Spoofing Cell Networks with a USB to VGA Adapter

RTL-SDR brought cheap and ubiquitous Software Defined Radio (SDR) to the masses, opening up whole swaths of the RF spectrum which were simply unavailable to the average hacker previously. Because the RTL-SDR supported devices were designed as TV tuners, they had no capability to transmit. For the price they are still an absolutely fantastic deal, and deserve to be in any modern hacker’s toolkit, but sometimes you want to reach out and touch someone.

GSM network broadcast from a VGA adapter

Now you can. At OsmoDevCon [Steve Markgraf] released osmo-fl2k, a tool which allows transmit-only SDR through cheap USB 3.0 to VGA adapters based on the Fresco Logic FL2000 chip. Available through the usual overseas suppliers for as little has $5 USD, these devices can be used unmodified to transmit low-power FM, DAB, DVB-T, GSM, UMTS and GPS signals.

In a demonstration on the project page, one of these USB VGA adapters is used to broadcast a GSM cellular network which is picked up by the adjacent cell phones. Another example shows how it can be used to broadcast FM radio. A GitHub repository has been set up which includes more examples. The signals transmitted from the FL2000 chip are obviously quite weak, but the next step will logically be the hardware modifications necessary to boost transmission to more useful levels.

To say this is a big deal is something of an understatement. For a few bucks, you’ll be able to get a device to spoof cellular networks and GPS signals. This was possible before, of course, but took SDR hardware that was generally outside the budget of the casual experimenter. If you bought a HackRF or an Ettus Research rig, you were probably responsible enough not to get into trouble with it, but that’s not necessarily the case anymore. As exciting as this technology is, we would be wise to approach it with caution. In an increasingly automated world, GPS spoofing can have some pretty bad results.

Mechanisms: Velcro

As a species, we’ve done a pretty good job at inventing some useful devices. But as clever as we think we are, given sufficient time, natural selection will beat us at our game at almost every turn. So it makes sense that many of our best inventions are inspired by nature and the myriad ways life finds to get DNA from one generation to the next.

Velcro is one such design cribbed from nature, and the story behind this useful mechanism is a perfect example that a prepared mind, good observation skills, and a heck of a lot of perseverance are what it takes to bring one of Mother Nature’s designs to market.

Continue reading “Mechanisms: Velcro”

Unlock & Talk: Open Source Bootloader & Modem

During the early years of cell phones, lifespan was mainly limited by hardware (buttons wearing out, dropping phones, or water damage), software is a primary reason that phones are replaced today. Upgrades are often prompted by dissatisfaction with a slow phone, or manufacturers simply stopping updates to phone software after a few years at best. [Oliver Smith] and the postmarketOS project are working to fix the update problem, and have begun making progress on loading custom software onto cellphone processors and controlling their cellular modems. Continue reading “Unlock & Talk: Open Source Bootloader & Modem”

Raspberry Pi W Antenna Analysis Reveals Clever Design

The old maxim is that if you pay peanuts, you get a monkey. That’s no longer true, though: devices like the Raspberry Pi W have shown that a $10 device can be remarkably powerful if it is well designed. You might not appreciate how clever this design is sometimes, but this great analysis of the antenna of the Pi W by [Carl Turner, Senior RF Engineer at Laird Technology] might help remind you.

Continue reading “Raspberry Pi W Antenna Analysis Reveals Clever Design”

Fix Your Insecure Amazon Fire TV Stick

I recently spent a largely sleepless night at a hotel, and out of equal parts curiosity and boredom, decided to kill some time scanning the guest network to see what my fellow travelers might be up to. As you’d probably expect, I saw a veritable sea of Samsung and Apple devices. But buried among the seemingly endless number of smartphones charging next to their sleeping owners, I found something rather interesting. I was as picking up a number of Amazon-made devices, all of which had port 5555 open.

As a habitual Android tinkerer, this struck me as very odd. Port 5555 is used for Android Debug Bridge (ADB), a development tool used to control and perform various administrative tasks on an Android device over the network or (more commonly) locally over USB. The number of users who would have legitimately needed to enable network ADB on their devices is surely rather low, so to see a half dozen of them on the network at the same time seemed improbable to say the least.

Why would so many devices manufactured by Amazon all have network ADB enabled? I realized there must be a connection, and it didn’t take long to figure it out.

Continue reading “Fix Your Insecure Amazon Fire TV Stick”

TensorFlow in your Browser

If you want to explore machine learning, you can now write applications that train and deploy TensorFlow in your browser using JavaScript. We know what you are thinking. That has to be slow. Surprisingly, it isn’t, since the libraries use Graphics Processing Unit (GPU) acceleration. Of course, that assumes your browser can use your GPU. There are several demos available, include one where you train a Pac Man game to respond to gestures in your webcam to control the game. If you try it and then disable accelerated graphics in your browser options, you’ll see just what a speed up you can gain from the GPU.

Continue reading “TensorFlow in your Browser”

Two-Cent Temperature Sensors

When they need to add temperature control to a project, many hackers reach for a K-type thermocouple for their high-temperature needs, or an integrated temperature-sensing IC when it doesn’t get that hot. The thermocouple relies on very small currents and extremely high gain, and you pretty much need a dedicated IC to read it, which can be expensive. The ICs aren’t as expensive, but they’re basically limited to boiling water. What do you do if you want to control a reflow oven?

There’s a cheaper way that spans a range between Antarctic winter and molten solder, and you’ve probably already got the parts on your shelf. Even if you don’t, it’s only going to run you an extra two cents, assuming that you’ve already got a microcontroller with an ADC in your project. The BOM: a plain-vanilla diode and a resistor.

I’ve been using diodes as temperature sensors in three projects over the last year: one is a coffee roaster that brings the beans up to 220 °C in hot air, another is a reflow hotplate that tops out around 210 °C, and the third is a toner-transfer iron that holds a very stable 130 °C. In all of these cases, I don’t really care about the actual numerical value of the temperature — all that matters is reproducibility — so I never bothered to calibrate anything. I thought I’d do it right for Hackaday, and try to push the humble diode to its limits for science.

What resulted was a PCB fire, test circuits desoldering themselves above 190 °C, temperature probes coming loose, and finally a broken ramekin and 200 °C peanut oil all over my desk. Fun times! On the other hand, I managed to get out enough data to calibrate some diodes, and the results are fantastic. The circuits under test included both best practices and the easiest thing that could possibly work, and the results are pretty close. This is definitely a technique that you want to have under your belt for most temperature ranges. The devil is in the details, of course, so read on!

Continue reading “Two-Cent Temperature Sensors”