SlideShare a Scribd company logo

Distance Machine Locker

Download as PPTX, PDF
Y
yeokm1

A system that locks your computer the moment you move away from it. Details can be found in my Github repo here. https://github.com/yeokm1/distance-machine-locker

Technology
1 of 32
Distance Machine Locker iOS Dev Scout (25 Apr 2017) SP Digital Tech Talk (12 Jan 2017) By: Yeo Kheng Meng (yeokm1@gmail.com) and Vina Rianti (https://github.com/vinamelody) https://github.com/yeokm1/distance-machine-locker1
Problem? • Red Team • + unlocked machines 2
Trail of destruction 3
Solution? •Distance-measuring system •Locks machine when I leave 4
Demo 5
System overview 6 Distance Sensor Arduino Uno Swift Desktop app
Agenda 1. Hardware Device 2. Swift App 3. Defensive strategies 4. Vina’s contribution 7
Hardware 8
Active IR distance sensor • Active Infrared (IR) Distance Sensor • Effective range: 10 to 80cm Source: http://education.rec.ri.cmu.edu/content/electronics/boe/ir_sensor/1.html 9
Alternative sensor 1: Passive IR • Range 7m • Can only detect presence • Higher error rate 10
Alternative sensor 2: Ultrasonic • 2cm to 4m • “Noisy” results 11
Putting them all together • Arduino Uno in casing meant for Mega 2560 • Mounting-hole compatible 12 Arduino Uno Arduino Mega 2560
Arduino firmware • Arduino IDE • Prints cm distance via USB Serial Port 13
Host App • Swift 3 Menubar app • Receives Data from USB-Serial Port • Locks machine on threshold reached 14 Distance (cm) via USB-Serial
About the Menubar app • Menubar app (MainMenu.xib, MenuController.swift) • No Main Window, dock icon • No Storyboards, just a single xib 15
About the app: Serial Port Communication • Uses SwiftSerial library written by yours truly • https://github.com/yeokm1/SwiftSerial • https://engineers.sg/v/1275 16
About the app: Locking • Lock screen (Locking.swift) • Use IOKit (suggested by http://stackoverflow.com/a/16368803 ) • CGSession –suspend hides notification • /System/Library/CoreServices/Menu Extras/User.menu/Contents/Resources/CGSession –suspend 17
Potential Hacking and Defensive Strategies? 18
Hack 1: Disconnecting device • Defence: • Lock machine immediately • Issue system notification • Detect device disconnect: USBWatcher.swift hooks to IOKit • http://stackoverflow.com/a/41279799 • Auto-reconnection when device is plugged back 19
Hack 2: Tamper hardware to provide incorrect values • Defence: Vigilant monitoring of distance values on menu bar 20
Hack 3: Reprogramming with malicious firmware • Defence: Reprogram Arduino before using it • Mac App contains hex (firmware) file exported from Arduino IDE • Flashes hex file with avrdude within Arduino.app 21 Mac App Arduino.app avrdudefirmware.hex
A possible “undetectable” hacking strategy • Overwrite the Arduino bootloader 22
Typical Arduino Programming • Arduino IDE • USB cable 23
Microcontroller programming the actual way • Using dedicated programmers with ICSP port • ICSP – In-circuit system programmer 24 Image sources: http://www.atmel.com/tools/atatmel-ice.aspx http://blog.alrightythen.de/2014/08/debugging-with-the-new-atmel-ice/ + =
What is an Arduino bootloader? • Allows Arduino IDE to program Arduino board via USB 25
Vina Rianti 26
Key learnings • Experience turns into idea (or request) on how to make it better • Distance options too long (10 to 80) • Don’t lock my machine immediately 27
10 15 20 25 30 35 ... 80 How to shorten the Locking Distance? Make the option every 5 cm instead of 1 cm for distance in DISTANCE_MINIMUM...DISTANCE_MAXIMUM { let distanceMenuItem = NSMenuItem(title: String(distance), action: #selector(distanceMenuItemClicked), keyEquivalent: "") distanceMenuItem.target = self if distance == currentLockingDistance{ distanceMenuItem.state = NSOnState } distanceMenu.addItem(distanceMenuItem) } var option = 5 let DISTANCE_MINIMUM = 10 let DISTANCE_MAXIMUM = 80 for i in DISTANCE_MINIMUM...DISTANCE_MAXIMUM { if option >= DISTANCE_MAXIMUM { break } else { option += 5 } print(option) }
29 for distance in stride(from: DISTANCE_MINIMUM, through: DISTANCE_MAXIMUM, by: 5) { let distanceMenuItem = NSMenuItem(title: String(distance), action: #selector(distanceMenuItemClicked), keyEquivalent: "") distanceMenuItem.target = self if distance == currentLockingDistance{ distanceMenuItem.state = NSOnState } distanceMenu.addItem(distanceMenuItem) } How to shorten the Locking Distance? Can I do it more elegantly?
How to prevent immediate locking? Add a Locking Delay: 0, 1, 3, 5 seconds Out of distance Time T1 Example: 3 seconds delay Not going to lock Within distance Current time – T1 > 3 seconds ? Lock ! Time Out of distance T1 Question: How does the code work?
31 Show me the code! func distanceReceived(distance: Int){ ... if lockingMode && distance >= currentLockingDistance { if goingToLock == false { goingToLock = true startLockingWindow(start: true) } else { startLockingWindow(start: false) } } else { goingToLock = false } } func startLockingWindow(start: Bool) { if start { launchLockWindow = CFAbsoluteTimeGetCurrent() } else { let elapsed = CFAbsoluteTimeGetCurrent() - launchLockWindow if elapsed >= Double(lockingTimeout) { locking.lockMachine() } } }
Hackers always win 32 No physical security -> No security Any Questions? https://github.com/yeokm1/distance-machine-locker

