1x – Arduino Pro Mini3.3v 8mhz ATMega328P version.
The program code/sketch will not fit on the ATMega168 version. You must buy the “328P” version with the higher flash and sram size. You must use the 3.3v version to run off of a coin battery.
1x – 128×64 OLED Display I2C version. Get the I2C version with 4 pins only.
1x – Lighted pushbutton switch.
1x – CR2032 3.3v Coin Battery
1x – CR2032 Coin Battery PCB Holder. Get the slimmest you can find.
1x – 5×7 cm PCB board.
1x – 220 ohm resistor
1x – 4.7k ohm resistor
1x – FTDI to USB for programming the Arduino Pro Mini. Might need header pins or wires to make the connection.
Misc- Soldering gun, solder, time, maybe some ultra micro thin conductive wire for PCB traces
Step 2: Optional: Edit LCD/OLED Graphics
Optional:
Use LCDAssistant.exe (google to download) to create new 128×64 or 128×44 sized byte array graphics for your own use.
If you want to use Photoshop to cut up an existing graphic, here is what i do:
1 Google search for a black and white image 2 open in Photoshop 3 Image ->Mode -> Grayscale 4 Image -> Mode -> Bitmap @ 300 dpi 5 Crop to 128×64 or 128×44 pixels @ 300 DPI (Image Size and Canvas Size) 6 Save As…. .BMP Now you can open it in LCDAssistant.exe .
Use the settings from the above picture, paste the byte code array into the arduino sketch code. Just replace an existing entry. You just need to replace the byte array part, forget about editing the names in the code (see pic)
Step 3: Edit Code and Program Arduino:
Attached is my sketch code.
The button must use Pin 2 or 3 because it supports Interrupts INT on the Arduino.
Edit the variables:
Name
FullName
Address
Phone #, etc….
Job Names:
Use your FTDI / USB serial convertor to program the Arduino .ino sketch file using the Arduino IDE software.
Test the newly loaded program by temporarily hooking up all components on a breadboard.
When you are satisfied the code is good, and everything will work, remove the programming header pins from the arduino by unsoldering them. Try to make all surfaces flat, unsharp, and finger friendly.
GOTO THE INTRUCTABLEs LINK TO DOWNLOAD THE ARDUINO CODE FILE .ino
Why buy a UL Listed iDevices Switch when you can potentially electrocute yourself or start a fire with a self built alternative instead?
Here’s how!
First, you must install HomeBridge on a Raspberry Pi, and configure it as a HomeKit bridge device. Instructions below.
Once you have HomeKit / HomeBridge working on your Pi and your iPhone, we can build a wireless power switch that can be controlled by Siri and the HomeKit app.
We start with a PowerTail2, and use the ESP8266 to control the on/off line.
We power the ESP8266 with a AMS1117 3.3V Power Supply Module. This brings the 5v from the charger down to the proper 3.3v that the ESP8266 needs.
We provide the power with a used cell phone charger. 110v -> 5v. This is wired directly to the ‘Line’ side of the PowerTail2 circuit board. It is always ‘Live’ or ‘Hot’ and will shock you.
We Load the code into the ESP8266 via your favorite USB/Serial converter (FTDI).
We plug it in. Homekit sees the device via the HomeBridge configuration file addition (accessory) on the Raspberry Pi.
You control the device on your iPhone, and turn electricity on and off at will.
Step 3: ESP8266 Arduino Code
/* * This sketch demonstrates how to set up a simple HTTP-like server.
* The server will set a GPIO pin depending on the request
* http://server_ip/gpio/0 will set the GPIO0 low,
* http://server_ip/gpio/1 will set the GPIO0 high
* server_ip is the IP address of the ESP8266 module, will be
* printed to Serial when the module is connected.
