While internet-connected devices can be very useful around the house, and it is pretty cool to be able to monitor your dishwasher from half a world away, it’s important to be mindful of privacy and security issues. For instance, the Cecotec Conga 1490 robot vacuum [Rastersoft] bought came with an Android app, which upon installation asked for near-total access to the user’s phone. Not content with such an invasion of privacy, let alone the potential security implications, [Rastersoft] set to work trying to reverse engineer the robot’s communications (translated) to find out what exactly it was doing when online. He did this by configuring a Raspberry Pi as an access point, letting the vacuum connect to it, and logging all the data flowing through.
As it turned out, the robot phoned home to its manufacturer, reporting its serial number and some configuration settings. The server then passed control to the mobile app, but not without routing all subsequent commands through the remote server. Not only is this creepy, it also means that if the manufacturer were to shut down the server, the app would stop working entirely. [Rastersoft] therefore got the idea to write custom software to control the robot. He began by reconfiguring the Pi’s network setup to fool the vacuum into thinking it was connecting to its manufacturer’s server, and then wrote some Python code to emulate the server’s response. He was now in control of all data flowing back and forth.
After a lot of experimentation and data analysis, [Rastersoft] managed to decipher the commands sent by the app, enabling him to write a complete replacement app seen in the video after the break that includes control of all the vacuum’s standard actions, but also a new feature to manually control the vacuum’s movement. All code is available on GitHub for those who would like to hack their Congas too.
We think this is a great example of software hacking to future-proof devices that you own, while also mitigating many of the dangers to your security and privacy posed by the default software. The fact that the commands you send from your phone to your vacuum go all the way around the world, potentially being stored and read by others, is rather ridiculous in the first place. After all, we’ve already seen how robot vacuums could spy on you.
While repairing his Neato Botvac D85, [elad] noticed the little fellow was packing a real speaker and not just a piezo buzzer. Thinking this was a bit overkill just for the occasional beep and bloop, he decided to round things out with a Bluetooth receiver and a second speaker so the bot can spin some stereo tunes while it gets down and dirty.
It wasn’t a very expensive modification. Between the VHM-314 Bluetooth receiver, the 3 watt PAM8403 amplifier, and a matching speaker, [elad] says he was only a few bucks out of pocket. Truly a small price to pay for a robotic vacuum that plays its own theme music as it travels around the house. A small demonstration of the Neato’s new musical talents can be heard in the video after the break.
Perhaps unsurprisingly, the audio hardware puts enough of a drain on the robot’s batteries at max volume that there’s a noticeable reduction in runtime. He’s not too worried about it right now, but [elad] mentions that if it ends up keeping the vacuum from being able to complete it’s whole cleaning cycle, that he might look into adding a dedicated power source to keep the music going.
There are millions of IoT devices out there in the wild and though not conventional computers, they can be hacked by alternative methods. From firmware hacks to social engineering, there are tons of ways to break into these little devices. Now, four researchers at the National University of Singapore and one from the University of Maryland have published a new hack to allow audio capture using lidar reflective measurements.
The hack revolves around the fact that audio waves or mechanical waves in a room cause objects inside a room to vibrate slightly. When a lidar device impacts a beam off an object, the accuracy of the receiving system allows for measurement of the slight vibrations cause by the sound in the room. The experiment used human voice transmitted from a simple speaker as well as a sound bar and the surface for reflections were common household items such as a trash can, cardboard box, takeout container, and polypropylene bags. Robot vacuum cleaners will usually be facing such objects on a day to day basis.
The bigger issue is writing the filtering algorithm that is able to extract the relevant information and separate the noise, and this is where the bulk of the research paper is focused (PDF). Current developments in Deep Learning assist in making the hack easier to implement. Commercial lidar is designed for mapping, and therefore optimized for reflecting off of non-reflective surface. This is the opposite of what you want for laser microphone which usually targets a reflective surface like a window to pick up latent vibrations from sound inside of a room.
Deep Learning algorithms are employed to get around this shortfall, identifying speech as well as audio sequences despite the sensor itself being less than ideal, and the team reports achieving an accuracy of 90%. This lidar based spying is even possible when the robot in question is docked since the system can be configured to turn on specific sensors, but the exploit depends on the ability to alter the firmware, something the team accomplished using the Dustcloud exploit which was presented at DEF CON in 2018.
In the time since the Hackaday Prize was first run it has nurtured an astonishing array of projects from around the world, and brought to the fore some truly exceptional winners that have demonstrated world-changing possibilities. This year it has been extended to a new frontier with the launch of the Hackaday Prize China (Chinese language, here’s a Google Translate link), allowing engineers, makers, and inventors from that country to join the fun. We’re pleased to announce the finalists, from which a winner will be announced in Shenzhen, China on November 23rd. If you’re in Shenzen area, you’re invited to attend the award ceremony!
All six of these final project entries have been translated into English to help share information about projects across the language barrier. On the left sidebar of each project page you can find a link back to the original Chinese language project entry. Each presents a fascinating look into what people in our global community can produce when they live at the source of the component supply chain. Among them are a healthy cross-section of projects which we’ll visit in no particular order. Let’s dig in and see what these are all about!
Ever find yourself with nineteen nameless robot vacuums lying around? No? Well, [Aaron Christophel] likes to live a different life, filled with zebra print robots (translated). After tearing a couple down, only ten vacuums remain — casualties are to be expected. Through their sacrifice, he found a STM32F101VBT6 processor acting as the brains for the survivors. Coincidentally, there’s a project called STM32duino designed to get those processors working with the Arduino IDE we either love or hate. [Aaron Christophel] quickly added a variant board through the project and buckled down.
Of course, he simply had to get BLINK up and running, using the back-light of the LCD screen on top of the robots. From there, the STM32 processors gave him a whole 80 GPIO pins to play with. With a considerable amount of tinkering, he had every sensor, motor, and light under his control. Considering how each of them came with a remote control, several infra-red sensors, and wheels, [Aaron Christophel] now has a small robotic fleet at his beck and call. His workshop must be immaculate by now. Maybe he’ll add a way for the vacuums to communicate with each other next. One robot gets the job done, but a whole team gets the job done in style, especially with a zebra print cleaner at the forefront.
If you want to see more of his work, he has quite a few videos on his website demonstrating the before and after of the project — just make sure to bring a translator. He even has a handy pinout for those looking to replicate his work. If you want to dive right in to STM32 programming, we have a nice article on how to get it up and debugged. Otherwise, enjoy [Aaron Christophel]’s demonstration of the eight infra-red range sensors and the custom firmware running them.