IoT

322 Articles

Sonoff Factory Tour Is A Lesson On Life In Shenzhen

December 29, 2017 by 24 Comments

Judging by the popularity of “How It’s Made” and other shows of the genre, watching stuff being made is a real crowd pleaser. [Jonathan Oxer] from SuperHouse is not immune to the charms of a factory tour, so he went all the way to China to visit the factory where Sonoff IoT devices are made, and his video reveals a lot about the state of electronics manufacturing.

Test jig for six units at once

For those interested only in how Sonoff devices are manufactured, skip ahead to about the 7:30 mark. But fair warning — you’ll miss a fascinating discussion of how Shenzhen rose from a sleepy fishing village of 25,000 people to the booming electronics mecca of 25 million that it is today. With growth supercharged by its designation as a Special Economic Zone in the 1980s, Shenzhen is now home to thousands of electronics concerns, including ITEAD, the manufacturers of the Sonoff brand. [Jonathan]’s tour of Shenzhen includes a trip through the famed electronics markets where literally everything needed to build anything can be found.

At the ITEAD factory, [Jonathan] walks the Sonoff assembly line showing off an amazingly low-tech process. Aside from the army of pick and places robots and the reflow and wave soldering lines, Sonoff devices are basically handmade by a small army of workers. We lost count of the people working on final assembly, testing, and packaging, but suffice it to say that it’ll be a while before robots displace human workers in electronic assembly, at least in China.

We found [Jonathan]’s video fascinating and well worth watching. If you’re interested in Sonoff’s ESP8266 offerings, check out our coverage of reverse engineering them. Or, if Shenzhen is more your thing, [Akiba]’s whirlwind tour from the 2016 Superconference will get you started.

Continue reading “Sonoff Factory Tour Is A Lesson On Life In Shenzhen”

The Bedside Light App That Phones Home

December 26, 2017 by 31 Comments

Desiring a bedside lamp with a remote control, [Peadar]’s wife bought a Xiaomi Yeelight, an LED model with an accompanying Android app. And since he’s a security researcher by trade, he subjected the app to a close examination and found it to be demanding permissions phoning home to a far greater extent than you’d expect from a bedside light.

His write-up is worth a read for its fascinating run-through of the process for investigating any Android app, as it reveals the level to which the software crosses the line from simple light-controller into creepy data-slurper. The abilities to create accounts on your device, download without notification, take your WiFi details and location, and record audio are not what you’d expect to be necessary in this application. He also looks into the Xiaomi web services the app uses to phone home, revealing some interesting quirks along the way.

This story has received some interest across the Internet, quite rightly so since it represents a worrying over-reach of corporate electronic intrusion. It is interesting though to see commentary whose main concern is that the servers doing the data-slurping are in China, as though somehow in this context the location is the issue rather than the practice itself. We’ve written before about how some mildly sinister IoT technologies seem to bridge the suspicion gap while others don’t, it would be healthy to see all such services subjected to the same appraisal.

As a postscript, [Peadar] couldn’t get the app to find his wife’s Yeelight, let alone control it. That the spy part of the app works while the on-the-surface part doesn’t speaks volumes about the development priorities of its originator.

Image: Xiaomi Yeelight website.

Control A Quadcopter Over Websockets

December 23, 2017 by 6 Comments
The interface

Everyone’s favourite IOT module, the ESP8266, is often the go-to choice for any project that needs quick and cheap control over the web. [Andi23456] wanted to control his quadcopter using the luxury of his mobile phone and thought permanently tethering an ESP12-E module to the quadcopter was exactly what he required.

The ESP8266, really showcasing its all-round prowess, hosts both a web server for a HTML5 based joystick and a Websockets server so that a client, such as a phone, could interact with it over a fast, low latency connection. Once the ESP8266 receives the input, it uses interrupts to generate the corresponding PPM (Pule Position Modulation) code which the RC receiver on the quadcopter can understand. Very cool!

What really makes this realtime(ish) control viable is Websockets, a protocol that basically allows you to flexibly exchange data over an “upgraded” HTTP connection without having to lug around headers each time you communicate. If you haven’t heard of Websockets you really should look really check out this library or even watch this video to see what you can achieve.

The Smartest Air Freshener In The Room

December 16, 2017 by 6 Comments

Many automatic air fresheners are wasteful in that they either ceaselessly spritz the room, and manual ones need to be — well — manually operated. This will not do in an era of smart products, so Instructables user [IgorF2] has put together an air freshener that does more than check if you’re around before freshening things up.

