Shall We Hack A Game?

A fantastic summertime game has consumed many of the kids in my neighborhood. It’s basically a treasure hunt, but the treasures are all shoebox-sized NFC readers that are “easily” findable on a map. Players all have a smart card and run around from box to box, collecting points that depend on how far apart the boxes are from each other. Walk, skate, or bike 1 km between check-ins, and ten points show up on the e-paper screen.

It’s been going on for a few weeks now, and it’s not uncommon to see a line of two or three kids at any given box, all with the purple lanyards and smart cards around their necks. So far, the highest-rated plausible single efforts have 450 km (280 miles) under their belt. My son’s grade-school average is 45 km (28 miles) over three weeks. The goal is getting kids out on the early summer afternoons, and that seems to be working!

Of course I had to reverse engineer the infrastructure, so here’s what I started with. Each box knows your point standing as soon as you tap the card, with a small delay. Scores appear online about every four hours. And the boxes are all ~1 km from each other or less.

My first thought was some kind of mesh network – that would be by far the coolest solution. Each box could simply report your card number to a central database, and the rest is a simple matter of software. LoRa radios rounded out my fantasy design.

But the length of time between getting the points and their appearance online suggests otherwise. And, a little bit of playing around with my cellphone’s NFC reader gives up the juice – they are MiFare Classic cards with data storage. So I got my own card, ran around town, and diffed the results. I haven’t cracked the location/time-stamping yet, but I know exactly where my total points are stored.

I’m going to keep observing until I’ve got it figured out completely, but I’m so tempted to tweak the points and see what happens. Are some of the digits in what I think are a timestamp in reality a checksum? Will I get disqualified? Or worse, what if I make a mistake and get myself publicly into first place? OK, better to sit this one out on the sidelines – I really don’t want to be the jerk who crashes a fantastic kid’s game. Sometimes you’ve gotta know when not to hack.

Hackaday Podcast 225: Leafy Meats, Wind To Heat, And A Machine That’s Neat

This week, Editor-in-Chief Elliot Williams and Kristina Panos don’t have a whole lot in the way of news, but we do know this: the Green Hacks Challenge of the 2023 Hackaday Prize ends precisely at 7AM PDT on July 4th. Show us what you can do in the realm of hacking for the planet, be it solar-based, wind-powered, recycled-trash-powered — you get the idea.

Kristina is now completely down for the count on What’s That Sound, although this week, she was sort of in the neighborhood. But no matter, because we know several of you will nail it. Then it’s on to the hacks, where we have quite a bit to say this week when it comes to cars.

From there we take a look at a really fun gumball run, ponder the uses of leafy meats, and fawn over an Amiga-inspired build. Finally we talk PCB earring art, hacking the IKEA Kvart, and discuss the potential uses for wind-to-heat power.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in  the comments!

Download and savor at your leisure.

Continue reading “Hackaday Podcast 225: Leafy Meats, Wind To Heat, And A Machine That’s Neat”

This Week In Security:Camaro Dragon, RowPress, And RepoJacking

Malicious flash drives have come a long ways since the old days of autorun infections. It’s not an accident that Microsoft has tightened down the attack surface available of removable media. So how exactly did a malicious flash drive lead to the compromise of a European hospital? Some sophisticated firmware on the drive? A mysterious zero day? Nope, just hidden files, and an executable using the drive name and icon. Some attacker discovered that a user trying to access a flash drive, only to be presented with what looks like the same flash drive icon, will naturally try to access it again, running an .exe in the process.

That executable runs a signed Symantec binary, included on the drive, and sideloads an OCX that hijacks the process. From there, the computer is infected, as well as any other flash drives in the machine. Part of the obfuscation technique is an odd chain of executables, executed recursively for a hundred copies. Naturally once the infection has rooted itself in a given machine, it takes commands from a C&C server, and sends certain files out to its waiting overlords. Checkpoint Research has attributed this campaign to Camaro Dragon, a name straight from the 80s that refers to a Chinese actor with an emphasis on espionage. Continue reading “This Week In Security:Camaro Dragon, RowPress, And RepoJacking”

VCF’s Swap Meet Experiment Helps Support Expansion

There was a time when those looking for tech bargains had to either try their luck at the local flea market, or make the pilgrimage out to a dedicated swap meet. But with the rise of websites like eBay and Craigslist these parking lot meetups started to fall out of favor, to the point that they became all but extinct over the last couple decades.

