Pop Open Your Neighbor’s Front Door With 12 Volts

July 1, 2020 by Tom Nardi 57 Comments

Many in the community are skeptical about the security of commercial smart home devices, and for good reason. It’s not like you have to look far to find examples of poorly implemented systems, or products that are abandoned by their manufacturers and left without critical security updates. But the design flaw in this video doorbell really drives home how little thought some companies give to their customer’s security.

As explained by [Savvas], and demonstrated in the video after the break, all you need to do if you want to get into a home equipped with one of these vulnerable door bells is pop the unit off the wall and hit it with 12 volts DC.

Incredibly, the terminals that connect to the electronic lock inside the house are completely accessible on the back of the unit. They even labeled them, on the off-chance the robber forgets which wire is which. It’s not even as though the thing is held on with some kind of weird security screws, it’s just a garden variety Phillips.

In the video, [Savvas] even shows he used a little gadget attached to a QuickCharge USB battery bank to get a portable 12 VDC source suitable for tripping these locks. Which, interestingly enough, is based on a trick he read about in the Hackaday comments. Something to consider while penning your next comment on these storied pages.

[Savvas] says he’s reached out to the company to get their side of the story, but so far, hasn’t received a response. We aren’t surprised, this is a fundamental flaw in the product’s execution. Clearly they wanted to make an easy to install device that doesn’t require any additional electronics in the house, and this is the inevitable end result of that oversimplification. All the more reason to roll your own smart doorbell.

Continue reading “Pop Open Your Neighbor’s Front Door With 12 Volts” →

433 On A Stick

June 27, 2020 by Jenny List 15 Comments

Cheap 433 MHz wireless switches are a tempting way to enter the world of home automation, but without dedicated hardware, they can be less easy to control from a PC. That’s the position [TheStaticTurtle] was in, so the solution was obvious. Build a USB 433 MHz transceiver.

At the computer end is a CH340 USB-to-serial chip and the familiar ATmega328 making this a compact copy of the Arduino. At the RF end are a pair of modules for transmit and receive, unexpectedly with separate antennas. This device is a second revision, after initial experiments with a single antenna connector and an RF switch proved not to work. On the software side the Arduino uses the rc-switch library, while on the PC side there’s a Python library to make sense of it all. The code and hardware files are all on GitHub, should you wish to experiment.

The problem of making a single antenna transceiver is not for the faint-hearted RF engineer, as while diode switches seem on paper to deliver the goods, they can be extremely difficult to get right and preserve linearity. We’re curious that a transceiver module wasn’t used instead, but we’re guessing that cost played a significant part in the equation.

Over the years we’ve featured quite a few fascinating 433 MHz projects, like this TP-Link router conversion.

Smart Toilet Paper Holder Keeps Track Of White Gold

June 26, 2020 by Lewin Day 24 Comments

As we all woke up in 2020 on New Year’s Day, few of us would have predicted how terrible everything would get in just a few short months. Worldwide shortages of toilet paper were just the tip of the iceberg, making everyone more keenly aware of their stocks at home. This was something [thepenguinmaster] decided to take a stab at managing in the cloud. Enter the Smart Toilet Paper Roll.

The device consists of a 3D printed toilet roll holder, outfitted with sensors to track usage of the precious material. A magnetic rotary encoder is used to monitor rotation of the roll, with a LIDAR device used to sense when a user’s hand is in close proximity. Data is trucked to the cloud by an Avnet Azure Sphere MT3620. The link with Azure allows for the automatic generation of graphs and access from anywhere over the Internet.

The project goes to show that just about anything around the house can be monitored over the Internet. We’d love to see the tracker go even further, measuring usage on a per-sheet basis and automatically ordering more when supplies get low. We’ve seen similar work before, too.

Defeating Fridge DRM With Duct Tape And A Dremel

June 14, 2020 by Sven Gregori 81 Comments

We love writing about DRM here at Hackaday. Because when we do, it usually means someone found a way to circumvent the forced restrictions laid upon by a vendor, limiting the use of a device we thought is ours once we bought it. The device in question this time: the water filter built into GE’s fridges that would normally allow its “owner” to pour a refreshing glass of cold water. Except the filter is equipped with an RFID tag and an expiration, which will eventually deny you that little luxury. And if that’s already a feature, you can bet it won’t just let you insert any arbitrary filter as replacement either.

