Slider

4955 Articles

Apple Aftermath: Senate Entertains A New Encryption Bill

April 11, 2016 by 62 Comments

If you recall, there was a recent standoff between Apple and the U. S. Government regarding unlocking an iPhone. Senators Richard Burr and Dianne Feinstein have a “discussion draft” of a bill that appears to require companies to allow the government to court order decryption.

Here at Hackaday, we aren’t lawyers, so maybe we aren’t the best source of legislative commentary. However, on the face of it, this seems a bit overreaching. The first part of the proposed bill is simple enough: any “covered entity” that receives a court order for information must provide it in intelligible form or provide the technical assistance necessary to get the information in intelligible form. The problem, of course, is what if you can’t? A covered entity, by the way, is anyone from a manufacturer, to a software developer, a communications service, or a provider of remote computing or storage.

There are dozens of services (backup comes to mind) where only you have the decryption keys and there is nothing reasonable the provider can do to get your data if you lose your keys. That’s actually a selling point for their service. You might not be anxious to backup your hard drive if you knew the vendor could browse your data when they wanted to do so.

The proposed bill has some other issues, too. One section states that nothing in the document is meant to require or prohibit a specific design or operating system. However, another clause requires that covered entities provide products and services that are capable of complying with the rule.

A broad reading of this is troubling. If this were law, entire systems that don’t allow the provider or vendor to decrypt your data could be illegal in the U. S. Whole classes of cybersecurity techniques could become illegal, too. For example, many cryptography systems use the property of forward secrecy by generating unrecorded session keys. For example, consider an SSH session. If someone learns your SSH key, they can listen in or interfere with your SSH sessions. However, they can’t take recordings of your previous sessions and decode them. The mechanism is a little different between SSHv1 (which you shouldn’t be using) and SSHv2. If you are interested in the gory details for SSHv2, have a look at section 9.3.7 of RFC 4251.

In all fairness, this isn’t a bill yet. It is a draft and given some of the definitions in section 4, perhaps they plan to expand it so that it makes more sense, or – at least – is more practical. If not, then it seems to be an indication that we need legislators that understand our increasingly technical world and have some understanding of how the new economy works. After all, we’ve seen this before, right? Many countries are all too happy to enact and enforce tight banking privacy laws to encourage deposits from people who want to hide their money. What makes you think that if the U. S. weakens the ability of domestic companies to make data private, that the business of concealing data won’t just move offshore, too?

If you were living under a rock and missed the whole Apple and FBI controversy, [Elliot] can catch you up. Or, you can see what [Brian] thought about Apple’s response to the FBI’s demand.

A Low-Cost Mini PCB Printer

April 10, 2016 by 32 Comments

The next great advancement in homebrew electronics is an easy way to turn copper clad board into functional circuit boards. This has been done since the 60s with etch resist pens, sheets of etch resist rub-on transfers, the ever-popular photocopy and clothes iron, and now with small CNC mills. It’s still a messy, slow, and expensive process. [johnowhitaker] and [esot.eric] are trying to solve the latter of these problems with a mini PCB printer made out of DVD drives.

Playing around with the guts of a DVD drive is something [john] and [eric] have been doing for a while now, and for good reason. There’s a lot of interesting tech in DVD drives, with motors, steppers, and gears able to make very, very accurate and precise movements. Most PCBs aren’t very big, either, so a laser cutter that can only traverse an area a few inches square isn’t that much of a downside in this case.

With a small diode laser mounted to a CNC gantry constructed out of DVD drives, the process of making a PCB is actually pretty simple. First, a slurry of laser printer toner and alcohol is applied to the board. Next, the laser on this PCB printer lases over the traces and copper fills, melting the toner. The board is removed, the excess toner wiped off, and the unwanted copper is melted away. Simple, even if it is a little messy.

Of course this method cannot do plated traces like your favorite Internet-based board house, but this does have a few advantages over any other traditional homebrew method. It’s cheap, since CD and DVD drive mechanisms are pretty much standardized between manufacturers. It’s also easy to add soldermask printing to this build, given that soldermasks can be cured with light. It’s a very cool build, and one that would find a home in thousands of garages and hackerspaces around the world.

The HackadayPrize2016 is Sponsored by:

Everyman’s Turbomolecular Pump

April 9, 2016 by 61 Comments

What can you do with a very good vacuum pump? You can build an electron microscope, x-ray tubes, particle accelerators, thin films, and it can keep your coffee warm. Of course getting your hands on a good vacuum pump involves expert-level scrounging or a lot of money, leading [DeepSOIC] and [Keegan] to a great entry for this year’s Hackaday Prize. It’s the Everyman’s Turbomolecular Pump, a pump based on one of [Nikola Tesla]’s patents. It sucks, and that’s a good thing.

The usual way of sucking the atmosphere out of electron microscopes and vacuum tubes begins with a piston or diaphragm pump. This gets most of the atmosphere out, but there’s still a little bit left. To get the pressure down even lower, an oil diffusion pump (messy, but somewhat cheap) or a turbomolecular pump (clean, awesome, and expensive) is used to suck the last few molecules of atmosphere out.

