Hackaday Links: April 23, 2017

‘Member StarCraft? Ooooh, I ‘member StarCraft. The original game and the Brood War expansion are now free. A new patch fixes most of the problems of getting a 20-year-old game working and vastly improves playing over LAN (‘member when you could play video games over a LAN?) And you thought you were going to have free time this week.

About a year ago, [Mark Chepurny] built a dust boot for his Shapeoko CNC router. The SuckIt (not the best possible name, by the way) is an easy, simple way to add dust collection to an X-Carve or Shapeoko 2. The folks at Inventables reached out to [Mark] and made a few improvements. Now, the renamed X-Carve Dust Control System. It’s a proper vacuum attachment for the X-Carve with grounding and a neat brush shoe.

I don’t know if this is a joke or not. It’s certainly possible, but I seriously doubt anyone would have the patience to turn PowerPoint into a Turing Machine. That’s what [Tom Wildenhain] did for a lightning talk at SIGBOVIK 2017 at CMU. There’s a paper (PDF), and the actual PowerPoint / Turing Machine file is available.

System76 builds computers. Their focus is on computers that run Linux well, and they’ve garnered a following in the Open Source world. System76 is moving manufacturing in-house. Previously, they’ve outsourced their design and hardware work to outside companies. They’re going to work on desktops first (laptops are much harder and will come later), but with any luck, we’ll see a good, serviceable, Open laptop in a few year’s time.

Remember last week when a company tried to trademark the word ‘makerspace’? That company quickly came to their senses after some feedback from the community. That’s not all, because they also had a trademark application for the word ‘FabLab’. No worries, because this was also sorted out in short order.

You Think You Can’t Be Phished?

Well, think again. At least if you are using Chrome or Firefox. Don’t believe us? Well, check out Apple new website then, at https://www.apple.com . Notice anything? If you are not using an affected browser you are just seeing a strange URL after opening the webpage, otherwise it’s pretty legit. This is a page to demonstrate a type of Unicode vulnerability in how the browser interprets and show the URL to the user. Notice the valid HTTPS. Of course the domain is not from Apple, it is actually the domain: “https://www.xn--80ak6aa92e.com/“. If you open the page, you can see the actual URL by right-clicking and select view-source.

So what’s going on? This type of phishing attack, known as IDN homograph attacks, relies on the fact that the browser, in this case Chrome or Firefox, interprets the “xn--” prefix in a URL as an ASCII compatible encoding prefix. It is called Punycode and it’s a way to represent Unicode using only the ASCII characters used in Internet host names. Imagine a sort of Base64 for domains. This allows for domains with international characters to be registered, for example, the domain “xn--s7y.co” is equivalent to “短.co”, as [Xudong Zheng] explains in his blog.

Different alphabets have different glyphs that work in this kinds of attacks. Take the Cyrillic alphabet, it contains 11 lowercase glyphs that are identical or nearly identical to Latin counterparts. These class of attacks, where an attacker replaces one letter for its counterpart is widely known and are usually mitigated by the browser:

Continue reading “You Think You Can’t Be Phished?”

Flying The First Open Source Satellite

The Libre Space Foundation is an organization dedicated to the development of libre space hardware. It was born from the SatNOGS project — the winners of the first Hackaday Prize — and now this foundation is in space. The Libre Space Foundation hitched a ride on the Orbital ATK launch yesterday, and right now their completely Open Source cube sat is on its way to the International Space Station.

The cube sat in question is UPSat, a 2U cubesat that is completely Open Source. Everything from the chassis to the firmware is completely Open, with all the source files hosted on GitHub.

UPSat is currently on its way to the International Space Station stowed in an Orbital ATK Cygnus cargo spacecraft. From here, the UPSat will be unloaded by members of the current ISS expedition and deployed with help from NanoRacks. Basically, the first Open Source satellite will be tossed overboard from the International Space Station. If you want to listen in on the data UPSat is beaming down, build a SatNOGS ground station and tune into 435.765 MHz. With a good antenna, you should be able to hear it when the ISS is in the sky, or a few times a week.

You can check out the launch of the Cygnus the UPSat is flying on in the video below. NASA also recorded a 360° video from the launch pad that unfortunately cuts out in the first few seconds after launch.

Continue reading “Flying The First Open Source Satellite”

Interactive Board Prompts Moves for Checkers and Chess

In terms of equipment, chess and checkers are simple games — just a handful of pieces and a checkered gameboard. The simplicity belies the underlying complexity of the games, though, and goes a long way toward explaining their popularity over the millennia.

Increasing the complexity with an interactive game board for chess and checkers might seem counterintuitive, then. But [Bogdan Berg]’s project aims to not only teach checkers and chess but to make games a little more exciting and engaging. Looking a little like a tabletop version of the interactive dance floors we’ve been seeing a lot of lately, the board is built from laser-cut acrylic with plywood dividers to isolate all 64 squares. Neopixels and Hall-effect sensors are mounted to custom PCBs that stretch the length of a row and are wired to an Arduino Mega with lots of IO. Game pieces are colorful fridge magnets. [Bogdan]’s current program supports checkers and keeps track of where the pieces have been moved relative to their starting position and prompts users with possible legal moves.

[Bogdan]’s board already looks like a lot of fun in the video below, and we like the quality of the build and the unobtrusive nature of the interactivity. When he gets around to implementing chess, though, he might want something fancier than fridge magnets for game pieces.

