Hardware Hacking

Big Tech Squashes New York's 'Right To Repair' Bill (huffingtonpost.com) 224

Damon Beres, writing for The Huffington Post: Major tech companies like Apple have trampled legislation that would have helped consumers and small businesses fix broken gadgets. New York state legislation that would have required manufacturers to provide information about how to repair devices like the iPhone failed to get a vote, ending any chance of passage this legislative session. Similar measures have met the same fate in Minnesota, Nebraska, Massachusetts and, yes, even previously in New York. Essentially, politicians never get to vote on so-called right to repair legislation because groups petitioning on behalf of the electronics industry gum up the proceedings. "We were disappointed that it wasn't brought to the floor, but we were successful in bringing more attention to the issue," New York state Sen. Phil Boyle (R), a sponsor of the bill, told The Huffington Post.
Hardware Hacking

Apple Is Fighting A Secret War To Keep You From Repairing Your Phone (huffingtonpost.com) 364

It's no secret that Apple makes a ton of money by charging 'astronomical' fee for replacing and fixing display and other components of iPhone and iPad (as well as Mac line). For instance, the company charges $599 for replacing the display on the iPad Pro tablet. Which sounds insane when you realize that you can almost certainly purchase a new iPad Pro under $700. And this is what most people do. A Huffington Post article notes that this behavior has contributed significantly in "generating heaps of e-waste." Citing many advocates, the publication claims that Apple has "opposed legislation that could help curb it." From the report: The Huffington Post spoke with politicians in two states who support such legislation, and confirmed through government filings that Apple has lobbied on the issue. Four states -- Minnesota, Nebraska, Massachusetts and New York -- have considered adopting "right to repair" amendments, which would update existing laws regarding the sale of electronic equipment. Amending these laws would make it easier to fix your devices and would help reduce "e-waste," a catch-all term for any electronic detritus. The New York State Senate and Assembly could approve one of these amendments next week. This would help unofficial repair shops get the information they need to fix your iPad, ideally driving down repair costs and encouraging you to squeeze more life out of your old devices -- thus cutting down on the e-waste generated by our voracious appetites for new gadgets. Apple asserts that it helps recycle millions of pounds of electronics equipment every year. But it won't support right to repair amendments.One would ask what is preventing a user from getting their device repaired by unofficial service person? In addition to the security implication, you also run a risk of getting your device bricked by Apple. To recall, the iPhone maker was found bricking the handsets that had been repaired by third-party vendors earlier this year.
Operating Systems

Developer Installs Windows 95 On An Apple Watch (theverge.com) 98

An anonymous reader writes: Developer Nick Lee has successfully installed Windows 95 on his Apple Watch. It works, but it runs very slow. For example, it takes about an hour for the OS to boot up. In a blog post, Lee points out the Apple Watch features specs capable of running the old OS. To get Windows 95 running on the Apple Watch, Lee had to modify Apple's development software in "rather unorthodox ways" that allowed him to turn the OS into a Watch app, which also emulates an environment for the OS to run on, he tells The Verge. To deal with the fact that Apple Watch's screen is always turning itself off when not in use, he set up a motorized tube that constantly turns the Watch's crown, preventing it from falling asleep. In addition, Lee altered the Watch's software to let Windows 95 track a single fingertip, hence the constant swiping in his video.
United Kingdom

One Million School Children To Get Free BBC Micro:bit Computers 157

Mickeycaskill writes with this news from TechWeek Europe: Every Year 7 student in England and Wales, Year 8 student in Northern Ireland and S1 student in Scotland will be handed, for free, a BBC micro:bit computer specially designed to help pupils learn to code. Micro:bits, which are smaller than the size of a credit card and can be hooked up to a mobile app or accessed via the Internet, will be delivered nationwide through schools and made available to home-schooled students over the course of the next few weeks. The students are able to keep their devices as their own, meaning they can work with the device for homework, in school holidays, and use it for more applications as their grasp on coding increases. The initiative follows on from the BBC's Micro programme that was introduced in the 1980s, and sees a partnership between the BBC and some of the world's most notable technology companies such as ARM, Microsoft, and Samsung. The computer will hope to emulate the Raspberry Pi, of which more than eight million have been sold. A BBC story explains a bit about the project's ambitions, and points out a few "bumps in the road"; originally, the hardware was to be in classrooms several months sooner. The BBC's own micro:bit page features more on programming the device, as well as many sample projects.

