Hitag transponders have been used in a wide variety of car keys as a protective measure against hot-wiring and theft. They’re also a reason why it’s a lot more expensive to get car keys duplicated these days for many models that use this technology. However, there is now an open source programmer that works with these transponder keys, thanks to [Janne Kivijakola].
The hack uses an old reader device salvaged from a Renault in a scrapyard, hooked up to an Arduino Mega 2560 or Arduino Nano. With this setup, key transponders can be programmed via a tool called AESHitager, which runs on Windows. It’s compatible with a variety of Hitag transponders, including Hitag2, Hitag3, and Hitag AES, along with the VVDI Super Chip and certain types of BMW keys.
If you’ve been having issues with coded keys, this project might just be what you need to sort your car out. Everything you need is available on GitHub for those wishing to try this at home. We’ve seen some interesting hacks in this space before, too. Video after the break.
Continue reading “Open Source Key Programmer For HiTag2 Keys”
As the saying goes, there’s no lock that can’t be picked, much like there’s no networked computer that can’t be accessed. It’s usually a continual arms race between attackers and defenders — but for some modern passenger vehicles, which are essentially highly mobile computers now, the defenders seem to be asleep at the wheel. The computing systems that control these cars can be relatively easy to break into thanks to manufacturers’ insistence on using wireless technology to unlock or activate them.
This particular vulnerability involves the use of a piece of software called gattacker which exploits vulnerabilities in Bluetooth Low Energy (BLE), a common protocol not only for IoT devices but also to interface a driver’s smartphone or other wireless key with the vehicle’s security system. By using a man-in-the-middle attack the protocol between the phone and the car can be duplicated and the doors unlocked. Not only that, but this can be done without being physically close to the car as long as a network of some sort is available.
[Kevin2600] successfully performed these attacks on a Tesla Model 3 and a few other vehicles using the seven-year-old gattacker software and methods first discovered by security researcher [Martin Herfurt]. Some other vehicles seem to have patched these vulnerabilities as well, and [Kevin2600] didn’t have universal success with every vehicle, but it does remind us of some other vehicle-based attacks we’ve seen before.
When the first radios and telegraph lines were put into service, essentially the only way to communicate was to use Morse code. The first transmitters had extremely inefficient designs by today’s standards, so this was more a practical limitation than a choice. As the technology evolved there became less and less reason to use Morse to communicate, but plenty of amateur radio operators still use this mode including [Kevin] aka [KB9RLW] who has built a circuit which can translate spoken Morse code into a broadcasted Morse radio signal.
The circuit works by feeding the signal from a microphone into an Arduino. The Arduino listens for a certain threshold and keys the radio when it detects a word being spoken. Radio operators use the words “dit” and “dah” for dots and dashes respectively, and the Arduino isn’t really translating the words so much as it is sending a signal for the duration of however long each word takes to say. The software for the Arduino is provided on the project’s GitHub page as well, and uses a number of approaches to make sure the keyed signal is as clean as possible.
[Kevin] mentions that this device could be used by anyone who wishes to operate a radio in this mode who might have difficulty using a traditional Morse key and who doesn’t want to retrain their brain to use other available equipment like a puff straw or a foot key. The circuit is remarkably straightforward for what it does, and in the video below it seems [Kevin] is having a blast using it. If you’re still looking to learn to “speak” Morse code, though, take a look at this guide which goes into detail about it.
Thanks to [Dragan] for the tip!
Continue reading “Translating And Broadcasting Spoken Morse Code”
Physical security is often considered simpler than digital security since safes are heavy and physical keys take more effort to duplicate than those of the digital persuasion. [Maxime Beasse and Quentin Clement] have developed a smartphone app that can duplicate a key from a photo making key copying much easier.
KeyDecoder is an open source Android app that can generate all the necessary bitting info to duplicate a key from just an image. Luckily for the paranoid among us, the image must be taken with the key laying flat without a keyring on an ISO/CEI 7810 ID-1 ID or credit card. A passerby can’t just snap a photo of your keys across the room and go liberate your home furnishings, but it still would be wise to keep a closer eye on your keys now that this particular
cat hack is out of the bag.
