Sniffing Bluetooth Devices With A Raspberry Pi

August 1, 2016 by 18 Comments

Hackaday was at HOPE last weekend, and that means we got the goods from what is possibly the best security conference on the east coast. Some of us, however, were trapped in the vendor area being accosted by people wearing an improbable amount of Mr. Robot merch asking, ‘so what is Hackaday?’. We’ve all seen The Merchants Of Cool, but that doesn’t mean everyone was a vapid expression of modern marketing. Some people even brought some of their projects to show off. [Jeff] of reelyActive stopped by the booth and showed off what his team has been working on. It’s a software platform that turns all your wireless mice, Fitbits, and phones into a smart sensor platform using off the shelf hardware and a connection to the Internet.

[Jeff]’s demo unit (shown above) is simply a Raspberry Pi 3 with WiFi and Bluetooth, and an SD card loaded up with reelyActive’s software. Connect the Pi to the Internet, and you have a smart space that listens for local Bluetooth devices and relays the identity and MAC address of all Bluetooth devices in range up to the Internet.

The ability to set up a hub and detect Bluetooth devices solves the problem Bluetooth beacons solves — identifying when people enter a space, leave a space, and with a little bit of logic where people are located in a space — simply by using what they’re already wearing. Judging from what [Jeff] showed with his portable reelyActive hub (a Pi and a battery pack) a lot of people at HOPE are wearing Fitbits, wireless headphones, and leaving the Bluetooth on the phone on all the time. That’s a great way to tell where people are, providing a bridge between the physical world and the digital.

New Part Day: ATtiny102 And 104

August 1, 2016 by 89 Comments

Atmel put out some new, small microcontroller chips early this year, and we’re just now starting to think about how we’d use them. The ATtiny102 and ATtiny104 (datasheet) sell for about a buck (US) and come in manageable SOIC packages with eight and fourteen pins respectively. It’s a strange chip though, with capabilities that fit somewhere between the grain-of-rice-sized ATtiny10 and the hacker-staple ATtiny25-45-85 series.

The ATtiny104 has a bunch of pins for not much money. It’s got a real hardware USART, which none of the other low-end AVRs do, and it’s capable of SPI in master mode. It has only one counter, but it’s a 16-bit counter, and it’s got the full AVR 10-bit ADC instead of the ATtiny10’s limited 8-bit ADC. The biggest limitation, that it shares with the ATtiny10, is that it has only 1 KB of program flash memory and 32 bytes (!) of RAM. You’re probably going to want to program this beast in assembler.

Read on for more reviews, and check out [kodera2t]’s video review at the end.

Continue reading “New Part Day: ATtiny102 And 104”

Join Us At Vintage Computer Festival West This Weekend

August 1, 2016 by 1 Comment

VCF West is happening this Saturday and Sunday at the Computer History Museum in Mountain View, CA. This on of our favorite events; a celebration of the hardware that paved the way for our modern world. VCF attracts an impressive amount of rare and interesting computers and other technology items. That hardware doesn’t make it to the festival on its own. The people at VCF — exhibitors, speakers, attendees, etc — are themselves an incredible collection of stories from salvage and restoration to the inside story on the teams that made the computers in the first place.  Check out some of Brian Benchoff’s coverage of VCF East earlier this year.

VCF_coverI ran into Vintage Computer Federation President Evan Koblentz ten days ago and he shared an interesting anecdote I think you’ll enjoy. Bil Herd was a featured speaker at VCF East a few years back. He was the Senior Design Engineer behind the Commodore C128 — obviously a fascinating person to headline the event. The year after Bil spoke at the festival, Evan as surprised to run into him wandering around the event again. Bil didn’t just want to speak, he wanted to see all the cool stuff and has attended, spoken, and conducted workshops at several of the festivals since.

Who will show up this year is anyone’s guess. But we know this event is incredible and you will be amazed at who you run into. It is important to recognize where our technology comes from, to celebrate those who made it happen, and to encourage young people to start on the path to becoming a computer engineering wizard. For all of these reasons we are happy to be sponsoring VCF West. On the inside cover of every festival program you’ll find this epic art by our Illustrator, Joe Kim. You can also click the image on the right to embiggen.

Joshua Vasquez will on hand for Hackaday at VCF West. He’s looking for the best bits to feature on our front page. If you want get a hold of him to show off your wares, or to grab some excellent Hackaday stickers, hit him up on Hackaday.io.

