Over at the EEVBlog, [Dave Jones] takes a second look at the Sonos Play 5 Gen 1 that he rescued from the dumpster recently. Despite being solidly built, [Dave] discovered that even the stereo line-in jack can’t be used without registering an account with Sonos. Not to be defeated, he hacks these speakers to make them work standalone.
The hack here involves fitting the speaker cabinet with new “guts” in the form of a wireless stereo 2×50 watt digital amplifier [Dave] found online for under $30. This particular model, the Fosi TB21, is almost a perfect fit for the Sonos cabinet — with only minimal Dremel tool encouragement required. It turned out the power supply section of the Sonos main board was easy to isolate. [Dave] couldn’t use the existing amplifiers, so he removed them from their power supply and re-routed the power supply to the Fosi module. He also removed the Sonos wireless interface board from the cabinet, and used an online design tool to make a simple first order Butterworth crossover network set to 2800 Hz to connect the speakers.
The new amplifier board is mounted in the shallow base of the speaker cabinet. It could have easily been oriented either way, but [Dave] chose to install it knobs-forward. This also gave him a reason to toss out the Sonos badge. The resulting modified unit looks very professional, and works well as a Bluetooth speaker for the lab.
Ah, the age old tradition of Dumpster diving! Sometimes we happen to spot something that’s not quite trash, but not quite perfect, either. And when [dzseki], an EEVblog.com forum user, spotted some high-precision capacitors being 86’d at their employer’s e-waste pile, [dzseki] did what any good hacker would do: took them home, tested them, and tore them down to understand and either repair or reuse them. They explain their escapades and teardown in this EEVblog.com forum post.
If you’re not familiar with capacitors, they are really just two or more plates of metal that are separated by an insulator, and in the case of these very large capacitors, that insulator is mostly air. Aluminum plates are attached with standard bolts, and plastic insulators are used as needed. There’s also discussion of an special alloy called Invar that lends to the thermal stability of the capacitors.
[dzseki] notes that these capacitors were on their way to the round file because they were out of spec, but only by a very, very small amount. They may not be usable for the precision devices they were originally in, but it’s clear that they are still quite useful otherwise. [dzseki]
It’s fair to say that many Hackaday readers will have a propensity for hoarding electronic or tech junk. Who hasn’t hung on to something because “It might be useful someday”? Spare a thought for [Mike Drew], who in his own words is “buried alive by tablets”. In this case the tablets are Intel-based ones that look as though they ran one of those cut-down Windows versions, and they appear to be rejects from a repair shop processing customer returns that he saved from the dumpster. They are missing their backs, and not all of their screens work, but they amount to a tidy pile of Stuff That’s Too Good To Throw Away.
The exact spec is a 1.4 GHz quad-core Atom with 4 GB of RAM and 32 GB of Flash, and appear from the photos to have HDMI and USB 3 interfaces. Happily they run Linux Mint 20 so they have plenty of potential, but there is only so much that one person can do with them before running out of ideas. He tells us he’s made a Folding@Home cluster, but beyond that he’s open to suggestions. Depending on the age of the commenter no doubt he’ll be exhorted to run Beowulf or mine Bitcoin, but we’d suggest more sensible ideas.
So, what would you do with them? They lack the handy GPIO port of a Raspberry Pi, but with suitable USB peripherals could you use them in any lowish-power distributed node project where the popular SBC would be the usual choice? Perhaps something like WeeWX, or OpenEnergyMonitor. Or how about distributed mesh network nodes, after all there’s an x86 port of LibreMesh. It’s obvious that there’s plenty of potential to be found, so help [Mike] with his problematic bounty in the comments.
We must be looking in the wrong Dumpsters, because we never find anything as cool as [Queen_Combat] did. It’s one of those Kidzspace kid-proof waiting room game systems, complete with the original TV and an XBOX 360 that hasn’t been updated since 2009. When life hands you a sturdy game console box, it’s almost your duty to turn it into an all-in-one Raspberry Pi 4 emulation station.
[Queen_Combat] relocated the speakers from the top to the inside, just behind the vent holes on the sides, and printed a couple of mountable custom enclosures to hold them there. These are driven with a little 5W amplifier board, and everything is run from the XBOX’s power supply.
We particularly like the use of extenders in cigarette-lighter form factor, because we hadn’t seen those before. [Queen_Combat] printed a couple of adapters to make them fit nicely into the large holes on the front where the XBOX controllers were once attached — one has a volume knob, and the other has a USB3 port and a 3.5mm audio jack. [Queen_Combat] wanted to have HDMI audio out as well, so there’s an HDMI audio extractor in the mix, too, and another extender around back. Only thing missing is a paint job and some sweet vinyl graphics.
Yes, vinyl graphics would be sweet, but how? Not on the laser cutter, if that’s what you’re thinking. Don’t dismiss vinyl cutters out of hand, because they can do a whole lot more than that.
[Zaprodk] had trash-picked a defunct HP Envy 450 AIO, a 3-in-1 printer, scanner, and copier. Normally there usually isn’t much use for these unless you’re willing to hunt down the cartridges which it used, so your next step is to dismantle it for parts. That’s what he was going to do but then decided to see if he could remove as much as possible while leaving just the scanner.
