wifi

457 Articles

NFC For Your Home Automation

January 30, 2020 by 26 Comments

If home automation in the IoT era has taught us anything, it is that no one wants to run wires. Many of us rent, so new cabling is not even an option, even if we wanted to go that route. If you want a unique sensor, you have to build your own, and [tmkThings] wanted an NFC scanner at his front door. Just like arriving at work, he scans his credentials, and the door unlocks automagically.

Inside a little white box, we find an ESP8266 speaking Wifi attached to a PN532 talking NFC, and both are familiar names on these pages. The code, which is available on GitHub, links up with IFTTT and MQTT. For the security-minded, we won’t see this on your front door, but you can trigger your imagination’s limit of events from playing your favorite jams at the end of the day to powering down all the televisions at bedtime.

NFC hacks are great because they are instantly recognizable and readers are inexpensive, but deadbolt hacking is delightful in our books.

Continue reading “NFC For Your Home Automation”

36C3: All Wireless Stacks Are Broken

December 30, 2019 by 29 Comments

Your cellphone is the least secure computer that you own, and worse than that, it’s got a radio. [Jiska Classen] and her lab have been hacking on cellphones’ wireless systems for a while now, and in this talk gives an overview of the wireless vulnerabilities and attack surfaces that they bring along. While the talk provides some basic background on wireless (in)security, it also presents two new areas of research that she and her colleagues have been working on the last year.

One of the new hacks is based on the fact that a phone that wants to support both Bluetooth and WiFi needs to figure out a way to share the radio, because both protocols use the same 2.4 GHz band. And so it turns out that the Bluetooth hardware has to talk to the WiFi hardware, and it wouldn’t entirely surprise you that when [Jiska] gets into the Bluetooth stack, she’s able to DOS the WiFi. What this does to the operating system depends on the phone, but many of them just fall over and reboot.

Lately [Jiska] has been doing a lot of fuzzing on the cell phone stack enabled by some work by one of her students [Jan Ruge] work on emulation, codenamed “Frankenstein”. The coolest thing here is that the emulation runs in real time, and can be threaded into the operating system, enabling full-stack fuzzing. More complexity means more bugs, so we expect to see a lot more coming out of this line of research in the next year.

[Jiska] gives the presentation in a tinfoil hat, but that’s just a metaphor. In the end, when asked about how to properly secure your phone, she gives out the best advice ever: toss it in the blender.

Zombies Ate Your Neighbors? Tell Everyone Through LoRa!

December 4, 2019 by 24 Comments

As popular as the post-apocalyptic Zombie genre is, there is a quite unrealistic component to most of the stories. Well, apart from the whole “the undead roaming the Earth” thing. But where are the nerds, and where is all the apocalypse-proof, solar-powered tech? Or is it exactly this lack of tech in those stories that serves as incentive to build it in the first place? Well, maybe it doesn’t have to be the end of the world to seek for ways to cope with a collapse of our modern communication infrastructure either. Just think of natural disasters — an earthquake or hurricane causing a long-term power outage for example. The folks at [sudomesh] tackle exactly this concern with their fully open source, off-grid, solar-powered, LoRa mesh network, Disaster Radio.

The network itself is built from single nodes comprising of a battery-backed solar panel, a LoRa module, and either the ESP8266 or ESP32 for WiFi connectivity. The idea is to connect to the network with your mobile phone through WiFi, therefore eliminating any need for additional components to actually use the network, and have the nodes communicate with each other via LoRa. Admittedly, LoRa may not be your best choice for high data rates, but it is a good choice for long-range communication when cellular networks aren’t an option. And while you can built it all by yourself with everything available on [sudomesh]’s GitHub page, a TTGO ESP32 LoRa module will do as well.

If the idea itself sounds familiar, we did indeed cover similar projects like HELPER and Skrypt earlier this year, showing that LoRa really seems to be a popular go-to for off-grid communication. But well, whether we really care about modern communication and helping each other out when all hell breaks loose instead of just primevally defending our own lives is of course another question.

Your WiFi Signals Are Revealing Your Location

November 28, 2019 by 43 Comments

The home may be the hearth, but it’s not going to be a place of safety for too long.

With the abundance of connected devices making their ways into our homes, increasing levels of data may allow for more accurate methods for remote surveillance. By measuring the strength of ambient signals emitted from devices, a site can be remotely monitored for movement. That is to say, WiFi signals may soon pose a physical security vulnerability.

In a study from the University of Chicago and the University of California, Santa Barbara, researchers built on earlier studies where they could use similar techniques to “see through walls” to demonstrate a proof-of-concept for passive listening. Attackers don’t need to transmit signals or break encryptions to gain access to a victim’s location – they just need to listen to the ambient signals coming from connected devices, making it more difficult to track bad actors down.

