Sly Guy Nabs Pi Spy

When one of [Christian Haschek’s] co-workers found this Raspberry Pi tucked into their network closet, he figured it was another employee’s experiment – you know how that goes. But, of course, they did the safe thing and unplugged it from the network right away. The ensuing investigation into what it was doing there is a tour de force in digital forensics and a profile of a bungling adversary.

A quick check of everyone with access to that area turned up nothing, so [Christian] shifted focus to the device itself. There were three components: a Raspberry Pi model B, a 16GB SD card, and an odd USB dongle that turned out to be an nRF52832-MDK. The powerful SoC on-board combines a Cortex M4 processor with the RF hardware for BLE, ANT, and other 2.4 GHz communications. In this case, it may have been used for sniffing WiFi or bluetooth packets.

The next step was investigating an image of the SD card, which turned out to be a resin install (now called balena). This is an IoT web service that allows you to collect data from your devices remotely via a secure VPN. Digging deeper, [Christian] found a JSON config file containing a resin username. A little googling provided the address of a nearby person with the same name – but this could just be coincidence. More investigation revealed a copyright notice on some mysterious proprietary software installed on the Pi. The copyright holder? A company part-owned by the same person. Finally, [Christian] looked into a file called resin-wifi-01 and found the SSID that was used to set up the device. Searching this SSID on wigle.net turned up – you guessed it – the same home address found from the username.

But, how did this device get there in the first place? Checking DNS and Radius logs, [Christian] found evidence that an ex-employee with a key may have been in the building when the Pi was first seen on the network. With this evidence in hand, [Christian] turned the issue over to legal, who will now have plenty of ammunition to pursue the case.

If you find the opportunity to do some Linux forensics yourself, or are simply interested in learning more about it, this intro by [Bryan Cockfield] will get you started.

Automate Your Home From The Clearance Rack

The month or so after the holidays have always been a great time to pick up some interesting gadgets on steep clearance, but with decorations and lights becoming increasingly complex over the last few years, the “Christmas Clearance” rack is an absolute must see for enterprising hackers. You might just luck out like [ModernHam] and find a couple packs of these dirt cheap wireless light controllers, which can fairly easily be hacked into the start of a home automation system with little more than the Raspberry Pi and a short length of wire.

In the video after the break, [ModernHam] walks the viewer through the start to finish process of commanding these cheap remote plugs. Starting with finding which frequencies the remotes use thanks to the FCC database and ending with using cron to schedule the transmission of control signals from the Pi, his video really is a wealth of information. Even if you don’t have this particular model of remote plug, or don’t necessarily want to setup a home automation system, there’s probably some element of this video that you could still adapt to your own projects.

The first step of the process is figuring out how the remote is communicating to the plugs. [ModernHam] noticed there was no frequency listed on the devices, but using their FCC IDs he was able to find the relevant information. In the United States, devices like these must have their FCC IDs visible (though they could be behind a battery door) by law, so the searchable database is an invaluable tool to do some basic reconnaissance on a poorly documented gadget.

An RTL-SDR receiver is then used to fine tune the information gleaned from the FCC filing. [ModernHam] found that the signals for all four of the remote plugs were being broadcast on the same frequency, which makes controlling them all the easier. Using the rtl-sdr command, he was able to capture the various signals from the transmitter and save them to separate files. Then it’s just a matter of replaying the appropriate file to get the plugs to do your bidding.

Of course, the RTL-SDR can’t transmit so you’ll have to leave your dongle behind for this last step. Luckily all you need to transmit is the rpitx package created by [F5OEO], along with a supported Raspberry Pi and a small length of wire attached to the appropriate GPIO pin. This package contains the tool sendiq which can be used to replay the raw captures made in the previous step. With some scripting, it’s fairly straightforward to automate these transmissions to control the remote plugs however you wish from the Pi.

The RTL-SDR Blog put together their own guide for “brute forcing” simple remote control devices like this as well, and we’ve even seen similar techniques used against automotive key fobs in the past. Amazing what a piece of wire and some clever code can pull off.

Continue reading “Automate Your Home From The Clearance Rack”

DIY Clapper Is 1980s Style With Raspberry Pi Twist

Home automation isn’t all that new. It is just more evolved. Many years ago, a TV product appeared called the Clapper. If you haven’t heard of it, it was basically a sound-operated AC switch. You plug, say, a lamp into the device and the clapper into the wall and you can then turn the lamp on or off by clapping. If you somehow missed these — and you can still get them, apparently — have a look at the 1984 commercial in the video below. [Ash] decided to forego ordering one on Amazon and instead built her own using a Raspberry Pi.

[Ash’s] prototype uses an LED and could — in theory — drive anything. If you wanted to make a real Clapper replacement you’d need a relay or some other kind of AC switch suitable for the load. The actual clap detection software is from [nikhiljohn10] and simply waits for two loud noises. No fancy machine learning to differentiate between a clap and a cat knocking over a vase. Just a threshold and some timing.

