Apple AirTags Hacked And Cloned With Voltage Glitching

July 14, 2022 by 34 Comments

Apple AirTags are useful little devices. They essentially use iPhones in the wild as a mesh network to tell the owner where the AirTag is. Now, researchers have shown that it’s possible to clone these devices.

The research paper explains the cloning process, which requires physical access to the hardware. To achieve the hack, the Nordic nRF52832 inside the AirTag must be voltage glitched to enable its debug port. The researchers were able to achieve this with relatively simple tools, using a Pi Pico fitted with a few additional components.

With the debug interface enabled, it’s simple to extract the microcontroller’s firmware. It’s then possible to clone this firmware onto another tag. The team also experimented with other hacks, like having the AirTag regularly rotate its ID to avoid triggering anti-stalking warnings built into Apple’s tracing system.

As the researchers explain, it’s clear that AirTags can’t really be secure as long as they’re based on a microcontroller that is vulnerable to such attacks. It’s not the first AirTag cloning we’ve seen either. They’re an interesting device with some serious privacy and safety implications, so it pays to stay abreast of developments in this area.

[Thanks to Itay for the tip!]

Building A Better 3D Scanner With An IPhone, And Making Art

July 14, 2022 by 14 Comments

Apple’s FaceID system uses infrared depth-sensing technology to authenticate people via their faces. It can also be used for simple 3D scanning, and [Scott Yu-Jan] found a better way to do that.

The main problem with using an iPhone as a 3D scanner in this manner is that the sensor is built into the front side of the device. It’s great for scanning your own face, but if you’re trying to scan an object, you can no longer see the iPhone’s screen. [Scott] solved this problem by slapping together a handheld 3D printed device to hold the iPhone along with an external monitor. This allowed Scott to scan while still seeing what was going on.

Having noticed that some of the 3D scanning apps produced strange, glitchy results when scanning faces, [Scott] decided to innovate artistically. He employed [Andrea] to model, took some scans, and Photoshopped the results into some impressive posters.

Overall, [Scott] demonstrates that it’s relatively easy to repurposed the iPhone for improved 3D scanning. With a simple design, he has a handheld scanner that works way better than just the phone on its own. Alternatively, consider getting into photogrammetry instead.

Continue reading “Building A Better 3D Scanner With An IPhone, And Making Art”

Chinese Anti-Porn Helmet Raises Eyebrows, Questions

July 14, 2022 by 72 Comments

Did you know that pornography is completely illegal in China? Probably not surprising news, though, right? The country has already put measures in place to scour the Internet in search of explicit content, mostly using AI. But the government also employs human porn appraisers, called jian huang shi, whose job it is to judge images and videos to decide whether they contain explicit content. Also probably not surprising is that humans are better than AI at knowing porn when they see it — or at least, they are faster at identifying it. Weirdness and morality and everything else aside, these jian huang shi are regular people, and frankly, they get exhausted looking at this stuff all day.

So what is the answer to burnout in this particular field? Researchers at Beijing Jiaotong University have come up with a way to bring the technological and human aspects of their existing efforts together. They’ve created a helmet that can detect particular spikes in brainwaves that occur from exposure to explicit imagery. Basically, it flashes a combination of naughty and ho-hum images in rapid succession until a spike is detected, then it flags the offending image.

Continue reading “Chinese Anti-Porn Helmet Raises Eyebrows, Questions”

It’s Linux. On An ESP32

July 14, 2022 by 30 Comments

By today’s standards, the necessities for running a Linux-based operating system are surprisingly meagre in terms of RAM and processor power. Back in the day we ran earlier Linux versions on Intel 386 and 486 machines with tiny quantities of memory compared to the multi-gigabyte many-core powerhouses we do today.

So it stands to reason that many of the more powerful microcontrollers should also run Linux, but of course they are often unable because the lack a memory management unit. The original ESP32 is just such a candidate, plenty of power but unable to run Linux. Not so fast, because [Dror Gluska] has managed to boot a Linux kernel on Espressif’s dual-core chip. How on earth? By emulating a RISC-V processor on it and booting a RISC-V version of the kernel.

