Pages

Saturday, July 5, 2014

Android Kolme

Its been a while since I post anything security related. Mostly because since I work in security I tend to publish hobbie related stuff.
So here's an interesting joint research I was involved with Marco Lux from Curesec.
We investigated the source code of the Android Operating System and its default apps.
It was real interesting, to say the least.
Today we released some details of our findings about CVE-2013-6272 and another one unassigned yet. Basically, did you know an app doesn't really need permissions to make a phone call from your device? ;)

With going much into details, which you can find here and here, lets just say something is broken in Android. Of course, I guess we all know it deep inside...
Don't get me wrong, I love Android, own a few and I think it's a great OS from the user perspective. The point is that someone, sometime will have to take security more serious in such a widespread mobile OS. Or not...

What do you think about it?

Thursday, June 5, 2014

MicLoc V2

I'm happy to announce that MicLoc is getting its own page!

Due to several requests and incentives I decided to revisit MicLoc and I'm currently working on another prototype. This time, however, I will be documenting the process and releasing all software and hardware plans.
You can follow the developments in this blog, under MicLoc, or directly via link.
As always, suggestions are most welcomed!


My thanks to everyone that showed interest/commented/suggested modifications!

Tuesday, January 22, 2013

Arduino MicLoc or an Acoustic Location System

(update: MicLoc is further documented here)

I always liked the general concept of signal triangulation. I always wanted to write some software related to this. Maybe even design some hardware. We see it countless times in movies as a standard way to catch the bad guys. So as I studied through the various techniques of triangulation, trilateration, multilateration, I came across with Acoustic Location. Acoustic location methods use sound to determine the distance and direction of something and sounded perfect (pun intended) for my intents, which will became clearer later on.

In order for this to work I needed least 3 input sources which I strategically placed in my backyard. (you can see the rain protection mechanism in the photo)

If you have a stereo mic line in your PC, you already have 2 input channels, but you can't have 3 mics in 2 channels... So I went on and designed a multiplexing circuit with a 555 timer, a JK flip-flop and a 4066 digital switch (which I had readily available) to connect up to 4 mics sharing the mic input. If you sample at 44.1khz from the soundboard, divide bandwidth by 2, you get around 22 samples per millisecond. The speed of sound is around 334mm/ms so the setup should give some results... but it was a big FAIL!
That's because switching from theory to practice is a nasty business. The switching circuit introduced way too much noise to be useable and I ended up loosing too many samples to have any kind of decent precision.
So I went on to plan B...

Arduino MicLoc

Arduino has some cool features, one of them being the ADC, which allow us to sample analog signals from some source. I wanted to sample the microphones output at a pretty high sampling rate, so I started to investigate the limits of the ADC.
The ADC clock is 16 MHz divided by a prescale factor. The prescale default value is set to 128 (16MHz/128 = 125 KHz) in wiring.c. A conversion takes 13 ADC clocks, so the sampling rate is about 125KHz/13 or 9600 Hz. But you can mess around with the prescale factor, which allows you to sample at a much higher rate, which is essential to proper sound location. The setup is not complicated, despite all the wires. I have 3 microphones connected to 3 2N3904 based amplifier and feed into 3 analog channels (A0,A1,A2) on the arduino nano. A temperature sensor was also added.

The arduino samples each of the channels in turn and if the value (i.e. sound intensity) is above a certain threshold it records it. If the 3 mic are above the threshold within a certain time frame, the arduino write them out to the serial port. I wrote a daemon the is listening for this data to come in from the serial line, and then does its magic, using some fancy math with  the speed of sound, temperature, time difference between the samples, mic position and sample rate. After that, it spits out the most probable geographic position of the sound source in kml, which I directly connected as a network source to Google Earth and ended up with a realtime passive acoustic locating system.


You can see the mic positions on the satellite image, on the left. The Shot 1,2 and 3 are the actual location where I shot a BB gun and the red icons is where the Arduino MicLoc estimated the location of the shots. 
I was surprised with the accuracy of this project, given that I worked on in for a weekend and extra cheap materials I used. I believe a sub meter precision shouldn't be very hard to achieve, adding some more mics, better quality amplifiers and a little software tunning.

So why MicLoc? I was pretty sure the local hunters are hunting too close to my house. I just wanted to actually see where they were shooting, in realtime!
Oh, and because MicLoc is cool.

