Tag Archives: Hacking

Arduino Traffic Lights

The completed Traffic Light
Please Note: The instructions here are provided ‘as is’ with no guarantee or warranty whatsoever. In no circumstances should they be used to build a traffic safety device. The traffic light device I built is a novelty and is used as such.

Materials

1 USB traffic light hubMaterials for a USB Traffic Light (search ebay for ‘traffic light hub’)
1 Atmega8u2 breakout board
1 each of 9mm Red Green and Orange LEDs
3 470 Ohm resistors
4 thin patch wires (preferably different colours)
1 USB mini cable
1 Pack of Black Sugru
Solder
Hot Glue
Corrugated Cardboard

Equiptment for the USB Traffic LightEquipment

A Dremel, or similar cutting tool
Hot Glue Gun
Soldering Iron
Wire Strippers
Wire Cutters
Spudger tool, or guitar pick, stanley knife or fingernails
Linux PC (with avr-gcc and dfu-programmer commands installed)

Details

1. Use the spudger to open the traffic lightThe Traffic Light once pulled apart

The weakest part of the traffic light is the stem but it is nearly impossible to open it from there. The approach that I took was to pry the top open a little, then pry the bottom open a little, then carefully pull the two halves apart at the same time. This ensures that you dont snap the plastic holding the stem together. If you don’t have four wires from the materials list, you can strip the USB cable and use those since it contains four differently coloured wires.

2. Gut the traffic lightThe traffic light after reordering the windows and removing hub board

Remove the USB hub circuit board. You can use this board later in another project or two, should you do you will probably want to cut off the LEDs. In my board the little plastic windows were in the wrong order for Australian traffic lights. Luckily this is easy to fix, simply pop them out and press them back in the correct place. Feel free to put the windows in any order that you wish, just remember to alter the program later before compiling and flashing it.

3. Make roomThe Traffic Light after cutting out the inside

Its a little hard to fit the Circuitry into the case with the two supports that held the hub in place, additionally you need a little extra space for the thickness of the cardboard. You can get all this by using a Dremel to remove the supports and some of the plastic around the USB sockets. Be careful to not hit the side of the case as I did on my first one as the plastic is thin and easily blemishes the outside. The photo shows one before modification on the left and after a fight with the Dremel on the left.

4. Make the cardboard circuit boardThe front of the cardboard board

The process of getting a circuit board built takes too long for a quick hack like this and I didn’t have any protoboard lying around. This all means that we get to make a crazy cardboard circuit board. The best thing about cardboard is that you can draw on it as you build it, and you can easily cut it to fit the interior of the device easily. Basically put the LEDs and resistors through the cardboard next to each other. For ease of wiring put align all the LEDs to have their long legs in the same direction. Wire each short leg to a resistor and the free legs of all the resistors to a single black wire. Finally wire The back of the cardboard boardeach of the long legs of the LEDs to a different coloured wire. Once this is done you should test each lead and LED to make sure it is correctly wired. You can do this by connecting ground to the black lead, and 3-5V to the coloured leads.

5. Connect to the Breakout board

Now we take out the SparkFun Atmega8U2 breakout and solder it to the LEDs on our cardboard board. This is pretty simple, basically you solder the wire from the resistors to the hole labelled GND, the green LED to PB7, the orange LED to PB6 and finally the red The breakout board showing the wires coming from the cardboard boardLED to PB5. You will likely want to cut the wires so that they reach the board where it will sit, and only have a few extra millimeters. If you leave too much room then you will have issues trying to put the wires inside the case, and of course if you don’t leave enough you wont be able to get the breakout board to sit in the right place.

6. Load the software on the device and test

You can find the code to build the firmware on my GitHub account. Provided that you have avr-gcc and dfu-programmer installed you should be able to simply clone that repository and type ‘make all’ inside it. If that refuses to work for some reason though, I have attached the output of compilation, a hex file (which is uploaded as a txt file to stop wordpress whining). You can download the hex file here: USBTrafficLight.hex. This hex file, or the one that’s output from programming can be programmed onto the device easily. First you put the device into bootloader mode by plugging it into the computer then hit the reset button. Finally you run the following commands:

dfu-programmer at90usb82 erase # Erase MCU
dfu-programmer at90usb82 flash USBTrafficLight.hex # Flash MCU
dfu-programmer at90usb82 reset # Reset MCU

You will have to unplug and plug the device back in to get it out of bootloader mode. Once you have programmed the device you should run a test to make sure it works. You can do this by writing characters to the virtual serial port the device creates. The following commands will do this for you:

echo 'g' > /dev/ttyACM0 # Should be green
echo 'o' > /dev/ttyACM0 # Should be orange
echo 'r' > /dev/ttyACM0 # Should be red

7. Cut a hole in the baseShowing the hole cut in the base of the back piece of the Traffic Light

This is the part I’m least happy with. Here you have to cut a hole in the base so that you can plug in a mini usb cable. I generally cut a rectangular hole in the back piece of the traffic light that is about the same size as the USB cable I’m using. This rectangle usually goes about halfway up the base, and goes right to the bottom while being a little bit wider then a USB mini cable. I also cut a small drill hole to allow access to the reset button for loading new firmware. Make sure you test that you can plug in the USB mini cable. Instead of cutting a hole in the base I’ve been thinking about building a USB cable into the device. This is difficult because the USB mini port on the breakout is SMD and the pins are not broken out. If you have any ideas on the best way to do this, please let me know in the comments.

