I’ve been working on a few Arduino libraries lately. Since there is no package manager for Arduino1 you have to install libraries manually. Generally, this is not a big deal as you just need to plop the library in your
/Arduino/libraries/ folder. If you are writing a library, spend the extra effort and make the library conform to the Arduino IDE 1.5 Library Specification. This will make it even easier to plop libraries in that folder and plus, your library and examples, will nicely display in the IDE.
This is an Arduino Library. Punny :)
However, the documentation is very sparse about what keywords are. Basically, keywords are used by the IDE to perform syntax highlighting and thankfully, this post provides some clarification. I also submitted an issue so hopefully they improve that page. I guess I could have edited the wiki directly, but I couldn’t find a link to the actual keyword definitions.
Lastly, if you do create an Arduino library, pretty please, with sugar on top, pick an OSI Approved License. It may be fun to pick something else, but consider that there may be somebody who wants to seriously use your library and unless you pick a clear license, it will be unclear how to incorporate your library with their larger work.
Enjoy the snow while it lasts.
For all the hardware hackers looking for a gift, either for yourself or for others, BeagleBone for Secret Agents is only $5 as an eBook until January 6th! Actually, all Packt eBooks are on sale for the same price until then. Also, all Packt eBooks are DRM-free and I’m very happy to have a book with a publisher that supports this.
So, if you have a long flight to the in-laws this year1, stock up on some eBooks!
Building Open Source Hardware, by Alicia Gibb, is now available! I received my copy tonight and just by flipping through it I can tell it is an impressive collaborative effort that captures the zeitgeist of the OSHW movement. There are over 16 contributing authors who share their expertise in areas such as wearables, licensing, design, manufacturing, materials, and documentation. I’ll post a proper review once I’ve completed reading it.
I’m also proud to announce that a very small contribution of mine made it into this book. I wrote a brief essay of OSHW Security Do’s and Don’ts which unabashedly occupies Appendix B. There are no shocking revelations — just some good common sense practices.
If you are involved in any way with OSHW, you should like this book. But you don’t have to take my word for it.
Let’s hear it for all the Appendix Bs out there!
SparkFun Electronics gave me a free pass to SAINTCON, a networking security conference in Odgen, Utah. How did I receive this? Well, social media addiction has its rare benefits and I was the first to respond to a tweet.
SAINTCON hosted a Hardware Hacking Village (HHV) this year and as the recipient of a SparkFun-sponsored ticket, I felt I should check out the HHV immediately. I sat down, soldered my badge, and then proceeded to complete all five hardware challenges; I was the first to complete hack the badge. That’s what happens when a SparkFun social-media-addict goes to a conference.
Completed badge with the blinky kit.
My book, BeagleBone for Secret Agents, is now available. The title is slightly misleading as you need not be a secret agent to enjoy this book. ;) There are five self-contained projects involving electronics, cryptography, and various software packages but I wanted to write a book that was more than just a collection of projects. In BBfSa, I tried to motivate the social and individual importance of using software like Tor, GPG, and OTR. While the projects are cool, IMHO, I’m hoping that readers will appreciate the need for and difficulty of developing privacy enhancing technologies.
I picked projects that were explicitly more detailed than one could describe in a blog post. Most of them combine hardware and software and I would describe the projects as challenging, but attainable. If you decide to buy it hopefully you not only enjoy it, but learn something as well.
The book is available as a DRM free eBook and as a bound collection of printed dead-trees. I’ve stopped reading with eBooks readers, but there are just over 100 references, most with URLs, and I can appreciate the convenience of using one. You can visit my BBfSa page to see its availability or buy it direct from Packt Publishing.
Thanks to the many people at Packt who helped with the direction, editing, and layout. I was lucky to have very talented reviewers. Lastly, thank you Nate for writing an incredibly insightful forward and to SparkFun, without whom the projects in this book would not have been possible.
