WOPR: Security Loses Some Of Its Obscurity

March 28, 2019 by Tom Nardi 11 Comments

As we’ve seen time and time again, the word “hacker” takes on a different meaning depending on who you’re talking to. If you ask the type of person who reads this fine digital publication, they’ll probably tell you that a hacker is somebody who likes to learn how things work and who has a penchant for finding creative solutions to problems. But if you ask the average passerby on the street to describe a hacker, they might imagine somebody wearing a balaclava and pounding away at their laptop in a dimly lit abandoned warehouse. Thanks, Hollywood.

Naturally, we don’t prescribe to the idea of hackers being digital villains hell-bent on stealing your identity, but we’ll admit that there’s something of rift between what we call hacking versus what happens in the information security realm. If you see mention of Red Teams and Blue Teams on Hackaday, it’s more likely to be in reference to somebody emulating Pokemon on the ESP32 than anything to do with penetration testing. We’re not entirely sure where this fragmentation of the hacking community came from, but it’s definitely pervasive.

In an attempt bridge the gap, the recent WOPR Summit brought together talks and presentations from all sections of the larger hacking world. The goal of the event was to show that the different facets of the community have far more in common than they might realize, and featured a number of talks that truly blurred the lines. The oscilloscope toting crew learned a bit about the covert applications of their gadgets, and the high-level security minded individuals got a good look at how the silicon sausage gets made.

Two of these talks which should particularly resonate with the Hackaday crowd were Charles Sgrillo’s An Introduction to IoT Penetration Testing and Ham Hacks: Breaking into Software Defined Radio by Kelly Albrink. These two presentations dealt with the security implications of many of the technologies we see here at Hackaday on what seems like a daily basis: Bluetooth Low Energy (BLE), Software Defined Radio (SDR), home automation, embedded Linux firmware, etc. Unfortunately, the talks were not recorded for the inaugural WOPR Summit, but both presenters were kind of enough to provide their slides for reference.

Continue reading “WOPR: Security Loses Some Of Its Obscurity” →

Talking Telegram With The ESP8266

February 21, 2019 by Tom Nardi 5 Comments

At this point it’s something of a given that a member of the ESP8266 family is likely your best bet if you want to cobble together a small Internet-connected gadget. Costing as little as $3 USD, this well documented all-in-one solution really can’t be beat. But of course, the hardware is only one half of the equation. Deciding how to handle the software side of your homebrew Internet of Things device is another story entirely.

It would be fair to say that there’s no clear-cut “right” way to approach the software, and it really depends on the needs or limitations of your particular project. For example [Brian Lough] finds that building Telegram support into his ESP8266 allows him to accomplish his goals with the minimum amount of fuss while at the same time using an environment he’s already comfortable with. He recently wrote in to share one of his Telegram projects with us, and in the video after the break, takes the time to explain some of the things he likes best about controlling his hardware through the encrypted chat platform.

But you don’t have to take his word for it, you can try it yourself. Thanks to the software library that [Brian] has developed to connect his projects to Telegram, the aptly named “Universal Telegram Bot Library”, anyone can easily follow in his footsteps. Adding his Telegram library to your next ESP8266 project is as easy as selecting it in the Arduino IDE. From there the video explains the process for getting a bot ID from Telegram, and ultimately how you use it to receive messages from the service. What you do with those messages is entirely up to you.

According to [Brian], the main downside is that you are beholden to a web service to control your local devices; not ideal if the Internet goes down or you would rather your little hacker projects not talk to the big scary Internet in the first place. If you’d rather keep all your smart things talking within the confines of your own network, perhaps your next project could be setting up a private MQTT server.

Continue reading “Talking Telegram With The ESP8266” →

Digital License Plates Are Here, But Do We Need Them?

