The Best Project We Never Did Yet

Back when [Caleb] was around here at Hackaday, he was tasked with making a few YouTube videos. His Portal Gun got 1.6 Million views, and we got a takedown request because of this video even though that company was more than willing to use [Caleb] as a guinea pig at CES.

This post is not about those videos. This post is about the best project we never did yet.

The grand plan for The Best Project was a zombie survival van. It’s exactly what you think it is: a van armored and armed for driving through a herd of walkers. Proposed mods included a cow catcher and roof rack, a motorized turret, a poofer (propane tanks shooting fire from underneath the van), a bartender that launches molotov cocktails, and a beautiful little contraption called an ankler. The Ankler is just a pair of chainsaws that fold out from under the van.

The base vehicle would be a 60s VW bus. [Caleb]’s a big fan of aircooled stuff, and if you think about it, 60s VWs are pretty good for the zombie apocalypse. If you’re doubting that, just ask how many tools it would take to change out the engine in your car.

Although the dream of a Hackaday aircooled zombie apocalypse van died when [Caleb] left, that doesn’t mean we’re still not considering an official Hackaday ride. All of this is still in the planning stages, but we have a few ideas; the first, and biggest, is a mobile hackerspace on a trailer. This would be a standard semitrailer, loaded up with tools, 3D printers, a laser cutters, and a couch. It would be the perfect thing to load up with swag and haul to events.

We’re considering another more sensible vehicle, and right now the top contender is an early 2000s Astro or Safari cargo van. Yes, I know what you’re thinking: the coolest vehicle we could come up with is a minivan. There’s actually some logic to this, so hear me out.

The Astro/Safari shares a lot of parts with the S10, and that means parts are everywhere. The Astro has an AWD variant, and with a 4″ lift, upgraded suspension and big, knobby tires the Hackaday van would be very, very fun to take out into the desert. It can haul eight foot sheets of plywood, they’re cheap, everywhere, and they just don’t die.

While the best idea right now is an Astro van, we’re also considering other AWD vehicles: an AMC Eagle would be cool, and I think RedBull has a few Suzuki X-90s sitting around. An M35 Deuce And A Half would be fun. A US Mail Truck would probably last forever, and if we go with the semi-trailer concept we would probably want a smaller vehicle on site wherever we park the truck. Current options for this parasitic vehicle include a Nash Metropolitan, a Trabant, a Citroen 2CV, a Renault Dauphine, a Lada, or a Yugo. Yes, they’re all ridiculous but they’re small and can fit in the back of a semi trailer.

It’s still an idea we’re throwing around, but we really need a reason to have a van before we go out and build a hackaspace on wheels, a zombie survival van, or something to launch off some sweet ramps. We don’t go to that many events, and driving a crappy old van across the country a few times a year sounds like fun but surely isn’t.

You can check out [Caleb]’s pitch video for the zombie survival van below.

Continue reading “The Best Project We Never Did Yet”

Zubie

Remotely Controlling Automobiles Via Insecure Dongles

Automobiles are getting smarter and smarter. Nowadays many vehicles run on a mostly drive-by-wire system, meaning that a majority of the controls are electronically controlled. We’re not just talking about the window or seat adjustment controls, but also the instrument cluster, steering, brakes, and accelerator. These systems can make the driving experience better, but they also introduce an interesting avenue of attack. If the entire car is controlled by a computer, then what if an attacker were to gain control of that computer? You may think that’s nothing to worry about, because an attacker would have no way to remotely access your vehicle’s computer system. It turns out this isn’t so hard after all. Two recent research projects have shown that some ODBII dongles are very susceptible to attack.

The first was an attack on a device called Zubie. Zubie is a dongle that you can purchase to plug into your vehicle’s ODBII diagnostic port. The device can monitor sensor data from your vehicle and them perform logging and reporting back to your smart phone. It also includes a built-in GPRS modem to connect back to the Zubie cloud. One of the first things the Argus Security research team noticed when dissecting the Zubie was that it included what appeared to be a diagnostic port inside the ODBII connector.

Online documentation showed the researchers that this was a +2.8V UART serial port. They were able to communicate over this port with a computer with minimal effort. Once connected, they were presented with an AT command interface with no authentication. Next, the team decompiled all of the Python pyo files to get the original scripts. After reading through these, they were able to reverse engineer the communication protocols used for communication between the Zubie and the cloud. One particularly interesting finding was that the device was open for firmware updates every time it checked in with the cloud.

The team then setup a rogue cellular tower to perform a man in the middle attack against the Zubie. This allowed them to control the DNS address associated with the Zubie cloud. The Zubie then connected to the team’s own server and downloaded a fake update crafted by the research team. This acted as a trojan horse, which allowed the team to control various aspects of the vehicle remotely via the cellular connection. Functions included tracking the vehicle’s location, unlocking hte doors, and manipulating the instrument cluster. All of this can be done from anywhere in the world as long as the vehicle has a cellular signal.

A separate but similar project was also recently discussed by [Corey Thuen] at the S4x15 security conference. He didn’t attack the Zubie, but it was a similar device. If you are a Progressive insurance customer, you may know that the company offers a device that monitors your driving habits via the ODBII port called SnapShot. In exchange for you providing this data, the company may offer you lower rates. This device also has a cellular modem to upload data back to Progressive.

After some research, [Thuen] found that there were multiple security flaws in Progressive’s tracker. For one, the firmware is neither signed nor validated. On top of that, the system does not authenticate to the cellular network, or even encrypt its Internet traffic. This leaves the system wide open for a man in the middle attack. In fact, [Thuen] mentions that the system can be hacked by using a rogue cellular radio tower, just like the researchers did with the Zubie. [Thuen] didn’t take his research this far, but he likely doesn’t have too in order to prove his point.