Monday, October 8, 2012

Arduino Hydroponics

For a long time I was looking for an excuse to get into hydroponics. And time too.
I had some Arduinos and some PICs lying around the garage, but they were allocated to some other projects and I didn't want to touch them.
So when I got a Arduino Nano last month I decided it was time to spend a Saturday working on my hydroponics prototype.


Strawberrys and lettuces.

So I hacked some PVC pipes, a small fountain water pump, a 433Mhz remote controller 2 channels with a receiver equipped with 2 220V capable relays.

                        

The fertilizer I use in the water is also homemade, humus based, produced by earth worms. They eat leftovers from vegetables, fruits and... well... horse shit.
I programmed the Arduino to water more during the day and less during the night. Next step would be incorporate some temperature sensors, light sensors and humidity. And solar power it all. Pretty permaculturish.


Saturday, September 15, 2012

Ekoparty 8 edition


Ekoparty is coming, September 19. I wish I could be there for many different reasons. It's full of great talks and speakers, I hear it has good after parties and, of course, it's in Buenos Aires. It's probably the best security conference in Latin America.
In particular, I'm looking forward to see CRIME in action. Oh, you don't know what CRIME is? Wake up!?



Friday, September 7, 2012

RTL-SDR

Heard about RTL-SDR? Well, I didn't either until some months ago. You can start here.
Basically you can use a regular USB DVB-T dongle, the ones you use to receive TV, as a software defined radio, a.k.a, frequency scanner. Well, kind of.
The concept in itself is pretty cool, so I decided to grab one of those and start to play around. You can do lots and lots of stuff with these, but I always wanted to see if I could pick some satellite transmissions.
You know, the crazy guy in a barn picking up radio signals from outer space, listening to ET phone home. So after some work compiling and hacking code I came up with my desktop having:
  •  GNOME predict, awesome app for satellite tracking.
  •  gqrx, IMHO the best app to monitor the √¶ther, connected to wxtoimg
  •  wxtoimg, to decode NOAA satellite info
  •  an homemade dipole antenna
End result? mind = blow. Not really, no, but I managed to get some pretty cool pics. And watching it appear realtime on my screen gave me the butterflies.


 NOAA 19 Weather Satellite data as it passed over Europe, filtered with wxtoimg.

Thursday, April 19, 2012

HES 2012


That's right! I was there again! deadbytes house again! And this time we pushed it to another level, eight people sleeping in the same room. Oh, and we won the wargame... again! :D
To be completely honest, my team did much of the work themselves. 
I don't even want to get started on the quality of the talks and the awesomeness of those guys. If you like the security world, no matter which colour your hat is, you should be at HES.
You simply have to.

Saturday, February 4, 2012

Armindo

Armindo, the cyber janitor.

Who is Armindo, you might ask. Armindo is another project from my hackerspace. Armindo is going to be a cyber janitor, which will allow the members so physically login to our hackerspace. He will have several modes of identification, namely a webcam (live) that recognizes QR-codes from members card for active login.
If you forget your card, don't worry, just bring your cell phone.
Armindo is going to be equipped with bluetooth and wifi, that will permanently be scanning for known mac addresses of members for passive login. This way, you just have to be nearby and he logs you in automatically.

But his main feature is that he randomly  speaks Chuck Norris jokes via festival. :P

Neat!

Monday, January 30, 2012

Hack yourself a USB microscope


This really couldn't get any easier. I found myself at my hackerspace with an incredible amount of lazyness in my hands. Well, lazyness to clean up the place.
Suddently I noticed an old plastic microscope (with and impressive 1000x zoom) and an old stripped usb webcam.
It was pretty obvious what to do... After adjusting the camera lenses to (very) close focus, an usb microscope was working in no time. You can even remove the IR filter from the webcam and get some IR lights under the microscope to get some awesome images, with the right colorants.

My blood. No kidding. No IR lights here tough.


Wednesday, November 23, 2011

Nuclear Taco

This year Codebits had, once again, Nuclear Tacos.
Nuclear Tacos are super hot super spicy to the point of insanity tacos.
So I did what any decent human being would do and I volunteered to be the guinea pig of altLab hackerspace Nuclear Taco Helmet.

Talk about sweat and tears...

Kudos to altLab. Hack on!