Full Featured Security Lock Demonstration

November 26, 2011 by Mike Szczys 14 Comments

[Arshad Pathan] let us know about his latest project, a modular code lock that can be adapted to many different situations.

The user interface is made up of a character LCD screen and a 3×4 keypad. For this example [Arshad] is using a stepper motor as the locking mechanism. When the board is first powered up it runs the stepper in one direction until receiving input from a limiting switch. In this way, the microcontroller calibrates itself to ensure the lock is in a known position. From there it waits for user input. An unlocked door can be locked at any time by pressing the * key. Unlocking requires entry of the correct password. And a password can be changed by entering 9999 (followed by the old password when prompted).

In the video after the break [Arshad] does a great job of demonstrating the various modes which he has programmed. This stands on its own, but we always love to have more details so we’ve asked if [Arshad] is willing to share a schematic and the source code. We’ll update this post if we hear back from him.

Update: [Arshad] sent in a couple of schematics which can be found after the break.

Continue reading “Full Featured Security Lock Demonstration” →

Name These Parts: Verifone Payment Module Tear Down

November 23, 2011 by Mike Szczys 39 Comments

[Jerzmacow] got his hands on this Verifone Vx570 handheld payment terminal at a flea market. It’s got a thermal printer, a magnetic card reader, and then there’s the big LCD screen and buttons. In other words, lots of parts for his hacking amusement. But first, he decided to take a look at the parts that went into the design. He carefully disassembled the device, documenting what he found along the way. He mentions that there’s a switch pressing against the underside of the LCD which disables the hardware when disassembled. So it sounds like he won’t be able to get it to work again (there’s a Lithium battery inside which we’d guess powers some type of hardware kill switch circuit).

He posted an HD video of the tear down which we’ve embedded after the break. We find some of the design to be quite peculiar. Normally we have [Dave Jones] to walk us through design choices in his EEVblog hardware reviews. Since [Jerzmacow] wasn’t able to provide that level of insight, we’d love to hear what you think each piece of hardware is for. Leave your comments, along with time-stamps from the video. Specifically, what’s up with that strange board shown at 1:51? Continue reading “Name These Parts: Verifone Payment Module Tear Down” →

Jarvis Opens The Door At P-Space

November 10, 2011 by Mike Szczys 8 Comments

It seems like every Hackerspace should have some type of kludged together access system on their entry door. [Vasilis] wrote in to share the system called Jarvis that controls access to P-Space, a Hackerspace in Patras, Greece. It’s an RFID-based system that offers a few nice features.

They already have a server running the webpage, so basing their entry system off of a computer was an easy option. You can get in one of two ways; by presenting your valid RFID tag to a reader at the front door, or by ringing the bell and having a member inside press the Big Button of Doom (BBoD) which is a wireless controller.

The BBoD has an Xbee module inside which lets it send an unlock command back to the computer. The remote is powered by two AA batteries, and since it’s never on unless the button is pressed the team estimates these batteries should last around one year.

There’s even a feedback system. The computer posts the last few events to the webpage. So you can go online and see when the BBoD was used, or who’s tag has recently unlocked the entrance to tell if your friends are there.

RFID Reading And Spoofing

November 10, 2011 by Brian Benchoff 9 Comments

Locks are always temporary hindrances. After deciding to open the RFID-secured lock in his department, [Tixlegeek] built a device to read and spoof RFID tags (French, Google translate here).

The system is built around an ATMega32 microcontroller with a 16×2 LCD display. A commercial RFID reader module takes care of all the sniffing/cloning duties, and a small modulation circuit handles pumping those bits over to a lock. Right now, the spoofer can only handle reading and spoofing 125kHz RFID tags with no encryption or authorization. A tag that’s more complex than the duct tape RFID tag doesn’t work.

