Beginning BLE Experiments And Making Everything Better

Successfully connecting things without physical wires has a profound effect on the maker brain. Machines talking to each other without any cables is as amazing today as it was a decade ago. When Bluetooth came out, it was a breakthrough since it offered a wireless way to connect cellphones to a PC. But Bluetooth is a complicated, high-bandwidth power hog, and it didn’t make sense for battery-powered devices with less demanding throughput requirements to pay the energy price. Enter Bluetooth LE (BLE), with power requirements modest enough to enable a multitude of applications including low power sensor nodes and beacons.

Over the years, a number of gadgets with BLE have popped up such as the LightBlue Bean, BLE Beacons as well as quadcopters like the FlexBot that rely on BLE for communication. Android or iOS apps are the predominant method of talking to these wonderful gadgets though there are alternatives.

This is the first in a two part series on building with BLE devices. First, I’ll survey some BLE devices and how to get started with BLE from the Linux command line. Later, we will go into describing the process of making a NodeJS cross-platform app that will leverage the BLE capabilities and connect it to the Internet.
Lets get started.
Continue reading “Beginning BLE Experiments And Making Everything Better”

Screaming Channels Attack RF Security

As long as there has been radio, people have wanted to eavesdrop on radio transmissions. In many cases, it is just a hobby activity like listening to a scanner or monitoring a local repeater. But in some cases, it is spy agencies or cyberhackers. [Giovanni Camurati] and his colleagues have been working on a slightly different way to attack Bluetooth radio communications using a technique that could apply to other radio types, too. The attack relies on the ubiquitous use of mixed-signal ICs to make cheap radios like Bluetooth dongles. They call it “Screaming Channels” and — in a nutshell — it is relying on digital information leaking out on the device’s radio signal.

Does it work? The team claims to have recovered an AES-128 key from 10 meters away. The technique reminds us a bit of TEMPEST in that unintended radio transmissions provide insight into the algorithm the device applies to encrypt or decrypt data. Most (if not all) encryption techniques assume you can’t see inside the “black box.” If you can, then it’s because it is relatively easy to break the code.

Continue reading “Screaming Channels Attack RF Security”

Simple RC to USB Interface

With the radio control hobby arguably larger now than it ever has been in the past, there’s a growing demand for high-fidelity PC simulators. Whether you want to be able to “fly” when it’s raining out or you just want to practice your moves before taking that expensive quadcopter up for real, a good simulator on your computer is the next best thing. But the simulator won’t do you much good if it doesn’t feel the same; you really need to hook your normal RC transmitter up to the computer for the best experience.

[Patricio] writes in to share with us his simple hack for interfacing his RC hardware to his computer over USB. Rather than plugging the transmitter into the computer, his approach allows the receiver to mimic a USB joystick. Not only is this more convenient since you can use the simulator without wires, but it will make sure that the minutiae of your radio hardware (such as response lag) is represented in the simulation.

The setup is actually very simple. [Patricio] used the ATtiny85 based Digispark development board because it’s what he had on hand, but the principle would be the same on other microcontrollers. Simply connect the various channels from the RC receiver to the digital input pins. RC receivers are 5 VDC and draw very little current, so it’s even possible to power the whole arrangement from the USB port.

On the software side, the Arduino sketch does about what you expect. It loops through listening for PWM signals on the input pins, and maps that to USB joystick position information. The current code only supports three channels for a simple airplane setup (X and Y for joystick, plus throttle), but it should be easy enough to follow along and add more channels if you needed them for more complex aircraft.

For more information on the intricacies of RC transmitter and receiver interaction, check out this fascinating research on receiver latency.

Classroom Gadget Turned Arduino Compatible

Cheap second-hand hardware is usually a fertile ground for hacking, and by looks of this project, the digital classroom aids that were all the rage a few years back are no exception. [is0-mick] writes in to tell us how he managed to hack one of these devices, a SMART Reponse XE, into an Arduboy compatible game system. As it turns out, this particular gadget is powered by an ATmega128RFA, which is essentially an Arduino-compatible AVR microcontroller with a 2.4GHz RF transceiver tacked on. This makes it an extremely interesting platform for hacking, especially since they are going for as little as $3 USD on eBay.

