Join us on Wednesday, February 26 at noon Pacific for the Hacking USB Hack Chat with Kate Temkin!
For all its aggravating idiosyncrasies, the Universal Serial Bus has been a game-changer in peripheral connections for nearly a quarter of a century now. What was once simply a means to connect a mouse and a keyboard to a computer has been extended and enhanced into something so much more than its original designers intended. The flexibility that led to these innovative uses for USB also led to its ubiquity, with some form of the connector sprouting from nearly every imaginable device.
Kate Temkin is well-versed in the intricacies of the Universal Serial Bus. As a software lead for Great Scott Gadgets, Kate has developed software and firmware for GSG’s products, like GreatFET and HackRF. Kate also contributes to and maintains a number of open-source projects, including the FaceDancer project. And when she’s not busy with all of this, she can be found sharing her deep knowledge with USB security training courses, where she shows how USB is vulnerable to attack, and what to do to prevent it.
Join us for the Hacking USB Hack Chat this week, where Kate will discuss anything and everything about USB. Come learn about what the future holds for the USB standard, and what you can do to keep your USB project on track.
Our Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, February 26 at 12:00 PM Pacific time. If time zones have got you down, we have a handy time zone converter.
Click that speech bubble to the right, and you’ll be taken directly to the Hack Chat group on Hackaday.io. You don’t have to wait until Wednesday; join whenever you want and you can see what the community is talking about. Continue reading “Hacking USB Hack Chat” →
There’s a new embedded hacking tool on the scene that gives you an interactive Python interface for a speedy chip on a board with oodles of GPIO, the ability to masquerade as different USB devices, and a legacy of tricks up its sleeve. This is the GreatFET, the successor to the much loved GoodFET.
I first heard this board was close to launch almost a year ago and asked for an early look. When shipping began at the end of April, they sent me one. Let’s dig in for a hands-on review of the GreatFET from Great Scott Gadgets.
Continue reading “Hands-On: GreatFET Is An Embedded Tool That Does It All” →
IR control for your home theater doesn’t have to look ugly. [Rhys Goodwin] put his IR blasters inside his audio equipment.
Steam powered windshield wiper. Need we say more?
An assembled version of the FaceDancer is now available for purchase. This is a man-in-the-middle USB tool developed by [Travis Goodspeed]. When [S.A.] sent us the tip he mentioned that the board is a pain to hand solder if you’re making your own; this is an moderately affordable alternative.
[Aaron] makes it easy for audiophiles to listen to Soundcloud on their Sonos hardware.
We’ve heard of fuzzy clocks — they only give you a general sense of time. Here’s a fuzzy thermometer that uses the vocal stylings of [Freddie Mercury] to get a general feel for how hot it is.
While you’re still laughing, this most useless machine taunts you in more ways than one. It uses audio clips and theatrics to vary the way in which it shuts itself off. [Thanks Itay and David]
Modern CNC techniques make short work of prototyping for the Ford Motor Company. [Thank Wybren via SlashGear]
[Travis Goodspeed] continues his work at educating the masses on how to reverse engineer closed hardware devices. This time around he’s showing us how to exploit the Device Firmware Updates protocol in order to get your hands on firmware images. It’s a relatively easy technique that uses a man-in-the-middle attack to dump the firmware image directly to a terminal window. This way you can get down to the nitty-gritty of decompiling and hex editing as quickly as possible.
For this hack he used his Facedancer board. We first saw the hardware used to emulate a USB device, allowing the user to send USB commands via software. Now it’s being used to emulate your victim hardware’s DFU mode. This is done by supplying the vendorID and productID of the victim, then pushing the firmware update as supplied by the manufacturer. In most cases this shouldn’t even require you to have the victim hardware on hand.
This is the prototype board for [Travis Goodspeed’s] new USB development tool called the Facedancer. He took on the design with USB security exploits in mind, but we think it’s got a lot of potential for plain old development as well.
Kudos on the [Frank Herbert] reference when naming the project. Like the characters from the Dune mythology that can perfectly mimic any person they touch, this device let’s you mimic whatever you can imagine. One the USB ports connects to the victim (or host) the other connects to a development machine. Python can then be used to send USB commands in real time. Think of this as doing the same thing the Bus Pirate does for SPI and i2c, except that it’s doing it on the USB protocol itself. This way you can feel your way through all of the road-bumps of developing a new device (or testing an exploit) without the need to continually compile and flash your hardware.