The air freshener uses a NodeMCU LoLin and an MG 995 servomotor, with a NeoPixel ring acting as a status light. Be aware — when the servo is triggered there is a significant spike in current, so be sure you aren’t powering the air freshener from a PC USB port or another device. After modeling the air freshener’s case in Fusion 360 — files available here — [IgorF2] wired the components together and mounted them inside the 3D printed case.

Hardware work completed, [IgorF2] has detailed how to set up the Arduino IDE and ESP8266 support for a first-time-user, as well as adding a few libraries to his sketch. A combination of an Adafruit.IO feed and ITTT — once again, showing the setup steps — handles how the air freshener operates: location detection, time specific spritzing, and after tapping a software button on your phone for those particularly lazy moments.

Continue reading “The Smartest Air Freshener In The Room”

Mount Sopris

Design A Microcontroller With Security In Mind

December 15, 2017 by 22 Comments

There are many parts to building a secure networked device, and the entire industry is still learning how to do it right. Resources are especially constrained for low-cost microcontroller devices. Would it be easier to build more secure devices if microcontrollers had security hardware built-in? That is the investigation of Project Sopris by Microsoft Research.

The researchers customized the MediaTek MT7687, a chip roughly comparable to the hacker darling ESP32. The most significant addition was a security subsystem. It performs tasks notoriously difficult to do correctly in software, such as random number generation and security key storage. It forms the core of what they called the “hardware-based secure root of trust.”

Doing these tasks in a security-specific module solves many problems. If a key is not stored in memory, a memory dump can’t compromise what isn’t there. Performing encryption/decryption in task-specific hardware makes it more difficult to execute successful side-channel attacks against them. Keeping things small keeps the cost down and also eases verifying correctness of the code.

But the security module can also be viewed from a less-favorable perspective. Its description resembles a scaled-down version of the Trusted Platform Module. As a self-contained module running its own code, it resembles the Intel Management Engine, which is currently under close scrutiny.

Will we welcome Project Sopris as a time-saving toolkit for building secure networked devices? Or will we become suspicious of hidden vulnerabilities? The researchers could open-source their work to ease these concerns, but value of their work will ultimately depend on the fast-moving field of networked device security.

Do you know of other efforts to add hardware-assisted security to microcontrollers? Comment below or let us know via the tip line!

[via Wired]

Image of Mount Sopris, namesake of the project, by [Hogs555] (CC-BY 4.0)

 

Internet Of Things Opens Possibilities

December 3, 2017 by 7 Comments

While a lot of hardware gets put on the “Internet of Things” with only marginal or questionable benefits (or with hilariously poor security), every now and then a project makes use of this new platform in a way that illustrates the strengths of IoT. [ThingEngineer] turned to this platform as a cost-effective solution for an automatic gate, since new keyfobs were too expensive and a keypad was not an option.

Using an Electric IMP, [ThingEngineer] began by installing his IoT patch into the LiftMaster gate control box. This particular gate has easily accessible points that the controller can access to determine the gate’s status, so from there, an API was written to do the heavy lifting. A web server was deployed as well, so anyone with access can use a smartphone or other device to open the gate.

For anyone else looking to deploy a similar IoT solution, [ThingEngineer] has put all of the project code, schematics, and a thorough write-up about the project on his GitHub page. There are many useful ways to get on board the Internet of Things, though; so many that it’s been possible to win a substantial prize for using it in a creative way.

IoTP: The Internet Of Toilet Paper

November 27, 2017 by 25 Comments

Our first impression of this IoT toilet paper roll was that somebody was pulling our leg. Watching the infomercial-esque video below is alternately hilarious and horrifying, but it leaves you with the unmistakable feeling that this is all a joke, and a pretty good one at that.  Right up until you get to the big Kimberly-Clark logo at the end, that is, and you realize that the international paper concern must be looking at this seriously.

When you read [zvizvi]’s Instructables post, you find out that this project is indeed a legitimate attempt to meld an Amazon Dash button with your toilet paper dispenser. For his proof-of-concept build, [zvizvi] started with a gag “talking TP” roll off eBay, designed to play back a voice clip when the paper is used. It had all the right guts, and being just the size for a Wemos Mini and an accelerometer for motion detection was a bonus. The smart spindle can tally the amount of paper used, so you’ll never be caught without a square to spare. And of course, critical TP usage parameters are uploaded to a cloud server, so that more toilet paper can be rushed to your door when you’re getting low.

The whole idea, including justification based on monitoring TP use as a proxy for bowel health, seems ridiculous, but we suspect there may be some brilliance here. Joke if you will, but in the end it’s probably better than an Internet of Farts.

Continue reading “IoTP: The Internet Of Toilet Paper”