The Internet Of Non-Electronic Things

December 7, 2017 by Dan Maloney 10 Comments

The bill of materials for even the simplest IoT project is likely to include some kind of microcontroller with some kind of wireless module. But could the BOM for a useful IoT thing someday list only a single item? Quite possibly, if these electronics-less 3D-printed IoT devices are any indication.

While you may think that the silicon-free devices described in a paper (PDF link) by University of Washington students [Vikram Iyer] and [Justin Chan] stand no chance of getting online, they’ve actually built an array of useful IoT things, including an Amazon Dash-like button. The key to their system is backscatter, which modulates incident RF waves to encode data for a receiver. Some of the backscatter systems we’ve featured include a soil sensor network using commercial FM broadcasts and hybrid printable sensors using LoRa as the carrier. But both of these require at least some electronics, and consequently some kind of power. [Chan] and [Iyer] used conductive filament to print antennas that can be mechanically switched by rotating gears. Data can be encoded by the speed of the alternating reflection and absorption of the incident WiFi signals, or cams can encode data for buttons and similar widgets.

It’s a surprisingly simple system, and although the devices shown might need some mechanical tune-ups, the proof of concept has a lot of potential. Flowmeters, level sensors, alarm systems — what kind of sensors would you print? Sound off below.

Continue reading “The Internet Of Non-Electronic Things” →

Minimizing ESP8266 Battery Drain

December 3, 2017 by John Baichtal 49 Comments

[Alex Jensen] wanted to build a battery-powered weather station, using an ESP8266 breakout board to connect to WiFi. However, [Alex]’s research revealed that the ESP chip uses around 70mA per hour when the radio is on — meaning that he’d have to change batteries a lot more than he wanted to. He really wanted a low power rig such that he’d only have to change batteries every 2 years on a pair of AAs.

The two considerations would be, how often does the ESP get powered up for data transmissions — and how often the weather station’s ATtiny85 takes sensor readings. Waking up the ESP from sleep mode takes about 16mA — plus, once awake it takes about 3 seconds to reconnect, precious time at 70mA. However, by using a static IP address he was able to pare that down to half a second, with one more second to do the actual data transmission. In addition to the hourly WiFi connection, the Tiny85 must be powered, though its relatively modest 1.5mA per hour doesn’t amount to much, even with the chip awake for 36 hours during the year. All told, the various components came to around 500 mAh per year, so using a pair of AA batteries should keep the rig going for years.

We’re intrigued by stories of hackers eking out every last drop of power to make their projects work. We’ve posted about ESPs low-power mode before, and what can be more low-power than a watch running off a coin cell?

Mad Eye For The WiFi

November 21, 2017 by Lewin Day 12 Comments

In the Harry Potter universe, Professor Moody was, perhaps unfairly, given the nickname Mad Eye for the prosthetic eye he wore. His eye remains a challenge for technically-minded cosplayers aiming to recreate the look and feel of this unique piece of headgear. [cyborgworkshop] had already mastered the basic eye, but wanted to take things further.

The original build relied on a sub-micro servo to move the eyeball. This was done at random as an attempt to simulate the eye’s behaviour in the books and films. However, wanting more, [cyborgworkshop] decided to make the eye more reactive to its surrounding environment. Using the Adafruit Huzzah, a breakout board for the ESP8266, code was whipped up to detect the number of WiFi access points in the area. The more access points, the more frequent and erratic the movement of the eye. Occasional slower periods of movement are coded in before the eye resumes its wild darting once more, depending on just how saturated the local WiFi environment is.

It’s a great twist on the project, and [cyborgworkshop] has provided more details on the initial build, too. If you think you’re having déja vu, check out this build using recycled parts.

3D Printed WiFi Reflectors Custom Designed For The Building

November 18, 2017 by Pedro Umbelino 35 Comments

Are you a wizard at antenna design? Chances are you’ve never even given it a try, but this tool could change that. Most home-made WiFi signal boosting antenna plans around the Internet share one feature: they are directional antennas or reflectors. But WiPrint is a tool for designing custom WiFi reflectors that map to the specific application.

If we want to increase the signal strength in two or three different locations the traditional solution is an omnidirectional antenna. The problem is, although a good omnidirectional antenna increases the signal power in those locations we want, it also increases the signal power where we don’t want.

A team of researchers led by Dartmouth College created WiPrint to allow users to input a floor plan, the location of the WiFi access point and a desired signal map into the system. The software uses an optimization algorithm to produce a custom reflector shape for that floor plan. The reflector can then be fabricated and placed next to the access point antenna to reflect and concentrate the signal in the specified area, while decreasing signal strength outside of it. The best thing is: you can actually 3D print the reflector and just glue tin foil on it!

The results show that optimized reflectors can weaken or enhance signals in target areas by up to 10 or 6 dB, respectively, and resulting in throughput changes by up to -63.3% or 55.1%. That is not the only advantage, as the researchers point out:

Our approach provides four benefits. First, it provides strong physical security by limiting the physical reach of wireless signals, hence creating a virtual wall for wireless signals. Second, it relies on a low-cost ($35), reproducible 3D reflector, which can be easily replaced upon substantial changes in the environment or coverage requirement. Third, it offers an easily accessible and easy-to-configure solution to non-expert users. Users only need to specify coverage requirements and a coarse environment model, with which our system computes a reflector shape tailored to the built environment. Finally, it is applicable to commodity low-end Wi-Fi APs without directional or multiple antennas.