*/
// Start the server
server.begin();
//Serial.println("Server started");
// Print the IP address
//Serial.println(WiFi.localIP());
}
void loop() {
// Check if a client has connected
WiFiClient client = server.available();
if (!client) {
return;
}
// Wait until the client sends some data
//Serial.println("new client");
while(!client.available()){
delay(1);
}
// Read the first line of the request
String req = client.readStringUntil('\r');
//Serial.println(req);
client.flush();
// Match the request
int val;
if (req.indexOf("/gpio/0") != -1)
val = 0;
else if (req.indexOf("/gpio/1") != -1)
val = 1;
else {
//Serial.println("invalid request");
client.stop();
return;
}
// Set GPIO0 according to the request
digitalWrite(0, val);
digitalWrite(LED_BUILTIN, val); // Turn the LED on (Note that LOW is the voltage level
client.flush();
// Prepare the response
String s = "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\n\r\n
\r\nGPIO is now ";
s += (val)?"high":"low";
s += "
\n";
// Send the response to the client
client.print(s);
delay(10);
//Serial.println("Client disonnected");
// The client will actually be disconnected
// when the function returns and 'client' object is detroyed
}
EvilRuxpin – The Chippy Ruxpin Alternative – Hacking a Teddy Ruxpin with Next Thing Co. C.H.I.P $9 Linux Computer to Play Heavy Metal
So, I modified a Chippy Ruxpin into a more ‘evil’ form as a gift for a coworker.
1. Build a Chippy Ruxpin out of a C.H.I.P. and an old Teddy Ruxpin
2. Make it evil. Make it say random evil scary things every few minutes, and make the eyes glow red with an LED
3. Make it wifi. It is now ad-hoc so no keyboard is needed. Smartphone controllable!
4. Add DHCP server, so your smartphone can connect and pull an IP, so you can load the web gui over wifi
5. Add an 3W stereo audio amplifier. Stock ruxpin speaker + CHIP audio is kinda wimpy. DC 5V PAM8403 Audio Stereo Amplifier Board Volume Control Class D Kit Module
6. Add a big battery, maybe a 5w solar panel to charge the battery.
7. put a heavy metal t shirt on Teddy.
8. option to play stored heavy metal .mp3’s using mplayer in linux, controllable on the webgui page from a smartphone.
I chose Blackened by Metallica as the first Heavy Metal song played thru a Teddy Ruxpin ever in the history of the Earth. Yes my Teddy Ruxpin plays Metallica in stereo on command via wifi from my smartphone.
Dont’ forget to put an .mp3 file in /home/chip/Desktop/m.mp3. Obviously we are going to change this to play many many metal .mp3’s. ‘Cause that’s rad. Teddy Ruxpin Metal Beats Pill. If only I could figure out how to make the mouth/eyes move while mplayer plays an .mp3…………hmmmmmmmmmmmmmm
9. do it all as a boot script so no user input is needed after power on.
I’ve done it! (except the LED/GPIO part)
More to come! to do:
to do: integrate amazon echo hack, so that replys move the mouth and eyes of Ruxpin.
So, here are the basic steps (updates to come):
–flash CHIP with 4.3 headless. 4.4 wifi? doesn’t seem to work even if you modify the GPIO variables in the .py script.
–enable a wifi connection, apt-get update and apt-get upgrade
–install all the chippy crap from the link below
-get chippy working
–apt-get install isc-dhcp-server, again see link below
–apt-get install bc , this lets ./battery.sh work, so you can monitory your LiPo 3.7v battery from linux
–apt install wireless-tools(this step may break your normal wifi managed mode connection setup. its ad-hoc w no internet from here out, so if you want to install more software from the internet, do it before this step)
edit /etc/NetworkManager/NetworkManager.conf: wired device not managed
Most probably your interface appears in /etc/network/interfaces. By default, NetworkManager does not manage interfaces that appear in /etc/network/interfaces. You can change this behaviour.
To do this – in a terminal:
sudo nano /etc/NetworkManager/NetworkManager.conf
change the line managed=false to managed=true
Save, stop and start network manager:
sudo service network-manager restart
-configure that bitch /etc/dhcp/dhcp.conf
-configure /etc/network something/ interfaces to use 192.168.1.66 ip and dns, see links below
-configure wlan0 to always use 192.168.1.66 because we are evil
-config wlan0 as ad-hoc wifi on channel 6 see just below this
-config /etc/rc.local to do all this crap at boot, no login needed to turn on wifi and dhcp, and python script
edit /etc/network/interfaces make the ip 192.168.1.66 cause we are evil:
source-directory /etc/network/interfaces.d
auto wlan0
iface wlan0 inet static
address 192.168.1.66
netmask 255.255.255.0
gateway 192.168.1.1
edit /etc/rc.local code:
iwconfig wlan0 mode ad-hoc channel 6 essid “EvilRuxpin”
ifconfig wlan0 up 192.168.1.66
sudo service isc-dhcp-server start
cd ChippyRuxpin cause i installed under root
python /root/ChippyRuxpin/chippyRuxpin.py
after a editing /etc/rc.local, /etc/network/interfaces and /etc/dhcp/dhcp.conf, reboot.
