Monday, 26 September 2016
Group entry hacks are a favorite for hacker social groups. Why use old fashioned keys when you can use newfangled electronic keys? If you are looking to build a simple RFID-based security system to secure your important stuff, this project from Resin.io is a good place to start. In it, [Joe Roberts] outlines the process of building a simple RFID-triggered mechanism for their office door.
It’s a pretty simple setup that is composed of an RFID reader, a Rasperry Pi and a Neopixel ring. When someone places an RFID card against the reader hidden behind a poster by their front door, the reader grabs the code and the Pi compares it with a list of authorized users. If the card is on the list, the Pi triggers the door lock using a signal line originally designed to work with an intercom system. If the user isn’t on the list, a laser is triggered that vaporizes the interloper… well, that’s perhaps in the next version, along with an API that will allow someone to open the door from the company chat application.
At the moment, this is a clean, simple build that uses only a few cheap components, but which could be the basis for a more sophisticated security system in the future.
Filed under: security hacks
from raspberry pi – Hackaday http://ift.tt/2cUYSuY
via Hack a Day
So you like watching stupid stuff? Here you go, a scene from Bones that tops the infamous ‘IP backtrace with Visual Basic’ or ‘four-handed keyboard’ scenes from other TV shows. Someone hacked the bones by embedding malware in a calcium fractal pattern. Also, when she uses the fire extinguisher, she doesn’t spray the base of the fire.
Raspberry Pi! You have no idea how good the term Raspberry Pi is for SEO. Even better is Raspberry Pi clusters, preferably made with Raspberry Pi Zeros. Here’s a Raspberry Pi hat for four Raspberry Pi Zeros, turning five Raspberry Pis into a complete cluster computer. To be honest and fair, if you’re looking to experiment with clusters, this probably isn’t a bad idea. The ‘cluster backplane’ is just a $2 USB hub chip, and a few MOSFETs for turning the individual Pis on and off. The Zeros are five bucks a pop, making the entire cluster cost less than two of the big-boy sized Pi 3s.
Do you think you might have too much faith in humanity? Don’t worry, this video has you covered.
Hacking on some Lattice chips? Here’s a trip to CES for you. Lattice is holding a ‘hackathon’ for anyone who is building something with their chips. The top prize is $5k, and a trip to next year’s CES in Vegas, while the top three projects just get the trip to Vegas. If you already have a project on your bench with a Lattice chip, it sounds like a great way to wait an hour for a cab at McCarran.
UPSat. What’s an upsat? Not much, how about you? The first completely open source hardware and software satellite will soon be delivered to the ISS. Built by engineers from the University of Patras and the Libre Space Foundation, the UPSat was recently delivered to Orbital ATK where it will be delivered to the ISS by a Cygnus spacecraft. From there, it will be thrown out the airlock via the NanoRacks deployment pod.
The Voyager Golden Record is a message in a bottle thrown into the cosmic ocean and a time capsule from Earth that may never be opened. Now it’s a Kickstarter. Yes, this record is effectively Now That’s What I Call Humanity volume 1, but there are some interesting technical considerations to the Voyager Golden Record. To the best of my knowledge, no one has ever tried to extract the audio and pictures from this phonographic time capsule. The pictures included in the Golden Record are especially weird, with the ‘how to decode this’ message showing something like NTSC, without a color burst, displayed on a monitor that is effectively rotated 90 degrees counterclockwise from a normal CRT TV. Want to know how to get on Hackaday? Get this Golden Record and show an image on an oscilloscope. I’d love to see it, if only because it hasn’t been done before by someone independent from the original project.
Filed under: Hackaday Columns, Hackaday links
from raspberry pi – Hackaday http://ift.tt/2cDRfJn
via Hack a Day
Wednesday, 21 September 2016
Last time I showed you how to expose a web service on a Raspberry Pi (or, actually, any kind of device) by using a reverse proxy from Pagekite. On your Pi, you just need a simple Python script. However, it also depends on the Pagekite server, which isn’t always convenient. There are limits to the free service, and you don’t control the entire thing. The good news is twofold: the same Python script you use to set up the client-side can also set up a server. The other good news is the entire thing is open source.
In practical terms, then, if you have a computer that is always on and has an IP address that can be found on the public internet, you can run your own Pagekite server (they call it a front end) and service your own backends.