My initial reaction to Banned Books Week, which is this week, was “oh, this when we remember how we used to ban books back in the 50s.” I went to the Banned Books Week website and found a pamphlet that shows the banned or challenged books, in 2013! Looking over the list, I’m incredulous that books like the Margaret Atwood’s Handmaid’s Tale, and Diary of Anne Frank, which a Northville, Michigan middle school try to ban, are still routinely challenged.
I update my BeagleBone images very frequently. As soon as you have more than one beagle running around your house, keeping track of them takes some effort. I like to have unique hostnames set for each device so that I can ssh into the unique device. I also put a little sticker on each one to remind me of the hostname.
I’m a H2G2 fan. I feel somewhat compelled to always have a picture. The use of the filter in this picture is borderline relationship ending.
Anyway, it’s pretty easy to change the hostname on Debian. To do it properly you need to edit two files,
. It’s an annoying little task that I do often enough I finally decided to script it. I should start making a collection of these scripts as I perform the same tasks each time, but we have to start somewhere.
if [[ "$#" -ne 1 ]]; then
echo "$0 usage: newhostname (run as root)"
sed -i "s/$name/$1/" /etc/hosts
Also available via
chmod +x changehostname.sh
The schematic, EAGLE CAD files, and Bill of Materials for the CHUCKWAGON I2C adapter as presented at DEFCON22 are now available. You can buy the board directly from OSH Park, the components from Digikey, and solder the device yourself. For those looking for some references on using I2C on the BeagleBone Black, check out my I2C references post.
CHUCWAGON soldered to the CryptoCape. I soldered wires underneath and to the male headers just below the CHUCKWAGON.
It does require surface mount soldering, but it’s a good board on which to practice. The top layer isn’t so bad but the pads for the P-channel MOSFET on the bottom are a bit tight. If you don’t want to deal with the P-Channel MOSFET, you can put a solder bridge over the source and drain and connect the 5V rail from the VGA adapter to the board. Just be careful not to get the gate, which will short the power rail to ground!
The CHUCKWAGON was also in the NSA Playset Deluxe package. This package was auctioned at the EFF auction, theSummit, which sold for over $2,000. A representative from the EFF passed along their thanks:
Thank you very much for your fantastic donation this year! It’s clear how appreciated it was as it is now the highest valued item auctioned at the EFF summits… ever!
The collection of NSA Playset gadgets. There’s a CHUCKWAGON in there somewhere…
Photo by Michael Ossman
I think the two HackRFs
in the bucket were of greater value than the CHUCKWAGON though ;)
My HOPE X slides are now posted. You can listen to the full audio of the presentation here. Thanks to everyone who attended! If you missed me at HOPE, you can catch me at DEF CON.
My DEF CON 22 Talk, NSA Playset: DIY WAGONBED Hardware Implant over I2C, time is now posted on the DEF CON schedule. It’s Sunday at 11:00 am in Track 1. Be sure to stay for the NSA Playset: GSM Sniffing directly following!
The NSA Playset talks have been receiving some attention in the press. You don’t want to miss them!
In this talk we present an open source hardware version of the NSA’s hardware trojan codenamed WAGONBED. From the leaked NSA ANT catalog, WAGONBED is described as a malicious hardware device that is connected to a server’s I2C bus. Other exploits, like IRONCHEF, install a software exploit that exfiltrate data to the WAGONBED device. Once implanted, the WAGONBED device is connected to a GSM module to produce the NSA’s dubbed CROSSBEAM attack.
We present CHUCKWAGON, an open source hardware device that attaches to the I2C bus. With the CHUCKWAGON adapter, we show how to attach an embedded device, like a BeagleBone, to create your own hardware implant. We show how to add a GSM module to CHUCKWAGON to provide the hardware for the CROSSBEAM exploit. We improve the WAGONBED implant concept by using a Trusted Platform Module (TPM) to protect data collection from the target. The talk will demonstrate how these features can be used for good, and evil!