Random Parcel Launches Steganographic Compulsion

A mysterious CD arrives in the mail with a weird handwritten code on it. What should you do? Put it in the computer and play the thing, of course!

Some might be screaming at their screens right now… this is how modern horror films start and before you know it the undead are lurking behind you waiting to strike. Seasonal thrills aside, this is turning into an involved community effort to solve the puzzle. [Johny] published the video and posted a thread on reddit.

We ran a similar augmented reality game to launch the 2014 Hackaday Prize solved by a dedicated group of hackers. It’s really hard to design puzzles that won’t be immediately solved but can eventually be solved with technology and a few mental leaps. When we come across one of these extremely clever puzzles, we take note.

This has all the hallmarks of a good time. The audio spectrogram shows hidden data embedded in the file — a technique known as steganography. There are some real contortions to make meaning from this. When you’re looking for a solution any little hit of a pattern feels like you’ve found something. But searching for the decrypted string yields a YouTube video with the same name; we wonder if they’ve tried to recover steganographic data from that source?

[Johny] mentions that this parcel was unsolicited and that people have suggested it’s a threat or something non-sensical in its entirety. We’re hoping it’s a publicity stunt and we’re all disappointed in the end, because solving the thing is the best part and publicity wouldn’t work if there was no solution.

The bright minds of the Hackaday community should be the ones who actually solve this. So get to work and let us know what you figure out!

73 Computer Scientists Created A Neural Net And You Won’t Believe What Happened Next

The Internet is a strange place. The promise of cyberspace in the 1990s was nothing short of humanity’s next greatest achievement. For the first time in history, anyone could talk to anyone else in a vast, electronic communion of enlightened thought, and reasoned discourse. The Internet was intended to be the modern Library of Alexandria. It was beautiful, and it was the future. The Internet was the greatest invention of all time.

Somewhere, someone realized people have the capacity to be idiots. Turns out nobody wants to learn anything when you can gawk at the latest floundering of your most hated celebrity. Nobody wants to have a conversation, because your confirmation bias is inherently flawed and mine is much better. Politics, religion, evolution, weed, guns, abortions, Bernie Sanders and Kim Kardashian. Video games.

A funny thing happened since then. People started to complain they were being pandered to. They started to blame media bias and clickbait. People started to discover that headlines were designed to get clicks. You’ve read Moneyball, and know how the use of statistics changed baseball, right? Buzzfeed has done the same thing with journalism, and it’s working for their one goal of getting you to click that link.

Now, finally, the Buzzfeed editors may be out of a job. [Lars Eidnes] programmed a computer to generate clickbait. It’s all done using recurrent neural networks gathering millions of headlines from the likes of Buzzfeed and the Gawker network. These headlines are processed, and once every twenty minutes a new story is posted on Click-O-Tron, the only news website you won’t believe. There’s even voting, like reddit, so you know the results are populist dross.

I propose an experiment. Check out the comments below. If the majority of the comments are not about how Markov chains would be better suited in this case, clickbait works. Prove me wrong.

Bell Clock Ain’t Your Grandfather’s

Here’s a rather obscure clock that rings your bell. Literally. It’s a minimalist approach to the grandfather chime.

bell-striker-relayYou’ll want to check out the video below to see the electronic base very nonchalantly striking the bottom of the handbell. It makes a nice ring and brings a smile to your face at how clever [Iam5volt] was with the fabrication. There aren’t any hints available on that video, but we searched around and found the original build details published about 5 years ago. The striker is a hacked mechanical relay!

The case of the relay is removed. A piece of stiff steel wire is affixed to swing along with the relay’s switch. This way, when current is applied to the proper inputs of the relay, the wire moves and a small screw head at the end strikes the bell. See what we mean by clever?

[Iam5volt] built this second revision of the clock in answer to our call for building clocks for social good. The display-free clock chimes the hour using a bell and only has a single button  to reset time to HH:00:00

Continue reading “Bell Clock Ain’t Your Grandfather’s”

Spit Out VGA With Non-Programmable Logic Chips

It’s not uncommon to bitbang a protocol with a microcontroller in a pinch. I2C is frequently crunched from scratch, same with simple serial protocols, occasionally complex systems like Ethernet, and a whole host of other communication standards. But VGA gets pretty tricky because of the timing requirements, so it’s less common to bitbang. [Sven] completely threw caution to the wind. He didn’t just bitbang VGA on an Arduino, but he went one step further and configured an array of 7400 logic chips to output a VGA signal.

