Telegram is an instant messaging app, well known for its focus on security and encryption. It’s used by government officials, journalists, and the paranoid, and can also handle VoIP calls, in addition to its text messaging capability. [PiMaker] wondered if all this encryption could be put to good use, and decided to try and route IP over Telegram, as you do.
The project is called Teletun, and it works! It uses telgram-cli, a command line interface for the instant messaging network. The actual IP routing is handled with a Python script, and [PiMaker] recommends that in use, the user should “pray to the gods for mercy”. Reports are that bandwidth is limited, but latency can go as low as 100ms, which suggests Telegram is indeed a fairly instant messenger.
Tunneling over instant messaging services is good practice for any aspiring hacker, but likely to be unwieldy for any practical purpose. If you can think of one, other than irritating the intelligence agents tapping your communications, throw it down in the comments below. Otherwise, consider other oddball ways to (ab)use Telegram.
We often hear it said that today’s kids don’t go out and play as much as they did in the past, but honestly, it’s hard to really blame them. Have you seen some of the games they have now? It’s going to take something a little more exciting than a game of stickball to get them off the couch when they’ve got 4K and VR game systems to play with.
Circuit to control ATX PSU
Which is exactly why [Bobek] is building his kids a time machine. Not a literal one, of course. The Flux Capacitor technology required has yet to be mastered. But it does allow the player to “travel” through time through videos which are played by punching in specific codes they have to unlock by solving puzzles in the real world. Then again, keeping keeping kids active and mentally engaged might as well be “going back in time” in some people’s eyes.
By the looks of things, [Bobek] still has a little work to do on the project, but it’s far enough along that we can get an idea. Inside the bottom of the heavy duty plastic case he’s installed an ATX power supply and a Raspberry Pi 3, and an top of that, there’s a metal plate that holds the power button, an RGB backlit keyboard, and a Vacuum Florescent Display.
After powering on the system, the kids punch in the codes they’ve earned on the keyboard. If accepted, it starts the corresponding presentation which goes over the sights and sounds of the time period they’ve unlocked. In the video after the break you can see [Bobek] test the device with a small display hanging off the end of an HDMI cable, but presumably the system will eventually get an integrated display. The kids could also plug it into the TV, but at that point you might be going full circle.
There’s nothing quite as annoying as duplicated effort. Having to jump through the same hoops over and over again is a perfect way to burn yourself out, and might even keep you from tackling the project that’s been floating around in the back of your mind. [Alain Mauer] found that he’d build enough Arduino gadgets that were similar enough he could save himself some time by creating a standardized piece of hardware that he can load his code du jour on.
He’s come to call this device the Arduino Nano QP (which stands for Quick Project), and now it’s part of the 2019 Hackaday Prize. [Alain] doesn’t promise that it’s the perfect fit for everything, but estimates around 85% of the simple Arduino projects that he’s come up with could be realized on QP. This is thanks to the screw terminals on the bottom of the device which let you easily hook up any hardware that’s not already on the board.
The QP board itself has the ubiquitous 16×2 character LCD display (complete with contrast control trimmer), seven tactile buttons arranged in a vaguely Game Boy style layout, and of course a spot to solder on your Arduino Nano. All of which is protected by a very slick laser cut acrylic case, complete with retained buttons and etched labels.
We’ve seen no shortage of handheld Arduino devices, but we have to admit, something about the utilitarian nature of this one has us intrigued. We wouldn’t mind having one of these laying around the lab next time we want to do a quick test.
Do you know what your router is doing? We have two stories of the embedded devices misbehaving. First, Linksys “Smart” routers keep track of every device that connects to its network. Right, so does every other router. These routers, however, also helpfully expose that stored data over JNAP/HNAP.
Some background is needed here. First, HNAP is the Home Network Administration Protocol, designed to manage routers and network devices. Originally designed by Pure Networks, HNAP is a SOAP based protocol, and has been part of securityproblems in the past. You may also see the term JNAP. It seems that JNAP is the JSON Network Administration Protocol, identical to HNAP except for using JSON instead of SOAP.
The odd part is that this is an old problem. CVE-2014-8244 was disclosed and fixed in 2014. According to the writeup at Badpackets.net, the problem was re-discovered as a result of observing active network attacks targeting JNAP. When Linksys was informed of the rediscovered problem, they responded that the problem was fixed in 2014, and devices with updated firmware and default settings are not accessible from the public internet. The presence of over 20,000 devices leaking data casts doubt on their response. Continue reading “This Week In Security: Zombieload, And Is Your Router Leaking?”→
[Scotty] found these wireless LEDs in a display stand for model makers and gunpla. Because you don’t want to run wires, drill holes, and deal with fiber optics when illuminating plastic models, model companies have come up with wireless LEDs. Just glue them on, and they’ll blink. It requires a base station, but these are wireless LEDs.