The sad part is that, for now, no software is available. The study and results have just been presented at ACM’s BuildSys 2017. It would be great to see something like this open-sourced. Meanwhile, this is further proof that [Brian Benchoff] knew what he was doing when he told you to use duct tape for superior WiFi range.

“Hey! Don’t Lock The Door, I’m In Here!”

November 13, 2017 by Dan Maloney 24 Comments

Those that work in front of a computer for a living spend most of the time making very little sound. Unless you’re a member of the clicky mechanical keyboard club, your working time is a low-observables time during which people can forget about you. You can make sure you’re not overlooked with this smartphone hotspot presence detector.

[Emilio Ficara]’s quiet work habits resulted in his housemates locking him in sometimes, to his inconvenience. PIR or microwave occupancy sensors might have worked to fix the problem, except that a few flexing fingers aren’t always enough to trigger them. Luckily, [Emilio] is also wisely distrustful of free WiFi, so his phone is always set up as a mobile hotspot, giving him the means to reliably detect his presence. An ATtiny2313 and an ESP-01 do the business of polling for the SSID of his phone and blinking a bright blue LED by his door for his housemates. It’s not perfect, of course; it could easily be spoofed by anyone else who knows his SSID. But simple works for now.

With almost everyone carrying one now, smartphone detection is a good proxy for the presence of a person. But it doesn’t work in every case, so you may want to familiarize yourself with the aforementioned PIR and microwave methods.

Weather Station Needs Almost No Batteries

November 13, 2017 by Bryan Cockfield 38 Comments

While the ESP8266 has made its way into virtually every situation where a low-cost WiFi solution is needed, it’s not known as being a low-power solution due to the amount of energy it takes to run WiFi. [Alex] took this design constraint as more of a challenge though, and with the help of an ATtiny microcontroller was able to develop a weather station using an ESP8266 that only needs new batteries every 2-4 years.

While the ESP8266 module consumes a bit of power, the ATtiny excels in low-power mode. To take advantage of this, [Alex] designed the weather station using the ATtiny to gather data every two minutes, store the data in a buffer, and upload all of it in bursts every hour using the ESP8266. This means that the power-hungry WiFi chip can stay off most of the time, drastically limiting the power demands of the station. [Alex] mostly details the setup of the ATtiny and the ESP8266 on his project page, so this could be applied anywhere that low power and network connectivity are required.

As for the weather reporting capabilities, the station is equipped to measure temperature, light, and humidity. Presumably more could be added but this might increase the power demands for the weather station as a whole. Still, changing batteries once a year instead of once every two years might be a worthwhile trade-off for anyone else attempting such an ambitious project. Other additions to the weather station that we’ve seen before might include a low-power display, too.

Oh Great, WPA2 Is Broken

October 16, 2017 by Brian Benchoff 131 Comments

WPA2, the standard security for Wi-Fi networks these days, has been cracked due to a flaw in the protocol. Implications stemming from this crack range from decrypting Wi-Fi, hijacking connections, and injecting content. It’s fair to say, WPA2 is now Considered Harmful. The paper is available here (PDF).

This is a proof-of-concept exploit, and like all headline-making network security stories, it has a name. It’s called KRACK, for Key Reinstallation Attack. The key insight to this exploit is a vulnerability in the handshaking between routers and devices to establish a secure connection.

This is not the first time the researchers behind this exploit have found holes in WPA2. In a paper published by the KRACK researchers at the USENIX Symposium last August (PDF), they showed that the Random Number Generator used in 802.11 is flawed, ill-defined, and insecure. The researchers have also spoken at 33c3 on predicting WPA2 Group Keys.

The practical consequences of a poor definition and implementation of an RNG can be found in consumer hardware. The researchers found that in MediaTek-based routers, the only source of randomness is the current time. Meanwhile Broadcom-based routers do not use the RNG proposed by the 802.11 spec, but instead take the MD5 of the current time in microseconds. The researchers do not mention if the current time is a secret.

So what do we do now?

This has happened before. In 2001, WEP, the Wi-Fi security protocol many security-ignorant people are still running, was cracked in much the same was as KRACK. This quickly led to the development of Aircrack, and in 2003, the Wi-Fi Alliance rolled out WPA and WPA2. Sure, you can still select a deprecated security protocol for your router, but the problem of WEP hacking is as solved as it’s ever going to be.

The early 2000s were a different time when it came to wireless networks, though here in 2017 Wi-Fi permeates every cubic inch of our lives. Everything and everyone has Wi-Fi now. This is going to be a bit bigger than cracking WEP, but it remains possible to patch devices to ensure that this exploit is rendered useless. Install those security updates, people! Of course there will still be millions of unpatched devices in a year’s time, and for those routers, IoT baubles, and other wireless devices, turning on WPA2 will be akin to having no security at all.

That said, this isn’t a world-ending Armageddon in the way the botnet of webcams was. You will only be vulnerable if an attacker is within range of your router, and you will still be secure if you’re accessing secure websites. However, turning off Wi-Fi on your phone, relying on mobile data, not ignoring HTTPS cert warnings, and plugging into an Ethernet port might not be a bad idea.