Embed With Elliot: LIN Is For Hackers

May 26, 2017 by 18 Comments

A car is a rolling pile of hundreds of microcontrollers these days — just ask any greybeard mechanic and he’ll start his “carburetor” rant. All of these systems and sub-systems need to talk to each other in an electrically hostile environment, and it’s not an exaggeration to say that miscommunication, or even delayed communication, can have serious consequences. In-car networking is serious business. Mass production of cars makes many of the relevant transceiver ICs cheap for the non-automotive hardware hacker. So why don’t we see more hacker projects that leverage this tremendous resource base?

The backbone of a car’s network is the Controller Area Network (CAN). Hackaday’s own [Eric Evenchick] is a car-hacker extraordinaire, and wrote up most everything you’d want to know about the CAN bus in a multipart series that you’ll definitely want to bookmark for reading later. The engine, brakes, doors, and all instrumentation data goes over (differential) CAN. It’s fast and high reliability. It’s also complicated and a bit expensive to implement.

In the late 1990, many manufacturers had their own proprietary bus protocols running alongside CAN for the non-critical parts of the automotive network: how a door-mounted console speaks to the door-lock driver and window motors, for instance. It isn’t worth cluttering up the main CAN bus with non-critical and local communications like that, so sub-networks were spun off the main CAN. These didn’t need the speed or reliability guarantees of the main network, and for cost reasons they had to be simple to implement. The smallest microcontroller should suffice to roll a window up and down, right?

In the early 2000s, the Local Interconnect Network (LIN) specification standardized one approach to these sub-networks, focusing on low cost of implementation, medium speed, reconfigurability, and predictable behavior for communication between one master microcontroller and a small number of slaves in a cluster. Cheap, simple, implementable on small microcontrollers, and just right for medium-scale projects? A hacker’s dream! Why are you not using LIN in your multiple-micro projects? Let’s dig in and you can see if any of this is useful for you. Continue reading “Embed With Elliot: LIN Is For Hackers”

Intel’s Vision For Single Board Computers Is To Have Better Vision

May 26, 2017 by 33 Comments

At the Bay Area Maker Faire last weekend, Intel was showing off a couple of sexy newcomers in the Single Board Computer (SBC) market. It’s easy to get trapped into thinking that SBCs are all about simple boards with a double-digit price tag like the Raspberry Pi. How can you compete with a $35 computer that has a huge market share and a gigantic community? You compete by appealing to a crowd not satisfied with these entry-level SBCs, and for that Intel appears to be targeting a much higher-end audience that needs computer vision along with the speed and horsepower to do something meaningful with it.

I caught up with Intel’s “Maker Czar”, Jay Melican, at Maker Faire Bay Area last weekend. A year ago, it was a Nintendo Power Glove controlled quadcopter that caught my eye. This year I only had eyes for the two new computing modules on offer, the Joule and the Euclid. They both focus on connecting powerful processors to high-resolution cameras and using a full-blown Linux operating system for the image processing. But it feels like the Joule is meant more for your average hardware hacker, and the Euclid for software engineers who are pointing their skills at robots but don’t want to get bogged down in first-principles of hardware. Before you rage about this in the comments, let me explain.

Continue reading “Intel’s Vision For Single Board Computers Is To Have Better Vision”

Making An Inexpensive DRO

May 26, 2017 by 22 Comments

[Andrew] wanted a digital readout (DRO) for his mini lathe and mini mill, but found that buying even one DRO cost as much as either of his machines. The solution? You guessed it, he built his own for cheap, using inexpensive digital calipers purchased off eBay.

The DRO he created features a touch screen with a menu system running on an LPCXpresso, while smaller OLED screens serve as labels for the 7-segment displays to the right. The DRO switches back and forth between the lathe and mill, and while the software isn’t done, [Andrew] hopes to be able to transfer measurements from one machine to the other.

In a very sweet touch, [Andrew] hacked cheap digital calipers to provide measurements for each axis, where they provide a resolution of 0.01mm. There are six daughter boards, one for each caliper, and each has a PIC that converts from serial to I2C, freeing the main firmware from dealing with six separate data streams.

The DRO doesn’t have a case, [Andrew] has it positioned out of chip-range from either machine.

A previous DRO we featured in 2012 used an Android tablet as its display.

Hack Your Hot Air Station

May 25, 2017 by 32 Comments

It used to be hot air soldering gear was exotic, but not anymore. There are plenty of relatively inexpensive choices. Many of these appear to be the same despite having different brand names and model numbers. One that is common and inexpensive is the 858D. These run about $50. [Gabse] has one and decided to upgrade it using some open source controller hardware and software. There wasn’t a complete guide, so he created one himself.

