Taking a ploy from the upcoming TouchID feature the new iPhone will have, Grant was inspired to make this really neat toy box for his son’s toy car collection.
You would think getting a fingerprint reader would be the most difficult part, but apparently Adafruit has ‘em for sale! So Grant got a fingerprint reader, a hobby servo, pushbutton, and some batteries and hooked it up to an Arduino UNO.
Looks like a fun project, especially for something like a jewelry box.
Think your iPhone 5S TouchID is secure? Think again. The biometrics hacking team of the Chaos Computer Club (CCC) has successfully bypassed the biometric security of Apple’s TouchID using the How to fake a fingerprints? process they wrote about back in 2004.
“First, the fingerprint of the enroled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone. This process has been used with minor refinements and variations against the vast majority of fingerprint sensors on the market.”
Nothing good could ever come from storing your fingerprints on your smartphone. Just don’t do it people! You can read more about the iPhone 5s TouchID Hack here.
Transmit data serially without a Microcontroller. Uses a specialized IC by Holtek to transmit and receive, but really quite useful if you have some data you want to move and don’t feel like adding a Microcontroller to your project!
Security researcher Silvio put together his process for defeating a cheap infra-red based security system. The security system uses an infra-red remote to arm and disarm the alarm. The alarm is triggered by any motion that happens while it is armed.
In his first attempt he tried to use an off the shelf learning remote to record the signal and play it back. For whatever reason the remote didn’t like the signal and didn’t even try to learn it. So in his second attempt, he whipped out a frequency counter and an oscilloscope and was able to replicate the signal using an Arduino and an infra-red LED. For fun he also made a third attempt using a more hacker friendly open source board called a USB Infrard Toy made by Dangerous Prototypes.
A good read if you want to learn the process of simple reverse engineering. Full article here.
Dragorn has a couple of tutorials up on his site about working with the HackRF SDR. Just like decoding weather satellite signals, decoding wireless remotes and other signals is cool too. If you’re familiar with the cheap RTL-SDR, then just know the HackRF is like that but more powerful (and can transmit).
Dragorn starts out with part 1: inspecting a pair of car keyfobs. In this tutorial, he records the signals and inspects them using baudline. You can see the different encoding mechanisms the 2 different keyfobs use. Dragorn points out that actually decoding the data is pointless as the data transmitted uses a rolling key pair that constantly changes the data sent for security.
And thus he moves on to part 2: using GNU Radio this time with something that decoding the data might be useful. For this one he is using a cheapo 433mhz transmitter you would use on an arduino like the ones use in this post. GNU Radio is a little more complex than baudline. You get to visually pipe inputs and outputs together for different modules until you achieve the proper filtering and decoding.
Unless you’re just upgrading from windows 3.1, you’ve seen the cheap SDR (software defined radio) rtl-sdr project. SDR’s aren’t new but someone figured out how to turn a cheap sub-20$ dongle into a decent SDR bringing the entry price low enough for everyone to experiment with them.
Every electronic device you own is screaming its name into the infinite void
Melissa Elliott has put together a presentation titled “exploring the world of unintentional radio emissions” that was presented at DEF CON. After talking about the concept itself, she shows you how almost everything that runs on electricity emits some sort of electronic signature. That signature can be profiled and sometimes data can be decoded from it.
No it’s not time to break out the tin foil hats or anything but if you really are paranoid, Melissa gives some tips how to shield this information in the form of Faraday cages. You don’t have to be an old ham radio buff or even a budding electronics engineer to appreciate how cool SDR’s are.
A group of researchers put together this finger pushing robot to crack lock screens on android phones. While I’m sure this will method will work on non-android phones, I know that the IOS lock screen can have a self destruct feature after so many failed attempts. According to the article they will demo this unit at the upcoming Def Con conference in Las Vegas. Apparently on most phones this thing will find your password in under 24 hours, in some cases minutes using profiling algorithms.
The bot is inspired by a 3D printer design called the delta bot. I’m sure this will lead to the evolution of different unlock screens using facial recognition or more gesture based unlocks. The IOS wipe-after-so-many-bad-attempts is also a good solution assuming there is no legal issue with implementing it.
I personally just think it’s cool watching this thing punch away at the screen, but there’s a full writeup over at Forbes about it if you’re interested in learning more.