Recommended

Arduino
ArduinoArduino
Arduino
지훈 석
 
Evo mouse
Evo mouseEvo mouse
Evo mouse
English TVTC
 
Evo mouse and magic cibe
Evo mouse and magic cibeEvo mouse and magic cibe
Evo mouse and magic cibe
Chaitralikhatvkar
 
Introducing the Sun SPOTs
Introducing the Sun SPOTsIntroducing the Sun SPOTs
Introducing the Sun SPOTs
Stefano Sanna
 
Sun SPOT, Wireless Sensors Networks
Sun SPOT, Wireless Sensors NetworksSun SPOT, Wireless Sensors Networks
Sun SPOT, Wireless Sensors Networks
José Ariza
 
Arduino1.0 RC
Arduino1.0 RCArduino1.0 RC
Arduino1.0 RC
馬 萬圳
 
celluon evomouse documentation
celluon evomouse documentationcelluon evomouse documentation
celluon evomouse documentation
Ratna Tejaswini
 
The evolution mouse by celluon
The evolution mouse by celluonThe evolution mouse by celluon
The evolution mouse by celluon
Akshay Bagi
 

Recommended

Arduino
ArduinoArduino
Arduino
지훈 석
 
Evo mouse
Evo mouseEvo mouse
Evo mouse
English TVTC
 
Evo mouse and magic cibe
Evo mouse and magic cibeEvo mouse and magic cibe
Evo mouse and magic cibe
Chaitralikhatvkar
 
Introducing the Sun SPOTs
Introducing the Sun SPOTsIntroducing the Sun SPOTs
Introducing the Sun SPOTs
Stefano Sanna
 
Sun SPOT, Wireless Sensors Networks
Sun SPOT, Wireless Sensors NetworksSun SPOT, Wireless Sensors Networks
Sun SPOT, Wireless Sensors Networks
José Ariza
 
Arduino1.0 RC
Arduino1.0 RCArduino1.0 RC
Arduino1.0 RC
馬 萬圳
 
celluon evomouse documentation
celluon evomouse documentationcelluon evomouse documentation
celluon evomouse documentation
Ratna Tejaswini
 
