Help, I’m Buried Alive By Tablets!

It’s fair to say that many Hackaday readers will have a propensity for hoarding electronic or tech junk. Who hasn’t hung on to something because “It might be useful someday”? Spare a thought for [Mike Drew], who in his own words is “buried alive by tablets”. In this case the tablets are Intel-based ones that look as though they ran one of those cut-down Windows versions, and they appear to be rejects from a repair shop processing customer returns that he saved from the dumpster. They are missing their backs, and not all of their screens work, but they amount to a tidy pile of Stuff That’s Too Good To Throw Away.

The exact spec is a 1.4 GHz quad-core Atom with 4 GB of RAM and 32 GB of Flash, and appear from the photos to have HDMI and USB 3 interfaces. Happily they run Linux Mint 20 so they have plenty of potential, but there is only so much that one person can do with them before running out of ideas. He tells us he’s made a Folding@Home cluster, but beyond that he’s open to suggestions. Depending on the age of the commenter no doubt he’ll be exhorted to run Beowulf or mine Bitcoin, but we’d suggest more sensible ideas.

So, what would you do with them? They lack the handy GPIO port of a Raspberry Pi, but with suitable USB peripherals could you use them in any lowish-power distributed node project where the popular SBC would be the usual choice? Perhaps something like WeeWX, or OpenEnergyMonitor. Or how about distributed mesh network nodes, after all there’s an x86 port of LibreMesh. It’s obvious that there’s plenty of potential to be found, so help [Mike] with his problematic bounty in the comments.

Pi 4 Emulator In A Durable, Dumpstered Cabinet

We must be looking in the wrong Dumpsters, because we never find anything as cool as [Queen_Combat] did. It’s one of those Kidzspace kid-proof waiting room game systems, complete with the original TV and an XBOX 360 that hasn’t been updated since 2009. When life hands you a sturdy game console box, it’s almost your duty to turn it into an all-in-one Raspberry Pi 4 emulation station.

[Queen_Combat] relocated the speakers from the top to the inside, just behind the vent holes on the sides, and printed a couple of mountable custom enclosures to hold them there. These are driven with a little 5W amplifier board, and everything is run from the XBOX’s power supply.

We particularly like the use of extenders in cigarette-lighter form factor, because we hadn’t seen those before. [Queen_Combat] printed a couple of adapters to make them fit nicely into the large holes on the front where the XBOX controllers were once attached — one has a volume knob, and the other has a USB3 port and a 3.5mm audio jack. [Queen_Combat] wanted to have HDMI audio out as well, so there’s an HDMI audio extractor in the mix, too, and another extender around back. Only thing missing is a paint job and some sweet vinyl graphics.

Yes, vinyl graphics would be sweet, but how? Not on the laser cutter, if that’s what you’re thinking. Don’t dismiss vinyl cutters out of hand, because they can do a whole lot more than that.

Via r/raspberry_pi

Converting A 3-in-1 Printer Into A WiFi Scanner, Just Because

[Zaprodk] had trash-picked a defunct HP Envy 450 AIO, a 3-in-1 printer, scanner, and copier. Normally there usually isn’t much use for these unless you’re willing to hunt down the cartridges which it used, so your next step is to dismantle it for parts. That’s what he was going to do but then decided to see if he could remove as much as possible while leaving just the scanner.

Converted WiFi scanner boards

He ran into trouble after he’d “fixed” the lid-open sensor and unplugged pretty much everything. He was getting too many error messages on the LCD panel to reconfigure the WiFi. Luckily he could connect it to his computer using USB and do the configuration from there. One dubious mod involved turning an “unflipped” flexible flat cable into a “flipped” one by doing a little cutting, scraping and gluing. Check out his write-up for the full hack.

Interested in more dumpster hardware recovery? Check out how [Adil Malik] rescued a scope with some reverse engineering and an FPGA. And then there’s how [Matt] turned a dumpster-found WiFi router into a 3D printing server.

Power Planer Brought Back To Life

Having the right tool for the right job is not always possible, but it’s an ideal that’s nice to try to live up to. The problem is that a lot of the time, the right tool is often very expensive. We have found lots of ways around this, though, from building our own CNC machines to finding new ways to electroplate metal. Sometimes, though, the right tool for the job doesn’t have to be improvised or built from scratch, it just falls in your lap.