once booted up, you should be able to connect to ad-hoc wifi “EvilRuxpin”
it should serve up a DHCP address between 192.168.1.10-20.
goto http://192.168.1.66:8080 or 80
page should load
note: my stupid dell laptop would not connect to the ad-hoc wifi, but my iphone 5s would.
# IMPORTANT NOTE ABOUT TWITTER STUFF!
# In order to retrieve tweets, you need to authorize this code to use your twitter account.
# This involves obtaining some special tokens that are specific to you.
# Please visit Twitter’s website to obtain this information and put the values in the variables below.
# For more information, visit this URL:
# https://dev.twitter.com/oauth/overview/application-owner-access-tokens
consumerKey=’INSERT YOUR CONSUMER KEY HERE FROM TWITTER’
consumerSecret=’INSERT YOUR CONSUMER SECRET HERE FROM TWITTER’
accessTokenKey=’INSERT YOUR ACCESS TOKEN KEY HERE FROM TWITTER’
accessTokenSecret=’INSERT YOUR ACCESS TOKEN SECRET HERE FROM TWITTER’
import sys
import time
import subprocess
import os
from random import randint
from threading import Thread
from chippyRuxpin_audioPlayer import AudioPlayer
from chippyRuxpin_gpio import GPIO
from chippyRuxpin_twitter import ChippyTwitter
from chippyRuxpin_webFramework import WebFramework
fullMsg = “”
MOUTH_OPEN = 408 # GPIO pin assigned to open the mouth. XIO-P0
MOUTH_CLOSE = 412 # GPIO pin assigned to close the mouth. XIO-P2
EYES_OPEN = 410 # GPIO pin assigned to open the eyes. XIO-P4
EYES_CLOSE = 414 # GPIO pin assigned to close the eyes. XIO-P6
while isRunning:
#cmd = “sudo sh -c ‘echo 1 > /sys/class/gpio/gpio412/value'”
#subprocess.Popen(cmd,shell=True, stdout=subprocess.PIPE)
time.sleep(1)
global rcount
myTextIndex = 1
rcount = rcount + 1
myTextIndex = ( randint( 0,2) )
print(myTextIndex)
print(rcount)
if rcount >= 60:
#myTextIndex == 0
if myTextIndex == 0:
myText = “hello fucker!”
elif myTextIndex == 1:
myText = “I can hear you Adam. I know you are talking about me. You don’t want to make me angry ”
elif myTextIndex == 2:
myText = “Hey! give me the pipe back”
else:
myText = ‘single quotes this is option 4’
#return MyText
rcount = 0
talk(myText)
chippyRuxpin-webFramework.py:
#!/usr/bin/env python
#
# Chippy Ruxpin by Next Thing Co 2015
# Powered by C.H.I.P., the world's first $9 computer!
from bottle import run, get, post, request, route, redirect
import socket
preset1=”Hello Adam, would you like to hear some Heavy Metal?”
preset2=”Hello Adam, would you like to hear some Heavy Metal?”
print(“web start”)
class WebFramework:
def __init__(self,func):
self.ip = [(s.connect((‘192.168.1.66’, 80)), s.getsockname()[0], s.close()) for s in [socket.socket(socket.AF_INET, socket.SOCK_DGRAM)]][0][1]
print( “———“)
print( “CHIPPY RUXPIN IS ONLINE!”)