Typically, connected devices communicate to an access point such as a router rather than directly with the Internet. A person walking near a device can subtly change the signal propagated to the access point, which is picked up by a receiver sniffing the signal. Most building materials do not block WiFi signals from propagating, allowing receivers to be placed inconspicuously in different rooms from the access point.

WiFi sniffers are relatively inexpensive, with models running for less than $20. They’re also small enough to hide in unsuspecting locations – inside backpacks, inside a box – and emit no signal that could be detected by a target. The researchers proposed some methods for safeguarding against the vulnerability: insulating buildings against WiFi leakage (while ensuring that desirable signals, i.e. signals from cell tower are still able to enter) or having access points emit a “cover signal” that mixes signals from connected devices to make it harder to sniff for motion.

While we may not be seeing buildings surrounded by Faraday cages anytime soon, there’s only going to be more attack surfaces to worry about as our devices continue to become connected.

[Thanks to Qes for the tip!]

Raspberry Pi 4 HDMI Is Jamming Its Own WiFi

November 28, 2019 by 87 Comments

Making upgrades to a popular product line might sound like a good idea, but adding bigger/better/faster parts to an existing product can cause unforeseen problems. For example, dropping a more powerful engine in an existing car platform might seem to work at first until people start reporting that the increased torque is bending the frame. In the Raspberry Pi world, it seems that the “upgraded engine” in the Pi 4 is causing the WiFi to stop working under specific circumstances.

[Enrico Zini] noticed this issue and attempted to reproduce exactly what was causing the WiFi to drop out, and after testing various Pi 4 boards, power supplies, operating system version, and a plethora of other variables, the cause was isolated to the screen resolution. Apparently at the 2560×1440 setting using HDMI, the WiFi drops out. While you could think that an SoC might not be able to handle a high resolution, WiFi, and everything else this tiny computer has to do at once. But the actual cause seems to be a little more interesting than a simple system resources issue.

[Mike Walters] on a Twitter post about this issue probed around with a HackRF and discovered a radio frequency issue. It turns out that at this screen resolution, the Pi 4 emits some RF noise which is exactly in the range of WiFi channel 1. It seems that the Pi 4 is acting as a WiFi jammer on itself.

This story is pretty new, so hopefully the Raspberry Pi Foundation is aware of the issue and working on a correction. For now, though, it might be best to run a slightly lower resolution if you’re encountering this problem.

Date Clock Requires (Almost) No Interaction

November 19, 2019 by 8 Comments

A lot of commercial offerings of technology aimed at helping the elderly seem to do a good job on the surface, but anything other than superficial interaction with them tends to be next to impossible for its intended users. Complicated user interfaces and poor design consideration reign in this space. [7402] noticed this and was able to design a better solution for an elderly relative’s digital day planner after a commercial offering he tried couldn’t automatically adjust for Daylight Savings.

Of course, the clock/day planner has a lot going on under the surface that the elderly relative may not be able to use, but the solution to all of that was to make it update over the network. This task [7402] plans to do remotely since the relative does not live anywhere nearby. It is based on a Raspberry Pi connected to a Uniroi screen which automatically dims but can be switched off by means of a large button in the front. The UI shows the date, time, and a number of messages or reminders in large font in order to improve [7402]’s relative’s life.

This is a great idea for anyone with their own elderly relative which might need something like this but won’t want to interact with the technology other than the cursory glance, but the project is also a great illustration of proper design for the intended users. Commercial offerings often had hidden buttons and complicated menus, but this has none of that, much like this well-designed walker for an elderly Swede.

A Tamagotchi For WiFi Cracking

October 16, 2019 by 8 Comments

OK, let’s start this one by saying that it’s useful to know how to break security measures in order to understand how to better defend yourself, and that you shouldn’t break into any network you don’t have access to. That being said, if you want to learn about security and the weaknesses within the WPA standard, there’s no better way to do it than with a tool that mimics the behavior of a Tamagotchi.

Called the pwnagotchi, this package of artificial intelligence looks for information in local WiFi packets that can be used to crack WPA encryption. It’s able to modify itself in order to maximize the amount of useful information it’s able to obtain from whatever environment you happen to place it in. As an interesting design choice, the pwnagotchi behaves like an old Tamagotchi pet would, acting happy when it gets the inputs it needs.

This project is beyond a novelty though and goes deep in the weeds of network security. If you’re at all interested in the ways in which your own networks might be at risk, this might be a tool you can use to learn a little more about the ways of encryption, general security, and AI to boot. Of course, if you’re new to the network security world, make sure the networks you’re using are secured at least a little bit first.

Thanks to [Itay] for the tip!