IOT Garage Door Opener Makes For Excellent Beginner IOT Project

July 19, 2022 by 14 Comments

If you live in a home with a garage door opener, you may have experienced one or more inevitable moments. You pull up to your home, you press the button on the garage door opener, and… nothing. Or you can’t find the garage door opener. Or you have to mash the button repeatedly to get a response. Or… you get the idea. Thanks to [Core Electronics] however, you now have the basis for using a much better device to control your own garage door: Your phone. You can see the tutorial on the web or in video format below the break.

[Michael] at [Core electronics] was tired of dealing with the inconsistencies and inconveniences of a poorly built remote for his garage door opener. When he inspected the controller board on the garage door opener itself, he found that it was already configured to allow three buttons to be connected: Up, Down, and Stop. Continue reading “IOT Garage Door Opener Makes For Excellent Beginner IOT Project”

ESP32 Powers Fresh Take On An IoT Geiger Counter

July 7, 2022 by 17 Comments

Over the years we’ve covered many projects aimed at detecting elevated radiation levels, and a fair number of them have been Internet connected in some way. But as they are often built around the Soviet-era SBM-20 Geiger–Müller tube, these devices have generally adhered to a fairly conservative design. With the current situation in Europe heightening concerns over potential radiation exposure, [g3gg0] thought it was a good a time as any to revisit the idea of an Internet-connected Geiger counter using more modern components.

Now to be clear, even this modernized approach still makes use of that same SBM-20 tube. There’s such an incredible wealth of information floating around out there about how to work with them that you’d almost put yourself at a disadvantage to chose something else to base your design on. Put simply, it’s hard to go wrong with a classic.

An unfortunate bug was discovered in the HV circuit.

That said, [g3gg0] decided early on that the design would use as many SMD components as possible, a considerable departure from many of the SBM-20 counters we’ve seen. That meant coming up with a new high-voltage power supply capable of providing the tube with the necessary 400 V, which from the sound of things, took a few attempts to complete. The final result is perhaps the smallest and cleanest looking board we’ve ever seen play host to this particular tube.

To run the show, [g3gg0] selected the ESP32-PICO-D4. You certainly don’t need such a powerful microcontroller to read the impulses from the SBM-20 tube and publish them via MQTT, but to be fair, the chip has a number of other duties. It’s handling the WS2812 RGB LEDs that go off in response to detected particles, running the (apparently optional) 2.9 inch WaveShare electronic paper display, and also pulling data from a BME280 environmental sensor as well as a CCS811 VOC sensor — so it’s keeping fairly busy.

As impressive as this build is, we do hate that it had to be built. From certain world leaders dropping casual comments about the strength of their nuclear arsenal to foolhardy attempts to capture the Chernobyl power station, having access to a reliable Geiger counter isn’t an unreasonable precaution right now. For everyone’s sake, let’s hope the fancy RGB LEDs on this particular build remain as dark as possible.

Continue reading “ESP32 Powers Fresh Take On An IoT Geiger Counter”

This Week In Security: IoT In The Hot Tub, App Double Fail, And FreeBSD BadBeacon

June 24, 2022 by 3 Comments

[Eaton Zveare] purchased a Jacuzzi hot tub, and splurged for the SmartTub add-on, which connects the whirlpool to the internet so you can control temperature, lights, etc from afar. He didn’t realize he was about to discover a nightmare of security problems. Because as we all know, in IoT, the S stands for security. In this case, the registration email came from smarttub.io, so it was natural to pull up that URL in a web browser to see what was there. The page presented a login prompt, so [Eaton] punched in the credentials he had just generated. “Unauthorized” Well that’s not surprising, but what was very odd was the flash of a dashboard that appeared just before the authorization complaint. Could that have been real data that was unintentionally sent? A screen recorder answered that question, revealing that there was indeed a table loaded up with valid-looking data.

Digging around in the page’s JavaScript comes up with the login flow. The page uses the Auth0 service to handle logins, and that service sends back an access token. The page sends that access token right back to the Auth0 service to get user privileges. If the logged in user isn’t an admin, the redirect happens. However, we already know that some real data gets loaded. It appears that the limitations to data is all implemented on the client side, and the backend only requires a valid access token for data requests. What would happen if the response from Auth0 were modified? There are a few approaches to accomplish this, but he opted to use Fiddler. Rewrite the response so the front-end believes you’re an admin, and you’re in.

This approach seems to gain admin access to all of the SmartTub admin controls, though [Eaton] didn’t try actually making changes to see if he had write access, too. This was enough to demonstrate the flaw, and making changes would be flirting with that dangerous line that separates research from computer crime. The real problem started when he tried to disclose the vulnerability. SmartTub didn’t have a security contact, but an email to their support email address did elicit a reply asking for details. And after details were supplied, complete radio silence. Exasperated, he finally turned to Auth0, asking them to intervene. Their solution was to pull the plug on one of the two URL endpoints. Finally, after six months of trying to inform Jacuzzi and SmartTub of their severe security issues, both admin portals were secured.

