Teardown: BilBot Bluetooth Robot

January 20, 2020 by Tom Nardi 16 Comments

Historically, the subject of our January teardown has been a piece of high-tech holiday lighting from the clearance rack; after all, they can usually be picked up for pocket change once the trucks full of Valentine’s Day merchandise start pulling up around the back of your local Big Box retailer. But this year, we’ve got something a little different.

Today we’re looking at the BilBot Bluetooth robot, which over the holidays was being sold at Five Below for (you guessed it) just $5 USD. These were clearly something the company hoped to sell a lot of, with stacks of the little two-wheeled bots in your choice of white and yellow livery right by the front door. With wireless control from your iOS or Android device, and intriguing features like voice command, I’d be willing to bet they managed to move quite a few of these at such a low price.

For folks like us, it can be hard to wrap our minds around a product like this. It must have a Bluetooth radio, some kind of motor controller, and of course the motors and gears themselves. Yet they can sell it for the price of a budget hamburger and still turn a profit. If you wanted to pick up barebones robotics platform, with just a couple gear motors and some wheels, it would cost more than that. The economies of scale are a hell of a thing.

Which made me wonder, could hackers take advantage of this ultra-cheap robot for our own purposes? It’s pretty much a given that the software for this robot will be terrible, and that whatever control electronics live inside it will be marginal at best. But what if we write those off and just look at the BilBot as a two-wheeled platform to carry our own electronics? It’s certainly worth $5 to find out.

Continue reading “Teardown: BilBot Bluetooth Robot” →

A Simple App Controlled Door Lock

January 16, 2020 by Gerrit Coetzee 9 Comments

[Adnan.R.Khan] had a sliding door latch plus an Arduino, and hacked together this cool but simple app controlled door lock.

Mechanically the lock consists of a Solarbotics GM3 motor, some Meccano, and a servo arm. A string is tied between two pulleys and looped around the slide of a barrel latch. When the motor moves back and forth it’s enough to slide the lock in and out. Electronically an Arduino and a Bluetooth module provide the electronics. The system runs from a 9V battery, and we’re interested to know whether there were any tricks pulled to make the battery last.

The system’s software is a simple program built in MIT App Inventor. Still, it’s pretty cool that you can get functionally close to a production product with parts that are very much lying around. It also makes us think of maybe keeping our childhood Meccano sets a little closer to the bench!

36C3: All Wireless Stacks Are Broken

December 30, 2019 by Elliot Williams 29 Comments

Your cellphone is the least secure computer that you own, and worse than that, it’s got a radio. [Jiska Classen] and her lab have been hacking on cellphones’ wireless systems for a while now, and in this talk gives an overview of the wireless vulnerabilities and attack surfaces that they bring along. While the talk provides some basic background on wireless (in)security, it also presents two new areas of research that she and her colleagues have been working on the last year.

One of the new hacks is based on the fact that a phone that wants to support both Bluetooth and WiFi needs to figure out a way to share the radio, because both protocols use the same 2.4 GHz band. And so it turns out that the Bluetooth hardware has to talk to the WiFi hardware, and it wouldn’t entirely surprise you that when [Jiska] gets into the Bluetooth stack, she’s able to DOS the WiFi. What this does to the operating system depends on the phone, but many of them just fall over and reboot.

Lately [Jiska] has been doing a lot of fuzzing on the cell phone stack enabled by some work by one of her students [Jan Ruge] work on emulation, codenamed “Frankenstein”. The coolest thing here is that the emulation runs in real time, and can be threaded into the operating system, enabling full-stack fuzzing. More complexity means more bugs, so we expect to see a lot more coming out of this line of research in the next year.

[Jiska] gives the presentation in a tinfoil hat, but that’s just a metaphor. In the end, when asked about how to properly secure your phone, she gives out the best advice ever: toss it in the blender.

Inject Keystrokes Any Way You Like With This Bluetooth Keystroke Injector

December 3, 2019 by Gerrit Coetzee 10 Comments

[Amirreza Nasiri] sends in this cool USB keystroke injector.

The device consists of an Arduino, a Bluetooth module, and an SD card. When it’s plugged into the target computer the device loads the selected payload from the SD card, compromising the system. Then it does its unique trick which is to switch the injector over to Bluetooth mode. Now the attacker has much more control, albeit local, over the system.

While we would never even be tempted to plug this device into a real computer, we like some of the additional features, like how an added dip switch can be used to select from up to eight different payloads depending on the required attack. The addition of a photo diode is also interesting, and makes us dream of all sorts of impractical movie hacker scenarios. [Amirreza] says it’s to trigger when the person leaves the room and turns the lights off.

[Amirreza] has all the code and design files on the GitHub. There are also a few payload examples, which should be fun to hack on. After all, one of life’s pleasures is to find new ways to mess with your friends.

