Hackaday Links: March 18, 2018

Oh, boy. You know what’s happening next weekend? The Midwest RepRap Festival. The greatest 3D printing festival on the planet is going down next Friday afternoon until Sunday afternoon in beautiful Goshen, Indiana. Why should you go? Check this one out. To recap from last year, E3D released a new extruder, open source filaments will be a thing, true color filament printing in CMYKW is awesome, and we got the world’s first look at the infinite build volume printer. This year, The Part Daddy, a 20-foot-tall delta bot will be there once again. It’s awesome and you should come.

We launched the 2018 Hackaday Prize this week. Why should you care? Because we’re giving away $200,000 in prizes. There are five challenges: the Open Hardware Design Challenge, Robotics Module, Power Harvesting, Human-Computer Interface, and Musical Instrument Challenge. That last one is something I’m especially interested in for one very specific reason. This is a guitorgan.

Building a computer soon? Buy your SSD now. Someone fell asleep on the e-stop at a Samsung fab, and now 3.5% of global NAND production for March has been lost.

Need to put an Arduino in the cloud? Here’s a shield for that. It’s a shield for SIMCom’s SIM7000-series module, providing LTE for a microcontroller. Why would you ever need this? Because 2G is dead, for various values of ‘dead’. 3G is eventually going to go the same way.

A bridge collapsed in Florida this week. A pedestrian walkway at Florida International University collapsed this week, killing several. The engineering efforts are still underway to determine the cause of the accident, but some guy from Canukistan posted a pair of informative videos discussing I-beams and pre-tensioned concrete. It’s going to be months until the fault (and responsibility) will be determined, but until then we have the best footage yet of this collapse. It’s dash cam footage from a truck that rolled up to the red light just before the collapse. This is one that’s going to go down in engineering history along with the Hyatt Regency collapse.

Need to test your app? Here’s a delta robot designed for phones. You would be shocked at how popular this robot is.

Hot Air Surgery Revives a Cheap Windows Tablet

[Jason Gin] recently wrote in to tell us about his adventures replacing the eMMC storage chip on a cheap Windows tablet, and we have to say, it’s an impressive amount of work for a device which apparently only cost him $15. Surely much better pieces of hardware have been tossed in the trash for less serious failures than what ailed his DigiLand DL801W tablet. We’d love to see the lengths this guy would go to restore something a bit higher up the food chain.

As any good hacker knows, you can’t fix the problem until you understand it. So the first step [Jason] took was to conduct some troubleshooting. The tablet would only boot to the EFI shell, which didn’t do him much good since there was no on-screen keyboard to interact with it. But he had the idea of trying to connect a USB keyboard via an OTG adapter, and sure enough that got him in. Once he was able to enter commands into the EFI shell, he attempted to read from a few different sectors of the eMMC drive, only to get the same nonsense repeating data. So far, not looking good.

But before he fully committed to replacing the eMMC drive, he wanted a second opinion. Using the same USB OTG adapter, he was able to boot the tablet into a Windows 10 environment, and from there got access to some drive diagnostic tools. The software reported that not only was the drive reporting to be half the appropriate size, but that writing to the chip was impossible.

With the fate of the tablet’s Foresee NCEMBS99-16G eMMC chip now confirmed, [Jason] decided it was time to operate. After pulling the tablet apart and masking off the PCB with Kapton tape to protect it from the heat, he slowly went in with his hot air rework station to remove the failed chip. But rather than put another low-end chip in its place, he used this opportunity to replace it with a Samsung KLMBG4GEND-B031. Not only does this chip have twice the capacity of the original, it should be noticeably faster.

With the new Samsung eMMC chip installed, [Jason] put the tablet back together and was able to successfully install Windows 10 onto it. Another piece of tech saved from the big landfill in the sky.

If the casual confidence of this particular repair wasn’t enough of a clue, this isn’t the first time he’s showed some unruly eMMC chips who’s boss.

Eavesdropping With An ESP8266

In the old days, spies eavesdropped on each other using analog radio bugs. These days, everything’s in the cloud. [Sebastian] from [Hacking Beaver]  wondered if he could make a WiFi bug that was small and cheap besides. Enter the ESP8266 and some programming wizardry.

[Sebastian] is using a NodeMCU but suggests that it could be pared down to any ESP8266 board — with similar cuts made to the rest of the electronics — but has this working as a proof of concept. A PIC 18 MCU samples the audio data from a microphone at 10 kHz with an 8-bit resolution, dumping it into a 512-byte buffer. Once that fills, a GPIO pin is pulled down and the ESP8266 sends the data to a waiting TCP server over the WiFi which either records or plays the audio in real-time.

[Sebastian] has calculated that he needs at least 51.2 ms to transfer the data which this setup easily handles, but there are occasional two to three second glitches that come out of the blue. To address this and other hangups, [Sebastian] has the ESP8266 control the PIC’s reset pin so that the two are always in sync.