The evolution mouse by celluon
The evolution mouse by celluonThe evolution mouse by celluon
The evolution mouse by celluon
Akshay Bagi
 
Raspberry Pi 3 + UART/Bluetooth issues
Raspberry Pi 3 + UART/Bluetooth issuesRaspberry Pi 3 + UART/Bluetooth issues
Raspberry Pi 3 + UART/Bluetooth issues
yeokm1
 
Build Your Own PCB with EAGLE II - Drawing a Schematic
Build Your Own PCB with EAGLE II - Drawing a Schematic Build Your Own PCB with EAGLE II - Drawing a Schematic
Build Your Own PCB with EAGLE II - Drawing a Schematic
Premier Farnell
 
Reflections on Trusting Trust
Reflections on Trusting TrustReflections on Trusting Trust
Reflections on Trusting Trust
yeokm1
 
Diy arduino
Diy arduinoDiy arduino
Diy arduino
Kevin Rohling
 
Optical Encoders
Optical EncodersOptical Encoders
Optical Encoders
Premier Farnell
 
Windows 3.1 (WFW) on vintage and modern hardware
Windows 3.1 (WFW) on vintage and modern hardwareWindows 3.1 (WFW) on vintage and modern hardware
Windows 3.1 (WFW) on vintage and modern hardware
yeokm1
 
Build Your Own PCB with EAGLE - Getting Start with EAGLE
Build Your Own PCB with EAGLE - Getting Start with EAGLE Build Your Own PCB with EAGLE - Getting Start with EAGLE
Build Your Own PCB with EAGLE - Getting Start with EAGLE
Premier Farnell
 
Encoder
EncoderEncoder
Encoder
muhammad shoaib
 
Introduction to PCB Design (Eagle)
Introduction to PCB Design (Eagle)Introduction to PCB Design (Eagle)
Introduction to PCB Design (Eagle)
yeokm1
 
Introduction to Bluetooth Low Energy
Introduction to Bluetooth Low EnergyIntroduction to Bluetooth Low Energy
Introduction to Bluetooth Low Energy
yeokm1
 
Introduction to cnc machines (1)
Introduction to cnc machines (1)Introduction to cnc machines (1)
Introduction to cnc machines (1)
someshking
 
Introduction to Arduino
Introduction to ArduinoIntroduction to Arduino
Introduction to Arduino
동호 손
 
Introduction to Arduino
Introduction to Arduino Introduction to Arduino
Introduction to Arduino
Dennis Espiritu
 
IoT Based Garbage Monitoring System ppt
IoT Based Garbage Monitoring System pptIoT Based Garbage Monitoring System ppt
IoT Based Garbage Monitoring System ppt
Ranjan Gupta
 
iotppt-170729110848.pdf
iotppt-170729110848.pdfiotppt-170729110848.pdf
iotppt-170729110848.pdf
Kishor Mhaske
 
Arduino
ArduinoArduino
Arduino
vipin7vj
 
Nodebot: Arte de controlar arduino com javascript
Nodebot: Arte de controlar arduino com javascriptNodebot: Arte de controlar arduino com javascript
Nodebot: Arte de controlar arduino com javascript
Desiree Santos
 
Arduino day
Arduino dayArduino day
Arduino day
Adedigba Yinka
 
Programming The Real World
Programming The Real WorldProgramming The Real World
Programming The Real World
pauldeng
 
Getting started with Intel IoT Developer Kit
Getting started with Intel IoT Developer KitGetting started with Intel IoT Developer Kit
Getting started with Intel IoT Developer Kit
Sulamita Garcia
 
Internet of Things Conference - Bogor city
Internet of Things Conference - Bogor cityInternet of Things Conference - Bogor city
Internet of Things Conference - Bogor city
Andri Yadi
 
Developing a NodeBot using Intel XDK IoT Edition
Developing a NodeBot using Intel XDK IoT EditionDeveloping a NodeBot using Intel XDK IoT Edition
Developing a NodeBot using Intel XDK IoT Edition
Intel® Software
 

More Related Content

Viewers also liked

Viewers also liked (11)