The project’s GitHub page is awash in warnings that this tool is designed solely for “pentesters and security enthusiasts” to warn their friends and clients about the dangers of leaving their keys exposed. After learning about this tool, we wouldn’t be surprised if some in the audience start rethinking how they carry and store their physical keys from now on.
If you want to see some more hacks to duplicate keys, checkout Copying High Security Keys With OpenSCAD And Light and Methods Of Copying High Security Keys.
If there’s one thing about managing a bunch of keys, whether they’re for RSA, SSH, or a car, it’s that large amounts of them can be a hassle. In fact, anything that makes life even a little bit simpler is a concept we often see projects built on to of, and keys are no different. This project, for example, eliminates the need to consciously carry a house key around by hiding it in a piece of jewelry.
This project sprang from [Maxime]’s previous project, which allowed the front door to be unlocked with a smartphone or tablet. This isn’t much better than carrying a key, since the valuable piece of electronics must be toted along in place of one. Instead, this build eschews the smartphone for a ring which can be worn and used to unlock the door with the wave of a hand. The ring contains an RFID which is read by an antenna that’s monitored by a Wemos D1 Mini. When it sees the ring, a set of servos unlocks the door.
The entire device is mounted on the front of the door about where a peephole would normally be, with the mechanical actuators on the inside. It seems just as secure (if not more so) than carrying around a metal key, and we also appreciate the aesthetic of circuit boards shown off in this way, rather than hidden inside an enclosure. It’s an interesting build that reminds us of some other unique ways of unlocking a door.
Continue reading “Front Door Keys Hidden In Plain Sight”
Playing music as part of a group typically requires that not only are all of the instruments tuned to each other, but also that the musicians play in a specific key. For some musicians, like pianists and percussionists, this is not terribly difficult as their instruments are easy to play in any key. At the other end of the spectrum would be the diatonic harmonica, which is physically capable of playing in a single key only. Other orchestral instruments, on the other hand, are typically made for a specific key but can transpose into other keys with some effort. But, if you have 3D printed your instrument like this bass clarinet from [Jared], then you can build it to be in whichever key you’d like.
The bass clarinet is typically an instrument that comes in the key of B flat, but [Jered] wanted one that was a minor third lower. Building a traditional clarinet is not exactly the easiest process, so he turned to his 3D printer. In order to get the instrument working with the plastic parts, he had to make a lot of the levers and keys much larger than the metal versions on a standard instrument, and he made a number of design changes to some of the ways the keys are pressed. Most of his changes simply revert back to clarinet designs from the past, and it’s interesting to see how simpler designs from earlier time periods lend themselves to additive manufacturing.
While [Jared] claims that the two instruments have slightly different tones, our amateur ears have a hard time discerning the difference. He does use a standard clarinet bell but other than that it’s impressive how similar the 3D printed version sounds to the genuine article. As to why it’s keyed differently than the standard, [Jared] points out that it’s just interesting to try new things, and his 3D printer lets him do that. We’d be happy to have another instrument in our 3D printed orchestra, too.
Continue reading “3D Printing The Key To A Bass Clarinet”
The mechanical keyboard rabbit hole is a deep one, and can swallow up as much money and time as you want to spend. If you’ve become spoiled on the touch and responsiveness of a Cherry MX or other mechanical switch, you might even start putting them on other user interfaces as well, such as this Logitech joystick that now sports a few very usable mechanical keys for the touch-conscious among us.
The Logitech Extreme 3D Pro that [ErkHal] and friend [HeKeKe] modified to accept the mechanical keys originally had a set of input buttons on the side, but these were unreliable and error-prone with a very long, inconsistent push. Soldering some mechanical switches directly on the existing board was a nice improvement, but the pair decided that they could do even better and rolled out an entire custom PCB to mount the keys more ergonomically. The switches are Kailh Choc V2 Browns and seem to have done a great job of improving the responsiveness of the joystick’s side buttons. If you want to spin up your own version, they’ve made the PCBs available on their GitHub page.
While [ErkHal] notes the switches aren’t the best and were only used since they were available, they certainly appear to work much better than what the joystick shipped with originally. In fact, we recently saw similar switches used to make a custom mechanical keyboard made for the PinePhone.