5Ghoul: The 14 Shambling 5G Flaws Used For Disruptive Attacks On Smartphones

December 13, 2023 by 5 Comments

A team of researchers from the ASSET Research Group in Singapore have published the details of a collection of vulnerabilities in the fifth generation mobile communication system (5G) used with smartphones and many other devices. These fourteen vulnerabilities are detailed in this paper and a PoC detailing an attack using a software defined radio (SDR) is provided on GitHub. The core of the PoC attack involves creating a malicious 5G base station (gNB), which nearby 5G modems will seek to communicate with, only for these vulnerabilities to be exploited, to the point where a hard reset (e.g. removal of SIM card) of the affected device may be required.

Hardware Setup for 5Ghoul PoC testing and fuzzer evaluation. (Credit: Matheus E. Garbelini et al., 2023)
Hardware Setup for 5Ghoul PoC testing and fuzzer evaluation. (Credit: Matheus E. Garbelini et al., 2023)

Another attack mode seeks to downgrade the target device’s wireless connection, effectively denying the connection to a 5G network and forcing them to connect to an alternative network (2G, 3G, 4G, etc.). Based on the affected 5G modems, the researchers estimate that about 714 smartphone models are at risk of these attacks. Naturally, not just smartphones use these 5G modem chipsets, but also various wireless routers, IoT devices, IP cameras and so on, all of which require the software these modems to be patched.

Most of the vulnerabilities concern the radio resource control (RCC) procedure, caused by flaws in the modem firmware. Android smartphones (where supported) should receive patches for 5Ghoul later this month, but when iPhone devices get patched is still unknown.

A dark brown bench suspended between two white and grey rectangular pillars. They are capped in the same brown HDPE material. Aluminum uprights go to a curved solar panel roof that looks somewhat similar to a paragliding chute. The bench is inside a clean-looking workshop with two large toolboxes against a plywood half wall.

Public Power, WiFi, And Shelter

December 13, 2023 by 39 Comments

In the US, we’re starting to see some pushback against hostile architecture, and in this vein, [benhobby] built a swanky public power and Wi-Fi access point.

This beautiful piece of infrastructure has 400 watts of solar plugged into 1.2 kWh of battery storage, and can dispense those electrons through any of its 120 VAC, USB-C, or USB-A plugs. The uprights are 3″ aluminum tubing attached to a base consisting of cinder blocks and HDPE panels. Power receptacles are housed in 3D printed enclosures with laser cut acrylic fronts. Three outdoor lights illuminate the stop at night, triggered by a photosensor.

The electronics and battery for the system, including the networking hardware, are in a weatherproof box on each side that can be quickly disconnected allowing field swaps of the hardware. Troubleshooting can then take place back at a workshop. One of the units has already been deployed and has been well-received. [benhobby] reports “There’s one in the wild right now, and it gets plenty of visitors but no permanent tenants.”

Want to see some more interesting hacks for public infrastructure? Check out this self-cooling bus stop, this bus bloom filter, or this public transit display.

PCIe For Hackers: External PCIe And OCuLink

December 13, 2023 by 23 Comments

We’ve seen a lot of PCIe hacks on Hackaday, and a fair few of them boil down to hackers pulling PCIe somewhere it wasn’t meant to be. Today, we routinely can find PCIe x1, x2 and x4 links sitting around in our tech, thanks to the proliferation of things like NVMe SSDs, and powerful cheap SoCs that make PCIe appear at your fingertips.

In the PCIe For Hackers series, we’ve talked about PCIe and how cool it is, all the benefits it has for hackers, gave you layout and interconnection rules, and even went into things like PCIe switches and bifurcation. However, there’s one topic we didn’t touch much upon, and that’s external PCIe links.

Today, I’d like to tell you about OCuLink – a standard that hackers might not yet know as an option whenever we need to pull PCIe outside of your project box, currently becoming all that more popular in eGPU space. Essentially, OCuLink is to PCIe is what eSATA is to SATA, and if you want to do an eGPU or an external “PCIe socket”, OCuLink could work wonders for you.

Respectable Capabilities

Just like any high-speed standard, PCIe has some tight requirements when things get fast. Even though PCIe is known to be not as sensitive to lower-quality links due to its link training and generation downgrade abilities, at higher link speeds, even through-hole vs SMD sockets can make a difference. So, if you want to go high-throughput, you want proper cabling and connectors, intended for out-of-chassis use – and OCuLink gives you all of this, at a low price.

Continue reading “PCIe For Hackers: External PCIe And OCuLink”

The Trans-Harmonium Is A Strange Kind Of Radio-Musical Instrument

December 13, 2023 by 17 Comments

Pianos use little hammers striking taut strings to make tones. The Mellotron used lots of individual tape mechanisms. Meanwhile, the Trans-Harmonium from [Emily Francisco] uses an altogether more curious method of generating sound — each key on this keyboard instrument turns on a functional clock radio.

Electrically, there’s not a whole lot going on. The clock radios have their speaker lines cut, which are then rejoined by pressing their relevant key on the keyboard. As per [Emily]’s instructions for displaying the piece, it’s intended that the radio corresponding to C be tuned in to a local classical station. Keys A, B, D, E, F, and G are then to be tuned to other local stations, while the sharps and flats are to be tuned to the spaces in between, providing a dodgy mix of static and almost-there music and conversation.

