Magic Lantern Brings Linux To Canon EOS Cameras

April 4, 2015 by Mike Szczys 43 Comments

On April 1st the Magic Lantern team announced a proof of concept that lets you run Linux on a Canon EOS camera. Because of the date of the post we’ve poured over this one and are confident it’s no joke. The development has huge potential.

The hack was facilitated by a recent discovery that the LCD screen on the camera can be accessed from the bootloader. In case you don’t recognize the name, Magic Lantern is an Open Source project that adds features to these high-end cameras by utilizing the bootloader with binary files on the SD card. It’s long been a way of hacking more features in but has always been complicated by the fact that you must figure out how to play nicely with the existing firmware. Commanding the LCD was the last part of the hardware that had previously not been driven directly from Magic Lantern.

Now that the Linux kernel is in the picture, ground-up features can be built without dealing with the stock firmware in any way (and without overwriting it). We’re excited to see where this one goes. Currently it’s just a proof that you can boot Linux, it’s not actually functional yet. Here’s your chance to polish those kernel porting skills you’ve been holding in reserve.

Another Garage Door Opener, This Time With Security

February 23, 2015 by Bryan Cockfield 10 Comments

We’ve been seeing a lot of garage door opener hacks, whether it’s because one person inspired everyone else to build their own Internet-connected GDO or because there’s something in the water that’s caused the simultaneous building of one specific type of project, we’re not sure. However, the latest one we’ve seen adds a little something extra: motion-based security.

[DeckerEgo] really went all out with this one, too. The core of the project is a Raspberry Pi hardwired to a universal garage door remote. The Pi also handles a small webcam and runs a program called motion, which is a Linux program that allows for all kinds of webcam fun including motion detection. While the other builds we see usually use a button or limit switch to tell whether the door is open or closed, this one just watches the door with the webcam so [DeckerEgo] can actually see what’s going on in the garage. As a bonus, the motion software can be configured to alert him if anything suspicious is going on in the garage.

The build is full-featured as well, with an interesting user interface overlaid on the live picture of the garage door. According to [DeckerEgo] the camera is a necessity because he wouldn’t trust a simple status indicator, but if you wanted to try one of those before breaking out the Raspberry Pi, we’ve featured one recently that you can check out.

Raspberry Pi Doorbell Is Fully Featured

February 22, 2015 by Rick Osgood 37 Comments

When you think of a doorbell, you typically don’t think of anything very complicated. It’s a button that rings a bell inside your home. That’s about it. [Ahmad] decided he wanted to turn his doorbell up to eleven (Google Doc) with this build. Using a Raspberry Pi, he was able to cram in loads of features.

When the doorbell button is pressed, many different events can be triggered. In the demo video, [Ahmad] shows how his phone receives a text message, and email, and a tweet. The system can even be configured to place a voice call via Google Hangouts using a USB microphone. [Ahmad] demonstrates this and shows how the voice call is placed almost instantly when the button is pressed. This may be a bit overkill, but it does demonstrate many different options depending on your own needs.

For the hardware side of things, [Ahmad] purchased a wireless doorbell. He opened up the ringer unit and hooked up the speaker wires to a couple of pins on the Raspberry Pi through a resistor. The doorbell unit itself is powered off of the 3.3V supply from the Pi. The Pi also has a small LCD screen which shows helpful information such as if the Internet connection is working. The screen will also display the last time and date the doorbell was pressed, in case you weren’t home to answer the door.

On top of all of that, the system also includes a Raspberry Pi camera module. This allows [Ahmad] to take a photo of the person ringing the doorbell as a security measure. He can even view a live video feed from the front door by streaming directly to YouTube live. [Ahmad] has provided a link to his Pi image in the Google Doc so others can use it and modify it as they see fit. Continue reading “Raspberry Pi Doorbell Is Fully Featured” →

Unlock Your Demo Kindle Paperwhite

February 18, 2015 by Rick Osgood 26 Comments

If you’ve been holding off on upgrading your kindle, this project might inspire you to finally bite the bullet. [WarriorRocker] recently saved quite a few dollars on his Kindle upgrade by using a demo unit. Of course, it’s not as simple as just finding a demo unit and booting it up. There’s some hacking involved.

[WarriorRocker] found his Kindle Paperwhite demo unit on an online auction site for just $20. Kindles are great for reading but also make popular displays for your own projects. This used display model was much less expensive than a new unit, which makes sense considering it had probably received its share of abuse from the consumers of some retail store. The problem with a demo unit is that the firmware that comes with it is very limited, and can’t be used to sync up with your Amazon account. That’s where the hacking comes in.

The first step was to crack open the case and locate the serial port. [WarriorRocker] soldered a small three pin header to the pads to make it easier to work on his device as needed. He then connected the Kindle to his PC using a small serial to USB adapter. Pulling up the command prompt was as simple as running Putty and connecting to the correct COM port. If the wires are hooked up correctly, then it just takes a press of the enter key to pull up the login prompt.

The next step requires root access. The root password for each unit is related to the unit’s serial number. [WarriorRocker] obtained the serial number by rebooting the Kindle while the Serial connection was still open. The boot sequence will spit out the number. This number can then be entered in to an online tool to generate possible root passwords. The tool is available on [WarriorRocker’s] project page linked above.