February 1, 2019 by Tom Nardi 81 Comments

It’s a story as old as time: you need to swap between your custom license plates, but you can’t find a screwdriver and you’re already running late for a big meeting at the Business Factory. You called AAA to see if they could come out and do it for you, but as luck would have it something must be wrong with your phone because the line was disconnected as soon as you explained the situation. As if life in the First World couldn’t get any more difficult.

Luckily, a company called Reviver Auto has come up with a thoroughly modern solution to this age old problem. Assuming you live in Arizona, California, and Michigan and are willing to pay $800 USD (plus a small monthly service fee), you can join the Rplate revolution! Less a license plate and more of a “cool-looking, multi-functional digital display and connected vehicle platform”, the Rplate will ensure you never again find yourself stuck on the side of the road with an unfashionable license plate.

What’s that? You’ve had the same license plate for years, possibly decades, and have never given it much thought? Well, in that case the Rplate might be sort of a tough sell. Did we mention that someday you might be able to display the current weather on it while your car is parked? Of course, if you can see the license plate you’re already outside, so…

This all might sound like an out of season April Fool’s joke, but as far as I can tell from reading the Reviver Auto site and watching their promotional videos, this is essentially the value proposition of their line of Rplate digital license plates. There are some admittedly interesting potential extensions of the technology if they can convince other companies and systems to plug into their ecosystem, but given the cost of the Rplate and the few states in which it’s currently legal to use, that seems far from a given at this point.

But of course we’re fans of weird and wonderful technology here at Hackaday, so we should give this device a fair shake. On the surface it might seem to be a solution looking for a problem, but that’s often said of technology ahead of its time. So what exactly is the Rplate, how does it work, and where does it go from here?

Continue reading “Digital License Plates Are Here, But Do We Need Them?” →

Front Door Camera Sends Automatic Alerts By Text

January 21, 2019 by Lewin Day 25 Comments

In these turbulent times, journalists fearmonger and honest citizens fear for the safety of their homes and themselves. Adding some security features can allay these fears, and with the advent of cheap technology, front door cameras have become popular. There’s a wide array of options on the market, but short of watching hours of logged video, they’re not always super useful. Adding some smarts can really help – as [Peter Quinn] has done.

For this project, [Peter] decided on a JeVois smart camera. More than just a USB webcam, it also packs a quad-core processor running machine vision algorithms. This allows object recognition and other tasks to be run on the camera itself. In this setup, [Peter] configured the JeVois camera to detect people. When a human is detected upon the doorstep, the camera sends a message to the connected Raspberry Pi over serial. The Raspberry Pi then captures a JPEG still from the camera over the USB connection, and, using Twilio, sends a notification to [Peter]’s phone.

It’s a well-integrated system that automatically photographs visitors to [Peter]’s home, requiring little to no interaction from the user. We’ve seen other integrated machine vision platforms, too – such as the OpenMV, which got its start as a Hackaday Prize entry, way back in 2017.

Particle Paves Way For LTE Selfies

January 15, 2019 by Tom Nardi 3 Comments

From cars to refrigerators, it seems as if every new piece of tech is connected to the Internet. For better or for worse, we’re deep into the “Internet of Things”. But what about your camera? No, not the camera in your smartphone; that one’s already connected to the Internet and selling your secrets to the highest bidder. Don’t you think your trusty DSLR could be improved by an infusion of Wide Area Networking?

Regardless of what you’re answer to that question might be, [Thomas Kittredge] decided his life would be improved by making his beloved Canon EOS Rebel T6 an honorary member of the Internet of Things. Truth be told he says that he hasn’t quite figured out an application for this project. But since he was looking to mess around with both the LTE-enabled Particle Boron development board and designing his own PCB for professional production, this seemed a good a way to get his feet wet as any.

The resulting board is a fairly simple “shield” for the Particle Boron that let’s [Thomas] trigger up to two cameras remotely over the Internet or locally with Bluetooth. If LTE isn’t your sort of thing though, don’t worry. Since the Boron follows the Adafruit Feather specification, there’s a whole collection of development boards with various connectivity options that this little add-on can be used with.

