Victorian Train Tunnel Turned Test Track

Characterizing the aerodynamic performance of a vehicle usually requires a wind tunnel since it’s difficult to control all variables when actually driving. Unless you had some kind of perfectly straight, environmentally controlled, and precision-graded section of road, anyway. Turns out the Catesby Tunnel in the UK meets those requirements exactly, and [Tom Scott] recently got to take a tour of it.

The 2.7 kilometer (1.7 mile) long tunnel was constructed as a railway tunnel between 1895 and 1897, thanks to the estate owner objecting to the idea of “unsightly trains” crossing his property. The tunnel’s construction was precise even by modern standards, deviating only 3 mm from being perfectly straight along its entire length. It lay abandoned for many years until it was paved and converted into a test facility, opening in 2021.

To measure the speed without the luxury of GPS reception, a high-speed camera mounted inside a vehicle detects reflective tags mounted every 5 m along the tunnel’s wall. This provides accurate speed measurement down to 0.001 km/h. A pair of turntables are installed at the ends of the tunnel to avoid an Austin Powers multi-point turn (apparently that’s the technical term) when turning around inside the confined space.

Due to the overhead soil and sealed ends, the temperature in the tunnel only varies by 1 – 2 °C year round. This controlled environment makes the tunnel perfect for coastdown tests, where a vehicle accelerates to a designated speed and then is put into neutral and allowed to coast. By measuring the loss of speed across multiple runs, it’s possible to calculate the aerodynamic drag and friction on the wheels. Thanks to the repeatable nature of the tests, it was even possible to calculate the aerodynamic losses caused by [Tom]’s cameras mounted to the outside of the vehicle.

The Catesby Tunnel is an excellent example of repurposing old infrastructure for modern use. Some other examples we’ve seen include using coal mines and gold mines for geothermal energy.

Continue reading “Victorian Train Tunnel Turned Test Track”

Nerfnet Tunnels TCP/IP Over NRF24L01 Radios

There’s an excellent chance you’ve already worked with the nRF24L01. These little modules are an easy and cheap way to shuffle data across a 2.4 GHz radio link at a respectable rate, making them great for remote control projects. But after seeing that others had experimenting with using these radios to transmit digital audio, [Andrew Rossignol] got to wondering if some software trickery could push the envelope even further.

The result is nerfnet, a Linux program that allows you to tunnel TCP/IP over a pair of nRF24L01 modules. The link appears as a virtual interface, meaning everything happens transparently as far as other programs are concerned. Anything that uses TCP/IP to communicate on Linux can take advantage of this low-cost link, albeit at speeds that most of us haven’t had to deal with in decades.

Though it’s not quite as bad as you might think. Latency is around 50 ms, and after some tweaks, [Andrew] has been able to squeeze almost 300 Kbps out of the link. That’s more than enough for terminal work, and some light audio and video streaming isn’t out of the question.

In terms of range, he was able to maintain a fairly reliable connection at a distance of up to 60 meters (200 feet) outdoors. It might not sound like much, but again, you’ve got to take the cost of these radios into account. If you’re looking to SSH into a Raspberry Pi weather station you’ve got in the backyard, a pair of these could get the job done for just a couple of bucks.

The blog post [Andrew] has put together explains the software in fantastic detail if you’re interested in the nuts and bolts of it all. But if you just want to play around with the idea, you just need to connect some nRF24L01 modules to a pair of Raspberry Pis with short SPI wires to cut down any interference, and follow the instructions. Ideally the radios would have external antennas, but it’s not strictly required.

We’ve seen these modules pushed into service as impromptu Bluetooth Low Energy transmitters in the past, but nothing quite like this. While the latency and bandwidth offered by this technique might seem antiquated to modern eyes, it could be the perfect dedicated communication channel for your sensors, smart devices, or home automation projects.

Continue reading “Nerfnet Tunnels TCP/IP Over NRF24L01 Radios”

Linux-Fu: Applications On The Web

Did you know you can run remote Linux GUI programs in a browser with HTML5 support? It’s even secure because you can use SSH tunneling and that little trick means you don’t even need to open additional ports. If this sounds like gibberish, read on, it’s actually pretty easy to get up and running.

I recently was a guest on a Houston-based podcast, and the hosts asked me if the best thing about writing for Hackaday was getting to work with the other Hackaday staff. I told them that was really good, but what I like best was interacting with people (well, most people) in the comments. That sometimes you’d post an article and someone would bring a topic up in comments that would really knock your socks off. This is how I wound up with this nearly ideal remote access solution, that requires nothing on the remote side but a web browser.