8. Install the cardboard board and the breakout boardShowing how I glued in the cardboard board

The cardboard section should be easy to slide into the back case of the device. Should there be an issue making things fit you can always trim the cardboard, or pad it with paper. You should glue the cardboard into the back through the USB port hole where the hub was. This accomplishes two things, it attaches the cardboard to the back, and it partially fills the holes that we will later fill with Surgu, saving you a little Sugru. If you bought clear LEDs instead of diffused ones you may wish to glue something to diffuse the light to the front (I use baking paper, sometimes two layers). Install the breakout board by putting a little hot glue on the bottom, pushing it into place, plugging in the mini USB cable then finally wiggling it into the perfect position. You’ll also want to tie up your wires using a little electrical tape to make them easier to manage in the last step.

9. Install the front and patch holesThe Traffic Light USB port surrounded by Sugru to give it a nice clean look

Mould some Sugru into the holes left behind from where the USB hub was, and into the extra space around the USB mini plug. Make sure that you continuously test the USB mini plug to ensure you don’t add too much Sugru, also do not get any Sugru into the plug. You can use soapy water and rubbing to make the Sugru surface smooth if you wish. Then install the front of the case and leave the Sugru to set, which takes about 6-12 hours. Once the Surgu has set the device is ready to use.

Instructions for use

The interface to the device is implemented as a USB to Serial adapter, however since there is not serial interface, and the entire device is self contained we don’t have to implement the entire spec. A USB to Serial device is implemented by sending characters and control messages over the USB bus. However because there is no serial interface we can ignore all the control messages. The firmware above simply grabs the characters from the stream and acts on them. This means that the device will work regardless of the baud rate, stop bits or parity settings. On Linux and OSX this means that all you have to do to control the device is to echo characters to the character device. You can send ‘g’ for green, ‘o’ for orange, ‘r’ for red and any digit from 0-7 for all the possible light configurations. A simple test script for a Linux PC looks like this:

#!/bin/bash

while /bin/true; do
  echo 'g' > /dev/ttyACM0
  sleep 2
  echo 'o' > /dev/ttyACM0
  sleep 2
  echo 'r' > /dev/ttyACM0
  sleep 2
  echo 'a' > /dev/ttyACM0
  sleep 2
done

The completed Traffic Light

Google’s Privacy Bungle

Google has recently taken a large amount of criticism for capturing unencrypted wireless network traffic as part of its Street View project. Google admitted to the world that although it was only looking to capture station MAC addresses it inadvertently also captured the payload data. Many articles have emerged blasting Google for what Senator Conroy calls ‘This is probably the single greatest breach in the history of privacy’. I believe Google hasn’t done all that wrong, to understand why you need to know how a wireless network works.

Wireless networks can either be encrypted or unencrypted but in both these cases only the payload is encrypted. The packet headers which contain information about who the packet is addressed to and who it is from. The reasons for this are similar to why you might write a letter in code, but you would not write the envelope in code. In an unencrypted network the whole packet is sent in clear text including the envelope and contents. The difference between these analogies and how a real network works though is that to read the envelope you need to physically obtain it and there is only one copy. A wireless network broadcasts everything to everyone within 100 meters.

This isn’t really a problem if your network is encrypted as people will not be able to read it easily. If however your network is not encrypted its the equivalent of yelling out everything that you type into and read from your PC. Almost all banking websites will ask your PC to use extra encryption, but many other sites will not. So anyone in a 100 meter range of your computer or access point can watch everything you do on your computer.

What Google were trying to do was get a list of the locations of these access points. So they would have captured the headers of all packets they saw, grabbed the wireless routers address out of it and marked its location on a map. Except according to them they accidentally put code in that captured the whole packet. This meant that for all the unencrypted networks the Google Street View cars drove past they may have captured private information.

There is a class action in Germany against Google for capturing this data, and more can be expected elsewhere soon. Suing Google for this is like walking in to a public place, yelling out a bunch of private information and then suing anyone who happened to be recording at the time, or suing someone for writing down smoke signals you send to someone from the top of a mountain. If your access point is sending data unencrypted then every wireless device within 100 meters cannot help but hear your data, you’re just lucky most will ignore it.

If you really cared about your privacy you would at least make some attempt to restrict others access to your data. Not knowing is much an excuse as not knowing people were recording in that shopping mall. Don’t take your privacy for granted, check whether your network is encrypted, and if you don’t know how, get someone who does. Ignorance is not an excuse! This time it was Google, the next time it could be an identity thief.

Random Thought: If privacy is so important to people at the moment, what’s with all the data on Facebook?

ATM Phishing

You’ve probably heard of ATM fishing by now. If you haven’t you should have. It typically involves placing a card reading device that is designed to blend in perfectly with the ATM. Then a camera or other device is placed that records the PIN of the user as they type it. So effectively while the user is entering their credentials into the ATM they are unwittingly entering them into a scammers database.

In a flash of inspiration last night I think I may have found a solution! My first instinct was to put a poster next to or on the ATM that shows what the ATM looks like. There are a few problems with this though. First, the scammer can simply replace the poster, secondly only the security concious will check it. So this is really a non solution.

So what if you placed pictures of critical parts in the software and display them when the user first puts in their card. Show a shot of the card insertion point, the keyboard and and overall picture. Scammers can’t simply place a poster over the screen as the user needs it to use the ATM. You ask the user to confirm all the pictures and if any don’t match you don’t let them enter their PIN, and possibly eat their card.

I’m not sure how this would work in practice. If the recent response to Vista’s UAC is anything to go by people will probably just click accept on anything. This may get the pictures in their face though. So after seeing this many pictures of ATMs they might more easily notice something amiss. Maybe its a bit ambitious, maybe its not quite scammer proof. What do my readers think?

Random Thought: I’m getting an Android phone because it runs on an ARM CPU. That and my Windows phone is on its last LEGS.