After buying a few of these LEDs and sourcing a base station, [Scotty] found the LEDs were three components carefully soldered together: an inductor, two caps, and the LED itself. The base station is simply two coils and are effectively a wireless phone charger. Oh, some experimentation revealed that if you put one of these wireless LEDs on a wireless phone charger it’ll light up.
The next step is of course replication, so [Scotty] headed out to Akihabara and grabbed some wire, resistors, and LEDs. The wire was wrapped into a coil, a LED soldered on, and everything worked. This is by no means the first DIY wireless LED, as with so many technologies this too hit fashion first and you could buy press-on nails with embedded wireless LEDs for years now. Check out the video below.
Stop what you’re doing and get your ticket to the Hackaday Superconference. This is the ultimate hardware conference, November 15th, 16th, and 17th in Pasadena, California. It will sell out, especially the early bird tickets which are certain to be snapped up before the end of this day. (Edit: Early Bird tickets are already sold out, but you can still get the Early Bird price by submitting a talk).
Supercon is all about hardware creation. From prototypes and manufacturable designs, to one-off hardware art and products that have sold thousands, this is where you meet the people and hear the stories behind new and interesting feats of engineering. It’s a weekend filled with fascinating talks and mind-expanding workshops, but Supercon is so much more.
This is a Hacker Village where the greenest beginner and the grayest veteran sit shoulder to shoulder to solder, to code, to dream of the future, and to share stories of the past. We want you here, and you need to make it happen. Whether it’s professional development (yes! ask your boss to make this a business outing) or your hard-earned vacation, Supercon will recharge your batteries and top off your inspiration for the year to come.
Yes, I’m talking to you. Core to the mission of the Hackaday Superconference is to encourage more people to speak publicly about everything that goes into designing and manufacturing hardware. This means we want first time speakers just as much as we want seasoned presenters. You will be celebrated at Supercon; the ethos of this community is warm, welcoming, and thankful that you took the time to help everyone learn something interesting.
Don’t stop to ask yourself if you should… yes, we want to read your talk proposal. No topic is too big or too small for consideration. This is your chance to give back as a thank-you to so many people who have helped you gather your own skills over the years. We stand on the shoulders of giants, it’s your turn to be giant.
True Believer Tickets
We like to think of our Early Bird tickets as a nod to the true believers out there. We haven’t published the speakers, the workshops, or really anything else. That info will be public as everything comes together, but by then it may be too late to get a ticket. Right now all we can tell you for certain is that there will be a big celebration to name the grand prize winner of the 2019 Hackaday Prize, there will be a ton of badge hacking on a mind-blowing hardware badge being designed by Sprite_TM (Jeroen Domburg), you will have way too much fun and get far too little sleep, and tickets will sell out. In other words, this will be awesome.
Competitive soldering
Hackaday Prize winners
Opening ceremonies were packed tight!
Workshops in full swing
Badge hacking throughout the weekend
Standing room only as Ben Krasnow gives the last talk of the conference on Sunday
Need more convincing? You can watch the recap video from 2018, or dive into the weekend overview, badge-hacking, and competitive soldering roundups. I’ve never met anyone from the first four years of Supercon who regretted buying early bird tickets. I’ve met plenty of people who regretted missing out. Don’t miss out on year five of the movement. This is your community, there is truly something for everyone, and Pasadena is a beautiful place to be in the middle of November. See you at Supercon!
It’s true that I’m not known for keeping particularly regular hours, but even I had my doubts about this plan. We’d go to sleep around midnight, wake up at 3 AM, drive up the coast aimlessly, then turn around and attend a full-day event where we’d have to maintain at least some semblance of professionalism. It was a bad idea, terrible even. But there I was at 11:30 PM sitting in a Waffle House with Thomas, the Supplyframe videographer, getting dangerously close to signing off on it.
Officially we were there to cover the Cornell Cup Finals being held at Kennedy Space Center, but as it so happens, our arrival in Florida perfectly coincided with the launch of CRS-17, SpaceX’s latest International Space Station resupply mission. Technically this was not part of our assignment. But really, what choice did we have?
Even if our respective bosses didn’t see it as a wasted opportunity, we had to consider the locals. In the few hours we’d been here, it seemed the launch was all anyone wanted to talk about. Everyone from the airport shuttle driver to the waitress who brought us our hash browns reminded us a rocket would be lifting off soon. If we didn’t go, then come Friday afternoon we’d be the only people in Cape Canaveral who didn’t have a personal account of the event. By all indications, an unforgivable cultural faux pas in central Florida.
Of course, the truth of the matter is that we didn’t actually need any convincing to go on this adventure. We had the supreme good fortune of finding ourselves in the vicinity of Kennedy Space Center a few hours before they were going to send a rocket thundering off into the black, and there was no way we could just sleep through it. No, there was never any choice in the matter. We were going.
