Exposing Dinosaur Phone Insecurity With Software Defined Radio

June 5, 2017 by 74 Comments

Long before everyone had a smartphone or two, the implementation of a telephone was much stranger than today. Most telephones had real, physical buttons. Even more bizarrely, these phones were connected to other phones through physical wires. Weird, right? These were called “landlines”, a technology that shuffled off this mortal coil three or four years ago.

It gets even more bizarre. some phones were wireless — just like your smartphone — but they couldn’t get a signal more than a few hundred feet away from your house for some reason. These were ‘cordless telephones’. [Corrosive] has been working on deconstructing the security behind these cordless phones for a few years now and found these cordless phones aren’t secure at all.

The phone in question for this exploit is a standard 5.8 GHz cordless phone from Vtech. Conventional wisdom says these phones are reasonably secure — at least more so than the cordless phones from the 80s and 90s — because very few people have a duplex microwave transceiver sitting around. The HackRF is just that, and it only costs $300. This was bound to happen eventually.

This is really just an exploration of the radio system inside these cordless phones. After taking a HackRF to a cordless phone, [Corrosive] found the phone technically didn’t operate in the 5.8 GHz band. Control signals, such as pairing a handset to a base station, happened at 900 MHz. Here, a simple replay attack is enough to get the handset to ring. It gets worse: simply by looking at the 5.8 GHz band with a HackRF, [Corrosive] found an FM-modulated voice channel when the handset was on. That’s right: this phone transmits your voice without any encryption whatsoever.

This isn’t the first time [Corrosive] found a complete lack of security in cordless phones. A while ago, he was exploring the DECT 6.0 standard, a European cordless phone standard for PBX and VOIP. There was no security here, either. It would be chilling if landlines existed anymore.

Continue reading “Exposing Dinosaur Phone Insecurity With Software Defined Radio”

Designing Products With Injection Molding In Mind

June 5, 2017 by 18 Comments

3D printing is a technique we’ve all been using for ages at home, or via Shapeways, but if you are designing a product, 3D printing will only get you so far. It’s crude, slow, expensive, and has lots of limitations. While it’s great for the prototyping stage, ultimately products manufactured in volume will be manufactured using another method, and most likely it will be injection molding. Knowing how to design a part for injection molding means you can start prototyping with 3D printing, confident that you’ll be able to move to a mold without major changes to the design.

The 2017 Hackaday Prize includes a $30,000 prize for Best Product as we seek products that not only show a great idea, but are designed for manufacturing and have thought through what it takes to get them into the hands of the users. Some of the entries seem to be keenly aware of the challenges associated with moving from prototyping to production. Here are some examples of best practices when prototyping with future injection molding in mind.

Continue reading “Designing Products With Injection Molding In Mind”

Formlabs Announces A Desktop SLS 3D Printer

June 5, 2017 by 30 Comments

Formlabs have just announced the Fuse 1 — a selective laser sintering (SLS) 3D printer that creates parts out of nylon. Formlabs is best known for their Form series of resin-based SLA 3D printers, and this represents a very different direction.

SLS printers, which use a laser to sinter together models out of a powder-based material, are not new but have so far remained the domain of Serious Commercial Use. To our knowledge, this is the first time an actual SLS printer is being made available to the prosumer market. At just under 10k USD it’s definitely the upper end of the prosumer market, but it’s certainly cheaper than the alternatives.

The announcement is pretty light on details, but they are reserving units for a $1000 deposit. A few things we can throw in about the benefits of SLS: it’s powder which is nicer to clean up than resin printers, and parts should not require any kind of curing. The process also requires no support material as the uncured powder will support any layers being cured above it. The Fuse 1’s build chamber is 165 x 165 x 320 mm, and can be packed full of parts to make full use of the volume.

In the past we saw a detailed teardown of the Form 2 which revealed excellent workmanship and attention to detail. Let’s hope the same remains true of Formlabs’ newest offering.

DIY Grid Eye IR Camera

June 5, 2017 by 8 Comments

Tindie is a great place to find uncommon electronic components or weird/interesting boards. [Xose Pérez] periodically “stroll the isles” of Tindie to keep up on cool new components, and when he saw Panasonic’s Grid_EYE AMG88 infrared sensor, [Xose] knew that he had to build something with it. The awesome find is an 8×8 IR array sensor on a breakout board… the hack is all in what you do with it.

Already taken by “LED fever,” [Xose’s] mind immediately fixated on an 8×8 IR array with an 8×8 LED matrix display. With a vision, [Xose] threw together an IR sensor matrix, a LED matrix, a small microcontroller, a Li-Ion battery, a charger, and a step-up to power the LEDs. What did he end up with? A bulky but nice camera that looks fantastic.

While commercially available IR Cameras have thousands of pixels and can overlay a normal image over an IR image among other fancy stuff, they are sometimes prohibitively expensive and, to quote [Xose], “waaaaaay less fun to build”. Like any engineer, [Xose] still has ideas for how to improve his open source camera. From more color patterns to real time recording, [Xose] is only limited by the memory of his microcontroller.