Enraged by every single aspect of that, [Anonymous] made a website to vent the frustration, and ended up tearing the culprit apart and circumvent the problem, with a little help from someone who was in the same situation before. As it turns out, the fridge comes with a “bypass filter” that is just a piece of plastic to fit in place of the actual filter, to pour unfiltered, but still cold water. That bypass filter is also equipped with an RFID tag, so the reader will recognize it as a special-case filter, which luckily enough doesn’t have an expiration counter.

The general idea is to take out that bypass filter’s RFID tag and place it on a generic, way cheaper filter to trick the fridge into thinking it simply doesn’t have a filter in the first place, while still enjoying the filters actual functionality. However, this might not be the most stable solution if the tag isn’t placed in the exact position. Also, retrieving the tag in the first place proved tricky, and [Anonymous] initially ended up with nothing but the antenna pad, while the tag itself remained sturdily glued into the plastic piece.

Continue reading “Defeating Fridge DRM With Duct Tape And A Dremel” →

Building An ESP32 Smart Power Strip From Scratch

June 10, 2020 by Tom Nardi 33 Comments

Surely the most straightforward way of creating a smart power strip would be to take an existing model and hack in some relays that you could fire with a WiFi-enabled microcontroller. But where’s the fun in that? Instead of repurposing a commercial power strip for his recent project, [Md Raz] decided to just build the whole thing himself.

The project started with a 3D printed enclosure that could hold the electronics and three panel mount sockets. The use of heat-set inserts makes it a bit more robust for future upgrade work, but otherwise it’s a fairly simple rectangular design. Nobody ever said a power strip had to be pretty, right? In addition to the panel mount sockets, there’s also a AC-DC converter to step mains voltage down to 5 VDC for the ESP32.

In addition to the microcontroller, the custom PCB in the power strip holds a trio of MOSFETs connected to AQH2223 solid state relay (SSR) chips. Once the ESP32 toggles the line attached to each MOSFET, the indicator LED above the outlet goes on and the appropriate SSR is thrown to turn on the power. With a simple web interface running on the microcontroller, all three outlets can be independently controlled from any device with a web browser.

If you’d like to limit your interaction with mains voltages, then we’ve seen some projects that commandeer the low-voltage side of a commercial smart power strip. But remember, putting a Raspberry Pi inside of a power strip might seem suspicious to some folks.

The Easiest Way To Put Your Doorbell On The Internet

June 1, 2020 by Tom Nardi 39 Comments

Thanks to low-cost WiFi enabled microcontrollers such as the ESP8266 and ESP32, it’s never been a better time to roll your own smart home system. But that doesn’t mean it isn’t daunting for new players. If you’re looking for an easy first project, putting your old school doorbell on the Internet of Things is a great start, but even here there’s some debate about how to proceed.

Most people stumble when they get to the point where they have to connect their low-voltage microcontroller up to the relatively beefy transformer that drives a standard doorbell. We’ve seen a number of clever methods to make this connection safely, but this tip from [AnotherMaker] is probably the easiest and safest way you’re likely to come across.

His solution only requires an inductive current sensor, which can be had for less than $1 from the usual overseas suppliers. One leg of the doorbell circuit is passed through the center of this sensor, and the sensor itself is connected up to your microcontroller of choice (here, and ESP32). The rest is software, which [AnotherMaker] explains in the video after the break. With the addition of a little debounce code, your microcontroller can reliably determine when somebody is out there jabbing the bell button; what you do with this information after that is up to you.

If you’re worried this method is too easy you could always try it with an optocoupler, or maybe convert the low-voltage AC to something your microcontroller can handle.

Continue reading “The Easiest Way To Put Your Doorbell On The Internet” →

Home Assistant Get Fingerprint Scanning

May 28, 2020 by Al Williams 13 Comments

Biometrics — like using your fingerprint as a password — is certainly convenient and are pretty commonplace on phones and laptops these days. While their overall security could be a problem, they certainly fit the bill to keep casual intruders out of your system. [Lewis Barclay] had some sensors gathering dust and decided to interface them to his Home Assistant setup using an ESP chip and MQTT.

You can see the device working in the video below. The code is on GitHub, and the only thing we worried about was the overall security. Of course, the security of fingerprint scanners is debatable since you hear stories about people lifting fingerprints with tape and glue, but even beyond that, if you were on the network, it would seem like you could sniff and fake fingerprint messages via MQTT. Depending on your security goals, that might not be a big deal and, of course, that assumes someone could compromise your network to start with.

Continue reading “Home Assistant Get Fingerprint Scanning” →