As I mentioned, you are going to need a computer visible on the Internet. Well, technically a computer that is visible to all the clients you expect to use including the backend. It needs a few tools on it, including Python, but nothing exotic. You’ll also need control of your DNS–exactly how you do that will depend on how your server is set up. In my case, I have a server sitting in a rack in a data center so I have my own DNS server (named) running on it.
The Pagekite website has installation packages for RPM and deb packages. I suggest you start by installing that on your server, using the method that matches your packaging system. This will put a new directory called /etc/pagekite.d and also installs a startup script (/etc/init.d/pagekite).
However, the default setting is to exit and not start anything up. What’s more is that the example files are set up as though the computer wants to talk to the Pagekite frontend provided (pagekite.me). If you want to run your own, you are going to have to make some changes.
If you have a server on the Internet, there is some way to get names (like hackaday.com) into the DNS system to point to a specific IP address. In my case, I own the domain name hotsolder.com so I decided to make dyn.hotsolder.com be my Pagekite front end. I also wanted to be able to create subdomains like 3dprinter.dyn.hotsolder.com.
To do this, I needed a few configuration changes in my DNS:
dyn IN A 220.127.116.11 *.dyn IN A 18.104.22.168
Obviously, my IP address is the one shown. All the names are relative to hotsolder.com, so there’s no need to specify that on those two lines. If your hosting company handles your DNS, you’ll have to determine how to make similar changes. Or you can tell them you need two “A” records put in and they ought to know what that means. The upshot is that your host name (dyn.hotsolder.com or anything.dyn.hotsolder.com) goes to your server (the Pagekite server in the diagram below).
The Pagekite package will leave two important files in /etc/pagekite.d: 10_account.rc and 20_frontends.rc. The first file is why the service won’t start. The reality is, for using the script as a frontend, you don’t need this file at all. Just in case, I commented out all the lines, but you could just as well remove it. The line that prevents it from starting is the one that reads:
The other lines set up your connection to the pagekite.me servers. We aren’t going to do that, so you can remove those lines or the whole file.
The 20_frontends.rc file is supposed to connect to the remote frontend. In this case, we want to be the front end, so here’s what I put in there:
isfrontend ports=8080,80,443,2222 rawports=virtual protos=http,https,raw domain=http,https,http-8080,raw-2222:*.dyn.hotsolder.com;$$$SECRET$$$ domain=http,https,http-8080,raw-2222:dyn.hotsolder.com:$$$SECRET$$$
You can also set up a certificate file and point to it here, but if you want to do that, you can read the documentation (look for the –tl_default and –tls_endpoint options along with –fe_certname and –ca_certs). In fact, that same documentation is where you can learn about all the options like isfrontend and ports.
By default, the Pagekite script looks in ~/.pagekite.rc for settings. If you plan on using the Pagekite server, you are better off leaving this file alone and creating a new configuration. You can install the same package on the Pi or other client computer — remember, the same script is used on the frontend (the Internet-facing computer) and the backend (the computer running the server).
If you want to run from the command line, consider using:
pagekite --clean --optfile=/home/YOURUSERID/.pagekite.CUSTOM.rc
Obviously, you need to replace YOURUSERID and CUSTOM to suit your purposes. If you are using a package and having Pagekite start automatically, you need to look at /etc/pagekite.d. The 20_frontends.rc is where you can configure each frontend server you want to talk to.
Here’s part of my file:
webpath = dyn.hotsolder.com/8080:/:default:/tmp/httpd webpath = http://ift.tt/2dbi1f4 frontend=dyn.hotsolder.com:443 service_on=http:dyn.hotsolder.com:localhost:builtin:@kitesecret service_cfg=http://ift.tt/2cDhVHU service_on=raw-2222:dyn.hotsolder.com:localhost:22:@kitesecret
The @kitesecret references a line further up (or in the 10_accounts file):
This has to match what is set up on the frontend, of course.
For http requests, everything works like you would expect. The service_on and service_cfg lines set up the built-in Web server (you don’t have to use it) and the documentation says these are subject to change. Otherwise, it is pretty simple to set up things.
The issue arises when you want to do a raw port. In my case, I want to expose the ssh server on port 22 to the outside world. Of course, my public computer already has an ssh server on that port. That’s no problem. Pagekite can convert incoming traffic on port 2222 to port 22 on the backend. Kind of.