Moreover, [Xose’s] camera is inspired by the Pibow cases made by Pimoroni and this is only one project in a series that uses a stack of laser cut pieces of MDF and acrylic for the project enclosure. What’s not to love: short fabrication times and a stunning result. Want more project enclosures? We’ve got plenty.

Hacking On TV: What You Need To Know

June 5, 2017 by 58 Comments

It seems to be a perennial feature of our wider community of hackers and makers, that television production companies come up with new ideas for shows featuring us and our skills. Whether it is a reality maker show, a knockout competition, a scavenger hunt, or any other format, it seems that there is always a researcher from one TV company or another touting around the scene for participants in some new show.

These shows are entertaining and engaging to watch, and we’ve all probably wondered how we might do were we to have a go ourselves. Fame and fortune awaits, even if only during one or two episodes, and sometimes participants even find themselves launched into TV careers. Americans may be familiar with [Joe Grand], for instance, and Brits will recognise [Dick Strawbridge].

It looks as if it might be a win-win situation to be a TV contestant on a series filmed in exotic foreign climes, but it’s worth taking a look at the experience from another angle. What you see on the screen is the show as its producer wants you to see it, fast-paced and entertaining. What you see as a competitor can be entirely different, and before you fill in that form you need to know about both sides.

A few years ago I was one member of a large team of makers that entered the UK version of a very popular TV franchise. The experience left me with an interest in how TV producers craft the public’s impression of an event, and also with a profound distrust of much of what I see on my screen. This prompted me to share experiences with those people I’ve met over the years who have been contestants in other similar shows, to gain a picture of the industry from more than just my personal angle. Those people know who they are and I thank them for their input, but because some of them may still be bound by contract I will keep both their identities and those of the shows they participated in a secret. It’s thus worth sharing some of the insights gleaned from their experiences, so that should you be interested in having a go yourself, you are forewarned. Continue reading “Hacking On TV: What You Need To Know”

Starship One: The Ultimate 90’s Synthesizer

June 5, 2017 by 12 Comments

We’ve seen some crazy music production stations over the years. But this synthesizer system may just take the cake. Starship One is the creation of [Marc Brasse]. At first glance, this music battle station looks like it belongs on the bridge of the Enterprise. The resemblance is not entirely unintentional. [Marc] himself says “Commander Data from Star Trek: The Next Generation might actually (have) like(d) it if he did not have such a conservative taste in music.”

At the core of Starship One are two underappreciated synths from the 90’s. The Technics WSA1, and a Gem S3 turbo. Both were keyboards ahead of their time. The WSA1 is a modeling synth, a sound generation trend in the ’90s which sounded great, but never quite caught on. The other strike against it was that it was built by Technics, who had a reputation for building HiFi equipment and home keyboards. Professionals just didn’t pick it up.

The Gem S3 had a similar story — built by a company called General Music, the keyboard was a great design with incredible piano action, but never quite made it. [Marc] wasn’t turned off by the lineage of these two synths. In fact, he embraced them. [Marc] explains more about his philosophy in creating the Starship One in this PDF document.

[Marc] combined these two instruments with Fatar MP1 bass pedals, a ribbon controller, and more additional components than we could ever hope to name here. The frame of the synth is built from a discarded retail CD sales rack. Extruded aluminum pieces came from a sun slat curtain. Just about every part was reused to build one beast of a workstation.

If you’re wondering what the strange keyboard layout is, it’s a Janko keyboard adapter [Marc] custom made. Instead of 88 notes, there are 264 keys, arranged so that every chord has the same fingering, regardless of the scale being played.

Want more modulation? Check out this ARM based FM synth, or this monster post of open source synths!

Sun Ray Thin Client Becomes Raspberry Pi Workstation

June 5, 2017 by 15 Comments

One of the great predictions of desktop computing from the mid 1990s was that we would all move to so-called thin clients, stripped-out desktop computers containing only processor, display driver, and peripheral interfaces, that would call up their applications not from a local hard disk but from a remote server. It was one that was never fulfilled in quite the way its proponents envisaged, but a business thin client hardware market did emerge for the likes of Citrix sharing of Windows applications. In a sense we have reached the same point through cloud-based in-browser applications such as Google Apps or Office 365, though even with newer thin client hardware such as the Chromebook these are still largely used on more traditional machines.

Even though thin clients never took the world by storm, it is still not unusual to encounter the hardware once it has outlived its usefulness. A surplus Sun Ray 270 all-in-one thin client came [Evan Allen]’s way, and to make something useful from it he converted it into a Raspberry Pi workstation.

The Sun Ray 270 has a MIPS processor board integrated into a 17 inch monitor. [Evan] was fortunate enough to find a generic HDMI controller board for its LCD panel, so was able to dispense with the MIPS board entirely and couple the controller with an automatic HDMI switch. This allows him to use the device both as a Raspberry Pi and as a monitor.

This may not rank among the most epic hacks ever, but it has delivered [Evan] a useful computer and it’s reminding the rest of us that these thin clients can be repurposed. So if one lands on your bench, look at it with fresh eyes.

Of course, if you have a Pi in a thin client, you could always take it full circle and use it to run a thin client.