSL engines, but it should not be set.” It’s an unfortunate situation, and we’re hopeful that a workaround can be found to restore the documented function of this option. Continue reading “This Week In Security: Apple Backdoors Curl, Tor’s New Bridge, And GhostRace”

Fan With Automatic Door Is Perfect For Camper Vans

January 17, 2024 by 5 Comments

Ventilation fans are useful for clearing stuffy or stale air out of a space. However, they also tend to act as a gaping hole into said space. In the case of caravans and RVs, an open ventilation fan can be terrible for keeping the interior  space warm, quiet, and free from dust. “Blast doors” or fan blocks are a common way to solve this problem. [Raphtronic] whipped up a duly-equipped ventilation fan to do just that.

The solution was to create a fan setup with a custom fan holder and a sliding door to block airflow when necessary. [Raphtronic] designed a fan frame for this purpose using parts 3D printed in ASA plastic. This material was chosen such that they could readily withstand the 50 C (120 F) temperatures typical in his Ford Transit camper during the summer. A simple 12 V ventilation fan was then fitted to the frame, along with a sliding door controlled by a 12 V linear actuator.

The mode of operation is simple. A DPDT switch controls the linear actuator. Flipped one way, the linear actuator is fed 12 V in such a polarity as to move it to open the fan door. In this mode, 12 volts is also supplied to the fan to start ventilation. When the switch is flipped the other way, the actuator moves to the closed position, and a diode in the circuit stops the fan spinning backwards. As a bonus, limit switches are built into the linear actuator, so there’s no need for any microcontrollers, “off” switch positions, or additional wiring.

It’s a tidy solution to the problem of ventilating a camper in a clean and effective manner. Files are on GitHub for those wishing to build their own. We’ve seen some great work in this area before, like this off-grid van project that made excellent use of 3D scanning during the build process. If you’ve designed and built your own nifty camping gear, don’t hesitate to drop us a line!