[Tixlegeek]’s little project does open up a few interesting avenues of exploring stuff that’s most certainly illegal. A smaller version of the project could be emplaced near a door or other RFID reader and left to crack a lock with a 32+62 bit password at 125 kilohertz. It wouldn’t be the fastest safecracker in the business, but it would work automatically as long as there is power.

If you’ve got any other ideas on what [Tixlegeek]’s RFID spoofer could do, leave a note in the comments.

USB And PS/2 Key Loggers And Mess With Your Grammar

November 2, 2011 by Mike Szczys 15 Comments

[Irongeek] is up to his old tricks once again with this new key logger prototype. It’s in the early stages, as attested by the breadboard built circuit, but [Adrian] still gives us a demo video after the break showing where he’s at right now. It comes in two flavors, the USB pass through seen above, or another that still connects to the computer via USB but functions with a PS/2 keyboard.

Aside from the obvious issue of a key logger stealing everything you type, there’s some prank value in this device too. The Teensy has more than enough processing power to watch what you typing and make changes as it goes. He shows off blatant rewrites, like changing “has” to “haz” or “you” to “U”. We think it would be better to change things like “they’re” to “their” or “it’s” to “its”. These would be very difficult to see happening and if you added randomness to how often the replacements occur, your victim would sooner come to the conclusion that they’re going crazy than that they’re the target of a little hazing. In fact, that’s probably the reason for our own grammar errors though the years; blast!

Continue reading “USB And PS/2 Key Loggers And Mess With Your Grammar” →

PocketStation As Two-factor Authentication

October 30, 2011 by Brian Benchoff 7 Comments

[DarkFader] sent in his build that implements two-factor authentication on a Sony PocketStation.

The PocketStation was a PS1 accessory intended to be a competitor to the Dreamcast VMU. [DarkFader] wrote an app for his PocketStation using a fabulous PocketStation emulator and uploaded it with the PS3 memory card adapter and MCRWwin.

The PocketStation app (available here) takes a key and hashes it with the current time to generate a six digit code. Combined with Google’s support for two-factor authentication, [DarkFader]‘s memory card provides access to his Google profile.

Two-factor authentication is also used in RSA SecurID key fobs that were compromised earlier this year. This lead to a huge number of companies being penetrated. For a single person, obscurity is a reasonable (but still ultimately futile) means of providing a little more security, but a PocketStation hack is still pretty cool.

Check out the video after the break that shows [DarkFader] using his PocketStation token.

Continue reading “PocketStation As Two-factor Authentication” →

Giving Siri The Keys To Your House

October 24, 2011 by Mike Szczys 30 Comments

We haven’t really covered many hacks having to do with Apple’s newest iPhone feature Siri. We’d bet you’ve already heard a bunch about the voice-activated AI assistant and here’s your chance to give it the keys to your house. This project uses Siri to actuate the deadbolt on an entry door in a roundabout sort of way.

This is really just a Siri frontend for an SMS entry system seen in several other hacks. The inside of the door (pictured above) has a servo motor mounted next to, and attached via connecting rod with, the lever-style deadbolt. An Arduino equipped with a WiFly shield controls that servo and is waiting for instructions from the Google app engine. But wait, they’re not done yet. The app engine connects to a Twilio account which gives it the ability to receive SMS messages. Long story short; Siri is sending a text message that opens the door… eventually. You can seen in the demo after the break that the whole process takes over twenty seconds from the time you first access Siri to the point the bolt is unlocked. Still, it’s a fine first prototype.

There’s a fair amount of expensive hardware on that door which we’d like to see converted to extra feaures. [CC Laan] has already added one other entry method, using a piezo element to listen for a secret knock. But we think there’s room for improvement. Since it’s Internet connected we’d love to see a sensor to monitor how often the door is opened, and perhaps a PIR sensor that would act as a motion-sensing burglar alert system.

Don’t need something this complicated? How about implementing just the secret knock portion of the hack?

Continue reading “Giving Siri The Keys To Your House” →