The turbomolecular pump [DeepSOIC] and [Keegan] are building use multiple spinning discs just like [Tesla]’s 1909 patent. The problem, it seems, is finding a material that can be made into a disc and can survive tens of thousand of rotations per minute. It’s a very, very difficult build, and a mistake in fabricating any of the parts will result in a spectacular rapid disassembly of this turbomolecular pump. The reward, though, would be great. A cheap turbomolecular pump would be a very useful device in any hackerspace, fab lab, or workshop garage.

The HackadayPrize2016 is Sponsored by:

Build Your Own GSM Base Station For Fun And Profit

April 8, 2016 by 36 Comments

Over the last few years, news that police, military, and intelligence organizations use portable cellular phone surveillance devices – colloquially known as the ‘Stingray’ – has gotten out, despite their best efforts to keep a lid on the practice. There are legitimate privacy and legal concerns, but there’s also some fun tech in mobile cell-phone stations.

Off-the-shelf Stingray devices cost somewhere between $16,000 and $125,000, far too rich for a poor hacker’s pocketbook. Of course, what the government can do for $100,000, anyone else can do for five hundred. Here’s how you build your own Stingray using off the shelf hardware.

[Simone] has been playing around with a brand new BladeRF x40, a USB 3.0 software defined radio that operates in full duplex. It costs $420. This, combined with two rubber duck antennas, a Raspberry Pi 3, and a USB power bank is all the hardware you need. Software is a little trickier, but [Simone] has all the instructions.

Of course, if you want to look at the less legitimate applications of this hardware, [Simone]’s build is only good at receiving/tapping/intercepting unencrypted GSM signals. It’s great if you want to set up a few base stations at Burning Man and hand out SIM cards like ecstasy, but GSM has encryption. You won’t be able to decrypt every GSM signal this system can see without a little bit of work.

Luckily, GSM is horribly, horribly broken. At CCCamp in 2007, [Steve Schear] and [David Hulton] started building a rainbow table of the A5 cyphers that is used on a GSM network between the handset and tower. GSM cracking is open source, and there are flaws in GPRS, the method GSM networks use to relay data transmissions to handsets. In case you haven’t noticed, GSM is completely broken.

Thanks [Justin] for the tip.

The Most Immersive Pinball Machine: Project Supernova

April 8, 2016 by 30 Comments

Over at [Truthlabs], a 30 year old pinball machine was diagnosed with a major flaw in its game design: It could only entertain one person at a time. [Dan] and his colleagues set out to change this, transforming the ol’ pinball legend “Firepower” into a spectacular, immersive gaming experience worthy of the 21st century.

A major limitation they wanted to overcome was screen size. A projector mounted to the ceiling should turn the entire wall behind the machine into a massive 15-foot playfield for anyone in the room to enjoy.

 

With so much space to fill, the team assembled a visual concept tailored to blend seamlessly with the original storyline of the arcade classic, studying the machine’s artwork and digging deep into the sci-fi archives. They then translated their ideas into 3D graphics utilizing Cinema4D and WebGL along with the usual designer’s toolbox. Lasers and explosions were added, ready to be triggered by game interactions on the machine.

pinnball-ocr-comp

To hook the augmentation into the pinball machine’s own game progress, they elaborated an elegant solution, incorporating OpenCV and OCR, to read all five of the machine’s 7 segment displays from a single webcam. An Arduino inside the machine taps into the numerous mechanical switches and indicator lamps, keeping a Node.js server updated about pressed buttons, hits, the “Lange Change” and plunged balls.

The result is the impressive demonstration of both passion and skill you can see in the video below. We really like the custom shader effects. How could we ever play pinball without them?

Continue reading “The Most Immersive Pinball Machine: Project Supernova”

Red Bricks: Alphabet To Turn Off Revolv’s Lights

April 7, 2016 by 65 Comments

Revolv, the bright red smart home hub famous for its abundance of radio modules, has finally been declared dead by its founders. After a series of acquisitions, Google’s parent company Alphabet has gained control over Revolv’s cloud service – and they are shutting it down.

Customers who bought into Revolv’s vision of a truly connected and automated smart home hub featuring 7 different physical radio modules to connect all their devices will soon become owners of significantly less useful, red bricks due to the complete shutdown of the service on May 15, 2016.
Continue reading “Red Bricks: Alphabet To Turn Off Revolv’s Lights”

Tiny BLE UART Makes Bluetooth Low Energy Simple

April 6, 2016 by 20 Comments

Last time I talked about the internals of how Bluetooth Low Energy (BLE) handles data. I mentioned that the way it is set up is meant to conserve power and also to support common BLE devices like heart rate monitors. On the other hand, I also mentioned that you often didn’t need to deal with that because you’d use an abstraction layer.

This time, I want to show you how I used the Hackaday special edition Tiny BLE (from Seeed Studios) and its mbed library to do a quick simple BLE project. If you didn’t read the first part, don’t worry. The abstraction is so good, you probably won’t have to unless you want to circle back around later and get a more detailed understanding of what’s happening under the covers.

I wanted something simple for an example so you could build on it without having to remove much code. For that reason, I decided to allow my phone to control the state of a three-color LED via BLE. To do that, I’m going to use a virtual UART and some off-the-shelf phone software. The whole thing won’t take much code, but that’s the point: the abstraction makes BLE relatively simple.

Continue reading “Tiny BLE UART Makes Bluetooth Low Energy Simple”