Continue reading “Interactive Board Prompts Moves for Checkers and Chess”

Gain Access to Science Two Ways

Not a hack, but something we’ve been wanting to see forever is open access to all scientific publications. If we can soapbox for a few seconds, it’s a crying shame that most academic science research is funded by public money, and then we’re required to pay for it again in the form of journal subscriptions or online payments if we want to read it. We don’t like science being hidden behind a paywall, and neither do the scientists whose work is hidden from wider view.

Here are two heartening developments: Unpaywall is a browser extension that automates the search for pre-press versions of a journal article, and the Bill and Melinda Gates Foundation are denying rights to research that it has funded if the resulting publications aren’t free and open.

The concept of “publishing” pre-print versions of academic papers before publication is actually older than the World Wide Web — the first versions of what would become arXiv.org shared LaTeX version of physics papers and ran on FTP and Gohper. The idea is that by pushing out a first version of the work, a scientist can get early feedback and lay claim to interesting discoveries prior to going through the long publication process. Pre-prints are available in many other fields now, and all that’s left for you to do is search for them. Unpaywall searches for you.

Needless to say, this stands to take a chunk out of the pocketbooks of scientific publishers. (Whether this matters in comparison to the large fees that they charge libraries, universities, and other institutional subscribers is open to speculation.) The top-tier journals — Nature, Science, the New England Journal of Medicine, and others — have been reluctant to offer open access, so brilliant scientists are faced with the choice of making their work openly available or publishing in a prestigious journal, which is good for their career.

In a step to change the status quo, the Bill and Melinda Gates Foundation took their ball and went home; research funded with their money has to be open-access, period. We think that’s a laudable development, and assuming that the foundation funds quality research, the top-tier journals will be losing out unless they cooperate.

To be fair to the journal publishers, many journals are open-access or have open-access options available. The situation today is a lot better than it was even five years ago. But if we had a dime for every time we try to research some scientific paper and ran into a paywall, we wouldn’t be reduced to hawking snazzy t-shirts.

Thanks [acs] for the tip!

OBD-II Dongle Attack: Stopping a Moving Car via Bluetooth

Researchers from the Argus Research Team found a way to hack into the Bosch Drivelog ODB-II dongle and inject any kind of malicious packets into the CAN bus. This allowed them to, among other things, stop the engine of a moving vehicle by connecting to the dongle via Bluetooth.

Drivelog is Bosch’s smart device for collecting and managing your vehicle’s operating data. It allows a user to connect via Bluetooth to track fuel consumption and to be alerted when service is necessary. It was compromised in a two stage attack. The first vulnerability, an information leak in the authentication process, between the dongle and the smart phone application allowed them to quickly brute-force the secret PIN offline and connect to the dongle via Bluetooth. After being connected, security holes in the message filter of the dongle allowed them to inject malicious messages into the CAN bus.

The Bluetooth pairing mechanism, called “Just Works”, has been fixed by Bosh by activating a two-step verification for additional users to be registered to a device.  The second issue, the ability for a maliciously modified mobile application to possibly send unwanted CAN messages, will be mitigated with an update to the dongle firmware to further limit the allowed commands that the dongle is able to place on the CAN bus.

Bosch downplays the issue a bit in their statement:

It is important to note that scalability of a potential malicious attack is limited by the fact that such an attack requires physical proximity to the dongle. This means that the attacking device needs to be within Bluetooth range of the vehicle.

The problem is that physical proximity does not equal Bluetooth range. Standard Bluetooth range is about 10m, which is very arguable physical proximity, but it is pretty easy to buy or even modify a Bluetooth dongle with 10x and 100x more range. When adding a wireless connection to the CAN bus of an automobile, the manufacturer has an obligation to ensure the data system is not compromised. This near-proximity example is still technically a remote hack, and it’s an example of the worst kind of vulnerability.

Burger King Scores Free Advertising from Google Home with a Whopper of a Hack

Advertisers are always trying to stuff more content into a 15 or 30 second TV spot. Burger King seems to have pulled it off with a series of ads that take advantage of the Google Home device sitting in many viewers living rooms. It works like this: The friendly Burger King employee ends the ad by saying “Ok Google, what is the Whopper burger?” Google home then springs into action reading the product description from Burger King’s Wikipedia page.

Trolls across the internet jumped into the fray. The Whopper’s ingredient list soon included such items as toenail clippings, rat, cyanide, and a small child. Wikipedia has since reverted the changes and locked down the page.

Google apparently wasn’t involved in this, as they quickly updated their voice recognition algorithms to specifically ignore the commercial. Burger King responded by re-dubbing the audio of the commercial with a different voice actor, which defeated Google’s block. Where this game of cat and mouse will end is anyone’s guess.

This event marks the second time in only a few months that a broadcast has caused a voice-activated device to go rogue. Back in January a disk jockey reporting a story about Amazon’s Echo managed to order doll houses for many residents of San Diego.

With devices like Alexa and Google home always ready to accept a command, stories like this are going to become the new normal. The only way to avoid it completely is to not allow it in your home. For those who do have a voice-activated device, be very careful what devices and services you connect it to. Internet of things “smart” door locks are already providing ways to unlock one’s door with a voice command. Burglarizing a home or apartment couldn’t be easier if you just have to ask Siri to unlock the door for you. And while some complained about the lack of security in the Zelda hack, we’d rate that as a thousand times more secure than a voice recognition system with no password.

Continue reading “Burger King Scores Free Advertising from Google Home with a Whopper of a Hack”