print( “In your browser, go to ” + str(self.ip) + “:8080”)
print( “———“)
self.talkFunc = func
this part of the code does not format well in wordpress . it is: LESS THAN SYMBOL form action=”/” method=”post” GREATER THAN SYMBOL
preset11: LESS THAN SYMBOL input name=”speech” type=”text” size=”96″ value=”one of these days, _ _ _ _ I am going to kill that fucking cat'” / GREATER THAN SYMBOL
LESS THAN SYMBOL input value=”Go!” type=”submit” / GREATER THAN SYMBOL
chippyRuxpin_audioPlayer.py:
#!/usr/bin/env python
#
# Chippy Ruxpin by Next Thing Co 2015
# Powered by C.H.I.P., the world's first $9 computer!
#!/usr/bin/env python
#
import alsaaudio as aa
import audioop
from time import sleep
import struct
import math
import array
import numpy as np
import wave
import os
import subprocess
class AudioPlayer:
def __init__(self):
subprocess.Popen(‘amixer cset numid=1 100%’ ,shell=True, stdout=subprocess.PIPE ) # Set PA mixer volume to 100%
subprocess.Popen(‘amixer cset numid=2 2’ ,shell=True, stdout=subprocess.PIPE ) # Set right mixer to be “right” (2)
subprocess.Popen(‘amixer cset numid=3 1’ ,shell=True, stdout=subprocess.PIPE ) # Set left mixer to be “left” (1)
subprocess.Popen(‘amixer cset numid=4 1′ ,shell=True, stdout=subprocess.PIPE ) # Set DAC self.output to be “Direct” (2… or 1 for “Mixed” if you prefer)
self.prevAudiovalue = 0
self.mouthValue = 0
UPDATE:
I don’t know how, but somehow I picked up a ship over 117nm away. I’m pretty sure this is over the horizon, so I do not know how this is possible unless its a reflection of the signal, or this homemade AIS antenna just got a lot of gain somehow…
Somehow, I am getting like 120 nautical mile range with this antenna, I cannot figure out why I am getting such good range in one direction.
now getting over 400 nautical mile range AIS with this homemade monopole, how is that possible?
So it seems that when the antenna fell down, it broke the solder on my horizontal radials that are connected to the ground/braid of the coax cable feeding the antenna. So, it looks like the minor adjustment of just a few millimeters, really improved or ‘super tuned’ this antenna. It seems to be slightly directional in the direction of the radials (North and South in my case), however it certainly improved or doubled my ‘straight out’ reception as well. Over all this is like a 200% improvement in range. So the leason here is, if you are getting poor 20nm reception, try extending the length or distance of those two 46mm radials. Either that or my SDR RTL dongle just got a whole lot more sensitive or clean signal…
Orange County California Countywide Coordinated Communications System (CCCS) Live Radio
System Name: Countywide Coordinated Communications System (CCCS)
Location: Orange County, CA
County: Orange
System Type: Motorola Type II SmartZone
System Voice: Analog and APCO-25 Common Air Interface
Last Updated: May 2, 2016, 3:18 pm (Updated Function Tag assignments for 5 talkgroups)
System ID Connect Tone
6C3F 90.0
EMS (Field-to-Hospital) Talkgroups
DEC
HEX
Mode
Alpha Tag
Description
Tag
3920
0f5
A
4G FLD/ER N
4G ALS-No Contact (North)
Hospital
4272
10b
A
5K FLD/ER S
5K ALS-No Contact (South)
Hospital
6896
1af
A
MED-CALL
6A Assignment (“OCC”)
Hospital
6928
1b1
A
MED-N1
6B North 1
Hospital
6960
1b3
A
MED-N2
6C North 2
Hospital
6992
1b5
A
MED-NW
6D Northwest
Hospital
7024
1b7
A
MED-S1
6E South 1
Hospital
7056
1b9
A
MED-S2
6F South 2
Hospital
7088
1bb
A
MED-SW
6G Southwest
Hospital
7120
1bd
A
MED-CO1
6H Countywide 1
Hospital
