Terminate RFID Tags

December 22, 2009 by Mike Szczys 49 Comments

This gun hunts only RFID tags.[mnt], who brought us laser gesture control, built this RFID Zapper but included so much more. Any good weapon has to sound mean, a feat he’s accomplished by incorporating an MP3 player into the rifle. The coil that zaps the RFID tag is powered by a photo-flash unit, but for visual feedback he’s got a second unit that flashes light to signal the demise of your German passport (see the video after the break).

It’s hard to believe we haven’t covered RFID Zappers yet. The concept came out of the Chaos Communication Congress a few years back. This method works by sending a very strong electromagnetic field through the RFID tag that causes it to burn out. There’s a wiki post on RFID Zappers but Firefox threw a certificate warning when we loaded it up; read at your own risk.

Continue reading “Terminate RFID Tags” →

Rhythmic Combo-lock

December 22, 2009 by Mike Szczys 13 Comments

[MusashiAharon’s] dorm room door was practically begging to be hacked. There was already an electronic strike plate in place as well as junction boxes on the inside and out that were connected by conduit. Jumping on the bandwagon after seeing some other door lock hacks here, he built one that uses a rhythmic combination.

The control panel on the outside is a blank faceplate with two buttons and a status LED. Theses are wired to a jack and connected with a cable traveling through the conduit to a breadboard on the inside of the door. Seeing a large breadboard hanging on an outlet cover is a bit comical but it does the job. From there, a Teensy microcontroller waits for the code and if correct, actuates the strike plate via a relay.

The rhythmic nature of this lock reminds us of the knock-based system. One button signals the start and end of the code, the other is used to input the rhythmic sequence. This does seem a little more discreet and we’d imagine it’s quite hard to eavesdrop on the correct combination.

Hacking ZigBee Chips: CC2430

December 21, 2009 by Mike Szczys 2 Comments

[Travis Goodspeed] took an in-depth look at the debugging protocols for some ZigBee chips and posted his findings. In particular he’s looking at the CC2430 System-on-chip. These chips have a debugging protocol that is not hard to implement if you know what you’re doing. Certainly his tips make it easier for the rest of us. Don’t miss the info about reading from, writing to, and overcoming security of this hardware.

Bluetooth Based Pseudorandom Number Generation

December 19, 2009 by Mike Szczys 19 Comments

[MS3FGX] has done an interesting study about using Bluetooth adapters as a source for Pseudorandom Number Generation (PRNG). As it turns out, the Bluez package has a function that calls a remote Bluetooth adapter to return a random number. He picked up 10 compatible adapters for about $30 from DealExtreme and set about assembling some numbers to see how this compares to an OS-based PRNG.

Because millions of samples are needed for an accurate comparison, time became a problem. The adapters are a little bit slow responding to a request, sending just 4800 numbers in the first 30-second test. This can be overcome with multiple adapters being accessed by multiple computers for hours at a time. What can this be used for? Your guess is as good as ours, but [MS3FGX] has done a great job of writing up his tests. He’s also made a set of 20.7 million randomly generated values available if you want to generate your own statistical analysis.

How To Root A Nook

December 17, 2009 by Mike Szczys 16 Comments

Here’s the latest in rooted consumer devices, nookdevs.com has rooted the Barnes & Noble Nook eBook reader. The process is extremely easy, as the operating system is stored on a 2GB SD card inside the device. In fact, once you have the case open the hard part is over. From there, the card should be backed up for safe keeping. Now mount the card, enable the Android Debug Bridge and reassemble. The Android SDK can then be used to log into a shell on the Nook wirelessly.

We’re not sure there’s much that can be done past this point yet. It’s up to you to get Doom running!

GSM Enabled Security Door

November 28, 2009 by Mike Szczys 14 Comments

The security door at the front of [Oliver’s] building uses an intercom system to let in guests remotely. Each unit has an intercom handset with a button that unlocks the door. [Oliver] wanted a way to enter without carrying any extra items so he built a system to unlock the door with his cell phone.

He patched into the intercom and attached a GSM module. The module runs python so he wrote a script that will monitor the entryway buzzer, then wait for an approved cell phone connection to unlock it. He went through a couple of different iterations for the final project. The first attempt used XBee modules to communicate between the intercom handset and the GSM module. For the final version, he snaked cable through his wall using rare-earth magnets (creative!) in order to forgo the use of a battery in the handset.

Who doesn’t carry a cell phone with them? Because of this, the use of GSM modules in automation is a trend we think will continue to gain popularity.

Recover Borked HDD After Xbox 360 Ban

November 25, 2009 by Mike Szczys 33 Comments

[Incudie] tipped us off about a method to fix a borked HDD in your Xbox 360. Many of the one million consoles banned earlier in the month also had the hard disks scrambled making off-line gaming impossible as well. It turns out that this is caused by having a ban flag in the NAND chip on the motherboard. It has been discovered that because of wear levelling, the NAND will have two copies of the “secdata.bin” file which stores the ban flag. Please note, this will NOT allow the console to use Xbox Live, it just re-enables the HDD.

The quick and dirty of the fix is as follows: First the NAND is dumped from your Xbox 360 to a computer. After verifying the file, it can be opened in a HEX editor and the two copies of “secdata.bin” located. Once identified by date, the older version is injected on top of the newer to overwrite the ban flag.

Looks like this is not for the faint of heart, but if you got banned for modding in the first place this should be easy to pull off.

Update: Looks like xbox-scene now has a collection of apps to help you with this process. [Thanks CollinstheClown]