Your Audio Will Be Back, Right After This Commercial Break

[LittleTern] — annoyed by repetitive advertisements — wanted the ability to mute their Satellite Box for the duration of every commercial break. Attempts to crack their Satellite Box’s IR protocol went nowhere, so they thought — why not simply mute the TV?

Briefly toying with the idea of a separate remote for the function, [LittleTern] discarded that option as quickly as one tends to lose an additional remote. Instead, they’re using the spare RGYB buttons on their Sony Bravia remote — cutting down on total remotes while still controlling the IR muting system. Each of the four coloured buttons normally don’t do much, so they’re set do different mute length timers — customized for the channel or time of day. The system that sends the code to the TV is an Arduino Pro Mini controlling an IR LED and receiver, with a status LED set to glow according to which button was pressed.

Continue reading “Your Audio Will Be Back, Right After This Commercial Break”

Play A Few Games Of Smash Brothers On The Go With A Portable Wii

How would you approach a build that required you to hack apart a perfectly good console motherboard? With aplomb and a strong finish. [jefflongo] from [BitBuilt.net] — a forum dedicated to making consoles portable — has finished just such a task, unveiling his version of a portable Wii to the world.

While this bears the general appearance of a portable GameCube, it’s what inside that counts. A heavily modified   Wii motherboard — to reduce size — forms this portable’s backbone, and it includes two infrared LEDs on its faceplate for Wii Remotes.  A single player can use the built-in controller, but [jefflongo] has included four GameCube controller ports for maximum multiplayer mayhem. Although he’ll likely plan on taking advantage of the built-in AV Out port to play on a TV and charge port for those extended gaming sessions, four 3400mAh batteries — with an estimated four hour battery life — should keep him satisfied on the go until he can recharge.

While the electronics display an impressive amount of work, but the final piece is a sight to behold. Check out the demo video after the break!

Continue reading “Play A Few Games Of Smash Brothers On The Go With A Portable Wii”

Cryptanalyse Your Air Con

Infrared remote controls are simple and ubiquitous. Emulating them with the aid of a microcontroller is a common project that hackers use to control equipment as diverse as televisions, cable boxes, and home stereos. Some air conditioners can be a little more complicated, however, but [Ken]’s here to help.

The root of the problem is that the air conditioner remote was using a non-obvious checksum to verify if commands received were valid. To determine the function generating the checksum, [Ken] decided to bust out the tools of differential cryptanalysis. This involves carefully varying the input to a cryptographic function and comparing it to the differences in the output.

With 35 signals collected from the remote, a program was written to find input data that varied by just one bit. The checksum outputs were then compared to eventually put together the checksum function.

[Ken] notes that the function may not be 100% accurate, as they’re only using a limited sample of data in which not all the bytes change significantly. However, it shows that a methodical approach is valuable when approaching such projects.

Thirsty for more checksum-busting action? Check out this hacked weather station.

Mike Ossmann And Dominic Spill: IR, Pirates!

Mike Ossmann and Dominic Spill have been at the forefront of the recent wave of software-defined radio (SDR) hacking. Mike is the hardware guy, and his radio designs helped bring Bluetooth and ISM-band to the masses. Dominic is the software guy who makes sure that all this gear is actually usable. The HackRF SDR is still one of the best cheap choices if you need an SDR that can transmit and receive.

So what are these two doing on stage giving a talk about IR communication? Can you really turn traffic lights green by blinking lights? And can you spoof a TV remote with a cardboard cutout, a bicycle wheel, and a sparkler? What does IR have to do with pirates, and why are these two dressed up as buccaneers? Watch our video interview and find out, or watch the full talk for all of the juicy details.

Continue reading “Mike Ossmann And Dominic Spill: IR, Pirates!”

A Motion Sensing Light For Your Entrance Hallway

Arriving home to a dark house with an armful of anything is usually an exercise in fumbling confusion until someone manages to turn on a light. [Pavel Gesyuk] has circumvented this problem entirely by building and installing a motion detecting entrance light!

[Gesyuk] is using an Arduino clone by the name of  Funduino Mini Pro, a 2-channel, 2-way relay, — he only needed one, but you use what you have on hand — a recycled power supply to convert 220V AC to 5V DC, and an infrared sensor.

The project’s goal — in excess of a lighting solution for an entrance hallway — was the learn the ins and outs of the Arduino and motion sensors. After some initial hurdles familiarizing himself with the Arduino, [Gesyuk] wired everything together on a protoboard and stuck it in a plastic case — loose wires in a high traffic area doesn’t a safe home make.

Continue reading “A Motion Sensing Light For Your Entrance Hallway”

Another Day, Another Air Gap Breached

What high-tech, ultra-secure data center would be complete without dozens of video cameras directed both inward and outward? After all, the best informatic security means nothing without physical security. But those eyes in the sky can actually serve as a vector for attack, if this air-gap bridging exploit using networked security cameras is any indication.

It seems like the Cyber Security Lab at Ben-Gurion University is the place where air gaps go to die. They’ve knocked off an impressive array of air gap bridging hacks, like modulating power supply fans and hard drive activity indicators. The current work centers on the IR LED arrays commonly seen encircling the lenses of security cameras for night vision illumination. When a networked camera is compromised with their “aIR-Jumper” malware package, data can be exfiltrated from an otherwise secure facility. Using the camera’s API, aIR-Jumper modulates the IR array for low bit-rate data transfer. The receiver can be as simple as a smartphone, which can see the IR light that remains invisible to the naked eye. A compromised camera can even be used to infiltrate data into an air-gapped network, using cameras to watch for modulated signals. They also demonstrated how arrays of cameras can be federated to provide higher data rates and multiple covert channels with ranges of up to several kilometers.

True, the exploit requires physical access to the cameras to install the malware, but given the abysmal state of web camera security, a little social engineering may be the only thing standing between a secure system and a compromised one.

Continue reading “Another Day, Another Air Gap Breached”

Complete IR Control

What can you do with an IR remote? How about anything? Maybe not. We’ll settle for issuing arbitrary commands and controlling tasks on our computer.

The first step in [Fungus]’s hack is straightforward: buy an IR receiver for a buck, plug it into an Arduino, and load up some IR-decoding code. If you haven’t done this before, you owe it to yourself to take some time now. Old IR remotes are very useful, and dead simple, to integrate into your projects.

But here comes the computer-control part. Rather than interpret the codes on the Arduino, the micro just sends them across the USB serial to a laptop. A relatively straightforward X11 program on the (Linux) computer listens for codes and does essentially anything a user with a mouse and keyboard could — that is to say, anything. Press keys, run programs, open webpages, anything. This is great for use with a laptop or desktop, but it’d also be a natural for an embedded Raspberry Pi setup as well.

Hacking the code to do your particular biddings is a simple exercise in monkey-patching. It’s like a minimal, hacked-together, USB version of LIRC, and we like it.

Thanks [CoolerVoid] for the tip!