7152
1bf
A
MED-CO2
6I Countywide 2
Hospital
7184
1c1
A
MED-CO3
6J Countywide 3
Hospital
7216
1c3
A
MED-LAB
6K Laguna Beach
Hospital
Hospital-to-OCC Talkgroups
DEC
HEX
Mode
Alpha Tag
Description
Tag
27360
6ae
D
HOC-HOC
All Base Hospitals (Broadcast)
Hospital
27520
6b8
D
HMHP
Hoag Memorial Hospital Presbyterian
Hospital
27680
6c2
D
HBH
Huntington Beach Hospital
Hospital
27840
6cc
D
MHRMC
Mission Hospital Regional Medical Center
Hospital
28000
6d6
D
SJMC
St Jude Medical Center
Hospital
28160
6e0
D
UCI MC
UC Irvine Medical Center
Hospital
28320
6ea
D
OCGMC
Orange County Global Medical Center – Santa Ana
Hospital
Additional Fire/EMS/EOC Talkgroups
DEC
HEX
Mode
Alpha Tag
Description
Tag
4432
115
A
SIL-TAC
7D Silverado Canyon Tactical
Fire-Tac
4464
117
A
CRB-TAC
7E Carbon Canyon Tactical
Fire-Tac
4496
119
A
TRAVEL
7A TravelNet
Fire-Tac
4528
11b
A
EBY-TAC
7F Emerald Bay Tactical
Fire-Tac
6800
1a9
A
EOC
7B EOC to EOC Operations
Fire-Tac
20960
51e
E
ARSON
7C Arson Investigators
Fire-Tac
Dispatch/Coordination Talkgroups
DEC
HEX
Mode
Alpha Tag
Description
Tag
6736
1a5
A
AIRCALL
Aircraft Dispatching/Hailing
Interop
20800
514
E
PIO-PIO
Public Information Officer Coordination
Interop
27200
6a4
D
DSP-DSP
Dispatch Center Coordination
Interop
Public Works Shared (BROWN) Talkgroups
For shared use by any public works or city service departments.
DEC
HEX
Mode
Alpha Tag
Description
Tag
36000
8ca
D
BROWN-N
Public Works Shared – North
Interop
36032
8cc
D
BROWN-S
Public Works Shared – South
Interop
36064
8ce
D
BROWN-1
Public Works Shared Tac – North Cell
Interop
36096
8d0
D
BROWN-2
Public Works Shared Tac – Northwest Cell
Interop
36128
8d2
D
BROWN-3
Public Works Shared Tac – South Cell
Interop
36160
8d4
D
BROWN-4
Public Works Shared Tac – Southwest Cell
Interop
36192
8d6
D
BROWN-5
Public Works Shared Tac – Laguna Cell
Interop
36224
8d8
D
BROWN-6
Public Works Shared Tac – Countywide Cell
Interop
Countywide Interoperability (TAN) Talkgroups
For interop between police, fire, lifeguard and public works countywide.
If your Windows 10 ‘Reserve’ button in Windows Updates does not do anything, or you do not have the ‘Get Windows 10’ icon or program, there is an easy way to obtain the .iso or initiate the Windows 10 installer from within Windows 7.
Just download and run the MediaCreationTool.exe. It allows you to begin upgrading to Windows 10 directly, or create a .iso or USB installer.
So I bought a 2014 Honda Civic Coupe for my wife. Hot red in color. Seeing as this is one of the most stolen cars in America, I thought a small investment in a car GPS tracker was a good idea.
So I bought a TK103 unit on ebay for about $60. The SIM was $10, but I think you can find it for $0.99 on ebay. Here is what I learned:
-If you can install a car stereo, you can install this thing
–Use RedPocket $5 PayGo SIM and service. The $5 refills are good for 15 days. It is the cheapest SIM card and service you can buy for 3G devices. This is a voice/SMS plan, it is not a data plan. If you have an arduino and want to send temperature sensor data over the internet, then this is not the SIM card and cell service plan that you want. This is a plain old 3G voice plan with TXT. I considered buying the $50/6 month plan but realized that I don’t always need to be tracking. Its mainly for a stolen car situation. I have already tested letting a $5 refill expire, then ordering up a new $5 refill and the phone reactivates (had to call RedPocket customer service to hurry the refill activation along).
