[John Boxall] of Little Bird Electronics was thinking about combination locks, and how one might improve or at least change the way these locks work. Traditional combo locks can be implemented in a variety of ways, most of which we are all familiar with. Standard rotary padlock and keypad-based electronic safes work just fine, but he was interested to see how one might implement a single button combination lock.

[John] determined that the best, if not only way, to build this sort of lock would require him to measure button press intervals. In his case he decided to monitor the intervals between his button presses instead, but the concept is the same. He first tested himself to see how accurately he could press and release the button, leaving a one-second space between presses. After looking at the results he determined that he would need to incorporate at least a 10% margin for error into his code in order to compensate for human error.

He then created an Arduino sketch to test his idea, defining a set of key press intervals that could be used to ‘unlock’ his imaginary vault. It worked quite well, as you can see in the video demo below.

Now we’re not suggesting that you lock up your mind condition My Little Pony collection or your illegal arms stash with this type of lock, but it could be useful as an extra failsafe for certain projects/gadgets that you want to keep all to yourself.

Filed under: arduino hacks, security hacks

As phone systems have evolved over time, the desire to break them and exploit their usage continues to flourish. Just recently, [The Hacker’s Choice (THC)] announced that they had accessed secure data from Vodafone’s mobile phone network last year, via their femtocell product.

The purpose of the femtocell is to extend mobiile network coverage to locations where reception might not be ideal, routing calls to Vodafone’s network via IPSec tunnels. [THC] knew that this meant the femtocells required a high-level of interaction with the carrier’s traditional mobile network, so they started poking around to see what could be exploited.

After gaining administrative access to the femtocell itself using the root password “newsys”, they found that they were able to allow unauthorized users to utilize the service – a simple ToS violation. However, they also had the ability to force any nearby Vodafone subscriber’s phone to use their femtocell. This enabled them to request secret keys from Vodafone, which they could then use to spoof calls and SMS messages from the victim’s phone without their knowledge.

They have been kind enough to release all of the pertinent information about the hack on their wiki for any interested parties to peruse. Now we’re just wondering how long it takes before stateside carriers’ femtocells are exploited in the same fashion.

[Thanks, kresp0]

Filed under: cellphones hacks, security hacks

[Nirav] found that he rarely printed anything useful with his RepRap, so to shake things up, he decided he needed to work on a project that didn’t involve printing yet more RepRap parts.

The goal of his project was to create working replicas of house keys by simply using the code imprinted at the factory. He purchased a handful of used lock sets from eBay, then carefully measured the keys with a ruler and calipers to get the blank dimensions just right. After that was done, he looked around online and was eventually able to create an OpenSCAD model using a chart of pin depth specifications he located. By changing the last line in the model’s code he can print any coded key. For keys lacking a code, he can manually measure the height of each bit and print replicas that way as well. Once printed, he says that they keys are strong enough to turn most locks he has come across, including deadbolts.

This is undoubtedly a neat project in its own right, though we would be interested to see if someone could get it paired with a program like SNEAKEY to generate bit measurements by sight alone.

Filed under: cnc hacks, security hacks

This deathstar like ball is actually an autonomous surveillance camera. [Basil] wrote in to tell us about it. The body is custom designed for the project, then 3d printed.  It can be dropped anywhere, as it is battery powered for up to a month,  and communicates via cellar networks.  It checks an email folder once an hour and responds to any requests with a snapshot of what is going on. In the video, which you can see after the break, he gets an immediate response.  You can download the sourcecode as well as the files for the enclosure here.

If you wanted to reduce costs, that case could be done away with, but we suspect it helps with some moderate weather conditioning. We would also love to see a version that rotated around that equator on command for better pictures. Great job [Basil].

Filed under: security hacks