Raspberry Pi 3 + UART/Bluetooth issues
Raspberry Pi 3 + UART/Bluetooth issuesRaspberry Pi 3 + UART/Bluetooth issues
Raspberry Pi 3 + UART/Bluetooth issues
 
Build Your Own PCB with EAGLE II - Drawing a Schematic
Build Your Own PCB with EAGLE II - Drawing a Schematic Build Your Own PCB with EAGLE II - Drawing a Schematic
Build Your Own PCB with EAGLE II - Drawing a Schematic
 
Reflections on Trusting Trust
Reflections on Trusting TrustReflections on Trusting Trust
Reflections on Trusting Trust
 
Diy arduino
Diy arduinoDiy arduino
Diy arduino
 
Optical Encoders
Optical EncodersOptical Encoders
Optical Encoders
 
Windows 3.1 (WFW) on vintage and modern hardware
Windows 3.1 (WFW) on vintage and modern hardwareWindows 3.1 (WFW) on vintage and modern hardware
Windows 3.1 (WFW) on vintage and modern hardware
 
Build Your Own PCB with EAGLE - Getting Start with EAGLE
Build Your Own PCB with EAGLE - Getting Start with EAGLE Build Your Own PCB with EAGLE - Getting Start with EAGLE
Build Your Own PCB with EAGLE - Getting Start with EAGLE
 
Encoder
EncoderEncoder
Encoder
 
Introduction to PCB Design (Eagle)
Introduction to PCB Design (Eagle)Introduction to PCB Design (Eagle)
Introduction to PCB Design (Eagle)
 
Introduction to Bluetooth Low Energy
Introduction to Bluetooth Low EnergyIntroduction to Bluetooth Low Energy
Introduction to Bluetooth Low Energy
 
Introduction to cnc machines (1)
Introduction to cnc machines (1)Introduction to cnc machines (1)
Introduction to cnc machines (1)
 

Similar to Distance Machine Locker

Programming The Real World
Programming The Real WorldProgramming The Real World
Programming The Real World
pauldeng
 
Ijsrdv1 i4049
Ijsrdv1 i4049Ijsrdv1 i4049
Ijsrdv1 i4049
ijsrd.com
 
Multifunctional Robot (PPT).pptx
Multifunctional Robot (PPT).pptxMultifunctional Robot (PPT).pptx
Multifunctional Robot (PPT).pptx
Ruthviq
 

Similar to Distance Machine Locker (20)

Introduction to Arduino
Introduction to ArduinoIntroduction to Arduino
Introduction to Arduino
 
Introduction to Arduino
Introduction to Arduino Introduction to Arduino
Introduction to Arduino
 
IoT Based Garbage Monitoring System ppt
IoT Based Garbage Monitoring System pptIoT Based Garbage Monitoring System ppt
IoT Based Garbage Monitoring System ppt
 
iotppt-170729110848.pdf
iotppt-170729110848.pdfiotppt-170729110848.pdf
iotppt-170729110848.pdf
 
Arduino
ArduinoArduino
Arduino
 
Nodebot: Arte de controlar arduino com javascript
Nodebot: Arte de controlar arduino com javascriptNodebot: Arte de controlar arduino com javascript
Nodebot: Arte de controlar arduino com javascript
 
Arduino day
Arduino dayArduino day
Arduino day
 
Programming The Real World
Programming The Real WorldProgramming The Real World
Programming The Real World
 
Getting started with Intel IoT Developer Kit
Getting started with Intel IoT Developer KitGetting started with Intel IoT Developer Kit
Getting started with Intel IoT Developer Kit
 
Internet of Things Conference - Bogor city
Internet of Things Conference - Bogor cityInternet of Things Conference - Bogor city
Internet of Things Conference - Bogor city
 
Developing a NodeBot using Intel XDK IoT Edition
Developing a NodeBot using Intel XDK IoT EditionDeveloping a NodeBot using Intel XDK IoT Edition
Developing a NodeBot using Intel XDK IoT Edition
 
