Silicon ChipIoT is a security nightmare - February 2020 SILICON CHIP
  1. Outer Front Cover
  2. Contents
  3. Publisher's Letter: IoT is a security nightmare
  4. Feature: Underground mapping, leak detection & pipe inspection by Dr David Maddison
  5. Project: Remote monitoring station messages or emails by 4G! by Tim Blythman
  6. Review: chipKIT’s new “Lenny” by Tim Blythman
  7. Project: Indoor Air Quality Monitor based on a Micromite BackPack by Geoff Graham
  8. Serviceman's Log: When in doubt, swap it out by Dave Thompson
  9. Project: Low distortion, two-channel DDS audio signal generator by Phil Prosser
  10. Feature: El Cheapo modules: 8-channel USB Logic Analyser by Jim Rowe
  11. Product Showcase
  12. Project: Building the new “bookshelf” stereo speakers, Pt 2 by Phil Prosser
  13. Vintage Radio: 1946 Tecnico-Aristocrat Model 651 by Associate Professor Graham Parslow
  14. Subscriptions
  15. PartShop
  16. Market Centre
  17. Advertising Index
  18. Notes & Errata: Digital Lighting Controller, October-December 2010; DSP Active Crossover, May-July 2019; Super-9 FM Radio, November & December 2019
  19. Outer Back Cover

This is only a preview of the February 2020 issue of Silicon Chip.

You can view 38 of the 112 pages in the full issue, including the advertisments.

For full access, purchase the issue for $10.00 or subscribe for access to the latest issues.