The raw ports actually come through on an http port. To make ssh work (for example) you need to proxy from port 443 with netcat. The details are in the documentation, but the short version is you need the following configuration in ~/.ssh/config:
Host dyn.hotsolder.com CheckHostIP no ProxyCommand /bin/nc -X connect -x %h:443 %h %p
The Internet of Pi
If you control every network you connect to, this probably isn’t that interesting. If you don’t mind setting up VPNs on both sides, you also don’t need this sort of thing. However, if you need to deploy solutions behind firewalls or even on dynamic IP addresses, you might find the reverse proxy approach is just what you need.
There are always other ways to solve the problem, of course. You can use a dynamic IP provider to address dynamic IPs, for example. Tunneling through unknown firewalls is a bit more difficult, though.
Filed under: Hackaday Columns, linux hacks, Network Hacks, Original Art, Raspberry Pi, Skills
from raspberry pi – Hackaday http://ift.tt/2dbhyti
via Hack a Day
Arcade cabinets are a lot of fun, and something most of us would probably like in our homes. Unfortunately, space and decor constraints often make them impractical. Or, at least, that’s what our significant others tell us. Surely there must be a workaround, right?
Right! In this case, the workaround [sid981] came up with was to build a RetroPie arcade into a fancy looking wine barrel. The electronics are pretty much what you’d expect for a RetroPie system, and the screen is set into the top of the barrel. Control is handled by a wireless controller that can be tucked away when it’s not in use, and a glass top simultaneously protects the screen and lets guests use the barrel as a bar table.
Overall, it’s a really classy alternative to putting an arcade cabinet in the corner, and has the added benefit of doubling as a handy place to put your drinks. We’ve seen nifty builds in the past that accomplish a similar goal using coffee tables, but we think the aesthetic appeal of the wine barrel makes this a pretty awesome choice too.
Filed under: home entertainment hacks
from raspberry pi – Hackaday http://ift.tt/2cOx5gB
via Hack a Day
Tuesday, 20 September 2016
Everyone’s talking about the Internet of Things (IoT) these days. If you are a long-time Hackaday reader, I’d imagine you are like me and thinking: “so what?” We’ve been building network-connected embedded systems for years. Back in 2003, I wrote a book called Embedded Internet Design — save your money, it is way out of date now and the hardware it describes is all obsolete. But my point is, the Internet of Things isn’t a child of this decade. Only the name is.
The big news — if you can call it that — is that the network is virtually everywhere. That means you can connect things you never would have before. It also means you get a lot of data you have to find a reason to use. Back in 2003, it wasn’t always easy to get a board on the Internet. The TINI boards I used (later named MxTNI) had an Ethernet port. But your toaster or washing machine probably didn’t have a cable next to it in those days.
Today boards like the Raspberry Pi, the Beagle Bone, and their many imitators make it easy to get a small functioning computer on the network — wired or wireless. And wireless is everywhere. If it isn’t, you can do 3G or 4G. If you are out in the sticks, you can consider satellite. All of these options are cheaper than ever before.
There’s still one problem. Sure, the network is everywhere. But that network is decidedly slanted at letting you get to the outside world. Want to read CNN or watch Netflix? Sure. But turning your computer into a server is a little different. Most low-cost network options are asymmetrical. They download faster than they upload. You can’t do much about that except throw more money at your network provider. But also, most inexpensive options expose one IP address to the world and then do Network Address Translation (NAT) to distribute service to local devices like PCs, phones, and tablets. What’s worse is, you share that public address with others, so your IP address is subject to change on a whim.
What do you do if you want to put a Raspberry Pi, for example, on a network and expose it? If you control the whole network, it isn’t that hard. You usually use some kind of dynamic DNS service that lets the Pi (or any computer) tell a well-known server its current IP address (see figure below).
That well-known server answers DNS requests (the thing that converts hackaday.com into a real IP address). Now anyone can find your Pi. If you have a firewall in hardware and/or software (and it is a good bet that you do), you’ll also have to open the firewall port and tell the NAT router that you want to service traffic on the given port.
That’s fine if you are at home and you control all of your network access and hardware. But suppose you don’t know for sure where your system will deploy. For example, perhaps you will use your box at different traffic intersections over a 3G modem. Or maybe you have built a smart picture frame to put in a hospital or nursing home and you want access over the institution’s WiFi.
Granted, you can handle that as a system design problem. For the hypothetical picture frame, maybe it checks a web server on the public Internet periodically for new content. Sure. You can do that. Until you need to ssh into the box to make some updates. Sometimes you just need to get to the box in question.