Vintage Plotter Gets Bluetooth Upgrade

December 2, 2019 by Tom Nardi 25 Comments

Recently [iot4c] stumbled upon this gorgeous Robotron Reiss plotter from 1989, brand-new and still in its original box. Built before the fall of the Berlin Wall in East Germany, it would be a crime to allow such a piece of computing history to go unused. But how to hook it up to a modern system? Bad enough that it uses some rather unusual connectors, but it’s about to be 2020, who wants to use wires anymore? What this piece of Cold War hardware needed was an infusion of Bluetooth.

While the physical ports on the back of the Robotron certainly look rather suspect, it turns out that electrically they’re just RS-232. In practice, this means converting it over was fairly straightforward. With a Bolutek BK3231 Bluetooth module and an RS-232 to UART converter, [iot4c] was able to create a wireless adapter that works transparently on the plotter by simply connecting it to the RX and TX pins.

A small DC buck converter was necessary to provide 3.3 V for the Bluetooth adapter, but even still, there was plenty of room inside the plotter’s case to fit everything in neatly. From the outside, you’d have no idea that the hardware had ever been modified at all.

But, like always, there was a catch. While Windows had no trouble connecting to the Bluetooth device and assigning it a COM port, the 512 byte buffer on the plotter would get overwhelmed when it started receiving commands. So [iot4c] wrote a little script in Node.js that breaks the commands down into more manageable chunks and sends them off to the plotter every 0.1 seconds. With this script in place the Robotron moved under its own power for the first time in ~30 years by parsing a HP-GL file generated by Inkscape.

If you’re interested in a plotter of your own but don’t have a vintage one sitting around, never fear. We’ve seen an influx of DIY plotters recently, ranging from builds that use popsicle sticks and clothespins to customizable 3D printed workhorses.

Printed Arduino Turntable Takes Objects For A Spin

November 12, 2019 by Kristina Panos 5 Comments

Have you built a 3D scanner yet? There’s more than one way to model those curves and planes, but the easiest may be photogrammetry — that’s the one where you take a bunch of pictures and stitch them into a 3D model. If you build a scanner like [Brian Brocken]’s that does almost everything automatically, you might consider starting a scan-and-print side hustle.

This little machine spins objects 360° and triggers a Bluetooth remote tethered to an iPhone. In automatic mode, it capture anywhere from 2-200 pictures. There’s a mode for cinematic shots that shoots video of the object slowly spinning around, which makes anything look at least 35% more awesome. A third mode offers manual control of the turntable’s position and speed.

An Arduino UNO controls a stepper that moves the turntable via 3D printed-in-place bearing assembly. This project is a (vast) improvement over [Brian]’s hand-cranked version that we looked at over the summer, though both are works of art in their own right.

Our favorite part aside from the bearing is the picture-taking process itself. [Brian] couldn’t get the iPhone to play nice with HC-05 or -06 modules, so he’s got the horn of 9g servo tapping the shutter button on a Bluetooth remote. This beautiful beast is wide open, so fire up that printer. You can watch the design and build process of the turntable after the break.

Want to scan some really tiny things? Make a motorized microscope from movie machines.

Continue reading “Printed Arduino Turntable Takes Objects For A Spin” →

Improbably Cheap Pocket Welder Gets An ESP32 Makeover

November 4, 2019 by Dan Maloney 25 Comments

If you move in certain shady circles, you may have noticed the crop of improbably cheap “pocket welders” popping up on the market these days. They’re all variations on a theme, most with wildly optimistic specs minimal accessories of the lowest possible quality. But their tiny size and matching price make them irresistible to the would-be welder, as well as attractive to hardware hackers.

With a 220-V outlet in the garage waiting to be filled and well-knowing the risks, [Mr. RC-Cam] purchased one of these diminutive welding machines. Its shortcomings were immediately apparent, and a complete rework of the welder was undertaken. After addressing safety issues like the lack of a ground connection, [Mr. RC-Cam] added a color-matched 3D-printed hood to house a fancy new LCD touchscreen display. Backing that up is an ESP32 with Bluetooth, which supports remote control via a key fob. He also added a current sense board that uses the welder’s current shunt to measure welding current. Expediently calibrated using a waffle iron and a milli-ohmmeter, the sensor showed that the 200A max advertised for the welder was more like 100A. He tried adding some big electrolytics to fix the current issues, but no dice. With a decent stinger and ground clamp, the modified welder is good enough for his needs, and much was learned in the process. We call that a hacking win.

As an aside, [This Old Tony] recently did a review on a similar welder if you want more details on the internals. We also covered the conversion of a buzz-box to a TIG welder recently, should that be more your style.

Continue reading “Improbably Cheap Pocket Welder Gets An ESP32 Makeover” →