Continue reading “DIY Clapper Is 1980s Style With Raspberry Pi Twist”

This Computer Mouse Houses A Mouse Computer

Everyone has heard of a computer mouse before, but what about a mouse computer?

Granted, [Electronic Grenade]’s all-in-one computer in an oversized mouse-shaped case is almost without practical value. But that’s hardly the point, which was just to do something cool. Inspiration came from keyboards stuffed with a Raspberry Pi to make a mostly-all-in-one machine; this Rodent of Unusual Size is the next logical step. With a Pi Zero W and a LiPo battery alongside a mouse mechanism inside the 3D-printed case – alas, no real mouse currently on the market would house everything – the computer sports not only a tiny and nearly-usable LCD display, but also a slide-out Bluetooth keyboard. The ergonomics of a keyboard at right angles to the display gives us pause, but again, usability is not the point. And don’t expect much in the performance department – the rig barfs after a few seconds of playing Minecraft.

Still, for all its limitations, this mouse computer has a certain charm. We always enjoy “just because I can” projects, whether they be a Gameboy ukelele or a fire-breathing animatronic duck. Such projects are often valuable not for what they produce, but for pushing into areas where no one has gone before.

Continue reading “This Computer Mouse Houses A Mouse Computer”

Win Back Some Privacy With A Cone Of Silence For Your Smart Speaker

To quote the greatest philosopher of the 20th century: “The future ain’t what it used to be.” Take personal assistants such as Amazon Echo and Google Home. When first predicted by sci-fi writers, the idea of instant access to the sum total of human knowledge with a few utterances seemed like a no-brainer; who wouldn’t want that? But now that such things are a reality, having something listening to you all the time and potentially reporting everything it hears back to some faceless corporate monolith is unnerving, to say the least.

There’s a fix for that, though, with this cone of silence for your smart speaker. Dubbed “Project Alias” by [BjørnKarmann], the device consists of a Raspberry Pi with a couple of microphones and speakers inside a 3D-printed case. The Pi is programmed to emit white noise from its speakers directly into the microphones of the Echo or Home over which it sits, masking out the sounds in the room while simultaneously listening for a hot-word. It then mutes the white noise, plays a clip of either “Hey Google” or “Alexa” to wake the device up, and then business proceeds as usual. The bonus here is that the hot-word is customizable, so that in addition to winning back a measure of privacy, all the [Alexas] in your life can get their names back too. The video below shows people interacting with devices named [Doris], [Marvin], [Petey], and for some reason, [Milkshake].

We really like this idea, and the fact that no modifications are needed to the smart speaker is pretty slick, as is the fact that with a few simple changes to the code and the print files it can be used with any smart speaker. And some degree of privacy from the AI that we know is always listening through these things is no small comfort either.

Continue reading “Win Back Some Privacy With A Cone Of Silence For Your Smart Speaker”

A Fully Automatic Electric Can Crusher

Those of us who recycle our empty drink cans know the annoying storage problem these containers present. For an object with very little metal, a can takes up a huge amount of space, and should you possess a greater than average thirst you can soon end up with a lot of space taken up with stacks of cans. The solution of course is to crush them, and while there are many simple solutions involving hinged blocks of wood or lever systems, this is 2019! We have Machines to that kind of thing for us! [All Things Electro-Mechanical] thinks so anyway, for he has created an automatic can crusher that is a joy to behold.

At its heart is a 120V AC powered linear actuator, which crushes a can held in a welded steel guide. As the can is crushed it drops into a waiting bin, and when the actuator retracts a fresh can drops down from a hopper. Control is handled by a Raspberry Pi, and there are end sensors for the actuator and an optical sensor for the can hopper. As it stands, once the last can is in place the machine stops due to the optical sensor registering no can in the hopper, but no doubt a software change could cause it to execute a single crush cycle after the last can it detects.

This machine would be an ideal candidate for a simple industrial automation system, but however it is controlled it would save its owner from an embarrassing test of strength. Take a look, we’ve posted the two videos showing it in action below the break.

Thanks [Baldpower] for the tip.

Continue reading “A Fully Automatic Electric Can Crusher”

Visual Airplane Tracker Runs On Pi

As no doubt is the case with many readers, there is a Raspberry Pi running in the yard near where this is being written that tracks airplanes, listening into the ADS-B radio broadcasts that they send and uploading the data to a sharing service. This device lacks the blinky LEDs that hacking custom states it should have, though. This project from [xy72y5e] would be a great way to deal with that problem: they used a Unicorn hat to create a simple map of local airplanes. This shows the location and track of aircraft in the area on the 8 by 8 RGB LED matrix of the Unicorn Hat.

While the device here maps local planes from their radio fixes, the code that [xy72y5e] published works with the api of ADSBExchange, a site that shares flight data. This means that the map can be easily set to show air traffic at a different location to the device itself. And it wouldn’t be that difficult to alter this to show the locally detected planes, as [xy72y5e] has published the full Python code that creates the map. This would also go well with some of the other airplane tracking hacks that we’ve seen recently, such as the planespotter destination tracker or tracking airplanes by radar reflections

[Via Reddit]