Eating a QR Code May Save Your Life Someday

QR codes are easy to produce, resistant to damage, and can hold a considerable amount of data. But generally speaking, eating them has no practical purpose. Unfortunately the human digestive tract lacks the ability to interpret barcodes, 2D or otherwise. But thanks to the University of Copenhagen, that may soon change.

A new paper featured in the International Journal of Pharmaceutics details research being done to print QR codes with ink that contains medicine. The mixture of medicines in the ink can be tailored to each individual patient, and the QR code itself can contain information about who the drugs were mixed for. With a standard QR reader application on their smartphone, nurses and care givers can scan the medicine itself and know they are giving it to the right person; cutting down the risk of giving patients the wrong medication.

The process involves using a specialized inkjet printer to deposit the medicine-infused ink on a white edible substrate. In testing, the substrate held up to rough handling and harsh conditions while still keeping the QR code legible; an important test if this technology is to make the leap from research laboratory to real-world hospitals.

In the future the researchers hope the edible substrate can be produced and sent to medical centers, and that the medicinal ink itself will be printable on standard inkjet printers. If different medicines were loaded into the printer as different colors, it should even be possible to mix customized drug “cocktails” through software. Like many research projects it seems likely the real-world application of the technology won’t be as easy as the researchers hope, but it’s a fascinating take on the traditional method of dispersing medication.

QR codes have long been a favorite of the hacker community. From recovering data from partial codes to using them to tunnel TCP/IP, we’ve seen our fair share of QR hacks over the years.

[Thanks to Qes for the tip]

Continue reading “Eating a QR Code May Save Your Life Someday”

Reconstructing a Blurry QR Code

QR Codes are a two-dimensional type of matrix barcode that are used for a variety of uses. They’re one way of turning a long piece of string data into an easily machine-readable format. For this reason, they can be used to store private keys for encryption and crypto-currency purposes. [Roger Ver] attempted to use a QR code containing a private key to give away some cryptocurrency on TV, but the code was blurred out by the broadcaster. Not ones to give up easily, [Michael] and [Clément] decided to see if they could reconstruct it anyway. 

The work begins, as so many cryptographic exploits do, with the collection of as much of the plaintext key as possible. By stepping through the footage frame by frame, small pieces of the unobscured QR code were found, as well as some of the private key itself. By combining this with enhanced images of the blurred code, the team were able to put together less than one third of the QR code. The team had other tricks up their sleeve though – they knew the QR contained a private key of a particular format, and were able to figure out the QR code was 41×41 pixels.

By using this data along with a careful study of the QR code format, the team were able to put together some code in Python to brute force the key. After 838849 trials, the key was found, and the team were able to claim the prize. It’s a great example of cryptographic analysis – and so is this story on hacking your own password.

[Thanks to Esko for the tip!]

Password-Free Guest WiFi from Raspberry Pi

Anytime you’re having more than a handful of people over to your place for a wild rager or LAN party (or both), you’ll generally need a way to make sure everyone can get their devices on the network. Normally, this would involve either putting your WiFi password into more phones than you can count or yelling your password across a crowded room. Neither of these options suited [NicoHood] and his partner, however, so he came up with another more secure solution to the WiFi-in-a-crowded-room problem.

He calls his project “guestwlan” and it’s set up to run on a Raspberry Pi with a touch screen. When a potential WiFi user approaches the Pi and requests access to the network, the Pi displays a QR code. Within that code is all of the information that the prospective device needs to connect to the network. For those who have already spotted the new security vulnerability that this creates, [NicoHood] has his guest WiFi on a separate local network just to make sure that even if someone nefarious can access the Internet, it would be more difficult for them to do anything damaging to his local network. As it stands, though, it’s a lot more secure than some other WiFi networks we’ve seen.

[NicoHood] also released his software on Git but it has been configured for use with Arch. He says that it would probably work in a Debian environment (which the Raspberry Pi-specific OS is based on) but this is currently untested. Feel free to give it a try and let us know how it goes.

IP Over QR Codes

We’ve seen networks built over some interesting mediums, but QR codes has to be a new one. [Eric Seifert] decided to try to use QR codes to make an IP connection. He used these visual codes to create a bi-directional connection between two camera-equipped computers. He’s a persistent chap, because it works: in one of his videos, he shows an SSH connection between two devices.