In the GitHub repository, [Thomas] has put up the files for the PCB, the STLs for the 3D printed enclosure, and of course the firmware source code to load onto the Particle board. He currently has code to expose the two shutter triggers as functions the the Particle Cloud API, as well as a practical example that fires off the camera when specific words are used in a Slack channel.

Out for a little over a year, the Particle Boron is a fairly new addition to the world of cellular development boards. Historically we haven’t seen a whole lot of cellular capable projects, likely because it’s been such a hassle to get them online, but with new boards like the Boron we might start seeing an uptick in the random pieces of gear that have this form connectivity and an internet-facing IP address. Surely nothing bad could come of this!

ESP8266 AC Controller Shows Whats Possible

January 11, 2019 by Tom Nardi 13 Comments

People often get the impression that home built hardware is destined to have a certain amateurish look or feel to it. It’s as though just because you didn’t buy it in a store, it will look cheap or thrown together. While it’s true a hacked together device could look like it was built from the parts bin (and to be fair, sometimes it is), there are plenty of examples of DIY hardware that could give commercial offerings a run for their money.

A case in point is this fantastic ESP8266 air conditioner controller created by [Sitinut Waisara] (Google Translate). Between the simple yet elegant 3D printed enclosure to the very slick user interface on its OLED screen, this project could easily pass as a commercial device. In fact, we’ve seen commercial offerings that didn’t look half this good, let alone offer the same features for what this cost in components and printer filament. It’s a perfect example of what the modern hacker or maker is capable of with the wide array of tools and components currently available to us.

What’s perhaps the most impressive about this project, especially given how good it looks on the outside, is how little there really is on the inside. Beyond the NodeMCU board and SSD1332 OLED display, the only components inside the device are the three tactile buttons, a photoresistor so it can dim the display’s brightness based on ambient light level, an IR LED so it can send commands to the AC unit, and a handful of passives. The hardware side of this design is so simple that [Sitinut] was able to put the whole thing together on a scrap of perfboard. Not that you’d be able to tell when it gets installed into the 3D printed wall-mount enclosure, complete with printed button caps.

While the hardware side of the project might be rather light, the software is anything but. [Sitinut] really went all-in writing his code for the ESP, adding in the little features like the automatic screen dimming and pulling the current time from NTP that often get overlooked in our rush to get a project out the door. He even included a whole collection of icons to display on the OLED screen, which goes a long way towards selling that professional look. But his effort wasn’t limited to cosmetics or clever features, there was also plenty of work put into decoding the IR signals used to control the AC unit and getting all the features and functions plugged into MQTT.

We’ve seen a number of projects that aimed at dragging an existing HVAC system kicking and screaming onto the “Internet of Things”, some considerably less complex than others. But few have had the level of polish that [Sitinut] has put into his controller, so we take our hats off to him.

Continue reading “ESP8266 AC Controller Shows Whats Possible” →

State Machine Controls Garage Door Over The Internet

January 10, 2019 by Lewin Day 11 Comments

Home automation has been a hot-button topic time and again since the dawn of the personal computer age. These days, thanks to modern communications technology, it’s possible to do some pretty cool stuff. [Brad Harbert] decided to automate his garage door, controlling it over the Internet.

The build relies on a Particle Photon to do the heavy lifting of connecting the door to the Internet. Particle offer a cloud service that makes setting up such a project easy for the first timer, and [Brad] was able to get things working quickly. A relay is used to activate the garage door remote button, as it was desired to leave the main control board of the garage door opener untouched. Reed switches are used to sense the position of the door, and [Brad] coded a state machine to ensure the door’s current state is always known.

It’s a simple project, but [Brad]’s use of state machine techniques and position sensing mean it’s less likely he’ll get home to find his garage open and his possessions missing. If you’re new to programming simple physical devices, you could take a page out of his logbook. Of course we’ve seen similar builds before, like this one from parts from the scrapbin.