He ran into trouble after he’d “fixed” the lid-open sensor and unplugged pretty much everything. He was getting too many error messages on the LCD panel to reconfigure the WiFi. Luckily he could connect it to his computer using USB and do the configuration from there. One dubious mod involved turning an “unflipped” flexible flat cable into a “flipped” one by doing a little cutting, scraping and gluing. Check out his write-up for the full hack.
Having the right tool for the right job is not always possible, but it’s an ideal that’s nice to try to live up to. The problem is that a lot of the time, the right tool is often very expensive. We have found lots of ways around this, though, from building our own CNC machines to finding new ways to electroplate metal. Sometimes, though, the right tool for the job doesn’t have to be improvised or built from scratch, it just falls in your lap.
Admittedly, [Sam]’s power planer didn’t literally fall into her lap, but she did pull this neglected tool from the garbage. With no idea what was wrong with it, [Sam] let it sit on the shelf for years until she finally needed it. Assuming there was a major problem with the tool, she set about replacing the blades and bearings only to find that the likely culprit behind why the planer was thrown away in the first place was a faulty switch. This was likely a deal and circuit-breaker for someone who would use it all day, but not so for someone who only needs it for occasional use.
While some might not consider this a “hack”, it is at least a reminder that one man’s trash is another man’s treasure, especially if that trash only needs new bearings and a switch. There are two lessons here: first, that tools aren’t usually beyond repair, and that it’s possible to find all kindsof tools in the dumpster from people who don’t heed this advice.
One of the biggest challenges for a company that holds invaluable data is protecting it. At first, this task would seem fairly straightforward. Keep the data on an encrypted server that’s only accessible via the internal network. The physical security of the server can be done with locks and other various degrees of physical security. One has to be thoughtful in how the security is structured, however. You need to allow authorized humans access to the data in order for the company to function, and there’s the rub. The skilled hacker is keenly aware of these people, and will use techniques under the envelope of Social Engineering along with her technical skills to gain access to your data.
Want to know how secure your house is? Lock yourself out. One of the best ways to test security is to try and break in. Large companies routinely hire hackers, known as penetration testers, to do just this. In this article, we’re going to dissect how a hired penetration tester was able to access data so valuable that it could have destroyed the company it belonged to.
The start of any hack involves information gathering. This is usually pretty easy for larger companies. Their website along with a few phone calls can reveal quite a bit of useful information. However, you can be assured that any company who has hired a pen tester has taken the necessary precautions to limit such information.
And such was the case for our hacker trying to gain access to the ACME Corp. servers. Her first target was the dumpsters – dumpster dives have been proven to unearth a trove of valuable information in the past. But the dumpsters were inside the complex, which was guarded by a contracted security firm. Through a bit of website snooping and a few phone calls, she was able to find out the department that was in charge of trash removal for the company. She then placed a phone call to this department. Using a social engineering (SE) technique known as pretexting, she pretended to be with a trash removal company and wanted to submit a quote to service their business. Using another SE technique called elicitation, she was able to find out:
that trash collection took place on Wednesdays and Thursdays
the total number of dumpsters
that there was a special dumpster for paper and technology trash
the name of the current waste removal company – Waster’s Management
the name of the employee in charge of the waste removal – [Christie Smith]
Armed with this information, she went to the Waster’s Management website and grabbed their JPEG logo. Within a few days, she had a shirt and hat with the logo in her hands. She called the security department and said she was with Waster’s Management, and that [Christie Smith] had told her one of the dumpsters was damaged, and she needed to take a look at it before the next trash removal.
The next day, wearing the shirt and hat she had ordered online, she was given a badge from security and allowed access to the dumpsters. Now, any hacker worth her weight in PIC16F84’s already knows what dumpster she dove into. It didn’t take her long to walk away with several hard drives, a few USB drives and some useful documents. She was able to gain knowledge of an upcoming IT contract work, the name of the CFO, and the name of a server with some level of importance – prod23.
Hacking the Server
With some more SE, she was able to find out when the IT work was scheduled. It was after hours. She showed up a bit late and was able to walk right through the front door by claiming she worked for the IT contract company. She then shifted roles and pretended to be an employee. She approached one the real IT contract guys, and said she worked for the CFO, [Mr. Shiraz], and asked if he knew to be careful with the prod23 server. With more SE, she was able to find out the prod23 server was off-limits, encrypted, and only accessible by specific admins.
She was able to access an admin office, and it was there she would don her black hat. She booted the computer with BackTrack via USB and installed a key logger. She made an SSH tunnel to her personal server where she could dump the contents of the key logger, along with some other shells. Now, this is where things get interesting. She opened Virtual Box and used the computer’s hard drive as the boot medium. The VM booted the OS, and she hid all of the screen decorations to make it look like the target OS was running. The admin would log in without a clue, and our hacker would get their username and password through the key logger.
Once the login information came in, she was able to access the admin’s computer, and from there the prod23 server. You can imagine the look on the faces of the top executives for ACME Corp when our hacker handed them a copy of the keys to their kingdom.
Social engineering is human hacking, and a dark art in itself. Our hacker in this story would have never been able to even get close to the server if she did not have SE skills. No matter how secure you make something, so long as you allow humans access to it, it’s vulnerable to attack. And then it’s down to how well-trained your people are in repelling these kinds of intrusions.Just ask Target.
You can find the full story in the source below.
Social Engineering, The Art of Human Hacking, Chapter 8, by Christopher Hadnagy, ISBN-13: 860-1300286532