He faced a number of challenges on the way. Although there is plenty of code to read QR codes, the data that can be encoded and read from them is limited. There is a binary mode that can be used with QR codes, but it is really inefficient. [Eric] decided to use base32 coding instead, packing the data into each frame as alphanumeric text. Each QR code image that is created and received is numbered, so the system can keep track and request any lost images. He also had some problems with keeping the data consistent between the encoded and decoded versions, so he had to add some packing to the data before it would work.  It uses Python-pytun to create a TUN/TAP device that carries the data.

The speed of the connection is rather slow: in his demo video, the two computers take over a minute to exchange keys for an SSH connection, and [Eric] measured the speed of the connection at about 100 bits per second. But even getting something like this working at all is a significant achievement. He has published his code on GitHub.

We’ve featured the work of [Eric] before: he created a data connection using an iPod FM transmitter.

Continue reading “IP Over QR Codes”

E Pluribus Unix, QR-Style

It’s been a long time since we’ve logged into a UNIX mainframe (other than our laptop) but one of our fond memories is the daily fortune: small, quirky, sometimes cryptic sayings that would pop up on the login screen if your system administrator had any sense of humor.

Apparently, we’re not alone. [Alastair] made his own fortune clock which gives you a new “fortune” every second instead of every login. There’s a catch, of course. It’s a QR clock — the fortune is encoded in a QR code instead of being displayed in human-readable form. You have to take a picture of the tiny OLED screen to know what it says. (Watch it sending him Shakespeare sonnets in the video below.)

You probably know QR codes are good for conveying URLs, but their use as general-purpose text containers is underappreciated in our book, so we’re glad to see this example. Now, we’ve seen QR clocks before (here, and here), and this version does have the disadvantage that you can actually tell what time it is. But we’re grateful for the trip down memory lane.

Continue reading “E Pluribus Unix, QR-Style”

Downloading Data Through The Display

HIPAA – the US standard for electronic health care documentation – spends a lot of verbiage and bureaucratese on the security of electronic records, making a clear distinction between the use of records by health care worker and the disclosure of records by health care workers. Likewise, the Federal Information Security Management Act of 2002 makes the same distinction; records that should never be disclosed or transmitted should be used on systems that are disconnected from networks.

This distinction between use and disclosure or transmission is of course a farce; if you can display something on a screen, it can be transmitted. [Ian Latter] just gave a talk at Kiwicon that provides the tools to do just that. He calls it ThruGlassXfer (TGXf), and it does exactly what it says on the tin: anything that can be displayed on a screen can be transmitted. All you need are the right tools.

Continue reading “Downloading Data Through The Display”

Hackaday Links: December 15, 2013

hackaday-links-chain

Want to get a hold of a gaming controller attachment for iOS at a rock bottom price? [Dark GOD] learned that Amazon is closing out the Gameloft DUO Gamer hardware for $6 because the hardware is no longer supported by the operating system. He shows how to make it work using a Cydia app. [Thanks ProMan]

[Frank Zhao] had a cheap HDMI switch which had problems with a sagging power rail. His solution was to hack in a USB port to inject some power.

This security hack uses an Arduino with LCD screen to display a QR code. Scan it with an Android device and you no longer need keys! Here’s the code repo and a demo video.

It’s interesting to see how many places the WS28xx pixels are popping up. Here’s a crowdfunding campaign that uses a matrix of the pixels as a portable gaming display. Look somewhat familiar? We’ve seen [Retro Brad’s] earlier hardware (made to play Super Pixel Bros.) that used an LED module instead. This is probably a lot easier to drive since it uses serial data instead of multiplexing.

Next is some robot building inspiration. [IronJungle] has been hard at work building a rover that uses compass bearings for navigation.

We liked seeing a drop-in replacment uC for Ikea Dioder projects, but if you need more power under the hood, take command of those colored lights with a Raspberry Pi.

Those lucky enough to have access to a laser cutter will find this Inkscape extension for living hinges useful.

Finally, POTUS threw down the gauntlet, encouraging everyone to learn how to program by pointing them toward the Hour of Code program. We’ve long thought that everyone should have some level of coding education. Do you agree with us? Of course, getting something like this into schools is a monumental challenge, so it’s nice to see extra-curricular offerings. We also believe that Hackerspaces are among the best driving forces for getting kids a tech education. [via Adafruit]