Software Hacks

Spoofing Cell Networks with a USB to VGA Adapter

April 23, 2018 by 68 Comments

RTL-SDR brought cheap and ubiquitous Software Defined Radio (SDR) to the masses, opening up whole swaths of the RF spectrum which were simply unavailable to the average hacker previously. Because the RTL-SDR supported devices were designed as TV tuners, they had no capability to transmit. For the price they are still an absolutely fantastic deal, and deserve to be in any modern hacker’s toolkit, but sometimes you want to reach out and touch someone.

GSM network broadcast from a VGA adapter

Now you can. At OsmoDevCon [Steve Markgraf] released osmo-fl2k, a tool which allows transmit-only SDR through cheap USB 3.0 to VGA adapters based on the Fresco Logic FL2000 chip. Available through the usual overseas suppliers for as little has $5 USD, these devices can be used unmodified to transmit low-power FM, DAB, DVB-T, GSM, UMTS and GPS signals.

In a demonstration on the project page, one of these USB VGA adapters is used to broadcast a GSM cellular network which is picked up by the adjacent cell phones. Another example shows how it can be used to broadcast FM radio. A GitHub repository has been set up which includes more examples. The signals transmitted from the FL2000 chip are obviously quite weak, but the next step will logically be the hardware modifications necessary to boost transmission to more useful levels.

To say this is a big deal is something of an understatement. For a few bucks, you’ll be able to get a device to spoof cellular networks and GPS signals. This was possible before, of course, but took SDR hardware that was generally outside the budget of the casual experimenter. If you bought a HackRF or an Ettus Research rig, you were probably responsible enough not to get into trouble with it, but that’s not necessarily the case anymore. As exciting as this technology is, we would be wise to approach it with caution. In an increasingly automated world, GPS spoofing can have some pretty bad results.

When Detecting Lines Is Harder Than Expected

April 22, 2018 by 18 Comments

[Conor Patrick] is no stranger to hardware development, and he’s had an interesting project for the past few months. He’s attempting to create a tool to convert images of technical drawings (such as footprints for electronic components) into digital formats that can be imported into other tools. This could automate turning a typical footprint drawing like the one shown into an actual part definition in a CAD program, which could really speed up the creation of custom parts.

Key to the entire concept is the detection of lines in a black-and-white technical drawing. To some people this won’t sound like a particularly challenging problem; choose one or another baked-in line detection function, maybe with a bit of pre or post-processing, and that should be that. It turns out that detecting lines can be harder than expected, and as usual the devil is in the detail.

When [Conor] tried some existing methods for detecting lines, the results appeared good at first but came up short in frustrating ways. Software did not appreciate that in a technical drawing, a line is a single unbroken unit from point A to point B. Without that assumption, what should be a single line sometimes had sections missing, or single lines were detected as multiple segments instead of a unit. Lines that crossed other lines complicated things. Unwanted lines like a “1” or the lower half of a “Y” were being detected. There had to be a better way.

In the end, a custom solution that took proper advantage of the nature of the source images and made the correct assumptions is what made all the difference. With some intelligent threshold setting combined with looking at vertical and horizontal line instances separately, it was possible to locate lines and their lengths far more accurately than any other method he had tried. The system doesn’t handle sloped lines yet, but it might be possible to simply iterate through rotations of the image while applying the same method. If you have a better solution, [Conor] wants to hear from you.

Of course, garbage in means garbage out and sadly not all technical drawings measure up.

Blueprints Make It Easy To Make (Some) Alexa Skills

April 22, 2018 by 11 Comments

If you can code, you can create an Alexa skill — the programs that allow an Amazon Echo or similar device interact with you. What if you can’t code or you are just too lazy to do all the setup? Amazon now has Blueprints that can help anyone make a skill. The only problem is the skills you can create are pretty limited. In addition, they are only available to your Alexa devices.

The idea is simple. You start with a template — OK, a blueprint. This is a model application that does something like giving you a compliment or a joke on demand. When you open the blueprint, you’ll see a list of things it can say. You can edit the list, including adding or deleting things. Then you name the new skill. In a few minutes, your skill will be live on your devices.

Continue reading “Blueprints Make It Easy To Make (Some) Alexa Skills”

TensorFlow in your Browser

April 16, 2018 by 24 Comments

If you want to explore machine learning, you can now write applications that train and deploy TensorFlow in your browser using JavaScript. We know what you are thinking. That has to be slow. Surprisingly, it isn’t, since the libraries use Graphics Processing Unit (GPU) acceleration. Of course, that assumes your browser can use your GPU. There are several demos available, include one where you train a Pac Man game to respond to gestures in your webcam to control the game. If you try it and then disable accelerated graphics in your browser options, you’ll see just what a speed up you can gain from the GPU.

