IoT

324 Articles

Your WiFi Signals Are Revealing Your Location

November 28, 2019 by 43 Comments

The home may be the hearth, but it’s not going to be a place of safety for too long.

With the abundance of connected devices making their ways into our homes, increasing levels of data may allow for more accurate methods for remote surveillance. By measuring the strength of ambient signals emitted from devices, a site can be remotely monitored for movement. That is to say, WiFi signals may soon pose a physical security vulnerability.

In a study from the University of Chicago and the University of California, Santa Barbara, researchers built on earlier studies where they could use similar techniques to “see through walls” to demonstrate a proof-of-concept for passive listening. Attackers don’t need to transmit signals or break encryptions to gain access to a victim’s location – they just need to listen to the ambient signals coming from connected devices, making it more difficult to track bad actors down.

Typically, connected devices communicate to an access point such as a router rather than directly with the Internet. A person walking near a device can subtly change the signal propagated to the access point, which is picked up by a receiver sniffing the signal. Most building materials do not block WiFi signals from propagating, allowing receivers to be placed inconspicuously in different rooms from the access point.

WiFi sniffers are relatively inexpensive, with models running for less than $20. They’re also small enough to hide in unsuspecting locations – inside backpacks, inside a box – and emit no signal that could be detected by a target. The researchers proposed some methods for safeguarding against the vulnerability: insulating buildings against WiFi leakage (while ensuring that desirable signals, i.e. signals from cell tower are still able to enter) or having access points emit a “cover signal” that mixes signals from connected devices to make it harder to sniff for motion.

While we may not be seeing buildings surrounded by Faraday cages anytime soon, there’s only going to be more attack surfaces to worry about as our devices continue to become connected.

[Thanks to Qes for the tip!]

Best Buy’s IoT Goes Dark, Leaving Some “Smart” Products Dumbfounded

November 14, 2019 by 95 Comments

Bad news if you bought several Insignia-branded smart devices from Best Buy. The company has decided to shut down the back end systems that make them work — or at least work as a smart device. On the chopping block are smart outlets, switches, a security camera, and an upright freezer. If you bought, say, the freezer, it will still keep things cold. But the security camera will apparently be of no use at all now that the backend systems have gone dark. The company is offering an unspecified partial refund to users of the affected devices.

Best Buy announced this in September, and the shutdown date was last week on November 6th. Not all Insignia products are impacted, just the ones that rely on their app.

Anytime we talk about cloud-based technology, there are always a few people who say something like, “I’ll never rely on anything in the cloud!” Perhaps they have a point — certainly in this case they were right. There are really two things to consider: hardware devices that rely on the cloud, and data that resides in the cloud. In some cases, one product — like a camera — might have both.

Continue reading “Best Buy’s IoT Goes Dark, Leaving Some “Smart” Products Dumbfounded”

The Ifs Make Learning To Code Child’s Play

November 11, 2019 by 12 Comments

Anyone who has done the slightest bit of programming knows about the “Hello, World!” program. It’s the archetypal program that one enters to get a feel for a new language or a new architecture; if you can get a machine to print “Hello, World!” back to you, the rest is just details. But what about teaching kids to program? How does one get toddlers thinking in logical, procedural ways? More particularly, what’s a “Hello, World!” program look like for the pre-literate set?

Those are the sort of questions that led to The Ifs by [Makeroni Labs]. The Ifs are educational toys for teaching kids as young as three the basics of coding. Each If is a colorful plastic cube with a cartoon face and a “personality” that reflects what the block does – some blocks have actuators, some have sensors. The blocks are programmed by placing magnetic tabs on the top representing conditions and actions. A kid might choose to program a block to detect when it’s being shaken, or when the lights come on, and then respond by playing a sound or vibrating. The blocks can communicate with each other too, so that when the condition for one block is satisfied, something happens on another block.

The Ifs look like a lot of fun, and they’re a great jumpstart on the logical thinking skills needed for coders and non-coders alike. We’re not alone in thinking this is a pretty keen project – the judges for this year’s Hackaday Prize selected The Ifs as one of the twenty finalists. Will it win? We’ll find out next week at the 2019 Hackaday Superconference. If you won’t be in Pasadena with us, make sure you tune in to the livestream to watch the announcement.

The HackadayPrize2019 is Sponsored by:

Mozilla WebThings: An Open Platform For Building IoT Devices

October 29, 2019 by 24 Comments

Mozilla recently officially released their IoT platform. This framework comes with “Gateway” software that can run on a Raspberry Pi and a framework that can run on any number of devices.

As we’ve seen, IoT is a dubious prospect for consumers. When you throw in all the privacy issues, support issues, and end-of-life issues; it gets even worse. Nobody wants their light bulbs to stop working because a server in faraway land shut down, but that’s an hilariously feasible scenario.

WebThings comes with a lot out of the box. It comes with a user interface, logging, rules, and an easy-to-understand API. Likewise the actual framework allows for building on many common devices and can be written in Node, Python, Java, Rust, Micropython, and used as an Arduino library. This opens it up for everything from a eBay ESP32 to a particle board.

We’ve started to notice some projects that use it trickling in on the tip line and on hackaday.io. We’re interested to see what kind of community grows around this, and are curious if it won’t be too long before easy-to-hack kits start showing up on your favorite online retailers.

There’s good documentation and of course, being open source, you can check out the source for yourself.