Items relevant to "Remote monitoring station messages or emails by 4G!":
  • 4G Remote Monitoring Station Power Control Shield PCB [27111191] (AUD $5.00)
  • Firmware (Arduino Sketch) for the 4G Remote Monitoring Station (Software, Free)
  • 4G Remote Monitoring Station Power Control Shield PCB pattern (PDF download) [27111191] (Free)
Items relevant to "Indoor Air Quality Monitor based on a Micromite BackPack":
  • PIC32MX170F256B-50I/SP programmed for the Indoor Air Quality Monitor [AirQuality.hex] (Programmed Microcontroller, AUD $15.00)
  • Micromite LCD BackPack V2 complete kit (Component, AUD $70.00)
  • Firmware (HEX) files and BASIC source code for the Indoor Air Quality Monitor [AirQuality.hex] (Software, Free)
Items relevant to "Low distortion, two-channel DDS audio signal generator":
  • Low-distortion DDS complete PCB set (5 boards) [01106192-6] (AUD $20.00)
  • DSP Crossover DAC PCB [01106192] (AUD $7.50)
  • DSP Crossover CPU PCB [01106193] (AUD $5.00)
  • DSP Crossover power supply PCB [01106194] (AUD $7.50)
  • DSP Crossover front panel control PCB [01106195] (AUD $5.00)
  • DSP Crossover LCD Adaptor PCB [01106196] (AUD $2.50)
  • PIC32MZ2048EFH064-250I/PT programmed for the Low-distortion DDS Signal Generator (Programmed Microcontroller, AUD $30.00)
  • Pulse-type rotary encoder with pushbutton and 18t spline shaft (Component, AUD $3.00)
  • 128x64 Blue LCD screen with KS0108-compatible controller (Component, AUD $30.00)
  • ST7920 driver for PIC32MZ projects (Software, Free)
  • Firmware and source code for the Low-distortion DDS Signal Generator (Software, Free)
  • DSP Active Crossover/DDS/Reflow Oven PCB patterns (PDF download) [01106191-6] (Free)
Articles in this series:
  • El Cheapo Modules From Asia - Part 1 (October 2016)
  • El Cheapo Modules From Asia - Part 2 (December 2016)
  • El Cheapo Modules From Asia - Part 3 (January 2017)
  • El Cheapo Modules from Asia - Part 4 (February 2017)
  • El Cheapo Modules, Part 5: LCD module with I²C (March 2017)
  • El Cheapo Modules, Part 6: Direct Digital Synthesiser (April 2017)
  • El Cheapo Modules, Part 7: LED Matrix displays (June 2017)
  • El Cheapo Modules: Li-ion & LiPo Chargers (August 2017)
  • El Cheapo modules Part 9: AD9850 DDS module (September 2017)
  • El Cheapo Modules Part 10: GPS receivers (October 2017)
  • El Cheapo Modules 11: Pressure/Temperature Sensors (December 2017)
  • El Cheapo Modules 12: 2.4GHz Wireless Data Modules (January 2018)
  • El Cheapo Modules 13: sensing motion and moisture (February 2018)
  • El Cheapo Modules 14: Logarithmic RF Detector (March 2018)
  • El Cheapo Modules 16: 35-4400MHz frequency generator (May 2018)
  • El Cheapo Modules 17: 4GHz digital attenuator (June 2018)
  • El Cheapo: 500MHz frequency counter and preamp (July 2018)
  • El Cheapo modules Part 19 – Arduino NFC Shield (September 2018)
  • El cheapo modules, part 20: two tiny compass modules (November 2018)
  • El cheapo modules, part 21: stamp-sized audio player (December 2018)
  • El Cheapo Modules 22: Stepper Motor Drivers (February 2019)
  • El Cheapo Modules 23: Galvanic Skin Response (March 2019)
  • El Cheapo Modules: Class D amplifier modules (May 2019)
  • El Cheapo Modules: Long Range (LoRa) Transceivers (June 2019)
  • El Cheapo Modules: AD584 Precision Voltage References (July 2019)
  • Three I-O Expanders to give you more control! (November 2019)
  • El Cheapo modules: “Intelligent” 8x8 RGB LED Matrix (January 2020)
  • El Cheapo modules: 8-channel USB Logic Analyser (February 2020)
  • New w-i-d-e-b-a-n-d RTL-SDR modules (May 2020)
  • New w-i-d-e-b-a-n-d RTL-SDR modules, Part 2 (June 2020)
  • El Cheapo Modules: Mini Digital Volt/Amp Panel Meters (December 2020)
  • El Cheapo Modules: Mini Digital AC Panel Meters (January 2021)
  • El Cheapo Modules: LCR-T4 Digital Multi-Tester (February 2021)
  • El Cheapo Modules: USB-PD chargers (July 2021)
  • El Cheapo Modules: USB-PD Triggers (August 2021)
  • El Cheapo Modules: 3.8GHz Digital Attenuator (October 2021)
  • El Cheapo Modules: 6GHz Digital Attenuator (November 2021)
  • El Cheapo Modules: 35MHz-4.4GHz Signal Generator (December 2021)
  • El Cheapo Modules: LTDZ Spectrum Analyser (January 2022)
  • Low-noise HF-UHF Amplifiers (February 2022)
  • A Gesture Recognition Module (March 2022)
  • Air Quality Sensors (May 2022)
  • MOS Air Quality Sensors (June 2022)
  • PAS CO2 Air Quality Sensor (July 2022)
  • Particulate Matter (PM) Sensors (November 2022)
  • Heart Rate Sensor Module (February 2023)
  • UVM-30A UV Light Sensor (May 2023)
  • VL6180X Rangefinding Module (July 2023)
  • pH Meter Module (September 2023)
  • 1.3in Monochrome OLED Display (October 2023)
  • 16-bit precision 4-input ADC (November 2023)
  • 1-24V USB Power Supply (October 2024)
  • 0.91-inch OLED Screen (November 2024)
Items relevant to "Building the new “bookshelf” stereo speakers, Pt 2":
  • Bookshelf Speaker Passive Crossover PCB [01101201] (AUD $10.00)
  • Bookshelf Speaker Subwoofer Active Crossover PCB [01101202] (AUD $7.50)
  • Bookshelf Speaker Passive and Active Crossover PCB patterns (PDF download) [01101201-2] (Free)
  • Bookshelf Speaker System timber and metal cutting diagrams (PDF download) (Panel Artwork, Free)
Articles in this series:
  • Easy-to-build Bookshelf Speaker System (January 2020)
  • Building the new “bookshelf” stereo speakers, Pt 2 (February 2020)
  • Building Subwoofers for our new “Bookshelf” Speakers (March 2020)