The emulator in question is [Fabrice Belard]’s TinyEMU, a piece of software that brings both RISC-V and x86 to limited-spec platforms, and the write-up describes the extensive optimization and tracing of ESP32 bottlenecks which was finally able to get a Linux kernel booting in 1 minute and 35 seconds. Of course it’s simply an exercise to prove it can be done and we won’t be seeing Linux-based ESP projects any time soon, but it’s still an impressive piece of work.

This isn’t the lowest-spec microcontroller we’ve seen run Linux, back in 2012 we saw it on emulated ARM running on an 8-bit AVR.

Game Boy Repurposed Solely As A Camera

July 14, 2022 by 3 Comments

As much as we all love the Game Boy Camera, it’s really just an add-on to the popular handheld console. Twitter user [@thegameboycam] decided to build a dedicated camera platform using the hardware, and the result was the Game Boy DSLR.

Camera pedants will note that it’s not really a DSLR, but that’s not really the point. It’s a Game Boy with the camera accessory built into a proper camera-like housing. There’s a CS/C mount for the lens, and it’s got a custom shell with leatherette, just like the cameras of last century. It’s also got a cold shoe, and a 1/4″ screw thread for tripod mounting. Oh, and strap lugs! So you can really rock that old-school aesthetic with your tweed suit on.

More practical modern features include a 1800 mAh battery that charges over USB Type C and a backlit IPS display. The screen has been turned through 90 degrees, and the cartridge port and buttons are relocated to create a more traditional camera-like form factor. If you really want, though, you can still play it like a regular Game Boy. Just swap out the modified camera cart with the lens mount for a regular Game Boy Camera or another game cartridge.

It’s a fun hack that scores big on style points. No longer can you be the cool kid just by rocking a Game Boy with a big ol’ lens hanging off the back. Now you gotta compete with this!

Our tipsline is waiting for when you’ve got the next big thing in Game Boy Camera hacks. Video after the break.

Continue reading “Game Boy Repurposed Solely As A Camera”

CP/M Is Now Freer Than It Was

July 13, 2022 by 32 Comments

It’s easy to think of the earlier history of desktop computing operating systems in terms of DOS, Windows, and Mac OS with maybe a bit of AmigaOS, TOS, or RiscOS thrown in. But the daddy of desktop computing, the OS that put word-processors and spreadsheets in 1970s offices and had a huge influence on what followed, isn’t among that list. Digital Research’s CP/M ran initially on Intel 8080-based machines before losing out to MS-DOS as IBM’s choice for their PC, and then gradually faded away over the 1980s. Its source has been available in some form with a few strings for a long time now, but now we have confirmation from Digital Research’s successor company that it’s now available without restrictions on where it can be distributed.

For years it was something an operating system that had been bypassed by the hardware and hacker communities, as the allure of GNU/Linux was stronger and most available CP/M capable machines were also 1980s 8-bit gaming platforms. But with the more recent increased popularity of dedicated retrocomputing platforms such as the RC2014 it’s become a more common sight in our community. Brush up your command line skills, and give it a go!

Header: Michael Specht, CC BY-SA 3.0.

Cracking The MiFare Classic Could Get You Free Snacks

July 13, 2022 by 24 Comments

[Guillermo] started a new job a while back. That job came with an NFC access card, which was used for booking rooms and building access. The card also served as a wallet for using the vending machines. He set about hacking the card to see what he could uncover.

Initial scans with NFC Tools revealed the card was an Infineon MIFARE Classic Card 1k. These cards are considered fairly old and insecure by now. There’s plenty of guides online on how to crack the private keys that are supposed to make the card secure. Conveniently, [Guillermo] had a reader/writer on hand for these very cards.

[Guillermo] was able to use a tool called mfoc to dump the keys and data off the card. From there, he was able to determine that the credit for the vending machines was stored on the card itself, rather than on a remote server.

This means that it’s simple to change the values on the card in order to get free credit, and thus free snacks. However, [Guillermo] wisely resisted the urge to cash in on candy and sodas. When totals from the machine and credit system were reconciled, there’d be a clear discrepancy, and a short investigation would quickly point to his own card.

He also managed to successfully clone a card onto a “Magic Mifare” from Amazon. In testing, the card performed flawlessly on all systems he tried it on.

It goes to show just how vulnerable some NFC-based access control systems really are. RFID tags are often not as safe as you’d hope, either!