Shut the Backdoor! More IoT Cybersecurity Problems

We all know that what we mean by hacker around here and what the world at large thinks of as a hacker are often two different things. But as our systems get more and more connected to each other and the public Internet, you can’t afford to ignore the other hackers — the black-hats and the criminals. Even if you think your data isn’t valuable, sometimes your computing resources are, as evidenced by the recent attack launched from unprotected cameras connected to the Internet.

As [Elliot Williams] reported earlier, Trustwave (a cybersecurity company) recently announced they had found a backdoor in some Chinese voice over IP gateways. Apparently, they left themselves an undocumented root password on the device and — to make things worse — they use a proprietary challenge/response system for passwords that is insufficiently secure. Our point isn’t really about this particular device, but if you are interested in the details of the algorithm, there is a tool on GitHub, created by [JacobMisirian] using the Trustwave data. Our interest is in the practice of leaving intentional backdoors in products. A backdoor like this — once discovered — could be used by anyone else, not just the company that put it there.

Continue reading “Shut the Backdoor! More IoT Cybersecurity Problems”

Negative Resistance: It Shouldn’t Make Sense!

When you leaf through a basic electronics textbook, you’ll find chapters describing in detail the operation of the various components. Resistors, capacitors, inductors, and semiconductors. The latter chapter will talk about P and N type regions, introduce us to the diode, and then deal with the transistor: its basic operation, how to bias it, and the like.

A tunnel diode amplifier circuit. Chetvorno [CC0]
Particularly if your textbook is a little older, you may find a short section talking about the tunnel diode. There will be an odd-looking circuit that seems to make no sense at all, an amplifier formed from just a forward-biased diode and a couple of resistors. This logic-defying circuit you are told works due to the tunnel diode being of a class of devices having a negative resistance, though in the absence of readily available devices for experimentation it can be difficult to wrap your head around.

We’re all used to conventional resistors, devices that follow Ohm’s Law. When you apply a voltage to a resistor, a current flows through it, and when the voltage is increased, so does the current. Thus if you use a positive resistance device, say a normal resistor, in both the top and the bottom halves of a potential divider, varying the voltage fed into the top of the divider results in the resistor behaving as you’d expect, and the voltage across it increases.

In a negative resistance device the opposite is the case: increasing the voltage across it results in decreasing current flowing through it. When a large enough negative resistance device is used in the lower half of a resistive divider, it reduces the overall current flowing through the divider when the input voltage increases. With less current flowing across the top resistor, more voltage is present at the output. This makes the negative resistor divider into an amplifier.

The tunnel diodes we mentioned above are probably the best known devices that exhibit negative resistance, and there was a time in the early 1960s before transistors gained extra performance that they seemed to represent the future in electronics. But they aren’t the only devices with a negative resistance curve, indeed aside from other semiconductors such as Gunn diodes you can find negative resistance in some surprising places. Electrical arcs, for example, or fluorescent lighting tubes.

A typical negative resistance I-V curve. Chetvorno [CC0]
The negative resistance property of electric arcs in particular produced a fascinating device from the early twentieth century. The first radio transmitters used an electric arc to generate their RF, but were extremely inefficient and wideband, causing interference. A refinement treated the spark not as the source of the RF but as the negative resistance element alongside a tuned circuit in an oscillator, These devices could generate single frequencies at extremely high power, and thus became popular as high-powered transmitters alongside those using high-frequency alternators until the advent of higher powered tube-based transmitters around the First World War.

It’s unlikely that you will encounter a tunnel diode or other similar electronic component outside the realm of very specialist surplus parts suppliers. We’ve featured them only rarely, and then they are usually surplus devices from the 1960s. But understanding something of how they operate in a circuit should be part of the general knowledge of anyone with an interest in electronics, and is thus worth taking a moment to look at.

1N3716 tunnel diode header image: Caliston [Public domain].

Ask Hackaday: Frequency Hopping on the nRF24l01+?

We’ve seen a lot of hacks with the nRF24l01+ 2.4 GHz radio modules. The tiny chips pack a lot of bang for the buck. Since the radios can switch frequencies relatively quickly, [Shubham Paul] decided to take advantage of this feature to make a rudimentary frequency-hopping communications channel.

The code is actually incredibly simple. Both the transmitter and receiver simply scan up and down over the defined channels. Because the clock speeds of any given pair of Arduinos are likely to be slightly different, it’s not a surprise that the radios eventually drift out of sync. Right now, as a quickie solution, [Shubham] is using a serial-port resynchronization: both are connected to the same computer, and he just tells them to get on the same channel. That’s not a horribly satisfying workaround. (But it’s a great start!)

Keeping two radios that are continually swapping channels in sync is no easy task, but it could possibly be made easier by taking advantage of the nRF’s acknowledge mode. If the delay between a sent acknowledge message and a received one were constant, these events (one on TX and one on RX) could be used to re-sync the two hopping cycles. All of this would probably require more temporal resolution than you’re going to get out of a microprocessor running Arduino code, but should be possible using hardware timers. But this is pure speculation. We briefly looked around and couldn’t find any working demos.