Continue reading “Eavesdropping With An ESP8266”

Fooling Samsung Galaxy S8 Iris Recognition

We have a love-hate relationship with biometric ID. After all, it looks so cool when the hero in a sci-fi movie enters the restricted-access area after having his hand and iris scanned. But that’s about the best you can say about biometric security. It’s conceptually flawed in a bunch of ways, and nearly every implementation we’ve seen gets broken sooner or later.

Case in point: prolific anti-biometry hacker [starbug] and a group of friends at the Berlin CCC are able to authenticate to the “Samsung Pay” payment system through the iris scanner. The video, embedded below, shows you how: take a picture of the target’s eye, print it out, and hold it up to the phone. That was hard!

Sarcasm aside, the iris sensor uses IR to recognize patterns in your eye, so [starbug] and Co. had to use a camera with night vision mode.  A contact lens placed over the photo completes the illusion — we’re guessing it gets the reflections from room lighting right.  No etching fingerprint patterns into copper, no conductive gel — just a printout and a contact lens.

Continue reading “Fooling Samsung Galaxy S8 Iris Recognition”

Hack Your Own Samsung TV With The CIA’s Weeping Angel Exploit

[Wikileaks] has just published the CIA’s engineering notes for Weeping Angel Samsung TV Exploit. This dump includes information for field agents on how to exploit the Samsung’s F-series TVs, turning them into remotely controlled spy microphones that can send audio back to their HQ.

An attacker needs physical access to exploit the Smart TV, because they need to insert a USB drive and press keys on the remote to update the firmware, so this isn’t something that you’re likely to suffer personally. The exploit works by pretending to turn off the TV when the user puts the TV into standby. In reality, it’s sitting there recording all the audio it can, and then sending it back to the attacker once it comes out of “fake off mode”.

It is still unclear if this type of vulnerability could be fully patched without a product recall, although firmware version 1118+ eliminates the USB installation method.

The hack comes along with a few bugs that most people probably wouldn’t notice, but we are willing to bet that your average Hackaday reader would. For instance, a blue LED stays on during “fake off mode” and the Samsung and SmartHub logos don’t appear when you turn the TV back on. The leaked document is from 2014, though, so maybe they’ve “fixed” them by now.

Do you own a Samsung F-series TV? If you do, we wouldn’t worry too much about it unless you are tailed by spies on a regular basis. Don’t trust the TV repairman!

Simple Samsung NX Remote Shutter Release From USB Cable

Samsung makes some nice cameras, but they have fallen into the trap of building proprietary controllers. Their NX models, for instance, have a micro USB port rather than the more usual 2.5mm socket for triggering the camera remotely. What’s a hacker to do?

[Niels] did some poking around, and found that it is pretty easy to trigger these cameras remotely, because Samsung simply moved the standard connections for half-press and full press of the shutter onto the USB socket: ground D+ (pin 3) and the camera focuses, then ground D- (pin 2) and the shutter is triggered. In his Instructable, he covers how to build a simple remote from a micro USB cable and a couple of switches.

Don’t feel left out if you have another type of digital camera: there are plenty of ways to build a simple shutter release switch with a few simple parts, or ways to put a microcontroller in control for more sophisticated shoots.

Samsung ARTIK Dev Boards Start To Ship

Another week’s news, another single board computer aimed at Internet of Things applications is launched. This time it’s Samsung’s Artik 5, a platform they’ve been talking about for a while now but which you can now buy as a dev board from Digi-Key for $99.99. For that you get Wi-Fi, Bluetooth and Zigbee connectivity, a dual-core ARM Cortex A7 running at 1GHz, 512MB of memory, and 4GB of eMMC storage. There are the usual plethora of interfaces: GPIO, I2C, SPI, UART, SDIO, USB 2.0, JTAG, and analogue.

The single board computer marketplace is starting to look rather crowded, and with so many competitors to choose from at more reasonable prices you might ask yourself why the ARTIK could be of interest to a maker. And given that Samsung are positioning it in their literature on its increased security for use in commercial  applications such as IoT hubs, IP cameras and industrial and commercial lighting systems, you’d probably be on to something. If you were to make a very rough analogy with the Raspberry Pi range this has more in common with the Compute Module when it comes to intended marketplace than it does with the Pi Zero.

One answer to that question though could be that it is one of the first devices to support the Thread networking protocol for IoT devices. Thread is a collaboration between Google and a range of other interested parties that has been designed to deliver reliable and secure mesh networking for IoT devices in connected homes. As with all new connectivity protocols only time will tell whether Thread is the Next Big Thing, but it is interesting to note in this board nevertheless.

The ARTIK hasn’t made many waves as yet, though we covered the story when it was announced last year. It is worth mentioning that the ARTIK 5 is only the first of three platforms, the ARTIK 1 will be a tiny board with Bluetooth LE aimed at portable and wearable applications while the ARTIK 10 will be an octo-core powerhouse aimed at mulitmedia processing and network storage applications.