User Tools

Site Tools

Navigation Menu

Rustic Retreat

Live broadcasts and documentation from a remote tech outpost in rustic Portugal. Sharing off-grid life, the necessary research & development and the pursuit of life, without centralized infrastructure.

Rustic RetreatSubscribe to our new main project Rustic Retreat on the projects own website.

Hot Projects

SEEDStack

SEEDStack - Open 3D printable seed/sprouting systemDIY Food Hacking

UCSSPM

UCSSPM - Unified Clear-Sky Solar Prediction ModelOpen Solar Power

picoReflow

picoReflow - DIY PID Reflow Oven Controller based on RaspberryPiDIY Reflow Soldering

PiGI

PiGI - DIY Geiger Counter based on RaspberryPiRasPi Geiger Counter

DIY ARA-2000

Active Wideband Receiver Antenna for SDR - ARA-2000Wideband Antenna

DSpace

DSPace - Map everythingMap everything!

Mission-Tags

3d 3d-printer antenna development diy dspace energy events fabrication felix geiger geigercounter gentoo geo gis gnuradio grc hack hardware lab linux livestream map monitoring odyssey pi picocnc picofab picoprint pigi power printer python radiation radio raspberry receiver research rf robot sdr security sku software solar sponsor test voron wind zephyr

Please share what you like

Apollo-NG Mobile Hackbase

Apollo-NG Hackerspacecraft

Apollo-NG is a mobile, self-sustainable, independent and highly-experimental Hackbase, focused on research, development and usage of next-generation open technology while visiting places without a resident, local Hackerspace and offering other Hackers the opportunity to work together on exciting projects and to share fun, food, tools & resources, knowledge, experience and inspiration.

Latest Mission-Log Entries

Spark-Core Hacking: Read MQ2 sensor data

The aquarius needs a galley in order to prepare and cook food but due to unforeseen personal circumstances I had to invest into this infrastructure way before than it was actually necessary - since the base trailer for the LM isn't available yet. So I've started to build a prototype kitchen with all that is needed for functional and fun food hacking. One of the primary energy carriers selected for cooking is gas. That can be either LPG (Propane/Butane) or Methane (delivered by utility gas lines).

Since gases can be tricky and risky energy carriers and their combustion process also creates potentially harmful by-products like Carbon-Monoxide (CO), it seemed prudent to have an autonomous environmental monitoring and gas leakage detection system, in order to minimize the risk of an undetected leak, which could lead to potentially harmful explosions or a high concentration of CO, which could also lead to unconsciousness and death. Monitoring the temperature and humidity might also help in preventing moisture buildup which often leads to fungi problems.

To cover everything, a whole team of sensors monitors specific environmental targets and their data will then be fused to form a basis for air quality analysis and threat management to either proactively start to vent air or send out warnings via mail/audio/visual.

spark-core-mq2-mq7-test-setup.jpg

Sensor Target Description Placement
MQ7 CO Carbon-monoxide (Combustion product) Top/Ceiling
MQ4 CH4 Methane (Natural Gas) Top/Ceiling
MQ2 C3H8 Propane (Camping Gas Mix) Bottom/Floor
MQ2 C4H10 Butane (Camping Gas Mix) Bottom/Floor
SHT71 Temp/Humidity Room/Air Temperature & Humidity Monitoring Top

As a platform for this project a spark-core was selected, since it's a low power device with wireless network connectivity, which has to be always on, to justify its existence. The Spark-Core docs claim 50mA typical current consumption but it clocked in here with 140mA (Tinker Firmware - avg(24h)). After setting up a local spark cloud and claiming the first core it was time to tinker with it.

The default firmware (called tinker) already get's you started quickly with no fuss: You can read and control all digital and analog in- and outputs. With just a quick GNUPlot/watch hack I could monitor what a MQ2 sensor detects over the period of one evening, without even having to hack on the firmware code itself (fast bootstrapping to get a first prototype/concept).

→ Read more...