The first research team provided their findings to Zubie who have supposedly fixed some of the issues. Progressive has made a statement that they hadn’t heard anything from [Thuen], but they would be happy to listen to his findings. There are far more devices on the market that perform these same functions. These are just two examples that have very similar security flaws. With that in mind, it’s very likely that others have similar issues as well. Hopefully with findings like this made public, these companies will start to take security more seriously before it turns into a big problem.

[Thanks Ellery]

Hybrid 50cc Ultracapacitor Scooter

We’re all familiar with hybrid gas-electric cars these days, but how about a hybrid scooter that uses supercapacitors instead of batteries? Our hats are off to [Alex] from Labs Bell for the almost entirely-DIY conversion.

The hybrid idea is to drive the vehicle’s wheels with electric motors, but generate the electricity with a normal gasoline engine. This allows the hybrid to control the engine speed almost independently of the wheel motors’ demand for power, allowing the gas engine to run at its most efficient speed and charge up batteries with the extra energy. As an extra bonus, many hybrids also use regenerative braking to recoup some of the energy normally wasted as heat in your brake pads.

[Alex]’s hybrid scooter does all of the above and more. Since the stock vehicle is a 50cc scooter, any increase in acceleration is doubtless welcome. We’d love to see the scooter starting from stop with a full charge. Using supercapacitors as storage instead of batteries is a win for charging efficiency. In urban stop-and-go traffic, the natural habitat of the 50cc scooter, the regenerative braking should help further with gas consumption.

What’s most impressive to us is the completely DIY hybrid control unit that takes some simple inputs (wheel speed and throttle position) and controls regenerative braking, the gas engine’s throttle, etc. Since the hybrid control system is currently under development, there’s even a button to switch between different trial algorithms on the fly. Very cool!

Oh yeah, and [Alex] points out the fire extinguisher on-board. He had occasion to use it for his hybrid motorcycle V1. Safety first!

Autonomous RC Car Navigates By Waypoints

autonomous-rc-car

Check out this autonomous RC car which [Jason] built for the chipKIT design challenge. It’s been able to successfully navigate a planned route taking just a few waypoints as inputs.

Obviously this uses a chipKIT as the controller, the max32 to be specific. [Jason’s] write-up shows off all of the components of the design, but you’ll have to head over to his recently posted update to hear about the custom board he had spun to host them all. It starts with a GPS module, but that’s only accurate enough to give the rover the big picture. To handle getting from one waypoint to the next successfully he also included a gyroscope which provides very accurate orientation data, as well as optical encoders on the wheels for on-board distance traveled information.

We hope he’ll keep refining the design and make a trip to next year’s Autonomous Vehicle Competition.

Continue reading “Autonomous RC Car Navigates By Waypoints”

Le-GoKART; A GoKart Built Entirely From Lego

[Eric Steenstra], from the Netherlands, decided to build a GoKart entirely from LEGO Mindstorm parts. Tested at being able to carry just over 100Kg in weight, a 16 stone man(224 lbs). This GoKart can easily carry a child and propel him along. Eric used 48 stock Mindstorm motors, geared down,  and 16 battery packs to provide a balance between torque and speed.

This vehicle doesn’t expect to win any races in the speed department. From the point of view of being something different this wins hands down. The Karts first test drive was only two weeks ago so drivability and durability are still under development at this stage.  See the video after the break on this monstrous Mindstorms creation.

via[Make]

Continue reading “Le-GoKART; A GoKart Built Entirely From Lego”

Thumper The T-Shirt Launcher

Thumper The T-Shirt Launcher

[joe] and [ryan] built Thumper for their high school FIRST robotics team. The cannon itself is a solenoid-fired compressed air launcher that gets its juice from three large PVC tanks stored in the box below the turret, and the cannon is able to be fired nine times between visits to the air compressor. It was intentionally designed to resemble an M2 Browning 50 Caliber heavy machine gun, with the two vertical handles and boxy body.  They finished construction in about a week with a budget of only $300. When they saw that a lot of their friends had also built cannons, they scrounged for parts from their garages to re-use to build the mobile platform simply for one-upmanship sake. The motor and drive-train propelling this behemoth came out of a 1980s-era mobile X-Ray machine that had been discarded by a local hospital. The rear wheels were specially modified to fit the drivetrain, and the front end is a chopped, hacked, and welded axle and steering mechanism from an old lawn tractor. Sections of unistrut form the rest of the frame.

[joe] and [ryan] were even asked to bring Thumper to their high school prom as a unique way to hand out T-Shirts for the evening. Unfortunately, there’s no website for this build.

See video of Thumper in action with a Nerf Football after the break. Hack A Day even got to take it for a spin around the Power Wheels Racing Series track at Maker Faire KC!

Continue reading “Thumper The T-Shirt Launcher”

Take Me Back To A Simpler Time, Radio Flyer

[Fred Keller] and [Judy Foster], both retired, are proving that age is just a number. What you see above is a nostalgia inducing full size driveable Radio Flyer red wagon. The base of which is a 1976 Mazda pickup truck, while the wagon portion is a mishmash of wood, fiberglass and bondo, detergent bottles, and more. Even the steering wheel has been retrofitted from an actual wheel from a wagon. We were surprised to find out the entire conversion only took the two 11 months to complete (finishing this past august), and even more confounded to learn the vehicle is completely street legal.

[Thanks Rob]