The Amazon Echo As A Listening Device

August 3, 2017 by 31 Comments

It is an inevitability that following swiftly on the heels of the release of a new device there will be an announcement of its rooting, reverse engineering, or other revealing of its hackability. Now the device in question is the Amazon Echo, as MWR Labs announce their work in persuading an Echo to yield the live audio from the microphone and turn the voice assistant device into a covert listening device.

The work hinges on a previous discovery and reverse engineering (PDF) of Amazon’s debug connector on the base of the Echo, which exposes both an SD card interface and a serial terminal. Following that work, they were able to gain root access to the device, analyze the structure of the audio buffers and how the different Echo processes use them, and run Amazon’s own “shmbuf_tool” application to pipe raw audio data to a network stream. Astoundingly this could be done without compromising the normal operation of the device.

It should be stressed, that this is an exploit that requires physical access to the device and a bit of knowledge to perform. But it’s not inconceivable that it could be made into a near-automated process requiring only a device with a set of pogo pins to be mated with an Echo that has had its cover quickly removed.

That said, inevitably there will be enough unused Echos floating around before too long that their rootability will make them useful to people in our community. We look forward to what interesting projects people come up with using rooted Echos.

This isn’t the first time we’ve covered the use of an Echo as a listening device.

Via Hacker News.

Amazon Echo image: FASTILY [CC BY-SA 4.0].

Superconference Interview: SpriteTM

August 3, 2017 by 1 Comment

SpriteTM, or [Jeroen Domburg], has a bit of a following around these parts. He’s installed Linux on a hard drive the hard way. He can play Snake on his keyboard. He’s cared for several generations of Tamagotchis. In short, there are very few people who have both the technical ability and sense of humor to pull off what [Sprite] does.

At last year’s Supercon, we pulled Sprite aside to talk about his work and his latest hack, the tiniest Game Boy ever. He talked about his Supercon keynote, and how to hack the crypto challenge in last year’s Superconference badge in an hour without solving any of the puzzles. Now, we’re happy to present that interview today, available below.

While we very much doubt many people could — or would — take four conference badges and rick roll the entire Superconference for the badge hacking session, we’re still looking for eager and capable presenters. The Call for Proposals is now open for the 2017 Hackaday Superconference. If you have a story of hardware heroics, creativity in CPLDs, a passion for prototyping, or an ambition for technological art, we want you to share your story. Even if you don’t, that’s fine, too: tickets are still available for the Superconference in Pasadena, California on November 11th and 12th.

Hackaday Prize Entry: Pi-Driven Google Glass

August 3, 2017 by 11 Comments

[Ricardo Ferro] didn’t want to buy a Google Glass, so he made his own.

The Raspberry Pi Zero Prism consists of a 3D-printed headset the side-pieces of which hold a variety of electronic components, including a Pi Zero running Raspbian Jessie, a Pi Noir IR camera, a WiFi/Bluetooth module and a whole mess of SMD tactile push buttons. Video output is provided by a Kopin 922K display module. This module is usually used in smart goggles and uses a prism to reflect information into the wearer’s field of view.

One application [Ricardo] envisions for this Open Source Google Glass is using it in conjunction with facial recognition software and the YouTube-favorite IR camera trick of seeing through clothing. No, he’s not using it for that idea, and you should get your mind out of the gutter. [Ricardo] wants to identify masked criminals. Setting aside the technological challenges of making that technology work, we think that walking around with x-ray specs is likely to get those specs broken off your face by someone who wears clothes for modesty purposes. Still, it’s a fascinating project and we love the way the prism and video assembly comes together.

The HackadayPrize2017 is Sponsored by:

Mini Hacker Breaks Down How To Build It

August 3, 2017 by 10 Comments

I read the other day that the hot career choice for kids these days is: YouTuber. That means every kid — yes, including mine — has two or three attempts at a YouTube show on their account and then they get into the next big thing and forget about it. On the other hand, sometimes you find someone who has a lot of ideas to share, and the dedication to keep sharing them.

[Kevin Zhou], an 11-year-old from Indonesia, has filmed around  70 videos in the past couple of years, with a fantastic variety of nerdy projects ranging from Mindstorms to Arduino to wood shop projects, and even a Blender tutorial. His projects show a lot of complexity, with serious, real-world concepts, and he shares the technical details about the various components in the project, and he walks you through the code as well.