Robot Allows Remote Colleagues To Enjoy Office Shenanigans

October 17, 2019 by 3 Comments

[Esther Rietmann] and colleagues built a Telepresence Robot to allow work at home teammates to have a virtual, but physical presence in the office. A telepresence robot is like a tablet mounted on a Roomba, providing motion capability in addition to an audio/video connection. Built during a 48 hour hackathon, it is a bit crude under the hood and misses out on some features, such as a bidirectional video feed. But overall, it pretty much does what is expected from such a device.

The main structure is build from cheap aluminium profiles and sheets. A Raspberry Pi is at the heart of the electronics hardware, with a servo mounted Pi-camera and speaker-microphone pair taking care of video and audio. The two DC motors are driven by H-bridges controlled from the Pi and an idle swivel caster is attached as the third wheel. The whole thing is powered by a power bank. The one important thing missing is an HDMI display which can show a video feed from the remote laptop camera. That may have been due to time constraints, but this feature should not be too difficult to add as a future upgrade. It’s important for both sides to be able to see each other.

The software is built around WebRTC protocol, with the WebRTC Extension from UV4L doing most of the heavy lifting. The UV4L Streaming Server not only provides its own built-in set of web applications and services, but also embeds a general-purpose web server on another port, allowing the user to run and deploy their own custom web apps. This allowed [Esther Rietmann]’s team to build a basic but functional front-end to transmit data from the remote interface for controlling the robot. The remote computer runs a Python control script, running as a system service, to control the drive motors and camera servo.

The team also played with adding basic object, gesture and action recognition features. This was done using PoseNet – a machine learning model, which allows for real-time human pose estimation in the browser using TensorFlowJS – allowing them to demonstrate some pose detection capability. This could be useful as a “follow me” feature for the robot.

Another missing feature, which most other commercial telepresence robots have, is a sensor suite for collusion avoidance, object detection and awareness such as micro switches, IR / ultrasonic detectors, time of flight cameras or LiDAR’s. It would be relatively easy to add one or several sensors to the robot.

If you’d like to build one for yourself, check out their code repository on Github and the videos below.

Continue reading “Robot Allows Remote Colleagues To Enjoy Office Shenanigans”

Building IoT Devices The Easy Way

October 10, 2019 by 7 Comments

Do you have a Raspberry Pi? What is it being used for right now? If you’re like the majority of people who replied to [Michael Hall’s] poll on Twitter, it’s likely yours is sitting on a shelf doing nothing too. So why not just turn it into an IoT device for your home?

[Michael] wrote an easy-to-follow guide focusing on getting the EdgeX Foundry IoT platform running on the Raspberry Pi. It is designed to be a unified multi-platform base for IoT devices hosted by the Linux Foundation, making it easy to control and integrate them into other systems. The framework for this consists of two parts, a Device Service running on your Pi, and the rest of the services running on a desktop or laptop where you’ll be monitoring it.

His guide goes into detail on how to get both parts working on your computer and your Pi using Docker for ease of installation. As for the IoT device, he uses the built-in PIR sensor example to show how to configure it without having to write any programming. You can then monitor the device’s sensors, which you can just connect straight to the Pi’s GPIO pins, from your desktop. Since the EdgeX software is designed to run on any flavor of Linux, this should make it easy to repurpose any forgotten single-board computer into the beginnings of a home automation system.

However, if you are confident in your programming skills, you’re probably looking for something slimmer such as the ESP8266 family of microcontrollers to do your bidding. Why not try an energy monitor or a smoke detector project with them?

Fighting Household Air Pollution

September 24, 2019 by 35 Comments

When Kenyan engineer [Aloise] found out about the health risks of household air pollution, they knew there had to be a smart solution to combatting the problem while still providing a reasonable source of energy for families cooking without the luxury of cleaner fuels. Enter OpenHAP, a DIY household air pollution monitor that provides citizen scientists and researches the means to measure air particulates in developing countries.

The device is based on an ESP32 communicating with a ZH03B Particulate matter sensor over UART; a DS3231SN real-time clock (RTC), temperature and humidity sensor, and MLX90640 2D thermal sensor array over I2C; and wirelessly sending the data received to a Bluetooth low energy wrist-strap beacon and an Internet enabled phone. The device also uses a TCA9534 GPIO expander to control the visual and auditory notifiers (buzzers and LEDs) and to interface to a SD card.

The project uses the libesphttpd project modified for the ESP32 for the webserver, which is used to stream data to a mobile handset or computer using the WiFi capabilities of the ESP32. The data includes real-time sensor information, system status, storage media status, visualizations of the thermal array sensor data (to ensure the camera is facing the source of heat), and tag information to test the limits of the Bluetooth tag with regards to distance.

Power input is provided through a Micro-USB connector, protected with a TVS diode and a Schottky diode in series to prevent reverse power flow.

The project was tested in two real-life scenarios: one with a household in rural Kenya and another with an urban low-income family of four. In the first test, the family used a three stone open fire stove. A FLiR thermal camera captured the stove temperatures, while a standard camera was enough to capture the high levels of smoke inside the kitchen. The readings from OpenHAP were high enough to exceed the upper detection threshold for the particulate sensor, showing that the woman cooking in the house was receiving the equivalent of 8 cigarettes a day, about 8 x the WHO’s recommended particulate levels.

Within the second household, a typical energy mix of charcoal briquettes and kerosene was typically used for cooking, with kerosene used during the day and briquettes used at night. The results from measuring pollution levels using OpenHAP showed that the mother and child in the household regularly received around 1.5 x the recommended limit of pollutants, enough to lead to slow suffocation.

There’s already immense potential for this project to help researchers test out different energy sources for rural households, not to mention the advantage of having a portable low-energy pollution monitor for citizen scientists.

Continue reading “Fighting Household Air Pollution”