IoT

318 Articles

Start Your Day The Arduino Way With This IoT Shower Controller

March 4, 2016 by 22 Comments

No longer content with adding value to the thermostat in the hallway or making your fridge smarter than it should be, IoT vendors are pushing into the inner sanctum of homes, the holy of holies – the bathroom. Sure, you can spend big bucks on an electronically controlled valve to turn your shower into a remote-controlled spa that shares your bathing habits with the cloud, but if you’re on a more modest budget and have the hacker spirit, you might want to check out this DIY automated shower valve with IoT features.

When we last ran into [TVMiller], he was opening gates using Jedi mind tricks, and before that he was shrinking a floating golf green to a manageable size. Such hacks work up a sweat, and while a clean hacker is a happy hacker, all that pesky valve-twisting and temperature-fiddling is so annoying. So with a few parts acquired from the waste stream, like an acrylic box, some salvaged servos, popsicle sticks, and a hell of a lot of caulk, [TVMiller] hacked together a feature-packed controller for his existing shower valves. An Arduino MKR1000 reads the water temperature and controls the servos that allow him to start the shower from his phone. Time and temperature data are sent to the cloud using ThingSpeak. You can see the whole thing in action in the mildly-NSFW video after the break.

Admittedly, this is a pretty janky setup, but it falls under the universal hacker disclaimer of “it’s just a prototype.” Still, we like the idea of retrofitting standard shower valves, and the popsicle-stick parallelograms for increasing leverage is a neat trick. We’ll be watching to see where this goes next.

Continue reading “Start Your Day The Arduino Way With This IoT Shower Controller”

Password Extraction Via Front Doorbell

February 28, 2016 by 52 Comments

Not a day goes by without another IoT security hack. If you’re wondering why you don’t want your front doorbell connected to the Internet, this hack should convince you.

The hack is unfathomably stupid. You press the button on the back of the unit that pairs the doorbell with your home WiFi network, and it transmits the password in the clear. Sigh. It’s since been fixed, and we suppose that’s a good thing, but we can’t resist thinking for a moment about an alternative implementation.

Imagine, like all previous non-IoT wireless doorbells, that the doorbell transmitted a not-very coded signal over an open frequency like 433 MHz to a receiver inside your home. Do the same with the video stream. Now the receiver can be connected to the Internet, and can be significantly more secure because it’s behind your locked front door. The attack surface presented to the outside world by the doorbell itself is small, and limited to faking a doorbell press or showing you pictures you don’t want to see. Yawn.

But because the outside doorbell unit could be connected to a network, it was. Now the attack surface extends into your home’s network, and if you’re like most people, the WiFi router was your only real defense.

Now we love the IoT, in principle. There are tons of interesting applications that need the sort of bandwidth or remote availability that the Internet provides. We’re just not convinced yet that a doorbell, or a fridge for that matter, meet the criteria. But it does add a hundred bucks to the price tag, so that’s good, right? What do you think? When does the risk of IoT justify the reward?

Thanks [Dielectric] for the tip!

Open Sesame, From A Galaxy Far, Far Away.

February 14, 2016 by 15 Comments

[TVMiller]’s description of his project is epic enough to deserve a literal copy-paste (something our readers often praise us about). In his own words,  “Having discovered several spare Midichlorians in my liquor cabinet, I trained and applied them to opening a large cumbersome gate. The FORCE motion travels through my inner what-nots and is translated by the Pebble Classic accelerometer toggling a command sent to the (Particle) Cloud (City) which returns to the Particle Photon triggering a TIP120 to fire a button on an existing RF transceiver. May the ridiculous hand gestures be with you, always.” Thus was born the Gate Jedi , and you’ll need exactly 47 Midichlorians, and some other trivial parts, to build one.

The Pebble watch hooks up to his android smart phone. A Pebble (android) app sends the accelerometer data to the Particle (previously called Spark) cloud service. From there, the data is pushed to the Photon IoT board which runs a few lines of code. Output from the Photon turns on a TIP120 power transistor, which in turn triggers the existing RF trans receiver that opens the Gate.

This looks way cooler than the Light Sabre hacks. Check out the video of him summoning the Force. And if you’d like to do more, try integrating gesture controls with this Pebble Watch hack that turns it into a home automation controller.

Continue reading “Open Sesame, From A Galaxy Far, Far Away.”

The Internet Of Broken Things (or, Why Am I So Cold?)

February 8, 2016 by 68 Comments

Although the Internet of Things (IoT) is a reasonably new term, the idea isn’t really all that new. Many engineers and hackers have created networked embedded systems for many years. So what’s different? Two things: the Internet is everywhere and the use of connected embedded systems in a consumer setting.

The Philips Hue light bulb
The Philips Hue light bulb

Like anything else, there’s a spectrum of usefulness to IoT. Watching The Expanse, the other day (which is not a bad show, by the way), I noticed that if you had the right IoT lights, you could run an app that would change your lighting to suit the show in real-time. I don’t have those lights, but I suppose when the action moves to a dark sub-basement, your lights dim and when you are in a space ship’s reactor room, they turn red, and so on. Fun, but hardly useful or life-changing.

