Daedalus Jet Suit Takes To The Skies

April 13, 2017 by Adam Fabio 38 Comments

[Richard Browning] wants to fly like Daedalus. To us, it looks a bit more like Iron Man. [Browning] is working on project Daedalus, a flight suit powered by six jet engines. These turbines are exactly the type one would find on large, fast, and expensive R/C planes. Some of this is documented on his YouTube channel, Gravity Industries, though RedBull has also gotten involved and have a video of their own that you can check out after the break.

The project started last year in [Browning’s] garage. He strapped a jet to an old washing machine to test its thrust. The jet nearly flipped the machine over, so he knew he would have enough power to fly. The suit started with a turbine strapped to each arm. Then it became two on each arm. This was enough for moonlike hops, but not enough for actual flight. Strapping an engine to each leg worked but was rather hard to control. The current configuration features two turbines per arm, and two on a backpack.

The whole setup is quite similar to [Frank Zapata]’s Flyboard Air, with one key difference – [Browning] is supporting two thirds of his weight with his hands. The effect is similar to supporting oneself on gymnastic rings, which is part of his extreme physical training regimen.

Continue reading “Daedalus Jet Suit Takes To The Skies” →

Every Tornado Siren In Dallas Hacked

April 12, 2017 by Jack Laidlaw 52 Comments

Someone had some fun with the Dallas early warning tornado siren system on Friday, April 8th. All 156 tornado sirens were hacked to go off just before midnight until they were manually turned off individually, reports The Washington Post. Thousands of residents flooded 911 call centers asking if they were under attack, if there was a tornado or if the zombie apocalypse had begun. The sirens were blaring for at least an hour and was originally put down as a malfunction, however it was later revealed that it was a hack and the “hacker” must have had physical access to the siren control center.

This isn’t the first time Dallas has had problems with “hackers” breaking into their infrastructure, Only last year some unknown person/persons hacked electronic road signs (a prank we’ve seen before) in and around Dallas claiming “Work is Canceled — Go Back Home” and “Donald Trump Is A Shape-shifting Lizard!!”. Mayor Mike Rawlings claims the perpetrators will be found and prosecuted although we don’t share his confidence since last year’s attackers are still at large.

The video below is one of many on YouTube filmed by bemused Dallas residents.

UPDATE: This hack seems to have been accomplished via DTMF signals broadcast on radio frequency in the clear. Recognizing the vulnerability after the fact, the system is now using some form of encryption for the control messages. Thanks [Dan J.] for posting this in the comments below.

Continue reading “Every Tornado Siren In Dallas Hacked” →

$10 Orange Pi 2G-IoT Released To Compete With Pi Zero W

April 11, 2017 by Jack Laidlaw 76 Comments

A new single-board computer by Orange Pi has popped up for sale on AliExpress. The Orange Pi 2G-IoT is designed to compete with the Raspberry Pi Zero, and if specs are anything to go by they have done a nice job.

There are a lot of options for extra small single board computers these days and there’s a growing list at the lowest price points. Let’s call it the sub-$20 cost range (to quell the argument of shipping fees). We have seen C.H.I.P., the Raspberry Pi Foundation released the Pi Zero W (an update to the Zero line that included WiFi and Bluetooth), the already available Orange Pi Zero (which was featured in a project on Monday), and now add to that list the unfortunately named Orange Pi 2G-IoT.

The 2g-IoT is sporting an ARM Cortex-A5 32bit clocked at 1GHz with 256MB DDR2 RAM. It’s nice to see 500 MB of on-board NAND to go along with an SD card slot for larger storage. It also has a CSI camera connector, WiFi, Bluetooth, an FM Radio and GSM/GPRS with a sim card slot on the bottom. It is pin compatible with Raspberry Pi’s almost standardized GPIO layout.

All this for $10 is quite impressive to say the least, especially the addition of GSM/GPRS. Will it kill Raspberry Pi Zero W sales? We think not. While the Orange Pi’s are great little computers, they don’t have the community support that is afforded to Raspberry Pi products making for less support online when you run into a problem. That’s if you can even get the thing running in the first place. The Orange Pi’s website has not yet been updated to reflect the new release. However if you are interested in getting one for yourself right now, head over to your favorite Chinese electronics supplier.

[via Geeky Gadgets and CNX]

Trademarking Makerspace (Again)

April 11, 2017 by Brian Benchoff 31 Comments

A British company has filed a trademark application for the word ‘MakerSpace’. While we’ve seen companies attempt to latch on to popular Maker phrases before, Gratnells Limited, the company in question, is a manufacturer of plastic containers, carts, and other various storage solutions. These products apparently provide a space to store all the stuff you make. Something along those lines.

This isn’t the first time we’ve seen someone try to glom onto the immense amount of marketing Make: has put into the term ‘makerspace’. In 2015, UnternehmerTUM MakerSpaceGmbH, an obviously German tech accelerator based in Munich, filed an application to trademark the word ‘Makerspace’. A few days later, we got word this makerspace wasn’t trying to enforce anything, they were just trying to keep the rug from being pulled out from under them. It was a defensive trademark, if something like that could ever exist (and it can’t under US trademark law). Swift and efficient German bureaucracy prevailed, and the trademark was rejected.