So Hackaday, how would you remotely sync two nRF24s on the cheap? Or is this a crazy idea? It might help to make transmissions more reliable in the face of 2.4 GHz band interference. Has anyone implemented their own frequency hopping scheme for the nRF24l01+?

Hackaday Links: March 19, 2017

This is from the Daily Fail, but a working Apple I is going up on the auction block. It’s expected to bring in $317,693 USD. In other news, we’re going to be at the Vintage Computer Festival East at the end of the month. There is usually an Apple I there.

The most popular crowdfunding campaign of the month is Lego tape. It’s an adhesive-backed tape with studs on the top, allowing you to clip Lego pieces into place. How easy would this be to create at home? It’s really just a silicon mold and some 3M stickytape. Anyone up for a home casting challenge?

You guys know the Hackaday Overlords have a Design Lab, right? What’s a Design Lab? It’s a place filled with tools where we allow residents to come in for free, build stuff, give them training, and let them keep all their IP. It’s like a hardware accelerator, but focused on Open Source hardware. It is our gift to the community and we ask nothing in return. But that’s not important right now. We’re doing shots.

2017 will be the first year Maker Faire will have three flagship faires. New York is a given, as is the Bay Area. and A few weeks ago, Chicago grabbed the third flagship faire. If you’ve already bought tickets and scheduled your trip, terrible news: the Chicago Maker Faire has been postponed until late fall.

Flip clocks are cool. What’s a flip clock? The clock in Groundhog Day, or a bunch of flaps, gears, and a synchronous motor that displays the time. You know what’s not cool about flip clocks? They’re usually stuffed in horrible 70s plastic enclosures painted Harvest Gold or Avacado. [bentanme] found a flip clock and stuffed it in a glass jar. It’s kept in place by a few 3D printed parts that ingeniously keep the clock from moving around while still allowing you to see the gears. Neat.

How To Use a Photo Tachometer

If you’re into anything even vaguely mechanical on the broad hacking spectrum, you’ve come into contact with things that spin. Sometimes, it’s important to know precisely how fast they are spinning! When you’ve got the need to know angular speed, you need a device to measure it. That device is a tachometer. And the most useful tachometer is the non-contact photo-tachometer.

Continue reading “How To Use a Photo Tachometer”

Are You Down With MPPT? (Yeah, You Know Me.)

Solar cells have gotten cheaper and cheaper, and are becoming an economically viable source of renewable energy in many parts of the world. Capturing the optimal amount of energy from a solar panel is a tricky business, however. First there are a raft of physical prerequisites to operating efficiently: the panel needs to be kept clean so the sun can reach the cells, the panel needs to point at the sun, and it’s best if they’re kept from getting too hot.

Along with these physical demands, solar panels are electrically finicky as well. In particular, the amount of power they produce is strongly dependent on the electrical load that they’re presented, and this optimal load varies depending on how much illumination the panel receives. Maximum power-point trackers (MPPT) ideally keep the panel electrically in the zone even as little fluffy clouds roam the skies or the sun sinks in the west. Using MPPT can pull 20-30% more power out of a given cell, and the techniques are eminently hacker-friendly. If you’ve never played around with solar panels before, you should. Read on to see how!

Continue reading “Are You Down With MPPT? (Yeah, You Know Me.)”

Fire Hazard Testing

How do you know that new appliance you bought won’t burn your house down? Take a look at any electrical appliance, and you’ll find it marked with at least one, and most often, several safety certification marks such as UL, DIN, VDE, CSA or BSI. Practically every electrical product that plugs into utility supply needs to go through a mandatory certification process to ensure it meets these conformity test requirements. Some examples include domestic and industrial electrical appliances, tools, electrical accessories, consumer electronics and medical electronics.

When you look through a typical safety test standard, you’ll notice it breaks down the various tests in two categories. “Type” tests are conducted on prototypes and samples of the final product or its individual parts and components, and are not generally repeated unless there are changes in design or materials. “Acceptance” tests are routine verification tests conducted on 100% of the products produced. For example, a typical Type test would be used to check the fire retardant properties of the plastics used in the manufacture of the product during development, while a Routine test would be carried out to check for high voltage breakdown or leakage and touch currents on the production line.

Nowadays, a majority of countries around the world adopt standards created by international organizations such as IEC, ISO, and ITU, then fine tune them to suit local requirements. The IEC works by distributing its work across almost 170 Technical Committees and Subcommittees which are entrusted with the job of creating and maintaining standards. One of these committees is “TC89 Fire hazard testing” whose job is to provide “Guidance and test methods for assessing fire hazards of electro-technical equipment, their parts (including components) and electrical insulating materials”. These tests are why we feel safe enough to plug something in and still sleep at night.

Practically all electrical products need to confirm to this set of tests as part of their “Type” test routine. This committee produces fire hazard testing documents in the IEC 60695 series of standards. These documents range from general guidelines on several fire hazard topics to specific instructions on how to build the test equipment needed to perform the tests. It’s interesting to see how some of these tests are carried out and the equipment used. Join me after the break as we take a look at that process.

Continue reading “Fire Hazard Testing”