Admittedly, [Sam]’s power planer didn’t literally fall into her lap, but she did pull this neglected tool from the garbage. With no idea what was wrong with it, [Sam] let it sit on the shelf for years until she finally needed it. Assuming there was a major problem with the tool, she set about replacing the blades and bearings only to find that the likely culprit behind why the planer was thrown away in the first place was a faulty switch. This was likely a deal and circuit-breaker for someone who would use it all day, but not so for someone who only needs it for occasional use.

While some might not consider this a “hack”, it is at least a reminder that one man’s trash is another man’s treasure, especially if that trash only needs new bearings and a switch. There are two lessons here: first, that tools aren’t usually beyond repair, and that it’s possible to find all kinds of tools in the dumpster from people who don’t heed this advice.

The Dark Arts: Hacking Humans

One of the biggest challenges for a company that holds invaluable data is protecting it. At first, this task would seem fairly straightforward. Keep the data on an encrypted server that’s only accessible via the internal network. The physical security of the server can be done with locks and other various degrees of physical security. One has to be thoughtful in how the security is structured, however. You need to allow authorized humans access to the data in order for the company to function, and there’s the rub. The skilled hacker is keenly aware of these people, and will use techniques under the envelope of Social Engineering along with her technical skills to gain access to your data.

Want to know how secure your house is? Lock yourself out. One of the best ways to test security is to try and break in. Large companies routinely hire hackers, known as penetration testers, to do just this. In this article, we’re going to dissect how a hired penetration tester was able to access data so valuable that it could have destroyed the company it belonged to.

Information Gathering

se_02
Source

The start of any hack involves information gathering. This is usually pretty easy for larger companies. Their website along with a few phone calls can reveal quite a bit of useful information. However, you can be assured that any company who has hired a pen tester has taken the necessary precautions to limit such information.

And such was the case for our hacker trying to gain access to the ACME Corp. servers. Her first target was the dumpsters – dumpster dives have been proven to unearth a trove of valuable information in the past. But the dumpsters were inside the complex, which was guarded by a contracted security firm. Through a bit of website snooping and a few phone calls, she was able to find out the department that was in charge of trash removal for the company. She then placed a phone call to this department. Using a social engineering (SE) technique known as pretexting, she pretended to be with a trash removal company and wanted to submit a quote to service their business. Using another SE technique called elicitation, she was able to find out:

  • that trash collection took place on Wednesdays and Thursdays
  • the total number of dumpsters
  • that there was a special dumpster for paper and technology trash
  • the name of the current waste removal company – Waster’s Management
  • the name of the employee in charge of the waste removal – [Christie Smith]

Dumpster Dive

Armed with this information, she went to the Waster’s Management website and grabbed their JPEG logo. se_01Within a few days, she had a shirt and hat with the logo in her hands. She called the security department and said she was with Waster’s Management, and that [Christie Smith] had told her one of the dumpsters was damaged, and she needed to take a look at it before the next trash removal.

The next day, wearing the shirt and hat she had ordered online, she was given a badge from security and allowed access to the dumpsters. Now, any hacker worth her weight in PIC16F84’s already knows what dumpster she dove into. It didn’t take her long to walk away with several hard drives, a few USB drives and some useful documents. She was able to gain knowledge of an upcoming IT contract work, the name of the CFO, and the name of a server with some level of importance – prod23.

Hacking the Server

With some more SE, she was able to find out when the IT work was scheduled. It was after hours. She showed up a bit late and was able to walk right through the front door by claiming she worked for the IT contract company. She then shifted roles and pretended to be an employee. She approached one the real IT contract guys, and said she worked for the CFO, [Mr. Shiraz], and asked if he knew to be careful with the prod23 server. With more SE, she was able to find out the prod23 server was off-limits, encrypted, and only accessible by specific admins.

se_03
Source

She was able to access an admin office, and it was there she would don her black hat. She booted the computer with BackTrack via USB and installed a key logger. She made an SSH tunnel to her personal server where she could dump the contents of the key logger, along with some other shells. Now, this is where things get interesting. She opened Virtual Box and used the computer’s hard drive as the boot medium. The VM booted the OS, and she hid all of the screen decorations to make it look like the target OS was running. The admin would log in without a clue, and our hacker would get their username and password through the key logger.