Purchase a printed copy of this issue for $10.00.
SILICON CHIP www.siliconchip.com.au Publisher/Editor Nicholas Vinen Technical Editor John Clarke, B.E.(Elec.) Technical Staff Jim Rowe, B.A., B.Sc Bao Smith, B.Sc Tim Blythman, B.E., B.Sc Technical Contributor Duraid Madina, B.Sc, M.Sc, PhD Art Director & Production Manager Ross Tester Reader Services Ann Morris Advertising Enquiries Glyn Smith Phone (02) 9939 3295 Mobile 0431 792 293 glyn<at>siliconchip.com.au Regular Contributors Dave Thompson David Maddison B.App.Sc. (Hons 1), PhD, Grad.Dip.Entr.Innov. Geoff Graham Associate Professor Graham Parslow Ian Batty Cartoonist Brendan Akhurst Founding Editor (retired) Leo Simpson, B.Bus., FAICD Silicon Chip is published 12 times a year by Silicon Chip Publications Pty Ltd. ACN 626 922 870. ABN 20 880 526 923. All material is copyright ©. No part of this publication may be reproduced without the written consent of the publisher. Subscription rates (12 issues): $105.00 per year, post paid, in Australia. For overseas rates, see our website or email silicon<at>siliconchip.com.au Editorial office: Unit 1 (up ramp), 234 Harbord Rd, Brookvale, NSW 2100. Postal address: PO Box 139, Collaroy Beach, NSW 2097. Phone (02) 9939 3295. E-mail: silicon<at>siliconchip.com.au ISSN 1030-2662 * Recommended & maximum price only. Printing and Distribution: Editorial Viewpoint IoT is a security nightmare The more I hear about the “Internet of Things” (IoT), the more worried I become about how vulnerable these devices will be to hackers, viruses and worms. Microsoft is a multi-billion-dollar company which employs thousands of experienced programmers, yet we frequently find out about severe vulnerabilities in their software. Many of these allow attackers to take over computers remotely. While these are usually patched soon after they are discovered, there are still plenty of ‘zero-day exploits’ out there. It’s just a constant stream of bad news. And it isn’t just Microsoft. Apple, Linux, Google (Android) and many other vendors and devices have had serious flaws discovered in the last twelve months. If these people can’t make a secure system, how can we expect a smaller operation cranking out millions of internet-connected devices to do better? And how much worse is the situation going to be when, instead of having just a handful of PCs and mobile devices in your home or office, you might have hundreds of devices? To make things worse, many of these will probably have out-of-date software, with no easy way to keep them up to date. And if the vendor has gone out of business, or has stopped supporting that particular device, you’ll be totally out of luck. One particularly breathtaking vulnerability I just found out about (which was discovered in 2017) is called “BlueBorne”. The name indicates that it is an airborne Bluetooth attack. I’m mentioning it now because of the sheer incompetence required for such a vulnerability to exist left me gobsmacked. BlueBorne is thought to have (at least initially) affected more than 8.2 billion (!) devices, and all it requires for an attacker to take over your device is for them to be within Bluetooth range. While most newer systems have fixed this, I bet there are still plenty of affected devices floating around. So, how could a set of related vulnerabilities affect Android, iOS, Linux and Windows devices? After all, most of those systems (perhaps excepting Android and Linux) are written by totally different groups of people. Did they all make the same stupid mistakes? How can a simple communications protocol allow random people to execute code on your device? The root causes of the most serious BlueBorne problems come back to what is now starting to sound like a broken record: stack and buffer overflows. Any code which receives data from a remote location into local memory has to be very carefully written to ensure that the memory buffer is large enough to fit the received data. Otherwise, the excess data can spill over into unexpected memory locations. This can be exploited to remotely inject new code into the software, which can then be used to download and execute more malicious code. That can be prevented by fundamental safeguards like data bounds checking, but it must be used consistently. It is just basic good programming practice. But it seems that whoever was in charge of implementing Bluetooth drivers wasn’t disciplined enough to do this, with the result that gaping holes were created in the devices’ defences. Most recent CPUs and operating system an ‘NX bit’ which helps to reduce the chance such a flaw can be exploited, but it can’t totally prevent buffer overflow attacks. It’s better to avoid having them in the first place. I really hope people writing software for IoT devices can avoid this sort of basic mistake, but I am doubtful. This type of problem is going to be multiplied by the number of different devices deployed. So what can you do about it? Not much, unfortunately. Just try to buy devices from vendors you trust (until they break your trust…), and keep their software up-to-date, or avoid them altogether. Nicholas Vinen 24-26 Lilian Fowler Pl, Marrickville 2204 2 Silicon Chip Australia’s electronics magazine siliconchip.com.au