Peer Review In the Age Of Viral Video

Recently, a YouTube video has been making the rounds online which shows a rather astounding comparison between two printed models of the US Capitol. Starting with the line “3-D PRINTERS CAN NOW PRINT TWICE AS FAST”, the video shows that one print took four hours to complete, and the other finished in just two hours by virtue of vibration reducing algorithms developed at the University of Michigan. The excitement around this video is understandable; one of the biggest limitations of current 3D printer technology is how long it takes to produce a model of acceptable quality, and if improvements to the software that drives these machines could cut total print time in half, the ramifications would be immense.

In only a few weeks the video racked up tens of thousands of views, and glowing articles popped up with headlines such as: “How to cut 3D print times in half by the University of Michigan” and “University of Michigan professor doubles 3D printing speeds using vibration-mitigating algorithm“. Predictably, our tips line lit up with 3D printer owners who wanted to hear more about the incredible research that promised to double their print speed with nothing more than a firmware update.

The only problem is, the video shows nothing of the sort. What’s more, when pushed for details, the creators of the video are now claiming the same thing.

Continue reading “Peer Review In the Age Of Viral Video”

Green Light Your Commute with America’s Unsecured Traffic Lights

Remember that episode of Leverage (season 5, episode 3), where Alec uses Marvin to wirelessly change all the street lights green so they can catch up to an SUV? And you scoffed and said “that’s so not real!”… well actually they got it right. A new study out of the University of Michigan (PDF warning), shows just how easy it is to make your morning commute green lights all the way.

The study points out that a large portion of traffic lights in the United States communicate with each other wirelessly over the 900Mhz and 5.8Ghz ISM band with absolutely no encryption. In order to connect to the 5.8Ghz traffic signals, you simply need the SSID (which is set to broadcast) and the proper protocol. In the study the researchers used a wireless card that is not available to the public, but they do point out that with a bit of social engineering you could probably get one. Another route is the HackRF SDR, which could be used to both sniff and transmit the required protocol. Once connected to the network you will need the default username and password, which can be found on the traffic light manufacturer’s website. To gain access to the 900Mhz networks you need all of the above and a 16-bit slave ID. This can be brute forced, and as the study shows, no ID was greater than 100. Now you have full access, not to just one traffic signal, but EVERY signal connected to the network.

Once on the network you have two options. The completely open debug port in the VxWorks OS which allows you to read-modify-write any memory register. Or by sending a(n) UDP packet where the last byte encodes the button pressed on the controller’s keypad. Using the remote keypad you can freeze the current intersection state, modify the signal timing, or change the state of any light. However the hardware Malfunction Management Unit (MMU) will still detect any illegal states (conflicting green or yellow lights), and take over with the familiar 4-way red flashing. Since a technician will have to come out and manually reset the traffic signal to recover from an illegal state, you could turn every intersection on the network into a 4-way stop.

So the next time you stop at a red light, and it seems to take forever to change, keep an eye out for the hacker who just green lit their commute.

Thanks for the tip [Matt]