Once the login information came in, she was able to access the admin’s computer, and from there the prod23 server. You can imagine the look on the faces of the top executives for ACME Corp when our hacker handed them a copy of the keys to their kingdom.

Social engineering is human hacking, and a dark art in itself. Our hacker in this story would have never been able to even get close to the server if she did not have SE skills. No matter how secure you make something, so long as you allow humans access to it, it’s vulnerable to attack. And then it’s down to how well-trained your people are in repelling these kinds of intrusions.Just ask Target.

You can find the full story in the source below.

Sources

Social Engineering, The Art of Human Hacking, Chapter 8, by Christopher Hadnagy, ISBN-13: 860-1300286532

Dumpster Diving Nets 100 Arduino-powered Motor Controllers

Never one to pass up the recycle pile at work, [Scott] usually doesn’t find much. A few old hard drives, maybe a ancient laptop every once in a while, but on very rare occasions he finds something actually useful. This latest haul is a gaggle of stepper motor drivers that, with a bit of work, can be reverse engineered and turned into an Arduino.

After prying into one of the plastic-enclosed boards, [Scott] found a LED, a quartet of transistors for powering the motor, and an ATMega168 microcontroller. Interestingly, most of the pins for the 168 were already broken out on the DA15 connector on each controller. The only thing needed was to build a programmer to dump the Arduino bootloader onto these little widgets.

After much trial and error (and building a new programming interface), [Scott] now has 100 Arduinos with a single stepper motor controller built in. He’s already made a toy light cycle rotate on a small stepper (after the break) and blink a LED, but with this many widgets, we’re wondering what crazy contraption [Scott] will come up with.

Continue reading “Dumpster Diving Nets 100 Arduino-powered Motor Controllers”

Retrotechtacular: Recovering Lost Moon Images By Dumpster Diving

In 1966 and 67, NASA launched five probes to image the surface of the moon from orbit, eventually returning over two thousand high-resolution images of future Apollo landing sites and selenogical features to researchers on Earth. After taking its pictures of the moon, developing the film in orbit, and scanning the print with an electron gun and photomultiplier tube, the images were sent to Earth stations and recorded onto magnetic tape with a hugely expensive tape recorder, a state-of-the-art storage system costing $300,000. Researchers poured over these images of another world, made a few 35mm prints and sent the magnetic tapes off to the NASA archives.

Under the care of [Nancy Evans], the tapes sat in a warehouse eventually moving to an abandoned McDonalds at Ames Research Center. In 2005, retired and not bound by NASA, [Nancy] made a plea to preserve this milestone of human spaceflight wasting away under the golden arches which was heard by [Dennis Wingo]. [Wingo] and admin of the NASA Watch website admin [Keith Cowling] drove out to [Nancy]’s house with a truck, picked up the Ampex FR-900 tape drives she had saved in her garage from the trash heap at Eglin Air Force Base and headed to the cache of Lunar Orbiter tapes at Ames.

None of these drives worked, of course. Forty years will do a lot to expensive precision equipment. Luckily, one of the employees at Ames tasked with fixing video equipment had worked on the ancient Ampex drives before. Taking the unbroken parts of these machines and turning them into a single working unit didn’t come easily; again, parts needed to be scavenged from the Ames boneyard.

All this work was worth it for [Cowling], [Wingo], and [Evans] when the first image – an Earthrise picture seen above (sans the obvious Photoshoppery) – appeared on their monitor. Later, an amazing oblique shot of Copernicus crater was recovered.

In the years since these first images from the LOIRP project were released, many more images have been made available. These images are actually comparable to the Lunar Reconnaissance Orbiter, launched in 2012. Not bad for 45-year-old hardware that has since crashed into the moon.

As for what the future holds for the still-magnetized images from the Lunar Orbiter program, [Dennis Wingo] says they’re considering putting up a Kickstarter to close the gap between the necessary funding and what NASA provides. We’ll be sure to post a link when that happens.

via boingboing