2014-11-05 20:04 · chrono
, , , , , , , ,

Hacking RF controlled power switches with HackRF

In order to learn more about GNU Radio and HackRF, so that tackling more complex scenarios like darc-side-of-munich-hunting-fm-broadcasts-for-bus-and-tram-display-information-on-90-mhz become easier, it was time to go for a much simpler training target:

Those cheap RF controlled wall plugs you can use to remote control the power outlets. Now, I'm not talking about FS20, x10 or HomeMatic devices but the really cheap ones you can usually buy in sets of three combined with a handheld remote controller for 10-20 EUR.

The goal here is to find out, how long it actually takes to reverse engineer this particular (at least 10 year old) system and achieve full remote control capability using HackRF and other open-source tools.

hackrf-433-remote-control-title.jpg

→ Read more...

2014-11-05 12:26 · chrono
, , , , , , , , , , ,

HOWTO: Set up and secure a local Spark-Core Cloud

It took quite a bit of tinkering and a couple of clarifying sessions on IRC (Thanks to lbt and aholler for their input and support), to deploy the local Spark-Cloud test setup and interpret/abstract the scattered docs into one whole system view model. But why go through all this hassle, when you can just comfortably use the “official” spark.io cloud service to develop & manage your cores instantly?

Well, the IoT (Internet of Things) is a hip buzzword these days and the Spark-Cores definitely can be categorized as the first generation of open, relatively cheap and hackable wireless IoT devices.

For all we know, it is at least save to assume, that we actually have no way of knowing how far this technology branch is going to develop and spread in a couple of years, just like the Internet itself 20 years ago. We should look at the privacy aspects before it's actually too late to do so. In the end, it boils down to this question:

Do we really want to give out our complete sensory data (sys/env/biometrics) over all time and possibly full remote control over all the actors, built into everything, at all time, at the place we like to call our home?

Some people may haven't yet realized that we've got plenty of open-source tools to store, analyze, link and visualize billions of data rows quickly and with much ease. Imagine what people with a multi-billion budget are able to employ. To give you a small scale example, how transparent anyone's little life and habits become, I've created a dashboard which doesn't show many metrics yet (more are in the process) but it's more than enough, if you learn how to interpret the graphs. The data you see there is mostly generated by two spark-cores which are deployed here. Big/Open-Data/Cloud technology is not the problem itself, it's our culture/society, which obviously isn't ready for it.

In the year 2014, in a post Olympic Games (Stuxnet) & Nitro Zeus, Snowden & Lavabit era, we have no other choice but to come out of our state of denial and simply accept the fact, that every commercial entity can be compromised through multiple legal, administrative, monetary, social/personal or technological levers. Access- and Cloud-Provider are no exception. As repeatedly shown, all of them can be tricked, coerced or forced to “assist” in one way or another. No matter what anyone promises, from this point on, they all have to be considered compromised.

The current software implementation (firmware- and server-side) has no concept of mesh/p2p or direct networking/communication. All Spark-Cores need a centralized spark-server for Control & Communication. Also, the Spark.connect() routine unfortunately has no timeout (yet?), the Core might hang indefinitely, which could be a big problem, even if your particular code doesn't require to connect to the cloud because after you call Spark.connect(), your loop will not be called again until the Core finishes connecting to the Cloud. This might happen if your WiFI or internet access is offline.

In this picture the blue lines represent the data flow of the Cores, the clients and the central server. All points marked with a red C show where the current implementation/infrastructure is to be considered compromised and the yellow P marks potential security risks (since the firmware isn't compiled locally), theoretically anything can be injected into the firmware, either in the AWS cloud or even in-stream. Tests showed that the API webservers don't offer perfect forward secrecy, the cores itself use only 128-CBC without DH support, which offers no forward secrecy at all. Not having reliable crypto and passing everything through compromised infrastructure can't be the way to go. Not to mention, the additional amount of required bandwidth this concept ultimately creates, when you consider the available IPv6 address space and a fair likelihood, that not so far off, there will be more IoT clients connected to the Internet, than there are humans.

→ Read more...

2014-11-04 10:21 · chrono
, , , , , , , ,

<< Newer entries | Older entries >>

Trace: start

Page Tools