4 Introduction to Arduino.pdf
4 Introduction to Arduino.pdf4 Introduction to Arduino.pdf
4 Introduction to Arduino.pdf
 
Arduino
ArduinoArduino
Arduino
 
Arduino Environment Tutorial
Arduino Environment TutorialArduino Environment Tutorial
Arduino Environment Tutorial
 
Build Your Own VR Display Course - SIGGRAPH 2017: Part 1
Build Your Own VR Display Course - SIGGRAPH 2017: Part 1Build Your Own VR Display Course - SIGGRAPH 2017: Part 1
Build Your Own VR Display Course - SIGGRAPH 2017: Part 1
 
Advanced View Arduino Projects List - Use Arduino for Projects (2).pdf
Advanced View Arduino Projects List - Use Arduino for Projects (2).pdfAdvanced View Arduino Projects List - Use Arduino for Projects (2).pdf
Advanced View Arduino Projects List - Use Arduino for Projects (2).pdf
 
Ijsrdv1 i4049
Ijsrdv1 i4049Ijsrdv1 i4049
Ijsrdv1 i4049
 
Multifunctional Robot (PPT).pptx
Multifunctional Robot (PPT).pptxMultifunctional Robot (PPT).pptx
Multifunctional Robot (PPT).pptx
 
Embedded system development-Arduino UNO
Embedded system development-Arduino UNOEmbedded system development-Arduino UNO
Embedded system development-Arduino UNO
 
Review 0 (2) (1) (1).pptx
Review 0 (2) (1) (1).pptxReview 0 (2) (1) (1).pptx
Review 0 (2) (1) (1).pptx
 

More from yeokm1

More from yeokm1 (20)

I became a Private Pilot and this is my story
I became a Private Pilot and this is my storyI became a Private Pilot and this is my story
I became a Private Pilot and this is my story
 
What's inside a Cessna 172 and flying a light plane
What's inside a Cessna 172 and flying a light planeWhat's inside a Cessna 172 and flying a light plane
What's inside a Cessna 172 and flying a light plane
 
Speaking at Tech meetups/conferences for Junior Devs
Speaking at Tech meetups/conferences for Junior DevsSpeaking at Tech meetups/conferences for Junior Devs
Speaking at Tech meetups/conferences for Junior Devs
 
Reflections on Trusting Trust for Go
Reflections on Trusting Trust for GoReflections on Trusting Trust for Go
Reflections on Trusting Trust for Go
 
Meltdown and Spectre
Meltdown and SpectreMeltdown and Spectre
Meltdown and Spectre
 
Gentoo on a 486
Gentoo on a 486Gentoo on a 486
Gentoo on a 486
 
BLE Localiser (Full) for iOS Dev Scout
BLE Localiser (Full) for iOS Dev ScoutBLE Localiser (Full) for iOS Dev Scout
BLE Localiser (Full) for iOS Dev Scout
 
BLE Localiser for iOS Conf SG 2017
BLE Localiser for iOS Conf SG 2017BLE Localiser for iOS Conf SG 2017
BLE Localiser for iOS Conf SG 2017
 
Repair Kopitiam Specialty Tools (Part 2): Short Circuit Limiter
Repair Kopitiam Specialty Tools (Part 2): Short Circuit Limiter Repair Kopitiam Specialty Tools (Part 2): Short Circuit Limiter
Repair Kopitiam Specialty Tools (Part 2): Short Circuit Limiter
 
PCB Business Card (Singapore Power)
PCB Business Card (Singapore Power)PCB Business Card (Singapore Power)
PCB Business Card (Singapore Power)
 
SP Auto Door Unlocker
SP Auto Door UnlockerSP Auto Door Unlocker
SP Auto Door Unlocker
 
SP IoT Doorbell
SP IoT DoorbellSP IoT Doorbell
SP IoT Doorbell
 
A Science Project: Building a sound card based on the Covox Speech Thing
A Science Project: Building a sound card based on the Covox Speech ThingA Science Project: Building a sound card based on the Covox Speech Thing
A Science Project: Building a sound card based on the Covox Speech Thing
 