A while back I posted about keeping programs running after log off on a Linux box. The post was mostly about non-GUI programs but you could use NX or VNC to handle it. In the comments, someone mentioned how unhappy they’d been with recent copies of NX and another commenter called [Screen for X11] posted about a tool called xpra.

Continue reading “Linux-Fu: Applications On The Web”

A Red Teamer’s Guide To Pivoting

What is hacking and what is network engineering? We’re not sure where exactly to draw the lines, but [Artem]’s writeup of pivoting is distinctly written from the (paid) hacker’s perspective.

Once you’re inside a network, the question is what to do next. “Pivoting” is how you get from where you are currently to where you want to be, or even just find out what’s available. And that means using all of the networking tricks available. These aren’t just useful for breaking into other people’s networks, though. We’ve used half of these tools at one time or another just running things at home. The other half? Getting to know them would make a rainy-day project.

Is there anything that ssh and socat can’t do? Maybe not, but there are other tools (3proxy and Rpivot) that will let you do it easier. You know how clients behind a NAT firewall can reach out, but can’t be reached from outside? ssh -D will forward a port to the inside of the network. Need to get data out? There’s the old standby iodine to route arbitrary data over DNS queries, but [Artem] says dnscat2 works without root permissions. (And this code does the same on an ESP8266.)

Once you’ve set up proxies inside, the tremendously useful proxychains will let you tunnel whatever you’d like across them. Python’s pty shell makes things easier to use, and tsh will get you a small shell on the inside, complete with file-transfer capabilities.

Again, this writeup is geared toward the pen-testing professional, but you might find any one of these tools useful in your own home network. We used to stream MP3s from home to work with some (ab)use of netcat and ssh. We keep our home IoT devices inside our own network, and launching reverse-proxies lets us check up on things from far away without permanently leaving the doors open. One hacker’s encrypted tunnel is another man’s VPN. Once you know the tools, you’ll find plenty of uses for them. What’s your favorite?

Thanks [nootrope] for the indirect tip!

DNS Tunneling: Getting The Data Out Over Other Peoples’ WiFi

[KC Budd] wanted to make a car-tracking GPS unit, and he wanted it to be able to phone home. Adding in a GSM phone with a data plan would be too easy (and more expensive), so he opted for the hacker’s way: tunneling the data over DNS queries every time the device found an open WiFi hotspot. The result is a device that sends very little data, and sends it sporadically, but gets the messages out.

This system isn’t going to be reliable — you’re at the mercy of the open WiFi spots that are in the area. This certainly falls into an ethical grey zone, but there’s very little harm done. He’s sending a 16-byte payload, plus the DNS call overhead. It’s not like he’s downloading animated GIFs of cats playing keyboards or something. We’d be stoked to provide this service to even hundreds of devices per hour, for instance.

If you’re new here, the idea of tunneling data over DNS requests is as old as the hills, or older, and we’ve even covered this hack before in different clothes. But what [KC] adds to the mix is a one-stop code shop on his GitHub and a GPS application.

Why don’t we see this being applied more in your projects? Or are you all tunneling data over DNS and just won’t admit it in public? You can post anonymously in the comments!

It’s Not A Bridge, And Not A Tunnel. Or, Maybe It’s Both?

The gist of the idea is to suspend an underwater tunnel from floating pontoons. By the time you finished reading that sentence, you probably already had a list of things in your head that seem to make this a terrible idea. After all, it does seem to combine the worst aspects of both underwater tunnels and bridges. But, the idea may actually be a good one, and it’s already being seriously considered in Norway.

Continue reading “It’s Not A Bridge, And Not A Tunnel. Or, Maybe It’s Both?”

Surviving A Hacker Conference

concrowd

With another hacker conference looming in front of us, it’s time to start thinking about hardware security. Hacker conventions have the most hostile network you’ll ever encounter. [Security4all] points out that 25C3 already has an extensive page on securing your hardware. It starts from the ground up with physical security, BIOS passwords, and locking down bootloaders. There’s a section on securing your actual OS and session. Finally, they cover network usage. It mentions using SSH for dynamic forwarding, which we feel is a skill everyone should have. We’ve used it not just for security, but for bypassing brainless bandwidth restrictions too. There’s also the more trick transparent version. Every piece of data you bring with you, you risk losing, so they actually recommend just wiping your iPhone and other devices before attending. It’s important to remember that it’s not just your own data at risk, but everyone/thing you communicate with as well.