Continue reading “This Week In Security: IoT In The Hot Tub, App Double Fail, And FreeBSD BadBeacon”

Easy Network Config For IoT Devices With RGBeacon

May 11, 2022 by 25 Comments

When you’re hooking up hardware to a network, it can sometimes be a pain to figure out what IP address the device has ended up with. [Bas Pijls] often saw this problem occurring in the classroom, and set about creating a simple method for small devices to communicate their IP address and other data with a minimum of fuss.

[Bas] specifically wanted a way to do this without adding a display to the hardware, as this would add a lot of complexity and expense to simple IoT devices. Instead, RGBeacon was created, wherin a microcontroller flashes out network information with the aid of a single RGB WS2812B LED.

In fact, all three colors of the RGB LED are used to send information to a computer via a webcam. The red channel flashes out a clock signal, the green channel represents the beginning of a byte, and the blue channel flashes to indicate bits that are high. With a little signal processing, a computer running a Javascript app in a web browser can receive information from a microcontroller flashing its LEDs via a webcam.

It’s a neat hack that should make setting up devices in [Bas]’s classes much easier. It needn’t be limited to network info, either; the code could be repurposed to let a microcontroller flash out other messages, too. It’s not dissimilar from the old Timex Datalink watches which used monitor flashes to communicate!

APPLE2IDIOT Expansion Card Lets Your Apple II (Sort Of) Access The Internet

May 7, 2022 by 26 Comments

[Nathanial Hendler]’s Apple2Idiot expansion card for the Apple II family of computers is a nifty mix of modern and vintage, and provides a clever means of allowing the host computer to (indirectly) access the internet over WiFi while keeping things simple from the host computer’s perspective.

The PCB has plenty of space on which to silkscreen reference data. Click to enlarge.

It does this by embedding an ESP32 module and a dual-port RAM chip onto an expansion card. The Apple2Idiot, when installed into a host machine, presents as a memory location which the host machine can access. The ESP32 then takes care of all the WiFi communications and tasks requiring internet access, and the host computer directs these tasks (and reads their output) via PEEK and POKE commands.

This means that there are two pieces of software for any given task: one running on the ESP32 doing the actual work, and one running on the Apple II that communicates with the ESP32 on the card by reading and writing to memory. It’s a simple system, and one that [Nathanial] thinks works quite well for specific tasks.

Example programs include things like scanning and selecting a WiFi network, fetching weather data, and sending a message to Slack. Making new applications does mean having to write software on two ends, but the simplicity of the system also means flexibility, because anything the ESP32 does can have its complexity abstracted away by the time its data is presented to the host machine. Not that the Apple II is incapable of dealing with the modern internet more directly; we’ve seen a basic Apple II web server written in BASIC.

IoT Pool Monitor Helps You Keep It Crystal Clear

April 16, 2022 by 5 Comments

Having a pool is great, but it also requires significant monitoring and maintenance to keep it crystal clear and clean. The OPNpool controller from [Coert Vonk] aims to help in this task, integrating neatly into the smart home ecosystem of today.

OPNpool runs on an ESP32, and is capable of monitoring pool controllers, pumps, and chlorinators, as well as working with thermostats and other hardware to control the state of the pool. This allows the system to do useful things like run high-powered pumps when electricity is cheapest, or to find the best timing to run heating circuits. The controller relies on MQTT messaging and can integrate with Home Assistant for those that prefer to run their own cloud-independent smart home systems.

With WiFi onboard the ESP32, there’s no need for a hardwired LAN connection, and the system can be administered remotely over the web. It’s also capable of talking with other hardware over RS-485 and bringing it under its own control. With OPNpool installed, monitoring pool conditions can be done from the leisure of one’s deck chair with a smartphone, rather than squinting and dark LCDs in equipment cabinets.

It’s a useful tool that could be just the ticket for the savvy, IoT-aware pool owner. We’ve seen other DIY pool controllers before, too. With summer just around the corner, it’s the perfect time to get hacking!

This Chariot Is Pulled By A Team Of Motorcycles

April 11, 2022 by 21 Comments

We’re fans of unusual forms of transport here, so when we saw an article featuring a home-made motorcycle chariot we knew we had to share it with you. You’ll probably notice it comes from the keyboard of our colleague [Lewin Day] as he moonlights writing for The Drive, and he’s brought along a lot of context and history to the dual-Husqvarna chariot built by [Jack Field].

The machine itself is a chariot in the ancient Roman fashion, a two-wheeled platform on which the rider stands and holds the reins. Instead of a team of horses though there is the aforementioned pair of Husqvarna motorcycles, and a pair of rods to their handlebars with throttle and brake controls take the place of reins. It’s fair to say that this might not be the least hazardous of conveyances, but it appears both rideable and controllable, and will appear at motorcycle shows. truth be told we’d like to have a go ourselves, but since it’s in Australia we think there’s little chance. Unexpectedly the motorcycle chariot is not a new idea, with their being used for full-scale races back in the 1930s. There’s a trip into that world with some exciting but lethal-looking racing action to view, but it seems that these machines exist here in 2022 mostly for show.

This isn’t the first machine operated by reins we’ve brought you, how about a rein-operated tractor?