A Science Project: Swift Serial Chat
A Science Project: Swift Serial ChatA Science Project: Swift Serial Chat
A Science Project: Swift Serial Chat
 
The slide rule
The slide ruleThe slide rule
The slide rule
 
Repair Kopitiam Circuit Breaker Training
Repair Kopitiam Circuit Breaker TrainingRepair Kopitiam Circuit Breaker Training
Repair Kopitiam Circuit Breaker Training
 
A2: Analog Malicious Hardware
A2: Analog Malicious HardwareA2: Analog Malicious Hardware
A2: Analog Malicious Hardware
 
Getting Started with Raspberry Pi
Getting Started with Raspberry PiGetting Started with Raspberry Pi
Getting Started with Raspberry Pi
 
My Life as a Maker
My Life as a MakerMy Life as a Maker
My Life as a Maker
 
Talk on The Essential Guide to Electronics in Shenzhen by Andrew 'Bunnie' Huang
Talk on The Essential Guide to Electronics in Shenzhen by Andrew 'Bunnie' HuangTalk on The Essential Guide to Electronics in Shenzhen by Andrew 'Bunnie' Huang
Talk on The Essential Guide to Electronics in Shenzhen by Andrew 'Bunnie' Huang
 

Recently uploaded

Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
panagenda
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
UXDXConf
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
FIDO Alliance
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
Stephen Perrenod
 

Recently uploaded (20)

Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджера
 
WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM Performance
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?
 
Collecting & Temporal Analysis of Behavioral Web Data - Tales From The Inside
Collecting & Temporal Analysis of Behavioral Web Data - Tales From The InsideCollecting & Temporal Analysis of Behavioral Web Data - Tales From The Inside
Collecting & Temporal Analysis of Behavioral Web Data - Tales From The Inside
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
 
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsContinuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
 
ADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptxADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptx
 
Event-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream ProcessingEvent-Driven Architecture Masterclass: Challenges in Stream Processing
Event-Driven Architecture Masterclass: Challenges in Stream Processing
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
 
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
 
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoft
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe
 