From Shop Floor Dust To Carbon Steel

August 1, 2016 by 15 Comments

[Chandler Dickinson] did his monthly sweep of the floor in his blacksmith’s shop when it occurred to him that all that metal dust had to go somewhere, didn’t it? So he did the only reasonable thing and made a crude foundry out of cinder blocks, melted his dirt in it, and examined what came out the other end.

His first step was to “pan” for steel. He rinsed all the dirt in a bucket of water and then ran a magnet at the bottom of the bucket. The material that stuck to the magnet, was ripe for reclaimation.

Next he spent a few hours charging a cinderblock foundry with coal and his iron dust. The cinderblocks cracked from the heat, but at the end he had a few very ugly brittle rocks that stuck to a magnet.

Of course there’s a solution to this non-homogenous steel. As every culture with crappy steel eventually discovered, you can get really good steel if you just fold it over and over again.  So he spend some time hammering one of his ugly rocks and folding it a bit. He didn’t get to two hundred folds, but it was enough to show that the resulting slag was indeed usable iron.

He did a deeper examination of the steel last week, going as far as to etch it, after discovering that the metal sparked completely differently when sanded on one side versus the other. It definitely needed work, but all seemed to have worked in the end.

Continue reading “From Shop Floor Dust To Carbon Steel”

Firearm Tech – Are Smart Guns Even Realistic?

August 1, 2016 by 304 Comments

At frustratingly regular intervals, the debate around gun control crops up, and every time there is a discussion about smart guns. The general idea is to have a gun that will not fire unless authenticated and authorized. There’s usually a story about a young person who invents a smart controller and another company that is struggling because they just can’t get “Big Guns” to buy into the idea. We aren’t going to focus on the politics; we’re going to look at whether the technology is realistic, and why a lot of the news stories about new tech never pan out.

Let’s start with an example of modern technology creeping into established machines: the car. These are giant hunks of metal with nearly constant explosions, controlled by sophisticated electronics that are getting smarter and more connected every day. Industry is adopting it with alacrity, and the vehicles are getting more efficient and powerful because of it. So why can’t firearms?

Continue reading “Firearm Tech – Are Smart Guns Even Realistic?”

The Most Useless Book Scanner

August 1, 2016 by 9 Comments

How do artificial intelligences get so intelligent? The same way we do, they get a library card and head on over to read up on their favorite topics. Or at least that’s the joke that [Jakob Werner] is playing with in his automaton art piece, “A Machine Learning” (Google translated here).

Simulating a reading machine, a pair of eyeballs on stalks scan left-right and slowly work their way down the page as another arm swings around and flips to the next one. It’s all done with hand-crafted wooden gears, in contrast to the high-tech subject matter. It’s an art piece, and you can tell that [Jakob] has paid attention to how it looks. (The all-wooden rollers are sweet.) But it’s also a “useless machine” with a punch-line.

Is it a Turing test? How can we tell that the machine isn’t reading? What about “real” AIs? Are they learning or do they just seem to be? OK, Google’s DeepMind is made of silicon and electricity instead of wood, but does that actually change anything? It’s art, so you get license to think crazy thoughts like this.

We’ve covered a few, less conceptual, useless machines here. Here is one of our favorite. Don’t hesitate to peruse them all.

LastPass Happily Forfeits Passwords To Simple Javascript

August 1, 2016 by 37 Comments

Lastpass is a great piece of software when it comes to convenience, but a recent simple hack shows just how insecure software like it can be. [Mathias Karlsson] nabbed a nice $1000 bounty for its discovery.

Lastpass’s auto-fill works by injecting some html into the website you’re visiting. It runs a bit of Javascript to parse the URL. However, the parsing script was laughably vague. By changing the URL of the page, inserting a few meaningless-to-the server slugs into the URL, an attacker could get Lastpass to give it a password and username combo for any website.

The discussion in the HackerNews comment section more-or-less unilaterally agreed that most systems like this have their glaring flaws, but that the overall benefits of having secure passwords generated and managed by software was still worth the risk when compared to having a few commonly reused passwords over multiple sites.

One could get a more secure key manager by using software like KeePass, but it’s missing some of the convenience factor of remote-based services and relies on a user protecting their key files adequately.

Still, as scary as they are, openly discussing hacks like this after responsible disclosure is good because they force companies like Lastpass, who have some very big name clients, to take their code review and transparency more seriously.