Continue reading “TensorFlow in your Browser”

One-Pixel Attack Fools Neural Networks

April 15, 2018 by 34 Comments

Deep Neural Networks can be pretty good at identifying images — almost as good as they are at attracting Silicon Valley venture capital. But they can also be fairly brittle, and a slew of research projects over the last few years have been working on making the networks’ image classification less likely to be deliberately fooled.

One particular line of attack involves adding particularly-crafted noise to an image that flips some bits in the deep dark heart of the network, and makes it see something else where no human would notice the difference. We got tipped with a YouTube video of a one-pixel attack, embedded below, where changing a single pixel in the image would fool the network. Take that robot overlords!

We can’t tell what these are either..

Or not so fast. Reading the fine-print in the cited paper paints a significantly less gloomy picture for Deep Neural Nets. First, the images in question were 32 pixels by 32 pixels to begin with, so each pixel matters, especially after it’s run through a convolution step with a few-pixel window. The networks they attacked weren’t the sharpest tools in the shed either, with somewhere around a 68% classification success rate. What this means is that the network was unsure to begin with for many of the test images — making it flip from its marginally best (correct) first choice to a second choice shouldn’t be all that hard.

This isn’t to say that this line of research, adversarial training of the networks, is bogus. The idea that making neural nets robust to small changes is important. You don’t want turtles to be misclassified as guns, for instance, or Hackaday’s own Steven Dufresne misclassified as a tobacconist. And you certainly don’t want speech recognition software to be fooled by carefully crafted background noise. But if a claim of “astonishing results” on YouTube seems too good to be true, well, maybe it is.

Thanks [kamathin] for the tip!

Continue reading “One-Pixel Attack Fools Neural Networks”

Hide Secret Messages In Plain Sight With Zero-Width Characters

April 15, 2018 by 29 Comments

Fingerprinting text is really very nifty; the ability to encode hidden data within a string of characters opens up a large number of opportunities. For example, someone within your team is leaking confidential information but you don’t know who. Simply send each team member some classified text with their name encoded in it. Wait for it to be leaked, then extract the name from the text — the classic canary trap.

Here’s a method that hides data in text using zero-width characters. Unlike various other ways of text fingerprinting, zero width characters are not removed if the formatting is stripped, making them nearly impossible to get rid of without re-typing the text or using a special tool. In fact you’ll have a hard time detecting them at all – even terminals and code editors won’t display them.

To make the process easy to perform, [Vedhavyas] created a command line utility to embed and extract a payload using any text. Each letter in the secret message is converted to binary, then encoded in zero-width characters. A zero-width-non-joiner character is used for 0, and a zero-width-space character for 1.

[Vedhavyas’] tool was inspired by a post by [Tom], who uses a javascript example (with online demo) to explain what’s going on. This lets you test out the claim that you can paste the text without losing the hidden data. Try pasting it into a text editor. We were able to copy it again from there and retrieve the data, but it didn’t survive being saved and cat’d to the command line.

Of course, to get your encoding game really tight, you should be looking at getting yourself an enigma wristwatch

Continue reading “Hide Secret Messages In Plain Sight With Zero-Width Characters”

Visualizing Blocked Ads with the Pi Sense Hat

April 14, 2018 by 13 Comments

Pi-hole is an open source project to turn that Raspberry Pi collecting dust in your drawer into a whole-network ad blocking appliance. Not only does it stop ads from showing up on all your computers and mobile devices, it also keeps track of how many ads have been blocked and where they came from. Just in case you wanted to know how many thousands of ads you missed out on for a given time period.

While the graphs generated in the web interface of Pi-hole are slick and all, what if you just wanted a quick way of visualizing how effective your ad blocking system is? You’re not so much worried about the exact figures, you just want something to blink away on your desk and let you know all those ads are going to /dev/null. Enter the aptly named pi-hole-visualizer by [simianAstronaut].

With the addition of a Sense HAT to the Pi running the ad blocking, this Python script will generate an animated visualization that can be easily interpreted even from a distance. The primary display is a bar graph of DNS traffic, where the height and color of each column indicate relative activity within a specific time interval. A second screen shows a spiral graph which gives you an idea of what percentage of ads were blocked before they hit your devices.

An array of options can be given to the script from the command line; controlling both physical aspects of the display like orientation and LED brightness, as well the configurable parameters for the different available visualizations. As an added bonus, there’s also support for using the Sense HAT joystick to switch between modes interactively.

Turning the Raspberry Pi into an ad blocking appliance goes back to the olden days of the original Raspberry Pi, but it’s interesting to see how advanced the concept has become. Just remember, not all ads are bad.