According to the original GitHub page, the controller will work with the Youyue-858D and any clones. However, there are others like the Atten 858D that use a different controller. In addition, there have been several variants. [Gabse’s] guide is for the latest version. Information on other versions and brands might be on this discussion board thread.

Continue reading “Hack Your Hot Air Station”

Featured Image

Ever Hear Of The Ford Cylon?

May 25, 2017 by 42 Comments

OK, we haven’t heard of a Ford Cylon either. However, there is now a Mustang Cobra out there that has been given a famous Cylon characteristic. [Monta Elkins] picked himself up an aftermarket third brake light assembly, hacked it, and installed it on said Mustang.

The brake light assembly contains 12 LEDs, which unfortunately, are not individually addressable. Additionally, by the looks of it, the brake light housing was not meant to be opened up. That didn’t get [Monta] down though. There’s more than one way to skin a cat, but he chose to use a hot knife to open the assembly, which worked quite well. A rotary cutter tool was used to cut the traces between the LEDs allowing them to be individually controlled with an Arduino. A Bluetooth module allows him to control the new brake light from his smartphone. There are different modes (including a special mode that he shows off at the end of the video) that can be selected via a Bluetooth Terminal app.

There is no schematic or code link in the video itself or the description, but [Monta] did hit the high points. Therefore, it shouldn’t be too hard to replicate.

This isn’t the first brake light hack we’ve featured. This one goes way beyond just animated lightsThis one requires no programming. Rather wear your brake light? We’ve got your back(pack).

Hacked By Subtitles

May 25, 2017 by 15 Comments

CheckPoint researchers published in the company blog a warning about a vulnerability affecting several video players. They found that VLC, Kodi (XBMC), Popcorn-Time and strem.io are all vulnerable to attack via malicious subtitle files. By carefully crafting a subtitles file they claim to have managed to take complete control over any type of device using the affected players when they try to load a video and the respective subtitles.

According to the researchers, things look pretty grim:

We estimate there are approximately 200 million video players and streamers that currently run the vulnerable software, making this one of the most widespread, easily accessed and zero-resistance vulnerability reported in recent years. (…) Each of the media players found to be vulnerable to date has millions of users, and we believe other media players could be vulnerable to similar attacks as well.

One of the reasons you might want to make sure your software is up to date is that some media players download subtitles automatically from several shared online repositories. An attacker, as the researchers proved, could manipulate the website’s ranking algorithm and not only would entice more unsuspecting users to manually download his subtitles,  but would also guarantee that his crafted malicious subtitles would be those automatically downloaded by the media players.

No additional details were disclosed yet about how each video player is affected, although the researchers did share the details to each of the software developers so they can tackle the issue. They reported that some of the problems are already fixed in their current versions, while others are still being investigated. It might be a good idea to watch carefully and update your system before the details come out.

Meanwhile, we can look at the trailer:

Continue reading “Hacked By Subtitles”

Linux SambaCry

May 25, 2017 by 25 Comments

Great news everyone, Windows is not the only operating system with remote code execution via SMB. Linux has also its own, seven-year-old version of the bug. /s

This Linux remote execution vulnerability (CVE-2017-7494) affects Samba, the Linux re-implementation of the SMB networking protocol, from versions 3.5.0 onwards (since 2010). The SambaCry moniker was almost unavoidable.

The bug, however, has nothing to do on how Eternalblue works, one of the exploits that the current version of WannaCry ransomware packs with. While Eternalblue is essentially a buffer overflow exploit, CVE-2017-7494 takes advantage of an arbitrary shared library load.  To exploit it, a malicious client needs to be able to upload a shared library file to a writeable share, afterwards it’s possible for the attacker to cause the server to load and execute it. A Metasploit exploit module is already public, able to target Linux ARM, X86 and X86_64 architectures.

A patch addressing this defect has been posted to the official website and Samba 4.6.4, 4.5.10 and 4.4.14 have been issued as security releases to correct the defect. Patches against older Samba versions are also available. If you can’t apply the patch at the moment, the workaround is to add the parameter “nt pipe support = no” to the [global] section of your smb.conf and restart smbd. Note that this can disable some expected functionality for Windows clients.

Meanwhile, NAS vendors start to realise they have work on their hands. Different brands and models that use Samba for file sharing (a lot, if not all, of them provide this functionality) will have to issue firmware updates if they want to patch this flaw. If the firmware updates for these appliances take the same time they usually do, we will have this bug around for quite some time.