It’s an interesting art piece that, no matter how well you play it, will probably not net you a Grammy Award. That would be missing the point, though, as it’s more a piece about “Collecting Fragments of Time,” a broader art project of which this piece is a part.

We do love a good art piece, especially those that repurpose old hardware to great aesthetic achievement.

Continue reading “The Trans-Harmonium Is A Strange Kind Of Radio-Musical Instrument”

Radio Station WWV: All Time, All The Time

December 13, 2023 by 47 Comments

Of all the rabbit holes we technical types tend to fall down, perhaps the one with the most twists and turns is: time. Some of this is due to the curiously mysterious nature of time itself, but more has to do with the various ways we’ve decided to slice and dice time to suit our needs. Most of those methods are (wisely) based upon the rhythms of nature, but maddeningly, the divisions we decided upon when the most precise instrument we had was our eyes are just a little bit off. And for a true time junkie, “a little bit off” can be a big, big problem.

Luckily, even the most dedicated timekeepers — those of us who feel physically ill when the clock on the stove and the clock on the microwave don’t match — have a place to go that’s a haven of temporal correctness: radio station WWV. Along with sister stations WWVB and WWVH, these stations are the voice of the US National Institutes for Standards and Technology’s Time and Frequency Division, broadcasting the official time for the country over shortwave radio.

Some might say the programming coming from these stations is a bit on the dry side, and it’s true that you can only listen to the seconds slip by for so long before realizing that there are probably better things to do with your day. But the WWV signals pack a surprising amount of information into their signals, some of it only tangentially related to our reckoning of time. This makes these stations and the services they provide essential infrastructure for our technological society, which in turn makes it worth your time to look into just how they do it.

Continue reading “Radio Station WWV: All Time, All The Time”

DIY Tachistoscope Feeds Your Hunger For Popcorn And Propaganda

December 13, 2023 by 12 Comments

You’ve probably heard of subliminal advertising — the idea is that behaviors can be elicited by flashing extremely brief messages on a movie or TV screen. “BUY POPCORN NOW” is the canonical example, with movies containing such subconscious messaging supposedly experiencing dramatic increases in popcorn sales.

Did it work? Maybe, maybe not, but the idea is intriguing enough to at least explore using this subliminal tachistoscope. [Roni Bandini] seems to have taken this project on as a sort of cautionary tale about brainwashing techniques, not only in motion pictures and TV but in printed media too; he goes pretty hard on the Peronistas’ use of not-so-subliminal messages to mold young Argentinian minds back in the 1940s and 50s.

The tachistoscope [Roni] presents is a little more sophisticated than those ham-fisted propaganda attempts. The Raspberry Pi-powered device downloads a video from YouTube and automatically replaces random frames with a propaganda message inspired by those used by the Peronistas, with the modified video piped to a composite video output for display on a TV.

A digital counter on the tachistoscope keeps track of the total time viewers have been propagandized. For extra fun, the machine has a switch to enable ChatGPT-created political messages to be inserted into the stream; we shudder to think what those might look like. Watch the video below for a sample of the brainwashing, but don’t blame us if you fall in love with [Evita].

We understand that this is more of a statement on the power of propaganda than an actual tool for mind control, but if [Roni] is serious about his brainwashing, some small mods might make it more effective. Thanks to the full frame of text on a black background, the subliminal messages aren’t very subliminal; they might be more subtle if the text was overlaid on the target frame rather than replaced completely. Seems like that should be possible with ffmpeg or something similar.

Continue reading “DIY Tachistoscope Feeds Your Hunger For Popcorn And Propaganda”

LED Art Project Is Geometrically Beautiful

December 13, 2023 by 7 Comments

There is no shortage of companies on the Internet willing to sell you expensive glowing things to stick on your walls. Many hackers prefer to make their own however, and [Chris] is no exception. His LED wall art is neat, tidy, and stylish, all at once.

Wanting a geometric design, [Chris] decided to have his layout designed by a random number generator. He created his own tool that would generate a design using preset segment lengths arranged in a random fashion. Once he found a layout that worked for him, he designed a set of plastic adapters that would let him connect pre-cut lengths of aluminium channel together so he could assemble his design.

With the frame complete, he then laid the LED strips into the channels, after mapping out how he would connect the full circuit of addressable LED strips. He enlisted a Raspberry Pi Zero W as the brains of the operation, responsible for commanding the strips to light in the colors of his desire.

In a nice aesthetic touch, he sanded the whole frame and painted it a uniform grey color. This hid the joins between the 3D-printed parts and the aluminium channels, and gave it a more finished look. He also went to the trouble of graphing out the locations of the various LEDs in the frame, and used this data as the basis for animations that race between points on the frame. It’s somehow more compelling than the usual simple color fades and flashes of typical commercial products.

It’s a tidy build, and a level more artful than some of the off-the-shelf products out there. For his investment of time and money, [Chris] has netted an excellent piece of wall art in the process.