He made a Mindstorms carving machine, pictured above, with a gantry system holding a motor steady while the user carves into a block of floral foam with LEGO bits. He does a lot of home automation projects using an Arduino and relay board, as well as a number of water-pumping robots. He doesn’t stick to one medium or technology. He has a jigsaw and in one video he shows how to build a Thor’s hammer out of wood. He prints out each layer’s design on office paper and glues the paper to a piece of wood, cutting out the cross-sections on his jigsaw. The whole stack is glued together and clamped. [Kevin]’s design featured a hollow space inside to save weight, which he cut by drilling a 1-inch hole in the center with his drill press, then threading the jigsaw blade through the hole to cut out the inside. As an amateur woodcrafter myself, I like seeing him branching out working on small wood projects.

Continue reading “Mini Hacker Breaks Down How To Build It”

A Chrome Extension For Being A Jerk

August 3, 2017 by 12 Comments

What do you do to someone you want to make suffer, slowly? Specifically, at around 70% speed. To [Stephen], the answer is clear, you hit them where it really hurts: YouTube.

Creatively named “Chrome Engine,” [Stephen]’s diabolical Chrome extension has one purpose: be annoying. Every day, it lowers playback rate by 1% on YouTube. It’s a linear progression: 100% the first day, 99% the second day, 98% the third day, etc. It only stops 30 days later, once it hits its target rate of 70% the original speed. This progression is designed to be slow enough not to be noticed. Its icon is nothing more than the standard Chrome icon as [Stephen] firmly believes in the tactic of hiding in plain sight.

But that’s not all, it’s the minute details that drive the ball home. For instance, rather than using local storage to keep track of playback speed, the Chrome sync storage is used. This ensures that, as long as the extension is installed, playback rate will be synchronized between all of your friend’s(if you can even call them that) devices. It even targets casual YouTube users: [Stephen] has specifically designed their extension so that it won’t drop playback by more than 1% at a time. If the victim goes on vacation, the playback speed won’t drop when they’re away and will resume as soon as they’re back.

The last feature, the one [Stephen] is the proudest of, is that the extension manages to keep the YouTube speed controls working as intended. If the victim tries to play at half speed, their videos will be at half speed … of the slower playback rate set by the extension. And it gets even better! You may not know this if you don’t dally around with playback rates, but the audio tends to stop playing when videos are reduced below 50% of their original speed. Fear not! [Stephen] has accounted for this idiosyncrasy! If the victim selects a speed at or above 0.5x, a minimum cap is added so that the actual playback rate will be equal to or above 0.5x. If they select slower than this, they don’t expect sound anyway, so all bets are off.

Check it out here, may your friends (frenemies?) beware. We’re adding it to our April Fools arsenal, even if it is a bit early.

Avoiding The Engineer-Saviour Trap

August 3, 2017 by 94 Comments

The random seaside holidays of Hackaday staffers rarely sow the seeds of our articles, but my most recent trip had something slightly unusual about it. I was spending a couple of days in a resort town on the Isle of Wight, just off the coast of Southern England, and my hotel was the local outpost of a huge chain that provides anonymous rooms for travelling salesmen and the like. I could probably find an identical place to lay my head anywhere in the world from Anchorage to Hobart and everywhere in between.

My room though was slightly different to the norm. By chance rather than necessity I’d been assigned one of the hotel’s accessible rooms, designed with people with disabilities in mind. And once I’d reached the limit of the free amusement that the digital TV channels of Southern England could provide, my attention turned to the room itself, eyeing up its slightly unfamiliar design features as an engineer.

Continue reading “Avoiding The Engineer-Saviour Trap”

“The Alarm Clock Ate My Duvet Cover, That’s Why I’m Late!”

August 3, 2017 by 23 Comments

Some people just won’t wake up. Alarm clocks don’t cut it, flashing lights won’t work, loud music just becomes the soundtrack of an impenetrable dream. Maybe an alarm clock that rudely yanks the covers off the bed will do the trick.

Or not, but [1up Living] decided to give it a go. His mechanism is brutally simple — a large barrel under the foot of the bed around which the warm, cozy bedclothes can wind. An alarm clock is rigged with a switch on the bell to tell an Arduino to wind the drum and expose your sleeping form to the harsh, cold world. To be honest, the fact that this is powered by a 2000-lb winch that would have little trouble dismembering anyone who got caught up in the works is a bit scary. But we understand that the project is not meant to be a practical solution to oversleeping; if it were, [1up Living] might be better off using the winch to pull the bottom sheet to disgorge the sleeper from the bed entirely.

Something gentler to suit your oversleeping needs might be this Neopixel sunrise clock to coax you out of bed naturally.

Continue reading ““The Alarm Clock Ate My Duvet Cover, That’s Why I’m Late!””