A Raspberry Pi in an enclosure, connected to a stepper motor controller and a UMTS stick

2024 Home Sweet Home Automation: SMS Controlled Heating

Hackaday.io user [mabe42] works during the week away from their home city and rents a small apartment locally to make this life practical. However, the heating system, a night-storage system, is not so practical. They needed a way to remotely control the unit so that the place was habitable after a long winter commute; lacking internet connectivity, they devised a sensible solution to create an SMS-controlled remote heating controller.

The controller runs atop an old Raspberry Pi B inside a 3D-printed case. Seeing such an old board given a real job to do is nice. Connectivity is via a USB UMTS stick which handles the SMS over the cellular network. The controller knob for the heater thermostat (not shown) is attached via a toothed belt to a pully and a 28BYJ-48 5V geared stepper motor. Temperature measurement is via the ubiquitous DS1820 module, which hooks straight up to the GPIO on the Pi and works out of the box with many one-wire drivers.

The software is built on top of Gammu, which handles the interface to the UMTS device. Daily and historical temperature ranges are sent via SMS so [mabe42] can decide how to configure the heating before their arrival. The rest of the software stack is in Python, as per this (German-language) GitHub project.

While we were thinking about storage heating systems (and how much of a pain they are), we came across this demonstration of how to build one yourself.

Stranded Motorist Effects Own Rescue Using A Drone And A Cell Phone

If you’re looking for a good excuse to finally buy a drone, you probably can’t do better than claiming it can save your life.

Granted, you may never find yourself in the position of being stuck in a raging snowstorm in the middle of the Oregon wilderness, but if you do, this is a good one to keep in mind. According to news stories and the Lane County Sheriff Search and Rescue Facebook page, an unnamed motorist who was trying to negotiate an unmaintained road through the remote Willamette National Forest got stuck in the snow. This put him in a bad situation, because not only was he out of cell range, but nobody knew where he was or even that he was traveling, so he wouldn’t be missed for days.

Thankfully, the unlucky motorist played all his cards right. Rather than wandering off on foot in search of help, he stayed with his vehicle, which provided shelter from the elements. Conveniently, he also happened to have a drone along with him, which provided him with an opportunity to get some help. After typing a detailed text message to a friend describing his situation and exact location, he attached the phone to his drone and sent it straight up a couple of hundred feet — enough to get a line-of-sight connection to a cell tower. Note that the image above is a reenactment by the Search and Rescue team; it’s not clear how the resourceful motorist rigged up the drone, but we’re going to guess duct tape was involved.

When he brought the drone back down a few minutes later, he found that the queued text had been sent, and the cavalry was on the way. The Search and Rescue unit was able to locate him, and as a bonus, also found someone else nearby who had been stranded for days. So it was a win all around thanks to some clever thinking and a little technology.

The New-Phone Blues: A Reminder That Hackers Shouldn’t Settle

For all the convenience and indispensability of having access to the sum total of human knowledge in the palm of your hand, the actual process of acquiring and configuring a smartphone can be an incredibly frustrating experience. Standing in those endless queues at the cell phone store, jumping through the administrative hoops, and staring in sticker shock at a device that’s likely to end its life dunked in a toilet all contribute to the frustration.

But for my money, the real trouble starts once you get past all that stuff and start trying to set up the new phone just right. Sure, most phone manufacturers make it fairly easy to clone your old phone onto the new one, but there are always hiccups. And for something that gets as tightly integrated into the workflows of your daily life as cell phones do, that can be a real bummer. Especially when you find out that your shiny new phone can’t do something you absolutely depend on.

Continue reading “The New-Phone Blues: A Reminder That Hackers Shouldn’t Settle”

Inspecting a SIM card via MTM

Diving The Depths Of Ma Bell

The modern smartphone is a marvel of sensors, radios, inputs, outputs, and processing power. In particular, some of those radios, such as WiFi and cellular, have grown fiendishly complex over the years. Even when that complexity is compressed down for the user into the one-dimensional space of the signal strength bars at the top of your phone. So when [David Burgess] was asked to look at some cellphone records of text messages and figure out where some of the more mysterious messages were coming from, it led him down a rabbit hole into the dark arts behind the glowing phone screen.