[Sven]’s project is in two parts. In part one, he discusses choosing a resolution and setting up the timing signal. He proceeds to output a simple(-ish) VGA signal that can be displayed on a monitor using a single gate. At that point only a red image was displayed, but getting signal lock from the monitor is a great proof of concept and [Sven] moved on to more intricate display tricks.

With the next iteration of the project [Sven] talks about adding in more circuitry to handle things like frame counting, geometry, and color. The graphics that are displayed were planned out in a simulator first, then used to design the 7400 chip configuration for that particular graphic display. It made us chuckle that [Sven] reports his monitor managed to survive this latest project!

We don’t remember seeing non-programmable integrated circuits used for VGA generation before. But bitbanging the signal on an Arduino or from an SD card slot is a great test of your ability to calculate and implement precise timings with an embedded system. Give it a try!

Continue reading “Spit Out VGA With Non-Programmable Logic Chips”

How The NSA Can Read Your Emails

Since [Snowden]’s release of thousands of classified documents in 2013, one question has tugged at the minds of security researchers: how, exactly, did the NSA apparently intercept VPN traffic, and decrypt SSH and HTTP, allowing the NSA to read millions of personal, private emails from persons around the globe? Every guess is invariably speculation, but a paper presented at the ACM Conference on Computer and Communications Security might shed some light on how the NSA appears to have broken some of the most widespread encryption used on the Internet (PDF).

The relevant encryption discussed in the paper is Diffie–Hellman key exchange (D-H), the encryption used for HTTPS, SSH, and VPN. D-H relies on a shared very large prime number. By performing many, many computations, an attacker could pre-compute a ‘crack’ on an individual prime number, then apply a relatively small computation to decrypt any individual message that uses that prime number. If all applications used a different prime number, this wouldn’t be a problem. This is the difference between cryptography theory and practice; 92% of the top 1 Million Alexa HTTPS domains use the same two prime numbers for D-H. An attacker could pre-compute a crack on those two prime numbers and consequently be able to read nearly all Internet traffic through those servers.

This sort of attack was discussed last spring by the usual security researchers, and in that time the researchers behind the paper have been hard at work. The earlier discussion focused on 512-bit D-H primes and the LogJam exploit. Since then, the researchers have focused on the possibility of cracking longer 768- and 1024-bit D-H primes. They conclude that someone with the resources of cracking a single 1024-bit prime would allow an attacker to decrypt 66% of IPsec VPNs and 26% of SSH servers.

There is a bright side to this revelation: the ability to pre-compute the ‘crack’ on these longer primes is a capability that can only be attained by nation states as it’s on a scale that has been compared to cracking Enigma during WWII. The hardware alone to accomplish this would cost millions of dollars, and although this computation could be done faster with dedicated ASICs or other specialized hardware, this too would require an enormous outlay of cash. The downside to this observation is, of course, the capability to decrypt the most prevalent encryption protocols may be in the hands of our governments. This includes the NSA, China, and anyone else with hundreds of millions of dollars to throw at a black project.

Looking Inside The Arksen Dual Power Supply

I recently picked up an Arksen dual power supply. You’ve seen these before, I’m sure, under a variety of names in places ranging from electronics stores to eBay. They look amazing for the price, and while I didn’t expect it to measure up to some of the pro supplies I have, I just wanted something to stick under my desk instead of having to move things to the bench or–worse–drag a heavy power supply over to my desk.

When I was putting together the sonic motion sensor, I found that the HC-SR04 module needed more current than I could draw out of an Arduino Leonardo. I figured this would be a good chance to use the new supply in anger. It seemed to work without too many problems. But there were a few things you might want to know if you have a similar supply or are thinking about getting a similar one.

Continue reading “Looking Inside The Arksen Dual Power Supply”

Hackaday Dictionary: Near Field Communications (NFC)

You are at the corner store, buying gum. The cashier rings up the purchase, showing you the amount. You casually pull out your cell phone and wave it near the credit card machine, which beeps appreciatively. The cashier nods, and you walk out, stuffing gum into your face. What just happened? You used Near Field Communications (NFC) to send data between your phone and the credit card terminal.

NFC is a standard that allows two devices to exchange information over a short distance without being in physical contact. The two devices communicate using a weak magnetic field that, in theory, only has a range of a few centimeters, so both devices have to be physically close, and someone standing nearby can’t intercept or alter the signal.

Continue reading “Hackaday Dictionary: Near Field Communications (NFC)”