There’s no USB-Serial converter built into the SMART Response XE, so you’ll need to provide your own external programmer to flash the device. But luckily there’s a labeled ISP connector right on the board which makes it pretty straightforward to get everything wired up.

Of course, getting the hardware working was slightly more complicated than just flashing an Arduino Sketch onto the thing. [is0-mick] has provided his bootloader and modified libraries to get the device’s QWERTY keyboard and ST7586S controlled 384×160 LCD working.

Playing games is fun, but when his friend [en4rab] sent him the SMART Response XE to fiddle with, the goal was actually to turn them into cheap 2.4 GHz analyzers similar to what was done with the IM-ME. It seems they’re well on their way, and [is0-mick] invites anyone who might be interested in filling in some of the blanks on the RF side to get involved.

Continue reading “Classroom Gadget Turned Arduino Compatible”

Using An AI And WiFi To See Through Walls

It’s now possible to not only see people through walls but to see how they’re moving and if they’re walking, to tell who they are. We finally have the body scanner which Schwarzenegger walked behind in the original Total Recall movie.

Seeing through walls: real life, poses, skeletonsThis is the work of a group at the MIT Computer Science and Artificial Intelligence Laboratory (CSAIL). The seeing-through-the-wall part is done using an RF transmitter and receiving antennas, which isn’t very new. Our own [Gregory L. Charvat] built an impressive phased array radar in his garage which clearly showed movement of complex shapes behind a wall. What is new is the use of neural networks to better decipher what’s received on those antennas. The neural networks spit out pose estimations of where people’s heads, shoulders, elbows, and other body parts are, and a little further processing turns that into skeletal figures.

They evaluated its accuracy in a number of ways, all of which are detailed in their paper. The most interesting, or perhaps scariest way was to see if it could tell who the skeletal figures were by using the fact that each person walks with their own style. They first trained another neural network to recognize the styles of different people. They then pass the pose estimation output to this style-recognizing neural network and it correctly guessed the people with 83% accuracy both when they were visible and when they were behind walls. This means they not only have a good idea of what a person is doing, but also of who the person is.

Check out the video below to see some pretty impressive side-by-side comparisons of live action and skeletal versions doing all sorts of things under various conditions. It looks like the science fiction future in Total Recall has gotten one step closer. Now if we could just colonize Mars.

Continue reading “Using An AI And WiFi To See Through Walls”

LoRa With The ESP32

If you are interested in deploying LoRa — the low power long-range wireless technology — you might enjoy [Rui Santos’] project and video about using the ESP32 with the Arduino IDE to implement LoRa. You can see the video below. He uses the RFM95 transceivers with a breakout board, so even if you want to use a different processor, you’ll still find a lot of good information.

In fact, the video is just background on LoRa that doesn’t change regardless of the host computer you are using. Once you have all the parts, getting it to work is fairly simple. There’s a LoRa library by [Sandeep Mistry] that knows how to do most of the work.

Although the project uses an RFM95, it can also work with similar modules such as the RFM96W or RFM98W. There are also ESP32 modules that have compatible transceivers onboard.

This is one of those projects that probably isn’t useful all by itself, but it can really help you get over that hump you always experience when you start using something new. Once you have the demo set up, it should be easy to mutate it into what you really need.

We’ve been talking about LoRa a lot lately. We’ve even seen it commanding drones.

Continue reading “LoRa With The ESP32”

Teardown Locates Fractal Antenna

[IMSAI Guy] tore apart a device with a wireless network card and decided to investigate what was under the metal can. You can see the video of his examination below. Overall, it was fairly unremarkable, but one thing that was interesting was its use of an antenna on the PCB that uses a fractal design.

You probably know fractals are “self-similar” in that they are patterns made of smaller identical patterns. The old joke is that the B. in Benoit B. Mandelbrot (the guy who coined the term fractal) stands for Benoit B. Mandelbrot. You can think of it as akin to recursion in software. Antennas made with fractal patterns have some unusual and useful properties.

Continue reading “Teardown Locates Fractal Antenna”