Next, the Kindle needs to be rebooted into diagnostic mode. This is because root logins are not allowed while the device is booted to the system partition. To enter diagnostic mode, [WarriorRocker] had to press enter over and over during the boot sequence in order to kill the automatic boot process. Then he checked some environment variables to locate the memory address where the diagnostic mode is stored. One more command tells the system to boot to that address and into diagnostic mode.

The last step of the process begins by mounting the Kindle as a USB storage device and copying over the stock Kindle firmware image. Next [WarriorRocker] had to exit the diagnostic menu and return to a root command prompt. Finally, he used the dd command to copy the image to the Kindle’s partition bit by bit. Fifteen minutes and one reboot later and the Kindle was working just as it should. [WarriorRocker] even notes that the 3G connection still works. Not bad for $20 and an hour or two of work.

War Gaming For Security Cred

February 8, 2015 by Mike Szczys 11 Comments

Maybe you are an elite hax0r. But probably not. Maybe you feel like you should know more about how systems are compromised, and we’re all about that. You can’t keep the black hats out if you have no idea how they go about breaking in in the first place. That’s why war-gaming sites sprouted up in the first place. We find this one in particular to be delightfully engaging. OverTheWire’s Wargames teach you a little about security while the uninitiated also learn about simple concepts like SSH and, well… Linux!

On-the-job training is the best way to learn, and this is pretty close to it. Instead of providing an artificial avenue of learning the creators of OverTheWire have used the real thing to illustrate poor online security. You don’t “play the game” on an artificial web interface, you do it on legitimate platforms. The very first level (appropriately named Level 0) starts by figuring out how to connect to a system using Secure Shell (aka SSH). From there you’re prompted to use Linux command line tools to figure out where to go next.

Even veteran Linux/Security users should find this offering entertaining. The early stages are both quick and simple to navigate as an experienced admin while providing a welcoming learning platform for those who aren’t quite there yet. Work your way through a few different “servers” and before long your own knowledge will be tested. This isn’t a new platform, mentions of the site in Hackaday comments go back to 2010. But if you haven’t given it a try, Wargames is well worth adding to your weekend entertainment list.

[Thanks NightPhoenix]

Running Doom On The Intel Edison

January 10, 2015 by Brian Benchoff 29 Comments

A few months ago, the Intel Edison launched with the promise of putting a complete x86 system on a board the size of an SD card. This inevitably led to comparisons of other, ARM-based single board computers and the fact that the Edison doesn’t have a video output, Ethernet, or GPIO pins on a 0.100″ grid. Ethernet and easy breakout is another matter entirely but [Lutz] did manage to give the Edison a proper display, allowing him to run Doom at about the same speed as a 486 did back in the day.

The hardware used for the build is an Edison, an Arduino breakout board, Adafruit display, speaker, and PS4 controller. By far the hardest part of this build was writing a display driver for the Edison. The starting point for this was Adafruit’s guide for the display, but the pin mapping of the Edison proved troublesome. Ideally, the display should be sent 16 bits at a time, but only eight bits are exposed on the breakout board. Not that it mattered; the Edison doesn’t have 16 pins in a single 32-bit memory register anyway. The solution of writing eight bits at a time to the display means Doom runs at about 15 frames per second. Not great, but more than enough to be playable.

For sound, [Lutz] used PWM running at 100kHz. It works, and with a tiny speaker it’s good enough. Control is through Bluetooth with a PS4 controller, and the setup worked as it should. The end result is more of a proof of concept, but it’s fairly easy to see how the Edison can be used as a complete system with video, sound, and wireless networking. It’s not great, but if you want high performance, you probably won’t be picking a board the size of an SD card.

Video demo below.

Continue reading “Running Doom On The Intel Edison” →

Messing Around With Naenara, North Korea’s Web Browser

January 10, 2015 by Rick Osgood 35 Comments

[Robert] has been snooping around Naenara in order to learn more about how North Korea’s intranet might work. Naenara is the web browser that comes bundled with North Korea’s official Linux-based operating system known as Red Star OS. [Robert] once saw a screenshot of the browser and found it interesting that the browser seemed to automatically load a non-routable IP address immediately upon start-up. This made him curious about what other oddities one might uncover from the software.

Upon start-up, the browser tries to load a page located at IP address 10.76.1.11, which is a reserved IP address for private use. This indicated that North Korea’s “Internet” is actually more of in intranet. [Robert] suspects that the entire country may be running in private address space, similar to how your home or business likely runs.

[Robert’s] next thoughts were that the browser looks like a very old version of Mozilla Firefox, but with some default configuration changes. For one, all crashes are automatically transmitted to “the mothership”, as [Robert] calls it. He suspects this is to fix not only bugs, but also to find and repair any security vulnerabilities that may allow users more control.

There are some other interesting changes as well, such as the supported security certificates. The Naenara browser only accepts certificates issued by the DPRK, which would make it very easy for them to snoop on encrypted HTTPS traffic. there is also evidence suggesting that all traffic for the entire country is routed through a single government controlled proxy server.

None of these findings are all that surprising, but it’s still interesting to see what kind of information can be gleamed from poking around the browser and operating system. [Robert] has found more than just these few findings. You can check out the rest of his findings on his blog.

[via Reddit]