ble

87 Articles

Beginning BLE Experiments And Making Everything Better

August 3, 2018 by 15 Comments

Successfully connecting things without physical wires has a profound effect on the maker brain. Machines talking to each other without any cables is as amazing today as it was a decade ago. When Bluetooth came out, it was a breakthrough since it offered a wireless way to connect cellphones to a PC. But Bluetooth is a complicated, high-bandwidth power hog, and it didn’t make sense for battery-powered devices with less demanding throughput requirements to pay the energy price. Enter Bluetooth LE (BLE), with power requirements modest enough to enable a multitude of applications including low power sensor nodes and beacons.

Over the years, a number of gadgets with BLE have popped up such as the LightBlue Bean, BLE Beacons as well as quadcopters like the FlexBot that rely on BLE for communication. Android or iOS apps are the predominant method of talking to these wonderful gadgets though there are alternatives.

This is the first in a two part series on building with BLE devices. First, I’ll survey some BLE devices and how to get started with BLE from the Linux command line. Later, we will go into describing the process of making a NodeJS cross-platform app that will leverage the BLE capabilities and connect it to the Internet.
Lets get started.
Continue reading “Beginning BLE Experiments And Making Everything Better”

Building Badges The Hard Way

May 1, 2018 by 5 Comments

What’s a hacker to do to profess his love for his dearest beloved? [Nitesh Kadyan] built his lady-love this awesome LED pendant – the LED BLE Hearty Necklace Badge.

The hardware is pretty vanilla by today’s hacker standards. An ATMega328p  does most of the heavy lifting. An HM-11 BLE module provides connection to an Android mobile app. Two 74HC595 shift registers drive 16 columns of red LEDs and a ULN2803 sinks current from the 8 rows. The power section consists of a charger for the 320mAh LiPo and an LDO for the BLE module. All the parts are SMD with the passives mostly being 0603, including the 128 LEDs.

128 LEDs soldered wrong way around

[Nitesh] didn’t get a stencil made for his first batch of boards, so all the parts were painstakingly soldered manually and not in a reflow oven. And on his first board, he ended up soldering all of the LED’s the wrong way around. Kudos to him for his doggedness and patience.

The Arduino code on the ATmega is also quite straightforward. All characters are stored as eight bytes each in program memory and occupy 8×8 pixels on the matrix. The bytes to be displayed are stored in a buffer and the columns are left shifted fast enough for the marquee text effect. The Android app is built by modifying a demo BLE app provided by Google. The firmware, Android app, and the KiCAD design files are all hosted on his Github repository.

[Nitesh] is now building a larger batch of these badges to bring them to hillhacks – the annual hacker-con for making and hacking in the Himalayas. Scheduled for later this month, you’ll have to sign up on the mailing list for details and if you’d like to snag one of these badges. To make it more interesting, [Nitesh] has added two games to the code – Tetris and Snakes. Hopefully, this will spur others to create more games for the badge, such as Pong.

Continue reading “Building Badges The Hard Way”

Cracking A Bluetooth Credit Card

April 8, 2018 by 44 Comments

You might be surprised to find out that it’s actually not a good idea to put all of your credit card information on a little Bluetooth enabled device in your pocket. Oh, what’s that? You knew already? Well in that case you won’t find the following information terribly shocking, but it’s still a fascinating look at how security researchers systematically break down a device in an effort to find the chinks in its armor.

[Mike Ryan] of ICE9 Consulting has recently published an article detailing the work done to examine and ultimately defeat the security on the FUZE Card. From using an x-ray machine to do non-destructive reconnaissance on the device’s internals to methodically discovering all the commands it responds to over Bluetooth, it’s safe to say the FUZE Card is cracked wide open at this point.

To be clear, the attacker must still pair with FUZE, so physical access is required. But as pointed out by [Mike] in the blog post, handing your card over to a merchant is standard operating procedure in many cases. It isn’t as if it would be hard to get a hold of one of these FUZE cards for a minute or two without the owner becoming suspicious. Pairing FUZE to the Linux device to continue to the next step of the attack only takes a few seconds, as demonstrated in the video after the break.

Once paired, the attacker can simply send a BLE command to FUZE which disables the lock screen. It’s really that simple. The attacker can also send commands to dump credit card info over Bluetooth, meaning they could download your information even when the card is “safely” back in your pocket. The inherent failure in the FUZE design is that you don’t need to provide any sort of authentication to pair it to a new Bluetooth device. It makes the (very dangerous) assumption that the person holding it is entitled to do so.

Even if you know better than to ever buy a device like this, the post [Mike] has written up is really a must-read for anyone who’s ever looked at a device and tried to figure out what was going on in its little silicon brain. We especially liked his assertion that reverse engineering a device essentially boils down to: “staring, thinking, a little experimentation, but mostly staring and thinking.” We’re having an internal debate here at Hackaday HQ about making that the site’s tagline.