The number in question was 1111340002, sent by a phone connected to AT&T at the time, and was crucial for a legal case around distracted driving. [David’s] tools in his investigation were YateBTS (a cellular network simulator), SimTrace2 (pictured above), and old reliable Wireshark. Since the number isn’t a specific phone number and is not reachable from the public phone network, it must be a unique number inside AT&T processed by one particular AT&T SMSC (Short Message service center). The SMSC in question is in Atlanta and isn’t a typical texting center, so it must have some particular purpose. The message’s payload is raw binary rather than text, and [David] has done a pretty good job of decoding the majority of the format.

The most exciting revelation in this journey is that the phone (in the traditional sense) does not send this message. The processor on the phone does not know this message and executes no code to send it. Instead, the SIM card itself sends it. The SIM card is connected directly to the baseband processor on the phone, and the baseband polls the sim every so often, asking for any commands. One of those commands is an SMS (though many other commands have worrying consequences).

The SMS that [David] was chasing is triggered whenever a SIM detects a new IMEI, and the message lets the network know what about the previous and current IMEI. However, in the case of this message, it was unlikely that the SIM changed phones, so what happened? After some additional lab work and the deposition of an AT&T employee, [David] showed that a baseband firmware update would also trigger this SMS.

It’s a fascinating journey into the fragmented world of a smartphone’s minds and [David] does a fantastic job on the writeup. If you’re interested in sniffing wireless accessories, you will enjoy this soundbar’s wireless protocol laid bare.

This Week In Security: XcodeSpy, Insecure SMS, And Partial Redactions

There seems to be a new trend in malware, targeting developers and their development and build processes. The appeal is obvious: rather than working to build and market a malicious application, an attacker just needs to infect a development machine. The hapless infected developers can now do the hard work to spread the malicious payload.

The newest example is XcodeSpy, discovered by a researcher who chose to remain anonymous. It works by using the Xcode IDE’s Run Script function to, well, run a script that completely backdoors your computer. The instance was found in a repackaged open source project, TabBarInteraction, but they’re just innocent victims. It was simple enough for someone to insert a script in the build process, and distribute the new, doped package. It’s probably not the only one out there, so watch out for Run Scripts with obfuscated payloads.

Continue reading “This Week In Security: XcodeSpy, Insecure SMS, And Partial Redactions”

Laundry Monitor Won’t Generate Static With Roommates

Laundry. It’s one of life’s inescapable cycles, but at least we have machines now. The downside of this innovation is that since we no longer monitor every step — the rock-beating, the river-rinsing, the line-hanging and -retrieving — the pain of laundry has evolved into the monotony of monitoring the robots’ work.

[Adam] shares his wash-bots with roommates, and they aren’t close enough to combine their lights and darks and turn it into a group activity. They needed an easy way to tell when the machines are done running, and whose stuff is even in there in the first place, so [Adam] built a laundry machine monitor that uses current sensing to detect when the machines are done running and sends a text to the appropriate person.

Each machine has a little Hall effect-sensing module that’s carefully zip-tied around its power cable. The signal from these three-wire boards goes high when the machine is running and low when it’s not. At the beginning of the load, the launderer simply presses their assigned button on the control box, and the ESP32 inside takes care of the rest.

Getting a text when your drawers are clean is about as private as it gets. Clean underwear, don’t care? Put it on a scrolling marquee.

GSM Module Does More Than Advertised

For many projects, a WiFi connection is overkill, too complicated, or too far away to work properly. Even though it’s relatively ubiquitous, sometimes the best choice for getting data to or from the real world is a connection to the cellular network, which can be done with the M590 module for about a dollar each. For that price, lots of people have had the opportunity to explore the module itself, and [marcrbarker] shows some of the extra, unadvertised, features it has.

Acting as a GSM module that can send and receive SMS messages is just the tip of the iceberg for this tiny device which we saw once before for a DIY GPS tracker. With a USB TTL serial data module, a lot more is on the table including answering voice calls and responding with DTMF tones, operate as a dial-up modem, connect with TCP, and even has some FTP capabilities. [marcrbarker] also suggests that it could do “call pranking” where it can send signals without being charged for a call.

There are a lot of details on the project site about all of this newfound functionality, and it reminds us of a time when it was discovered that not only was the ESP8266 a cheap WiFi module, but it could also run custom programs on its own. While the M590 probably can’t do all of that, it does seem to have a lot more locked away than most of us had thought before.