Sony Outage Disables DASH Devices, No ETA On a Fix 116

New submitter Jack Greenbaum writes: In 2012 Sony closed the developer site for the DASH, their version of the Chumby platform. Sony never officially killed off the product, and they kept the back end servers on line, until recently at least. About two weeks ago DASH owners started seeing their devices fail with a cryptic error message "Unable to download the Control Panel (No download information available). Please restart your dash to try again." Sony acknowledges that the issue is at their end, but no ETA for a fix has been provided. The passionate DASH community is not pleased that Sony is being so quiet about a fix. One user even overslept for work because they depended on the alarm clock feature. Now every DASH is dead until Sony decides to not abandon its walled garden.
Data Storage

Raspberry Pi Gets Affordable, Power Efficient 314GB Hard Drive On Pi Day 144

Mickeycaskill writes: Western Digital has released a had drive optimized for the Raspberry Pi. The 314GB drive, released on Pi Day (3/14), costs $31.42 for a limited time and promises to be more reliable, power efficient and easier to use with the computer than other storage. The company, which also has a 1TB drive, says the unit has been designed to coordinate with the Pi's own power systems in order to minimize energy use without affecting the maximum data transfer rate on a USB connection. The Raspberry Pi Foundation says the new drive will stimulate the development of storage-hungry projects.
Hardware Hacking

Using Kexec Allows Starting Linux In PlayStation 4 70

jones_supa writes: Team fail0verflow, the hacker group who made Sony PlayStation 4, has introduced another method to start Linux in the game console. Instead of the previous exploit which was based on a security hole in an old PS4 firmware version, the new trick allows a kexec call to start Linux through Orbis OS (the FreeBSD-based system software of PS4). The code can be found in GitHub. Maybe this will lead to more and better PlayStation clusters.

Fingerprint-Protected Phones Vulnerable To Inkjet Attack (softpedia.com) 56

An anonymous reader writes: Two researchers have come up with a new method of hacking smartphones that use fingerprint biometrics to protect and lock the user's data. Their method only needs a regular inkjet printer, three AgIC silver conductive ink cartridges, a normal black ink cartridge, and special AgIC paper. The entire attack takes no more than 15 minutes. Current tests only included a Samsung Galaxy S6 and a Huawei Hornor 7. The researchers said that while the Samsung was easy to crack, the Huawei phone needed more tries.
Hardware Hacking

Hacking a Professional Drone 27

New submitter ricardinho writes: Research done at the University of Twente, in the Netherlands, shows that paying thousands of dollars for a professional drone does not guarantee that the device will be hack proof. These professional drones are commonly used across various industries to perform daily critical operations, such as surveillance and recon missions by law enforcement authorities. During his research, student Nils Rodday discovered that a professional drone could be compromised in multiple ways (PDF). One of these attack vectors investigated by the student is much more sophisticated than those used to compromise recreational drones that cost few hundreds of dollars and are not expected to be strongly secured. By reverse engineering the drone's operation and firmware, the student found ways to obtain key information that is used to validate the communication on the telemetry link between the drone and its remote controllers. This allowed for a Man-in-the-Middle attack in which the hacker could take full control of the attacked drone from a distance of up to 2 km. Manufacturers of professional drones are blindly trusting XBee chips for the communication between devices. These chips however are not meant to be used in sensitive devices and this flaw can compromise any sort of operation that the drones are deployed for. In addition, the solution is not simple since a firmware update patch cannot be simply released, but manufacturers have to actually recall the devices for in-house upgrades. Perhaps even more surprising is the cost of the described attack: 40 dollars is enough for an attacker to take full control of a $30,000 drone. Nils will explain and demonstrate his hacking into a professional drone during talks at RSA conference in San Francisco and Black Hat Asia in Singapore.
Hardware Hacking

Microcasting Color TV By Abusing a Wi-Fi Chip (hackaday.com) 63

szczys writes: The NTSC standard has effectively been replaced by newer digital standards, but most televisions still work with these signals. This can be done through a composite video connection, but more fun is to broadcast video directly to your television's analog tuner. This is what cnlohr has been working on, using a lowly ESP8266 module to generate and transmit the color TV signal. This board is a $3 Wi-Fi module. But the chip itself has a number of other powerful peripheral features, including I2S and DMA. This hardware makes it possible to push the TV broadcast out using hardware, taking up only about 10% of processor time. Even more impressive, cnlohr didn't want to recompile and flash (which is a relatively slow process) during prototyping so he used a web worker to implement browser-based development through the chip's Wi-Fi connection. Speaking of chip-abuse in the interest of hyperlocal signal propagation, reader fulldecent writes to point out a project on GitHub that "allows transmission of radio signals from a computer that is otherwise air gapped. Right now this could be useful for playing a quick tune or for pranks. But there are more nefarious uses as this could also be used to exfiltrate information from secure networks."

Raspberry Pi 3 Rolls Out With Faster CPU, On-Board Wi-Fi, and Bluetooth 203

An anonymous reader writes: The original Raspberry Pi went on sale four years ago, and more than 8,000,000 units have shipped since then. Raspberry Pi computers are used in schools and universities, in factories and other industrial applications, in home automation and hobby projects, and much more. Today the Raspberry Pi 3 was announced, featuring a 64-bit quad-core ARMv8 CPU clocked at 1.2GHz, making it roughly 10x the speed of the original Pi 1. Many people will be pleased to hear that the Raspberry Pi 3 also features on-board Wi-Fi and Bluetooth, greatly improving the device's connectivity. The new device goes on sale today at the usual price of US $35. (Here's the official announcement itself.)