So there was some risk involved when the Vintage Computer Federation decided to dust off the concept as a way of sidestepping New Jersey’s COVID-era limitations on indoor meetups. But as VCF Vice President [Jeffrey Brace] explained during our visit earlier this month, the experiment has more than paid off. Each swap meet has brought in buyers and sellers from all over the Mid–Atlantic region, helping to not only raise money for the VCF’s ongoing preservation efforts, but spread awareness of the organization and their goals.

The VCF hopes to expand their existing museum.

During our chat, [Jeffrey] goes over the origins and growth of the VCF swap meet, and how it compares to their annual Vintage Computer Festival. He also speaks about the Federation’s desire to expand their already impressive museum space into a far larger climate-controlled area that will allow for even more classic computer hardware to be put on display.

We visited the VCF swap meet back in 2021, and came away with the distinct impression that [Jeffrey] and the rest of the team had a winning idea on their hands. We’re happy to report that as of 2023 the areas where we saw room for improvement — namely the lack of on-site refreshment and a somewhat overly narrow focus on vintage hardware — have both been addressed. In its current form, this is truly a must-see event for anyone with an interest in computers, radio, or even just general electronics who happens to live within driving distance of the Jersey shore.

While eBay certainly makes it easy to bid on a piece of gear, you’re unlikely to make a new friend while doing so. Events like this are more than just a way to buy and sell hardware, but provide a chance for like-minded individuals to connect and build a community. We’re glad to see the event grow larger each year, and hope it inspires similar revivals elsewhere.

Continue reading “VCF’s Swap Meet Experiment Helps Support Expansion”

Democratizing Space, One Picosatellite At A Time

There was a time when putting an object into low Earth orbit was the absolute pinnacle of human achievement. It was such an outrageously expensive and complex undertaking that only a world superpower was capable of it, and even then, success wasn’t guaranteed. As the unforgiving physics involved are a constant, and the number of entities that could build space-capable vehicles remained low, this situation remained largely the same for the remainder of the 20th century.

Nathaniel Evry

But over the last couple of decades, the needle has finally started to move. Of course spaceflight is still just as unforgiving today as it was when Sputnik first streaked through the sky in 1957, but the vast technical improvements that have been made since then means space is increasingly becoming a public resource.

Thanks to increased commercial competition, putting a payload into orbit now costs a fraction of what it did even ten years ago, while at the same time, the general miniaturization of electronic components has dramatically changed what can be accomplished in even a meager amount of mass. The end result are launches that don’t just carry one or two large satellites into orbit, but dozens of small ones simultaneously.

To find out more about this brave new world of space exploration, we invited Nathaniel Evry, Chief Research Officer at Quub, to host last week’s DIY Picosatellites Hack Chat.

Continue reading “Democratizing Space, One Picosatellite At A Time”

Podcast Feedback: Be Careful What You Ask For

I had one of those experiences yesterday that seem so common these days: the arrival of a mystery Amazon package. You know the kind — you get a shipping notice from UPS with the faux-excited “Your package is arriving today!” message, but you’re sure you haven’t ordered anything in a while. You check your Amazon order history, find nothing pending, and puzzle over who could be sending you a package. What could it be? A gift from a secret admirer, perhaps?

And so it was with me as I waited for the UPS driver to make her rounds of our neighborhood and drop the package off on our front steps. Surprised at its size, I hurriedly brought it inside, zipped open the box, and pulled away the packing to reveal…

Continue reading “Podcast Feedback: Be Careful What You Ask For”

MIT Engineers Pioneer Cost-Effective Protein Purification For Cheaper Drugs

There are a wide variety of protein-based drugs that are used to treat various serious conditions. Insulin is perhaps the most well-known example, which is used for life-saving treatments for diabetes. New antibody treatments also fall into this category, as do various vaccines.

A significant cost element in the production of these treatments is the purification step, wherein the desired protein is separated from the contents of the bioreactor it was produced in. A new nanotech discovery from MIT could revolutionize this area, making these drugs cheaper and easier to produce.

Continue reading “MIT Engineers Pioneer Cost-Effective Protein Purification For Cheaper Drugs”