A White Hat Virus For The Internet Of Things

October 2, 2015 by Brian Benchoff 51 Comments

The Internet of Things is going gangbusters, despite no one knowing exactly what it will be used for. There’s more marketing money being thrown at IoT paraphernalia than a new soda from Pepsi. It’s a new technology, and with that comes a few problems: these devices are incredibly insecure, and you only need to look at a few CCTV camera streams available online for proof of that.

The obvious solution to vulnerable Internet of Things things would be to get people to change the login credentials on their devices, but that has proven to be too difficult for most of the population. A better solution, if questionable in its intentions, would be a virus that would close all those open ports on routers, killing Telnet, and reminding users to change their passwords. Symantec has found such a virus. It’s called Wifatch, and it bends the concept of malware into a force for good.

Wifatch is a bit of code that slips through the back door of routers and other IoT devices, closes off Telnet to prevent further infection, and leaves a message telling the owner to change the password and update the device firmware. Wifatch isn’t keeping any secrets, either: most of the code is written in unobfuscated Perl, and there are debug messages that enable easy analysis of the code. This is code that’s meant to be taken apart, and code that includes a comment directed at NSA and FBI agents:

To any NSA and FBI agents reading this: please consider whether defending
the US Constitution against all enemies, foreign or domestic, requires you
to follow Snowden's example.

Although the designer of Wifatch left all the code out in the open, and is arguably doing good, there is a possible dark side to this white hat virus. Wifatch connects to a peer-to-peer network that is used to distribute threat updates. With backdoors in the code, the author of Wifatch could conceivably turn the entire network of Wifatch-infected devices into a personal botnet.

While Wifatch is easily removed from a router with a simple restart, and re-infection can be prevented by changing the default passwords, this is an interesting case of virtual vigilantism. It may not be the best way to tell people they need to change the password on their router, but it’s hard to argue with results.

[Image source: header, thumb]

Nixie Tube Clock Isn’t Just A Clock

September 19, 2015 by Bryan Cockfield 17 Comments

With everything that’s been happening in the news lately, [Jarek] decided it was finally time to finish up his latest project. The Internet of Things has been exploding with projects lately, and this clock that also alerts him of the weather is the latest addition. Plus it has the added bonus of using everybody’s favorite display: nixie tubes!

Of course, using high voltage for the nixies can be terror-inducing, but [Jarek] found a power supply on eBay that was able to power the tubes for not too much money. The controller is an HV5622 which can control up to 32 nixies while only using up three pins on a microcontroller which is pretty handy if you have a limited number of output pins.

The clock also has another device hidden behind all of the wires for the tubes: an ESP8266 to give it network connectivity. The clock connects to the Internet and searches for the nine-hour weather forecast. There are a few nixie lights behind the display which illuminate cutouts in the case to indicate a few different weather statuses. It’s a very polished project, and since it’s enclosed in a nice case it’s not likely to be mistaken for any movie props. Of course, other nixie projects don’t have the same comforting look.

Continue reading “Nixie Tube Clock Isn’t Just A Clock” →

Traffic Light Tells You If The Internet Is Up

September 12, 2015 by Dan Maloney 21 Comments

Some of us are not blessed with an always on, high availability internet connection. Sick of answering the constant “Is the internet up?” questions, go-to IT support dude [PatH] took matters into his own hands and developed an unmistakable traffic light display of internet status for his apparently low-reliability connection.

A toy traffic light from Amazon forms the core of the UI, and the lights are driven by a Raspberry Pi that pings a suite of 10 sites in round robin fashion. If a site is found to be unavailable, the Pi goes into “deep probe” mode to determine the extent of the outage, and lights up accordingly. If the light is green, the connection’s clean; if it lights up red, best go to bed. As a bonus, logs are kept of all deep probes, which may prove useful for diagnosing ISP issues.

A display like this could go a long way toward making sure you stay connected, and can reduce the workload for you as de facto IT support. Of course for a little more information about the connection speed with retro styling, you might want to throw a Dekatron at the job.

Why IoT Will Fail (and How To Save It)

September 3, 2015 by Al Williams 76 Comments

Buzzword technology has two possible fates: they fail and disappear or they succeed and disappear. Remember at one time “multimedia” and “networking” were buzzwords. They succeeded and now they’ve vanished into ubiquity. Of course, there are plenty of failed buzzwords (like telecosm) that you probably don’t even remember. They just vanished into obscurity.

