Talking To A Lamp

Barking commands at furniture seems a bit odd but with voice controlled home automation platforms becoming the norm, you may be spending more time talking to your light fixtures than your kids. In one such project, [Becky Stern] used an Alexa Dot and an ESP8266 respond to voice commands.

The design uses the Alexa Dot to interpret voice commands such as ‘Alexa turn the light ON’. The ESP8266 with a relay feather wing is used to switch the actual lamp ON and OFF. The glue between the two is the fauxmoESP library that allows the ESP8266 to receive commands from the Alexa API.

The best part of the project is the lamp itself which has a wooden base and is perfect for such experiments. [Becky Stern] does a wonderful job at carving out enough space and filling it with the electronics. The additional sanding and wood staining make the project more impressive and worthy of a living room. The idea could be easily extended to other own household items. Check out the video of the project below and for more inspiration, take a look at Theia IoT Light-Switch. Continue reading “Talking To A Lamp”

Best Product Entry: Open Source Internet Of Dosimeter

[Radu Motisan] Has entered a cool project into the Best Product portion of this year’s Hackaday Prize. It’s called an Open Source IoT Dosimeter. It has a Geiger tube for detecting radiation levels along with Internet connectivity and a host of other goodies.

Dubbed the KIT1, this IoT dosimeter can be used as a portable radiation detector with its Nokia 5110 LCD as an output or a monitoring station with Ethernet. With its inbuilt speaker, it alerts users to areas with excessive radiation. KIT1 is a fully functioning system with no need for a computer to get readouts, making it very handy and easy to use. It also has room for expansion for extra sensors allowing a fully customized system. The project includes all the Gerbers and a BOM so you can send it off to a PCB fab lab of your choice, solder on a few components, and have a fully functioning IoT Dosimeter. you don’t even need the LCD or the Ethernet; you can choose which output you prefer from the two and just use that allowing for some penny-pinching.

This is a great project and who doesn’t need an IOT Dosimeter these days?

Is It A Stupid Project If You Learn Something From The Process?

Fidget spinners — so hot right now!

[Ben Parnas], and co-conspirator in engineering inanity [Greg Daneault], brought to the recent Boston Stupid Hackathon in Cambridge, MA, their IoT-enabled Fidget Spinner…. spinner. A Spidget Finner. Yep, that’s correct: spin the smartphone, and the spinner follows suit. Stupid? Maybe, but for good reason.

Part satire on cloud tech, part learning experience, a curt eight hours of tinkering brought this grotesque, ESP32-based device to life. The ESP can the Arduino boot-loader, but you’ll want to use the ESP-IDF sdk, enabling broader use of the chip.

Creating an app that pulls data from the phone’s gyroscope, the duo set up the spinner-bot to access the WiFi and request packets of rotational data from the smartphone via a cloud-based server — the ‘spincloud.’ Both devices were enabled as clients to circumvent existing IoT services.

Continue reading “Is It A Stupid Project If You Learn Something From The Process?”

Ikea Tradfri Hacking

Smart lighting is all the rage right now. Sure, Phillips Hue is the giant player in the market, but there are plenty of ZigBee, Bluetooth, and WiFi light bulbs out there. Ikea–known for cheap furniture, meatballs, and waffles–is a recent addition to the field with their Tradfri system. Like most things from Ikea, they are effective and inexpensive. [Andreas] takes a Dremel to the controller and shows how to hack the system to use MQTT. You can check out the video below.

Once he had the device opened, the used the German Make magazine article we talked about earlier, to help understand what he had. Armed with the pinout, he was able to solder a wiring harness to the controller. He then connected a WeMos board. A little Arduino code later, and he was controlling the light with MQTT.

Continue reading “Ikea Tradfri Hacking”

Hijacking The Sonoff OTA Mechanism

ITEAD’s Sonoff line is a range of Internet-of-Things devices based around the ESP8266. This makes them popular for hacking due to their accessibility. Past projects have figured out how to reflash the Sonoff devices, but for [mirko], that wasn’t enough – it was time to reverse engineer the Sonoff Over-The-Air update protocol.

[mirko]’s motivation is simple enough – a desire for IoT devices that don’t need to phone home to the corporate mothership, combined with wanting to avoid the labor of cracking open every Sonoff device to reflash it with wires like a Neanderthal. The first step involved connecting the Sonoff device to WiFi and capturing the traffic. This quickly turned up an SSL connection to a remote URL. This was easily intercepted as the device doesn’t do any certificate validation – but a lack of security is sadly never a surprise on the Internet of Things.

After capturing the network traffic, [mirko] set about piecing together the protocol used to execute the OTA updates. After a basic handshake between client and server, the server can ask the client to take various actions – such as downloading an updated firmware image.  After determining the messaging format, [mirko] sought to create a webserver in Python to replicate this behaviour.

There are some pitfalls – firmware images need to be formatted slightly differently for OTA updates versus the usual serial upload method, as this process leaves the stock bootloader intact. There’s also the split-partition flash storage system to deal with, which [mirko] is still working on.

Nevertheless, it’s great to see hackers doing what they do best – taking control over hardware and software to serve their own purposes. To learn more, why not check out how to flash your Sonoff devices over serial? They’re just an ESP8266 inside, after all.

Sense All The Things With A Synthetic Sensor

What will it take to make your house smarter than you? Judging from the price of smart appliances we see in the home centers these days, it’ll take buckets of cash. But what if you could make your home smarter — or at least more observant — with a few cheap, general purpose “supersensors” that watch your every move?

Sounds creepy, right? That’s what [Gierad Laput] and his team at the Carnegie Mellon Human-Computer Interaction Institute thought when they designed their broadband “synthetic sensor,” and it’s why they purposely omitted a camera from their design. But just about every other sensor under the sun is on the tiny board: an IR array, visible light sensors, a magnetometer, temperature, humidity, and pressure sensors, a microphone, PIR, and even an EMI detector. Of course there’s also a WiFi module, but it appears that it’s only for connectivity and not used for sensing, although it clearly could be. All the raw data is synthesized into a total picture of the goings on in within the platform’s range using a combination of machine learning and user training.

The video after the break shows the sensor detecting typical household events from a central location. It’s a powerful idea and we look forward to seeing how it moves from prototype to product. And if the astute reader recognizes [Gierad]’s name, it might be from his past appearance on these pages for 3D-printed hair.

Continue reading “Sense All The Things With A Synthetic Sensor”

Yet Another IoT Botnet

[TrendMicro] are reporting that yet another IoT botnet is emerging. This new botnet had been dubbed Persirai and targets IP cameras. Most of the victims don’t even realize their camera has access to the Internet 24/7 in the first place.

Trend Micro, have found 1,000 IP cameras of different models that have been exploited by Persirai so far. There are at least another 120,000 IP cameras that the botnet could attack using the same method. The problem starts with the IP cameras exposing themselves by default on TCP Port 81 as a web server — never a great idea.

Most IP cameras use Universal Plug and Play, which allows them to open ports from inside the router and start a web server without much in the way of security checks. This paints a giant target in cyber space complete with signs asking to be exploited. After logging into a vulnerable device the attacker can perform a command injection attack which in turn points gets the camera to download further malware.

The exploit runs in memory only, so once it has been rebooted it should all be fine again until your next drive by malware download. Check your devices, because even big named companies make mistakes. IoT is turning into a battlefield. We just hope that with all these attacks, botnets, and hacks the promise of the IoT idea isn’t destroyed because of lazy coders.

Part of feature image from Wikipedia, Creative Commons license.