There are a few options for cases like this. NeoRouter has software for many platforms that can create a virtual private network (VPN) that appears to be a new network interface where all the participants are local. If my desktop computer has a NeoRouter IP of 10.0.0.2 and my Pi has 10.0.0.9 then I can simply ssh over to that IP address. It doesn’t matter if the Pi is halfway around the world. The traffic will securely traverse the public Internet as though the two computers were directly connected with no firewalls or anything else between them.
Honestly, that sounds great, but I found it a little difficult to set up. It also isn’t terribly useful by itself. You need to run some kind of server like a Web server. You also need a NeoRouter server on the public Internet with an open port.
A Better Answer
What I wound up using was a service called Pagekite. The software is all open source and there is a reasonable amount of free use on their servers. I would go on to set the whole thing up on my own servers (I’ll talk about that next time). For right now, though, assume you are happy to use their server.
If you go to the Pagekite web site, they have a really simple “flight plan” to get you started:
curl -s http://ift.tt/t1zL4R | sudo bash pagekite.py 80 yourname.pagekite.me
That’s it. Honestly, you don’t know these guys so I wouldn’t suggest just piping something off the Internet into my root shell. However, it is safe. To be sure I actually redirected the script from curl into a temporary file, examined it, and then ran it. You may be able to install Pagekite from your repository, but it might be an older version. They also have common packages on GitHub and repos for many package systems (like deb packages and RPM).
The concept behind PageKite is that of a reverse proxy. Both the remote computer and the user find the PageKite computer via DNS (see figure below). That server acts as a go-between and since nearly all networks will allow access to a web server, there should be no firewall issues.
The last line sets up a redirect from the specified URL to your local machine on port 80. So far that isn’t much different than using NeoRouter. However, the pagekite script is kind of interesting. It can be a backend (that is, your Raspberry Pi serving up web content), or a frontend (like the server at yourname.pagekite.me). It also has a simple web server in it. So if you wanted to serve out pages from, say /home/pi/public_html you could write:
pagekite.py /home/pi/public_html yourname.pagekite.me +Indexes
There is a way to add things like this so they start when pagekite starts (read about the –add option). It all works and it works well.
You can redirect other ports, also. There is even a way to tunnel SSH traffic, although it does require a proxy set up for the SSH client. That will depend on what ssh programs you use. Although it is a bit of trouble, it is also handy since it allows you to SSH into the remote box even on restrictive work or school networks.
Pagekite will give you a chance to sign up the first time you run the script. However, you do need to be on a machine that can open a browser, so if you are using your Pi headless, you might want to set up the account first on another machine.
The free account has some limits, but it does let you set up a CNAME to redirect from your own domain name. You can also create unlimited subdomains (e.g., toaster.myiot.pagekite.me, washer.myiot.pagekite.me, and alarmsystem.myiot.pagekite.me).
On Your Own
If you don’t have a public computer and you don’t have a lot of data transfer needs, the Pagekite free plan might just work for you. I didn’t want to use their domain or be subject to their quotas, so I decided to install the frontend to my own web server. The code is open source, but the documentation for making that work is not great.
Luckily, next time, I’ll take you through the steps I took to get it all working. It isn’t that hard, but it does require a little thought, text editing, and DNS dexterity.
Filed under: Hackaday Columns, internet hacks, Original Art, Raspberry Pi, Skills
from raspberry pi – Hackaday http://ift.tt/2d8BfC0
via Hack a Day
How often do you think deeply about the products around you? How about those you owned five years ago? Ten? The Cicada — brainchild of [Daniel Kerris] — is an art piece that aims to have the observer reflect on consumer culture, buyer’s remorse, and wanting what we cannot have.
The Cicada consists of an ultrasonic sensor feeding data to a Raspberry pi which — calculating the distance of an approaching human — either speeds up or slows down a servo motor connected to a General Electric Walkman’s cassette speed potentiometer. Upon detecting someone approaching, The Cicada begins to loop the chorus of Celine Dion’s “I Will Always Love You”. As you move closer, the tape speed slows, and there is a transition from love at first sight to nightmarish drawl as the music slows.
Of course as you leave, it begins to play at normal speed again. [Kerris] hopes this will induce the observer to reflect on wanting what we can’t have — especially if it’s the ‘greener’ grass on the other side of the fence — but also about the media we consume: how we view it, how that initial state changes over time, and — at the very least — how to recycle old tech into new projects!
If you’re looking for more tech-art, The Cicada would be at home in this creepy mechanical art show.
Filed under: misc hacks, Raspberry Pi
from raspberry pi – Hackaday http://ift.tt/2cMqKR3
via Hack a Day