Bluetooth Vulnerability Affects All Major OS

Security researchers from Armis Labs recently published a whitepaper unveiling eight critical 0-day Bluetooth-related vulnerabilities, affecting Linux, Windows, Android and iOS operating systems. These vulnerabilities alone or combined can lead to privileged code execution on a target device. The only requirement is: Bluetooth turned on. No user interaction is necessary to successfully exploit the flaws, the attacker does not need to pair with a target device nor the target device must be paired with some other device.

The research paper, dubbed BlueBorne (what’s a vulnerability, or a bunch, without a cool name nowadays?), details each vulnerability and how it was exploited. BlueBorne is estimated to affect over five billion devices. Some vendors, like Microsoft, have already issued a patch while others, like Samsung, remain silent. Despite the patches, some devices will never receive a BlueBorne patch since they are outside of their support window. Armis estimates this accounts for around 40% of all Bluetooth enabled devices.

A self-replicating worm that would spread and hop from a device to other nearby devices with Bluetooth turned on was mentioned by the researchers as something that could be done with some more work. That immediately reminds us of the BroadPwn vulnerability, in which the researchers implemented what is most likely the first WiFi only worm. Although it is definitely a fun security exercise to code such worm, it’s really a bad, bad idea… Right?…

So who’s affected?

Continue reading “Bluetooth Vulnerability Affects All Major OS”

Turning On Your Amplifier With A Raspberry Pi

Life is good if you are a couch potato music enthusiast. Bluetooth audio allows the playing of all your music from your smartphone, and apps to control your hi-fi give you complete control over your listening experience.

Not quite so for [Daniel Landau] though. His Cambridge Audio amplifier isn’t quite the latest generation, and he didn’t possess a handy way to turn it on and off without resorting to its infrared remote control. It has a proprietary interface of some kind, but nothing wireless to which he could talk from his mobile device.

His solution is fairly straightforward, which in itself says something about the technology available to us in the hardware world these days. He took a Raspberry Pi with the Home Assistant home automation package and the LIRC infrared subsystem installed, and had it drive an infrared LED within range of the amplifier’s receiver. Coupled with the Home Assistant app, he was then able to turn the amplifier on and off as desired. It’s a fairly simple use of the software in question, but this is the type of project upon which so much more can later be built.

Not so many years ago this comparatively easy project would have required a significant amount more hardware and effort. A few weeks ago [John Baichtal] took a look at the evolution of home automation technology, through the lens of the language surrounding the term itself.

Via Hacker News.

Hackaday Links Column Banner

Hackaday Links: August 13, 2017

We found the most boring man on the Internet! HTTP Status Code 418 — “I’m a teapot” — was introduced as an April Fools Joke in 1998. Everyone had a good laugh, and some frameworks even implemented it. Now, the most boring man on the Internet and chairman of the IETF HTTP working group is trying to get 418 removed from Node and Go. There is an argument to removing code 418 from pieces of software — it gums up the works, and given only 100 code points for a client error, with 30 of them already used, we don’t really have space for a joke. There’s a solution, though: someone has submitted a request to register 418 as ‘I’m a teapot’.

The Travelling Hacker box is a migratory box of random electronic junk. The box has traveled across the United States several times, and earlier this year it started across Canada — from Vancouver to St. Johns — to begin an International journey. The box is now missing, and I’m out. I’m turning this one over to the community. There are now several rogue boxes traveling the world, the first of which was sent from [Sophi] to [jlbrian7] and is now in Latvia with [Arsenijs]. The idea of the Travelling Hacker Box is now up to you — organize your own, and share random electronic crap.

Bluetooth 5 is here, or at least the spec is. It has longer range, more bandwidth, and advertising extensions.

Guess what’s on the review desk? The Monoprice Mini Delta! If you have any questions you’d like answered about this tiny, very inexpensive printer, put them in the comments. I only have some first impressions, but so far, it looks like extending the rails (to make a taller printer) is more difficult than it’s worth. That’s not to say it’s impossible, but with the effort required, I could just print another printer.

Interested in PCB art? [Drew] found someone doing halftone art with PCBs. This is a step up from nickels.

Indiana University is getting rid of some very, very cool stuff in a government auction. This device is listed as a ‘gantry’, but that’s certainly not what it is. There have been suggestions that these devices are a flight sim, but that doesn’t sit quite right either. It’s several thousand pounds of metal, with the minimum bid of $2.00 at the time of this writing. Any guesses on what this actually is?

Hackaday Prize Entry: Dongle For A Headless Pi

Mass production means that there’s a lot of great hardware out there for dirt cheap. But it also means that the manufacturer isn’t going to spend years working on the firmware to squeeze every last feature out of it. Nope, that’s up to us.

[deqing] took a Bluetooth Low Energy / USB dongle and re-vamped the firmware to turn it into a remote keyboard and mouse, and then wrote a phone app to control it. The result? Plug the USB dongle in, and the computer thinks it sees a keyboard and mouse. Connect the phone via BLE, and you’re typing — even if you don’t have your trusty Model F by your side.

[Deqing] points out that ergonomics and latency will make you hate using this in the long term, but it’s just meant to work until you’ve got SSH up and running on that headless single-board Linux thing. If you’ve ever worked with the USB or BLE specifications, you can appreciate that there’s a bit of work behind the scenes in making everything plug and play, and the web-based interface is admirably slick.

Kudos, [deqing]!

Three Thumbs, Way, Way Up!

At least one in their lives — or several times a day — everyone has wished they had a third hand to help them with a given task. Adding a mechanical extra arm to one’s outfit is a big step, so it might make sense to smart small, and first add an extra thumb to your hand.

This is not a prosthetic in the traditional sense, but a wearable human augmentation envisioned by [Dani Clode], a master’s student at London’s Royal College of Art. The thumb is 3D-printed out of Ninjaflex and mounted to a printed brace which slides over the hand. One servo rotates the thumb, and a second pulls it closed using a bowden cable system — not unlike that of a bicycle brake. Control of the thumb is achieved by pressure sensors in the wearer’s shoes, linked via Bluetooth to a wristband hosting the servos and the electronics. We already use our hands and feet in conjunction, so why not capitalize on this intuitive link?

Continue reading “Three Thumbs, Way, Way Up!”

Hands-On: New AND!XOR Unofficial DEF CON Badge

In just two weeks, we’ll be flooding into the casinos of Las Vegas for DEF CON. By far our favorite part is the unofficial hardware badges which make their way to the con each year. The AND!XOR team has put together an incredible offering this year with what I’m calling the “Bender on a Bender” badge. They sent us two of them, so let’s jump right in and see what this badge is all about.

Continue reading “Hands-On: New AND!XOR Unofficial DEF CON Badge”