Peripherals Hacks

1540 Articles

IPod Transmitter Radio Modem

December 13, 2007 by 14 Comments

[Eric] sent in his iPod transmitter radio modem hack (Internet Archive). Given the short range of these FM modulators (and FCC rules) I’d call this an academic exercise. Combined with a few mods, it could be useful for bursting data from a micro-controller. (Think APRS)

Asus EeePC Bonus:About a week ago, [johnx] added (Internet Archive) a 16GB flash drive and a bluetooth adapter to his. Yesterday, [ta2cba] showed off how he squeezed (Internet Archive) a four port hub inside his – allowing a pair of devices to live in the extra min-ipcie bay and leave two ports to spare for later add-ons.

Wireless Keyboards Easily Cracked

December 2, 2007 by 69 Comments

We first covered breaking the commodity 27MHz radios used in wireless keyboards, mice, and presenters when [Luis Miras] gave a talk at Black Hat. Since then, the people at Dreamlab have managed to crack the encryption on Microsoft’s Wireless Optical Desktop 1000 and 2000 products (and possibly more). Analyzing the protocol they found out that meta keys like shift and ALT are transmitted in cleartext. The “encryption” used on each regular keystroke involves XORing the key against a random one byte value determined during the initial sync with the receiver. So, if you sniff the handshake, you can decrypt the keystrokes. You really don’t have to though; there are only 256 possible encryption keys. Using a dictionary file you can check all possible keys and determine the correct one after only receiving 20-50 keystrokes. Their demo video shows them sniffing keystrokes from three different keyboards at the same time. Someone could potentially build a wireless keylogger that picks up every keystrokes from every keyboard in an office. You can read more about the attack in the whitepaper(pdf).

[via Midnight Research Labs]

Continue reading “Wireless Keyboards Easily Cracked”

Spread Spectrum Freq Hopping USB RF Modem

November 17, 2007 by 17 Comments


Since I mentioned Sparkfun electronics in the parts finding how-to, I started poking around their forums and stumbled across this interesting USB RF modem. It uses an off the shelf Semtec DP1205 RF module that’s controlled by a PIC 18F2550. The really interesting thing is that it uses spread spectrum frequency hopping – which means that by FCC rules, it can transmit up to 1 watt at 900Mhz.

Blowable Computer Interface

November 12, 2007 by 18 Comments


Remember Christopher Reeve’s blow controlled wheel chair? [Shwetak] sent in his blowable computer interface. It doesn’t require anything but an on-board microphone and a decent set of lungs. It works by taking audio fingerprints to determine the location on the screen that you’re exhaling on. The demo video (avi) shows off some surprisingly accurate location detection. You can get a few more details from his research paper. (If you need a decent avi video player, check out VLC player.)