Distance Machine Locker

  • 1. Distance Machine Locker iOS Dev Scout (25 Apr 2017) SP Digital Tech Talk (12 Jan 2017) By: Yeo Kheng Meng (yeokm1@gmail.com) and Vina Rianti (https://github.com/vinamelody) https://github.com/yeokm1/distance-machine-locker1
  • 2. Problem? • Red Team • + unlocked machines 2
  • 6. System overview 6 Distance Sensor Arduino Uno Swift Desktop app
  • 7. Agenda 1. Hardware Device 2. Swift App 3. Defensive strategies 4. Vina’s contribution 7
  • 9. Active IR distance sensor • Active Infrared (IR) Distance Sensor • Effective range: 10 to 80cm Source: http://education.rec.ri.cmu.edu/content/electronics/boe/ir_sensor/1.html 9
  • 10. Alternative sensor 1: Passive IR • Range 7m • Can only detect presence • Higher error rate 10
  • 11. Alternative sensor 2: Ultrasonic • 2cm to 4m • “Noisy” results 11
  • 12. Putting them all together • Arduino Uno in casing meant for Mega 2560 • Mounting-hole compatible 12 Arduino Uno Arduino Mega 2560
  • 13. Arduino firmware • Arduino IDE • Prints cm distance via USB Serial Port 13
  • 14. Host App • Swift 3 Menubar app • Receives Data from USB-Serial Port • Locks machine on threshold reached 14 Distance (cm) via USB-Serial
  • 15. About the Menubar app • Menubar app (MainMenu.xib, MenuController.swift) • No Main Window, dock icon • No Storyboards, just a single xib 15
  • 16. About the app: Serial Port Communication • Uses SwiftSerial library written by yours truly • https://github.com/yeokm1/SwiftSerial • https://engineers.sg/v/1275 16
  • 17. About the app: Locking • Lock screen (Locking.swift) • Use IOKit (suggested by http://stackoverflow.com/a/16368803 ) • CGSession –suspend hides notification • /System/Library/CoreServices/Menu Extras/User.menu/Contents/Resources/CGSession –suspend 17
  • 18. Potential Hacking and Defensive Strategies? 18
  • 19. Hack 1: Disconnecting device • Defence: • Lock machine immediately • Issue system notification • Detect device disconnect: USBWatcher.swift hooks to IOKit • http://stackoverflow.com/a/41279799 • Auto-reconnection when device is plugged back 19
  • 20. Hack 2: Tamper hardware to provide incorrect values • Defence: Vigilant monitoring of distance values on menu bar 20
  • 21. Hack 3: Reprogramming with malicious firmware • Defence: Reprogram Arduino before using it • Mac App contains hex (firmware) file exported from Arduino IDE • Flashes hex file with avrdude within Arduino.app 21 Mac App Arduino.app avrdudefirmware.hex
  • 22. A possible “undetectable” hacking strategy • Overwrite the Arduino bootloader 22
  • 23. Typical Arduino Programming • Arduino IDE • USB cable 23
  • 24. Microcontroller programming the actual way • Using dedicated programmers with ICSP port • ICSP – In-circuit system programmer 24 Image sources: http://www.atmel.com/tools/atatmel-ice.aspx http://blog.alrightythen.de/2014/08/debugging-with-the-new-atmel-ice/ + =
  • 25. What is an Arduino bootloader? • Allows Arduino IDE to program Arduino board via USB 25
  • 27. Key learnings • Experience turns into idea (or request) on how to make it better • Distance options too long (10 to 80) • Don’t lock my machine immediately 27
  • 28. 10 15 20 25 30 35 ... 80 How to shorten the Locking Distance? Make the option every 5 cm instead of 1 cm for distance in DISTANCE_MINIMUM...DISTANCE_MAXIMUM { let distanceMenuItem = NSMenuItem(title: String(distance), action: #selector(distanceMenuItemClicked), keyEquivalent: "") distanceMenuItem.target = self if distance == currentLockingDistance{ distanceMenuItem.state = NSOnState } distanceMenu.addItem(distanceMenuItem) } var option = 5 let DISTANCE_MINIMUM = 10 let DISTANCE_MAXIMUM = 80 for i in DISTANCE_MINIMUM...DISTANCE_MAXIMUM { if option >= DISTANCE_MAXIMUM { break } else { option += 5 } print(option) }
  • 29. 29 for distance in stride(from: DISTANCE_MINIMUM, through: DISTANCE_MAXIMUM, by: 5) { let distanceMenuItem = NSMenuItem(title: String(distance), action: #selector(distanceMenuItemClicked), keyEquivalent: "") distanceMenuItem.target = self if distance == currentLockingDistance{ distanceMenuItem.state = NSOnState } distanceMenu.addItem(distanceMenuItem) } How to shorten the Locking Distance? Can I do it more elegantly?
  • 30. How to prevent immediate locking? Add a Locking Delay: 0, 1, 3, 5 seconds Out of distance Time T1 Example: 3 seconds delay Not going to lock Within distance Current time – T1 > 3 seconds ? Lock ! Time Out of distance T1 Question: How does the code work?
  • 31. 31 Show me the code! func distanceReceived(distance: Int){ ... if lockingMode && distance >= currentLockingDistance { if goingToLock == false { goingToLock = true startLockingWindow(start: true) } else { startLockingWindow(start: false) } } else { goingToLock = false } } func startLockingWindow(start: Bool) { if start { launchLockWindow = CFAbsoluteTimeGetCurrent() } else { let elapsed = CFAbsoluteTimeGetCurrent() - launchLockWindow if elapsed >= Double(lockingTimeout) { locking.lockMachine() } } }
  • 32. Hackers always win 32 No physical security -> No security Any Questions? https://github.com/yeokm1/distance-machine-locker

Editor's Notes

  1. Give Swift normal for loop example
  2. Give Swift normal for loop example