Incidentally, this is very similar to the Bluetooth gun “safe” that was cracked not so long ago. At this point, it might be wise to just stay away from anything with that little blue logo on it if you intend to trust it with your identity and/or deadly weapon.

Continue reading “Cracking A Bluetooth Credit Card”

Curing A Parrot’s Amnesia With BLEAH

February 9, 2018 by 6 Comments

[Dandu] recently wrote in to tell us how he managed to revive his Parrot Flower Power after the manufacturer told him it couldn’t be repaired. To save you the trouble of opening Google in another tab, the Parrot Flower Power is a Bluetooth Low Energy (BLE) “smart” device for your flower pot. Because of course that’s a thing.

A healthy Flower Power connected

When [Dandu] noticed his Flower Power was no longer being detected by his iOS devices, he contacted support who told him that sadly this was a hardware failure and that he should just throw it away. But he had his doubts about this diagnosis as other devices such as his Raspberry Pi could still communicate with it. Upon closer inspection, he realized that the Flower Power didn’t have a name, and could only be contacted by its MAC address directly. Reasoning the lack of a name might be upsetting the “It Just Works” sensibility of his iGadget, [Dandu] started researching if there was some way to get the device to take a new name remotely.

Luckily for our hero, BLE is kind of broken. Searching for a solution to his problem brought him to a blog post by the creator of BLEAH which demonstrated exactly what [Dandu] was looking to do. Following along, it took only a single command to push a new name to the Flower Power’s BLE configuration. With that, his “broken” device was brought back to life. Why the device lost its name, or how to prevent it from happening in the future are questions for another day. [Dandu] will take the win.

If you’re interested in the popular new technology that’s compromising our security in the name of convenience and improved battery life, the rabbit hole starts here.

It’s Curtains For Blu Chip

December 12, 2017 by 20 Comments

In theory, there is no reason you can’t automate things all over your house. However — unless you live alone — you need to consider that most people won’t accept your kludgy looking circuits on a breadboard hanging everywhere. Lighting has become easy now that there are a lot of commercial options. However, there are still plenty of things that cry for automation. For [jeevanAnga], the curtains were crying out for remote control.

Since cellphones are ubiquitous, it makes sense to use the phone as a controller and BlueTooth Low Energy (BLE) is perfect for this kind of application. But you can’t hang a big ugly mess of wires off the curtain rods. That’s why [jeevanAnga] used a tiny (16.6 x 11.5 mm) BLE board knows as a BluChip.

We didn’t verify it, but [jeevanAnga] claims it is the smallest BLE board available, and it is certainly tiny. You can see the result in the video below.

Continue reading “It’s Curtains For Blu Chip”

Mission Impossible: Infiltrating Furby

November 26, 2017 by 9 Comments

Long before things “went viral” there was always a few “must have” toys each year that were in high demand. Cabbage Patch Kids, Transformers, or Teddy Ruxpin would cause virtual hysteria in parents trying to score a toy for a holiday gift. In 1998, that toy was a Furby — a sort of talking robot pet. You can still buy Furby, and as you might expect a modern one — a Furby Connect — is Internet-enabled and much smarter than previous versions. While the Furby has always been a target for good hacking, anything Internet-enabled can be a target for malicious hacking, as well. [Context Information Security] decided to see if they could take control of your kid’s robotic pet.

Thet Furby Connect’s path to the Internet is via BLE to a companion phone device. The phone, in turn, talks back to Hasbro’s (the toy’s maker) Amazon Web Service servers. The company sends out new songs, games, and dances. Because BLE is slow, the transfers occur in the background during normal toy operation.

Continue reading “Mission Impossible: Infiltrating Furby”

Hackaday Prize Entry: Reflowduino, The Open Source Reflow Oven Controller

November 7, 2017 by 34 Comments

Face it — you want a reflow oven. Even the steadiest hands and best eyes only yield “meh” results with a manual iron on SMD boards, and forget about being able to scale up to production. But what controller should you use when you build your oven, and what features should it support? Don’t worry — you can have all the features with this open source reflow oven controller.

Dubbed the Reflowduino for obvious reasons, [Timothy Woo]’s Hackaday Prize entry has everything you need in a reflow oven controller, and a few things you never knew you needed. Based on an ATMega32, the Reflowduino takes care of the usual tasks of a reflow controller, namely running the PID loop needed to accurately control the oven’s temperature and control the heating profile. We thought the inclusion of a Bluetooth module was a bit strange at first, but [Timothy] explains that it’s a whole lot easier to implement the controller’s UI in software than in hardware, and it saves a bunch of IO on the microcontroller. The support for a LiPo battery is somewhat baffling, as the cases where this would be useful seem limited since the toaster oven or hot plate would still need a mains supply. But the sounder that plays Star Wars tunes when a cycle is over? That’s just for fun.

Hats off to [Timothy] for a first-rate build and excellent documentation, which delves into PID theory as well as giving detailed instructions for every step of the build. Want to try lower-end reflow? Pull out a halogen work light, or perhaps fire up that propane torch.

The HackadayPrize2017 is Sponsored by: