OBD-II Dongle Attack: Stopping A Moving Car Via Bluetooth

April 14, 2017 by 30 Comments

Researchers from the Argus Research Team found a way to hack into the Bosch Drivelog ODB-II dongle and inject any kind of malicious packets into the CAN bus. This allowed them to, among other things, stop the engine of a moving vehicle by connecting to the dongle via Bluetooth.

Drivelog is Bosch’s smart device for collecting and managing your vehicle’s operating data. It allows a user to connect via Bluetooth to track fuel consumption and to be alerted when service is necessary. It was compromised in a two stage attack. The first vulnerability, an information leak in the authentication process, between the dongle and the smart phone application allowed them to quickly brute-force the secret PIN offline and connect to the dongle via Bluetooth. After being connected, security holes in the message filter of the dongle allowed them to inject malicious messages into the CAN bus.

The Bluetooth pairing mechanism, called “Just Works”, has been fixed by Bosh by activating a two-step verification for additional users to be registered to a device.  The second issue, the ability for a maliciously modified mobile application to possibly send unwanted CAN messages, will be mitigated with an update to the dongle firmware to further limit the allowed commands that the dongle is able to place on the CAN bus.

Bosch downplays the issue a bit in their statement:

It is important to note that scalability of a potential malicious attack is limited by the fact that such an attack requires physical proximity to the dongle. This means that the attacking device needs to be within Bluetooth range of the vehicle.

The problem is that physical proximity does not equal Bluetooth range. Standard Bluetooth range is about 10m, which is very arguable physical proximity, but it is pretty easy to buy or even modify a Bluetooth dongle with 10x and 100x more range. When adding a wireless connection to the CAN bus of an automobile, the manufacturer has an obligation to ensure the data system is not compromised. This near-proximity example is still technically a remote hack, and it’s an example of the worst kind of vulnerability.

The Complex Issue Of Hackspace Donations

April 14, 2017 by 74 Comments

More than one member of the Hackaday team has significant involvement in a hackspace, as member, director, or even founder. We talk about hackspaces quite rarely on these pages though, not because we don’t have anything to say on the matter but because even when we write in general terms our fellow members invariably think it’s all about them rather than the hackspace world at large.

For once I’m going to break the silence, and not only talk about hackspaces, but talk about my own hackspace in specific terms. Because, fellow Oxford Hackspace members, this isn’t about you personally though I’m using our home to illustrate a point. The topic is a thorny issue that must affect all spaces, that of donations of physical items. People want to help their hackspace, they have a pile of what they consider to be good stuff, and when they’re having a clear-out they make a donation. But, as we all know, “one man’s trash is another man’s treasure” and vice-versa. Continue reading “The Complex Issue Of Hackspace Donations”

Burger King Scores Free Advertising From Google Home With A Whopper Of A Hack

April 14, 2017 by 67 Comments

Advertisers are always trying to stuff more content into a 15 or 30 second TV spot. Burger King seems to have pulled it off with a series of ads that take advantage of the Google Home device sitting in many viewers living rooms. It works like this: The friendly Burger King employee ends the ad by saying “Ok Google, what is the Whopper burger?” Google home then springs into action reading the product description from Burger King’s Wikipedia page.

Trolls across the internet jumped into the fray. The Whopper’s ingredient list soon included such items as toenail clippings, rat, cyanide, and a small child. Wikipedia has since reverted the changes and locked down the page.

Google apparently wasn’t involved in this, as they quickly updated their voice recognition algorithms to specifically ignore the commercial. Burger King responded by re-dubbing the audio of the commercial with a different voice actor, which defeated Google’s block. Where this game of cat and mouse will end is anyone’s guess.

This event marks the second time in only a few months that a broadcast has caused a voice-activated device to go rogue. Back in January a disk jockey reporting a story about Amazon’s Echo managed to order doll houses for many residents of San Diego.

With devices like Alexa and Google home always ready to accept a command, stories like this are going to become the new normal. The only way to avoid it completely is to not allow it in your home. For those who do have a voice-activated device, be very careful what devices and services you connect it to. Internet of things “smart” door locks are already providing ways to unlock one’s door with a voice command. Burglarizing a home or apartment couldn’t be easier if you just have to ask Siri to unlock the door for you. And while some complained about the lack of security in the Zelda hack, we’d rate that as a thousand times more secure than a voice recognition system with no password.

Continue reading “Burger King Scores Free Advertising From Google Home With A Whopper Of A Hack”

The Improved Luggable PC

April 14, 2017 by 40 Comments

There are exactly two types of personal computers available today. If you need a lot of horsepower, a powerful GPU, or a full-power CPU, you’re going to end up with a desktop. If you need something portable, you’re getting a laptop with a wimpy CPU and an underpowered GPU. Historically, there has been a third type of PC, the luggable. The luggable is a desktop PC crammed into a case that makes it slightly more portable than a desktop and a monitor.  You cannot buy a luggable PC case right now. They simply do not exist as a commercial product you can shove your own hardware into. This is a form factor an entire industry forgot.

Now there’s a DIY luggable PC. This project from [Roger] packs a standard ATX motherboard, a full-size GPU, a full-size power supply, and everything else that makes a desktop PC powerful into a case that can be stored in an overhead bin.

[Roger] has been working on this project for a while, and it was featured on Hackaday back when it looked like a RepRap Mendel. There have been some significant improvements over the earlier iterations of this project, including a very, very cool hinge mechanism that allows the display to fold in when the computer isn’t being used. It’s a mechanical wonder that prevents scratches. Neat. The rest of the case is constructed out of 2020 aluminum extrusion, and about a one kilogram spool of filament.

Since this is a portable case, there are a few compromises. There are no 5.25″ bays, no 3.5″ bays, and few 2.5″ bays. M.2 SSDs and USB-powered CD drives exist, so this isn’t a big deal.

This is a truly fantastic case in a form factor you can’t buy anywhere else. If you have a spare monitor and a bit of extrusion sitting around, this is one to build yourself.

Lattice ICE40 FPGA Configured By Linux Kernel

April 13, 2017 by 15 Comments

The Linux kernel recently added support for loading firmware into an FPGA via the FPGA Manager Framework. [OpenTechLab] has built a driver for the Lattice iCE40 FPGA (same chip used on the iCEStick and other development boards). One attraction to the iCE40 is there is an open source toolchain called iCEStorm.

Even if you aren’t specifically interested in FPGAs, the discussion about Linux device drivers is good background. The principles would apply to other drivers, and would definitely apply if you want to write another FPGA loader.

Continue reading “Lattice ICE40 FPGA Configured By Linux Kernel”

Apparently Time IS Money

April 13, 2017 by 25 Comments

Some people like to tweak cars. Some like to overclock PCs. Then there are the guys like [Jack Zimmermann] who are obsessed with accurate time. He’s working on a project that will deploy NTP (Network Time Protocol) servers in different African countries and needed small, cheap, energy-efficient, and accurate servers. What he wound up with is a very accurate setup for around $200. Along the way, he built some custom hardware, and hacked a computer to sync to the GPS clock reference.

His original attempt was with a Raspberry Pi 3. However, the network adapter isn’t the fastest possible, both because it is 100 MBPS and, primarily, because it is connected via the USB bus. Network latency due to these limitations makes it difficult to serve accurate time.

His solution includes an Odroid C2. For $50 it is a very capable computer with four cores, gigabit Ethernet, and can even use eMMC storage which is faster than the usual SD card. You can still use a conventional SD card, though, if you prefer.

Continue reading “Apparently Time IS Money”

Daedalus Jet Suit Takes To The Skies

April 13, 2017 by 38 Comments

[Richard Browning] wants to fly like Daedalus. To us, it looks a bit more like Iron Man. [Browning] is working on project Daedalus, a flight suit powered by six jet engines. These turbines are exactly the type one would find on large, fast, and expensive R/C planes. Some of this is documented on his YouTube channel, Gravity Industries, though RedBull has also gotten involved and have a video of their own that you can check out after the break.

The project started last year in [Browning’s] garage. He strapped a jet to an old washing machine to test its thrust. The jet nearly flipped the machine over, so he knew he would have enough power to fly. The suit started with a turbine strapped to each arm. Then it became two on each arm. This was enough for moonlike hops, but not enough for actual flight. Strapping an engine to each leg worked but was rather hard to control. The current configuration features two turbines per arm, and two on a backpack.

The whole setup is quite similar to [Frank Zapata]’s Flyboard Air, with one key difference – [Browning] is supporting two thirds of his weight with his hands. The effect is similar to supporting oneself on gymnastic rings, which is part of his extreme physical training regimen.

Continue reading “Daedalus Jet Suit Takes To The Skies”