Unless you’ve been living under the CNC mill in your local hackerspace, you’ve probably heard or read about the “Internet of Things” (IoT). Companies big and small have realized that getting in early on The Next Big Thing is good for share prices and, right now, IoT is where everyone is trying to make a play.

There’s two things I’d observe, though: First, IoT is far from new. Connecting embedded systems to the Internet is old hat (I even wrote a book called Embedded Internet Design way back in 2003). Second, the way it is going, IoT–in its current incarnation–is doomed.

Continue reading “Why IoT Will Fail (and How To Save It)” →

Fight Frost With An Internet Of Things Fridge Alarm

August 23, 2015 by Dan Maloney 12 Comments

It has been incredibly humid around these parts over the last week, and there seems to be something about these dog days that makes you leave the fridge or freezer door open by mistake. [pnjensen] found this happening all too often to the family chill chest, with the predictable accretion of frost on the coils as the water vapor condensed out of the entrained humid air and froze. The WiFi-enabled fridge alarm he built to fight this is a pretty neat hack with lots of potential for expansion.

Based on a Sparkfun ESP8266 Thing and home-brew door sensors built from copper tape, the alarm is rigged to sound after 120 seconds of the door being open. From the description it seems like the on-board buzzer provides a periodic reminder pip while the door is open before going into constant alarm and sending an SMS message or email; that’s a nice touch, and having the local alarm in addition to the text or email is good practice. As a bonus, [pjensen] also gets a log of each opening and closing of the fridge and freezer. As for expansion, the I2C header is just waiting for more sensors to be added, and the built-in LiPo charger would provide redundancy in a power failure.

If frost buildup is less a problem for you than midnight snack runs causing another kind of buildup, you might want to check out this willpower-enhancing IoT fridge alarm.

Follow Me: Making Servos Track Hand Motion With Leap

August 22, 2015 by Al Williams 5 Comments

The Leap controller is one of those gadgets that is probably better for its cool factor rather than its practicality. The ~~time of flight~~ optical sensor reads gestures, but it is hardly a substitute for a mouse in many cases. It seems like the best uses for it we’ve seen are dedicated systems that need to know where your hands are. [Justin Platz] and [Kurt Clothier], for example, have an interesting demo that uses a Leap to control a Raspberry Pi. The Pi commands servo motors that move LED blocks to track your hand motion. Their code is available on GitHub.

Continue reading “Follow Me: Making Servos Track Hand Motion With Leap” →

Google’s OnHub Goes Toe To Toe With Amazon Echo

August 19, 2015 by Mike Szczys 46 Comments

Yesterday Google announced preorders for a new device called OnHub. Their marketing, and most of the coverage I’ve seen so far, touts OnHub as a better WiFi router than you are used to including improved signal, ease of setup, and a better system to get your friends onto your AP (using the ultrasonic communication technique we’ve also seen on the Amazon Dash buttons). Why would Google care about this? I don’t think they do, at least not enough to develop and manufacture a $199.99 cylindrical monolith. Nope, this is all about the Internet of Things, as much as it pains me to use the term.

OnHub boasts an array of “smart antennas” connected to its various radios. It has the 2.4 and 5 Gigahertz WiFi bands in all the flavors you would expect. The specs also show an AUX Wireless for 802.11 whose purpose is not entirely clear to me but may be the network congestion sensing built into the system (leave a comment if you think otherwise). Rounding out the communications array is support for ZigBee and Bluetooth 4.0.

I have long looked at Google’s acquisition of Nest and assumed that at some point Nest would become the Router for your Internet of Things, collecting data from your exercise equipment and bathroom scale which would then be sold to your health insurance provider so they may adjust your rates. I know, that’s a juicy piece of Orwellian hyperbole but it gets the point across rather quickly. The OnHub is a much more eloquent attempt at the same thing. Some people were turned off by the Nest because it “watches” you to learn your heating preferences. The same issue has arisen with the Amazon Echo which is “always listening”.

Google has foregone those built-in futuristic features and chosen a device to which almost everyone has already grown accustom: the WiFi router. They promise better WiFi and I’m sure it will deliver. What’s the average age of a home WiFi AP at this point anyway? Any new hardware would be an improvement. Oh, and when you start buying those smart bulbs, fridges, bathroom scales, egg trays, and whatever else it’ll work for them as well.

As far as hacking and home automation, it’s hard to beat the voice-activated commands we’ve seen with Echo lately, like forcing it to control Nest or operate your Roku. Who wants to bet that we’ll see a Google-Now based IoT standalone device quickly following the shipment of OnHub?

Continue reading “Google’s OnHub Goes Toe To Toe With Amazon Echo” →