33C3: Breaking IoT Locks

December 28, 2016 by Elliot Williams 16 Comments

Fast-forward to the end of the talk, and you’ll hear someone in the audience ask [Ray] “Are there any Bluetooth locks that you can recommend?” and he gets to answer “nope, not really.” (If this counts as a spoiler for a talk about the security of three IoT locks at a hacker conference, you need to get out more.)

Unlocking a padlock with your cellphone isn’t as crazy as it sounds. The promise of Internet-enabled locks is that they can allow people one-time use or limited access to physical spaces, as easily as sending them an e-mail. Unfortunately, it also opens up additional attack surfaces. Lock making goes from being a skill that involves clever mechanical design and metallurgy, to encryption and secure protocols.

In this fun talk, [Ray] looks at three “IoT” locks. One, he throws out on mechanical grounds once he’s gotten it open — it’s a $100 lock that’s as easily shimmable as that $4 padlock on your gym locker. The other, a Master lock, has a new version of a 2012 vulnerability that [Ray] pointed out to Master: if you move a magnet around the outside the lock, it actuates the motor within, unlocking it. The third, made by Kickstarter company Noke, was at least physically secure, but fell prey to an insecure key exchange protocol.

Along the way, you’ll get some advice on how to quickly and easily audit your own IoT devices. That’s worth the price of admission even if you like your keys made out of metal instead of bits. And one of the more refreshing points, given the hype of some IoT security talks these days, was the nuanced approach that [Ray] took toward what counts as a security problem because it’s exploitable by someone else, rather than vectors that are only “exploitable” by the device’s owner. We like to think of those as customization options.

Open Source Art Encourages Society To Think Inclusively

December 28, 2016 by Mike Szczys 56 Comments

Kate Reed has a vision for elevating the less talked about parts of ourselves, and of society. Through her art, she wants people to think about a part of themselves that makes them feel invisible, and to anonymously share that with the community around them. The mechanism for this is Invisible, a campaign to place translucent sculptures in public places around the world. The approach that she has taken to the project is very interesting — she’s giving the art away to empower the campaign. Check out her talk from the Hackaday SuperConference.

Continue reading “Open Source Art Encourages Society To Think Inclusively” →

Ken Shirriff Takes Us Inside The IC, For Fun

December 27, 2016 by Elliot Williams 13 Comments

[Ken Shirriff] has seen the insides of more integrated circuits than most people have seen bellybuttons. (This is an exaggeration.) But the point is, where we see a crazy jumble of circuitry, [Ken] sees a riddle to be solved, and he’s got a method that guides him through the madness.

In his talk at the 2016 Hackaday SuperConference, [Ken] stepped the audience through a number of famous chips, showing how he approaches them and how you could do the same if you wanted to, or needed to. Reading an IC from a photo is not for the faint of heart, but with a little perseverance, it can give you the keys to the kingdom. We’re stoked that [Ken] shared his methods with us, and gave us some deeper insight into a handful of classic silicon, from the Z80 processor to the 555 timer and LM7805 voltage regulator, and beyond.

Continue reading “Ken Shirriff Takes Us Inside The IC, For Fun” →

33C3: Chris Gerlinsky Cracks Pay TV

December 27, 2016 by Elliot Williams 40 Comments

People who have incredible competence in a wide range of fields are rare, and it can appear deceptively simple when they present their work. [Chris Gerlinksy]’s talk on breaking the encryption used on satellite and cable pay TV set-top boxes was like that. (Download the slides, as PDF.) The end result of his work is that he gets to watch anything on pay TV, but getting to watch free wrestling matches is hardly the point of an epic hack like this.

The talk spans hardware reverse engineering of the set-top box itself, chip decapping, visual ROM recovery, software reverse analysis, chip glitching, creation of custom glitching hardware, several levels of crypto, and a lot of very educated guessing. Along the way, you’ll learn everything there is to know about how broadcast streams are encrypted and delivered. Watch this talk now.

Some of the coolest bits:

Reading out the masked ROM from looking at it with a microscope never fails to amaze us.
A custom chip-glitcher rig was built, and is shown in a few iterations, finally ending up in a “fancy” project box. But it’s the kind of thing you could build at home: a microcontroller controlling a switch on a breadboard.
The encoder chip stores its memory in RAM: [Chris] uses a beautiful home-brew method of desoldering the power pins, connecting them up to a battery, and desoldering the chip from the board for further analysis.
The chip runs entirely in RAM, forcing [Chris] to re-glitch the chip and insert his payload code every time it resets. And it resets a lot, because the designers added reset vectors between the bytes of the desired keys. Very sneaky.
All of this was done by sacrificing only one truckload of set-top boxes.

Our jaw dropped repeatedly during this presentation. Go watch it now.

33C3 Starts Tomorrow: We Won’t Be Sleeping For Four Days

December 26, 2016 by Elliot Williams 10 Comments

Possibly the greatest hacker show on Earth, the 33rd annual Chaos Communication Congress (33C3) begins Tuesday morning in Hamburg, Germany. And Hackaday will be there! Contributing Editor [Elliot Williams] is taking the night train up and will be trying to take it all in for you. The schedule looks tremendous.

If you can’t make it, don’t fret. There will be live streaming, and the talks are usually available in preliminary edit for viewing or download just a few minutes after they finish. It’s even cooler to watch the talks with friends, though. Every hackerspace with a video projector could be playing along, live or after the fact. Pick some cool talks and have a “movie night”.

If you’re going to be in Hamburg, and you want to show us something cool, tell us that something is NOTAHACK!1!! in person, or even just say “Hi”, we’ll be wandering around from talk to talk and session to session just like you, only with a backpack full of Hackaday stickers.

If there’s anything you think we should see, post up in the comments. If there’s enough call for it, we’ll have a Hackaday meetup once we can figure out a good time and location. Bring us a cool hack, and we’ll document it on the spot! Our DECT phone number is 2475.

Building Beautiful Boards With Star Simpson

December 23, 2016 by Brian Benchoff 17 Comments

Over the last decade or so, the cost to produce a handful of custom PCBs has dropped through the floor. Now, you don’t have to use software tied to one fab house – all you have to do is drop an Eagle or KiCad file onto an order form and hit ‘submit’.

With this new found ability, hackers and PCB designers have started to build beautiful boards. A sheet of FR4 is no longer just a medium to populate parts, it’s a canvas to cover in soldermask and silkscreen.

Over the last year, Star Simpson has been working on a project to make electronic art a reality. Her Circuit Classics take the original art from Forrest Mims’ Getting Started In Electronics notebooks and turn them into functional PCBs. It’s a kit, an educational toy, and a work of art on fiberglass, all in one.

At the 2016 Hackaday Superconference, Star gave her tips and tricks for producing beautiful PCBs. There’s a lot going on here, from variable thickness soldermasks, vector art on a silkscreen, and even multicolored boards that look more at home in an art gallery than an electronics workbench.

Continue reading “Building Beautiful Boards With Star Simpson” →

Solving IoT Problems With Node.js For Hardware

December 22, 2016 by Mike Szczys 10 Comments

Tod Kurt knows a thing or two about IoT devices. As the creator of blink(1), he’s shipped over 30,000 units that are now out in the wild and in use for custom signaling on everything from compile status to those emotionally important social media indicators. His talk at the 2016 Hackaday SuperConference covers the last mile that bridges your Internet of Things devices with its intended use. This is where IoT actually happens, and of course where it usually goes astray.