The trademark in question here covers goods including, ‘metal hardware and building materials’, ‘trolleys, trolleys with trays’, ‘guide rails of non-metallic materials’, and ‘lids for containers’, among other storage-related items. While this is far outside the usual meaning for a ‘makerspace’ – a building or club with a whole bunch of tools – if this trademark is approved, there is always the possibility of overzealous solicitors.

Fortunately, Gratnells released a statement today saying they would not defend or continue this trademark. This is in light of the recent, limited reaction to the trademark application. The word Makerspace is safe again another day.

Thanks [Tom] for the tip.

BrickerBot Takes Down Your IoT Devices Permanently

April 8, 2017 by Adam Fabio 69 Comments

There is a new class of virii in town, specifically targeting Internet of Things (IoT) devices. BrickerBot and its variants do exactly as their name says, turning your smart devices into bricks. Someone out there has gotten tired of all the IoT security flaws and has undertaken extreme (and illegal) measures to fix the problem. Some of the early reports have come in from a security company called Radware, who isolated two variants of the virii in their honeypots.

In a nutshell, BrickerBot gains access to insecure Linux-based systems by using brute force. It tries to telnet in using common default root username/password pairs. Once inside it uses shell commands (often provided by BusyBox) to write random data to any mounted drives. It’s as easy as

dd if=/dev/urandom of=/dev/sda1

With the secondary storage wiped, the device is effectively useless. There is already a name for this: a Permanent Denial-of-Service (PDoS) attack.

Now any card carrying Hackaday reader will know that a system taken down like this can be recovered by re-flashing through USB, JTAG, SD, other methods. However, we’re not BrickerBot’s intended audience. We’ve all changed our devices default passwords, right? RIGHT?

For more IoT security, check out Elliot’s excellent article about botnets earlier this year, and its follow-up.

IOT Startup Bricks Customers Garage Door Intentionally

April 5, 2017 by Jack Laidlaw 202 Comments

Internet of Things startup Garadget remotely bricked an unhappy customer’s WiFi garage door for giving a bad Amazon review and being rude to company reps. Garadget device owner [Robert Martin] found out the hard way how quickly the device can turn a door into a wall. After leaving a negative Amazon review, and starting a thread on Garadget’s support forum complaining the device didn’t work with his iPhone, Martin was banned from the forum until December 27, 2019 for his choice of words and was told his comments and bad Amazon review had convinced Garadget staff to ban his device from their servers.

The response was not what you would expect a community-funded startup. “Technically there is no bricking, though,” the rep replied. “No changes are made to the hardware or the firmware of the device, just denied use of company servers.” Tell that to [Robert] who can’t get into his garage.

This caused some discontent amoung other customers wondering if it was just a matter of time before more paying customers are subjected to this outlandish treatment. The Register asked Garadget’s founder [Denis Grisak] about the situation, his response is quoted below.

It was a Bad PR Move, Martin has now had his server connection restored, and the IOT upstart has posted a public statement on the matter.– Garadget

This whole debacle brings us to the conclusion that the IoT boom has a lot of issues ahead that need to be straightened out especially when it comes to ethics and security. It’s bad enough to have to deal with the vagaries of IoT Security and companies who shut down their products because they’re just not making enough money. Now we have to worry about using “cloud” services because the people who own the little fluffy computers could just be jerks.

How To Trick Your Electrical Meter By Saving Power

April 4, 2017 by Michael Uttmark 95 Comments

A group of Dutch scientists have been testing out some of today’s “smart” electrical meters to check their accuracy, among other things. Not ones to disappoint, the scientists have found consistently false readings that in some cases are 582% higher than actual energy consumption.

With experiments lasting for six months, the researchers tried to focus on meters representative of those commonly used in the Netherlands and manufactured between 2004 and 2014. Moreover, the researchers tried to reproduce standard household energy consumption patters rather than focusing on stress tests.

Their results? Well, “results varied wildly, with some meters reporting errors way above their disclosed range, going from -32% to +582%. Tests with uncommon results were repeated several times and the results were within a few percents of the original.” Moreover, “The greatest inaccuracies were seen when researchers combined dimmers with energy saving light bulbs and LED bulbs.” Not constrained to energy saving light bulbs, the inaccuracies are, ironically, tied to devices with integrated energy saving features. (Certainly makes us want to keep a close eye on our electric meters.)

“The reason for faulty readings appears to be the current sensor, and the associated circuitry,” said researchers. “The experimental results […] show that static energy meters can be pushed into faulty reading (positive and negative) if sufficiently fast pulsed currents are drawn by the consumer”

It is worth noting that there is contradictory research published by “the European voice of the providers of smart energy solutions” that maintains that “there is no reason to question smart metering technology”. Still, we wouldn’t blame you if you wanted a second opinion.

Thanks [acs] for sending this in!