TP-Link Begins Lockdown of Firmware In Response To FCC 157

An anonymous reader writes: In response to an FCC rule that requires manufacturers to lock down computing devices (routers, PCs, phones) to prevent modification if they have a "modular wireless radio," TP-Link has begun locking down its routers to prevent firmware not signed by TP-Link from being installed. This essentially prevents open source OSs (OpenWRT, for example) from being used on routers. TP-Link may not be a prestige brand, exactly, but the company makes a lot of routers suitable for installing third-party firmware, precisely the sort of thing being locked down makes difficult if not impossible.

Apple vs. the Right To Repair (bloombergview.com) 381

retroworks writes: Bloomberg columnist Adam Minter takes on Apple's "Error 53 Code" and the precedents being challenged by the Right To Repair movement. Apple claims that bricking the phone if it's repaired by a non-Apple certified repair shop protects you from tampering with, say, the fingerprint scanner. But the column documents how the number of "certified" repair shops is under attack. If you can't open it, do you really own it?

Push To Hack: Reverse Engineering an IP Camera (contextis.com) 35

New submitter tetraverse writes: For our most recent IoT adventure, we've examined an outdoor cloud security camera [the Motorola Focus 73] which like many devices of its generation a) has an associated mobile app b) is quick to setup and c) presents new security threats to your network. From the article: This blog describes in detail how we were able to exploit the camera without access to the local network, steal secrets including the home networkâ(TM)s Wi-Fi password, obtain full control of the PTZ (Pan-Tilt-Zoom) controls and redirect the video feed and movement alerts to our own server; effectively watching the watchers.
The Internet

How the Raspberry Pi Can Automatically Tweet Complaints About Your Slow Internet (ibtimes.co.uk) 154

An anonymous reader writes: Contacting your internet provider to complain about slow browsing speeds is a tiresome chore which none of us enjoy, but one man has found a solution. He has configured a Raspberry Pi computer to automatically tweet a complaint to Comcast when his internet falls below 50Mbps, well below the 150Mbps he pays for. Wouldn't it be nice if ISPs wrote a rebate check each month to reflect the percentage of their promised throughput that was actually available?

Let's Tear Down a Kiva Bot! (robohub.org) 22

Ben Einstein, writes new submitter Robofenix2, has torn down a Kiva bot -- a mobile ground-based warehouse delivery drone, aka Amazon's busiest employee. These robotic systems have revolutionised the warehouse distribution industry helping deliver packages. Ben was able to get his hands on an older generation, end-of-life Kiva bot and cracked open its bright orange shell to expose a brilliant piece of engineering; this post shares the fruits of Kiva's hard work. This 2011 video is also worth viewing, not least to see Kiva's shelf-lifting corkscrew action.

Jailbreak Turns Cheap Walkie-Talkie Into DMR Police Scanner 82

An anonymous reader writes: Last Shmoocon, famous reverse engineer Travis Goodspeed presented his jailbreak of the Chinese MD380 digital handheld radio. The hack has since been published at GitHub with all needed source code to turn a cheap digital radio into the first hardware scanner for DMR digital mobile radio: a firmware patch for promiscuous mode that puts all talk groups through the speaker including private calling. In the U.S. the competing APCO-25 is a suite of standards for digital radio communications for federal users, but a lot of state/county and local public safety organizations including city police dispatch channels are using the Mototrbo MotorolaDMR digital standard.
Hardware Hacking

Collecting Private Flight Data On the World Economic Forum Attendees With RTL-SDR (qz.com) 88

An anonymous reader writes: Every year politicians and business men meet at the World Economic Forum in the small mountain town of Davos, Switzerland to discuss various topics and create business deals. This year Quartz, an online newspaper/magazine sent a journalist to the forum tasked with writing a unconventional story about the forum: he was asked to monitor the private helicopter traffic coming in and out of Davos from transponder broadcast of ADS-B data. Using an $20 RTL-SDR dongle, Raspberry Pi and ADS-B collinear antenna they monitored the flights over Davos. From the data they were able to determine the flight paths that many helicopters took, the types of helicopters used and the most popular flight times.
Hardware Hacking

OpenWrt Turns a $14 Card Reader Into the Smallest Wireless AP (livejournal.com) 43

An anonymous reader writes: The Zsun Wifi card reader is a tiny micro SD card reader with WiFi connectivity. While people managed to access the device's serial console a few months ago, the plan was to eventually run OpenWrt since it's based on the popular Atheros AR9331 WiSoC combined with 64MB RAM and 16MB SPI Flash. A team of Polish hackers have managed this feat, and have now posted instructions to install OpenWrt, as well as other documentation: for example, a description of the board's GPIOs.

To Solve a Rubik's Cube In 1 Second, It Takes a Robot 100

The Next Web features a quick look at an eyebrow-raisingly fast Rubik's Cube-solving robot, created by developers Jay Flatland and Paul Rose. How fast? The robot can solve a scrambled cube in one second (as long as you're willing to round down consistent solutions in "less than 1.2 seconds") which makes for some fun repeat views on YouTube. One speed-shaving element of the design: Rather than grip the cube with a robot hand, Flatland and Rose essentially made the cube an integral part of the system, by drilling holes in the cube's center faces, and attaching stepper motors directly. (Also at Motherboard).

Slashdot Top Deals