On the other hand, there are some very practical IoT items like the Nest thermostat. It might seem lazy to want to monitor and control your thermostat from your tablet, but if you are frequently away from home, or you have multiple houses, it can be a real positive to be able to control things remotely. With the recent blizzard on the U.S. east coast, for example, it would be great to turn on the heat in your weekend cottage 150 miles away while you were still at work or home. However, the Nest recently had a hiccup during an upgrade and it has made many of their customers mad (and cold). I’ll get back to that, in a minute. First, I want to talk about the problems with deploying something that will be in many varied environments (like people’s homes) that controls something real.

Continue reading “The Internet Of Broken Things (or, Why Am I So Cold?)”

Reverse Engineering A WiFi Security Camera

February 6, 2016 by 22 Comments

The Internet of Things is slowly turning into the world’s largest crappy robot, with devices seemingly designed to be insecure, all waiting to be rooted and exploited by anyone with the right know-how. The latest Internet-enabled device to fall is a Motorola Focus 73 outdoor security camera. It’s quite a good camera, save for the software. [Alex Farrant] and [Neil Biggs] found the software was exceptionally terrible and would allow anyone to take control of this camera and install new firmware.

The camera in question is the Motorola Focus 73 outdoor security camera. This camera connects to WiFi, features full pan, tilt, zoom controls, and feeds a live image and movement alerts to a server. Basically, it’s everything you need in a WiFi security camera. Setting up this camera is simple – just press the ‘pair’ button and the camera switches to host mode and sets up an open wireless network. The accompanying Hubble mobile app scans the network for the camera and prompts the user to connect to it. Once the app connects to the camera, the user is asked to select a WiFi connection to the Internet from a list. The app then sends the security key over the open network unencrypted. By this point, just about anyone can see the potential for an exploit here, and since this camera is usually installed outdoors – where anyone can reach it – evidence of idiocy abounds.

Once the camera is on the network, there are a few provisions for firmware upgrades. Usually, firmware upgrades are available by downloading from ‘private’ URLs and sent to the camera with a simple script that passes a URL directly into the shell as root. A few facepalms later, and [Alex]  and [Neil] had root access to the camera. The root password was ‘123456’.

While there’s the beginnings of a good Internet of Camera in this product, the design choices for the software are downright stupid. In any event, if you’re looking for a network camera that you own – not a company with a few servers and a custom smartphone app – this would be near the top of the list. It’s a great beginning for some open source camera firmware.

Thanks [Mathieu] for the tip.

This Is How You Run A Hackathon: Tech Valley Center Of Gravity

February 4, 2016 by 5 Comments

What’s not to love about a hackathon? The junk food and caffeine that fuel the weekend; the highs that come with success and the lows that come when the blue smoke is released; the desperate search for inspiration as the clock ticks away; nerve-wracking pitches to the judges, hoping against hope that everything works in the demo. Hackathons are the contact sport of the hacker world, bringing in top competitors and eager upstarts, and when done well you just might attract interested “civilians” and other newbies that will catch the hacking bug from what they witness.

Such was the scene at the Tech Valley Center of Gravity in Troy, NY over the last weekend of January. New for 2016, the CoG is hosting a series of four hardware hackathons this year, each with a different theme. This event’s theme was “Internet of Things”, and the call went out to any and all to come compete for bragging rights and over $1,000 in prizes. Incentives to compete included some big name corporate sponsors, like AT&T, and judging and mentoring provided by the likes of SparkFun’s [Jeff Branson]. There was also a steady stream of food and drink, saturation coverage by local media outlets, and your humble Hackaday writer and his son, who made the trip up to Troy with a small passel of Hackaday swag and a curiosity to see how the CoG has fared since our last visit at the grand opening of their glorious new home. We were not disappointed.

Continue reading “This Is How You Run A Hackathon: Tech Valley Center Of Gravity”

Hackaday Links: January 31, 2016

January 31, 2016 by 27 Comments

[Damien] has been working on MicroPython for a while now. We did an interview with him a while ago about porting Python to tiny microcontrollers, and soon the BBC micro:bit will be getting Python into the hands of millions of British schoolchildren. Now [Damien] has a Kickstarter to get MicroPython to the bare metal of an ESP8266. That would be extremely interesting; there’s a lot you can do with an easily scriptable Internet Thing running Python.

A little over a month ago, [Renier] won the Hackaday Prize Best Product competition with the Vinduino, a device that cuts water usage of vinyards (and orchards, I guess) by 25%. Now he’s won the IoT awards for Best DIY Project.

We have lost a great inventor. [Artur Fischer], inventor of the plastic drywall plug, fischertechnik, the plastic wall plug, photo flash light, and holder of over 1100 patents (more than the great Edison), passed away this week.

Who remembers Glider? That old Macintosh game where you fly a paper airplane around a house is now available on GitHub. The creator of Glider, [John Calhoun] put all the code up a few days ago. If you have Metrowerks Code Warrior sitting around on an old box, feel free to dig around.

 In the ‘this guy totally won’t get sued’ column is MagSafe for iPhones. The MagSafe power adapter is Apple’s largest contribution to humanity, but they are a little protective about it.

We have two calls for the community: [jimie] had a go at programming the latest, coolest, open source radio. Programming it is hard. Has anyone found an improved guide? Second, I now have a Tadpole Computer that was former property of Quallcom. I can’t find any info on getting *nix or *BSD on it. Anyone have any experience?