*********UPDATE JAN 1 2017 ************
AT&T has discontinued their 2G service in the USA. I was able to get RedPocket to send me a new GSMT (tmobile) 4G SIM card, and had them port over the number and account. Tmobile/RedPocket Pay as you go Refills are $10 for 30 days. This is the cheapest SIM and service I can find. I can confirm that the RedPocketGSMT pay as you go tmobile SIM works in the TK103GPS tracker as of 1/23/2017. If you have trouble, send the SMS command ‘begin123456’ and re-initialize the tracker once the new sim is in and the power has been cycled.
*********UPDATE JAN 1 2017 ************
-YOU NEED AT&T SIM, not TMOBILE !!! Get the ‘GSMA’ SIM, not the GSMT sim. A for AT&T and T for tmobile. AT&T offers the cheapest PAY AS YOU GO SIM plan. If you get the Tmobile SIM, you have to pay $30 a month for service. With the AT&T SIM, you can pay as little as $10 per 30 days. Or do like me and only refill $5 worth of AT&T when I need to track the car.
Installed the tracker and GPS antenna behind the dash. I have not hooked up the relay to the fuel pump yet. I plan on doing that someday soon. In theory, I could shut off the fuel pump (and therefore car) with an alert sent via SMS text from my cell phone (iPhone 5s). The TK103GPS tracker has a feature where the car will only cut the fuel pump at speeds under 20mph. This makes for a great chance of recovering the stolen car in my book.
Anyways, the system is working so far. I can test the unit and it gives me a checkup reply via SMS within about 20 seconds. It tells me the units powered on, backup battery status (pulling the car’s main battery does not shut off the unit until the backup battery is drained). The status check also tells me if the car is ACC on (driving/parked on), and I could hook up door sensors too if needed.
Simply by calling the cell phone # assigned to the SIM by RedPocket, the unit answers and then hangs up. It will then send me a SMS text reply with the Google Maps URL link to my cell phone. Clicking this places me in Google maps with an accurate readout of the cars immediate position. Should the GPS signal be blocked or cut, it will report the car’s last known position. I can even enable GPRS/APN data and it will send geolocation information over the cellular data network/internet.
Not bad for $60(TK103) + 10(SIM) + 10(two $5 refills).
More updates to come.
*********UPDATE MAR 11 2017 ************
Tmobile is now offering $3/mo Pay as You Go plans that come with 30 calls/text per month.
This is the best sim deal if you are not using GPRS data (using text based tracking)
This tracker TK103A is a new product based on the GSM / GPRS network and GPS satellite positioning system, which set multiple functions of security, positioning, monitoring surveillance, emergency alarms and tracking in its entirety. It can track and monitor remote target by SMS or internet. Now it also has SD Card Slot function!
Features:
●Support both GPS & LBS (Location based service)
●Support SMS/GPRS/Internet Network data transmission (GPRS/Internet instructions in CD enclosed)
●Support GPRS on-line and GPRS re-connected automatically if GPRS drops
●Support SMS / GPRS dual-mode switching
●Support configuration by remote terminal.
●Support for point-to-point, point to group, group-to-group monitoring.
●Set multiple functions of security, positioning, monitoring surveillance, emergency alarms and tracking in its entirety.
●Support motion detection, external alarm output, and Email photo, FTP photo , FTP record, when alarm is triggered.
●Certified by Microsoft activeX, no worry to be invaded by virus.
Specifications:
Content
Specifications
Dimension
83*54*26mm
Weight
120g
Network
GSM/GPRS
Band
850/900/1800/1900Mhz
GPS chip
SIRF3 chip
GSM/GPRS
Simcom300d or Simcom340d
GPS sensitivity
-159dBm
GPS accuracy
5m
Time to first fix
Cold status 45s Warm status 35s Hot status 1s
Voltage of car power system
12V input
Car charger output
Cut off the power and the oil system and control the power system:0V
Car power input
door 0V(Negative trigger) or 12V(positive trigger) ACC:12V
* Single Locating
*Dialing the tracker device, it will respond to a real-time latitude and longitude information.
* Successive Locating Automatically
* Get location in real street/address name
*Note: You must set up the APN of your local GSM network for the SIM card in tracker first before using this function.
* Monitor–user can dial up the tracker device to monitor the voice.
* Alarms–Low battery alarm, Power off alarm, SOS.
* Geo-fence
* Movement alarm
* Overspeed alarm
* Cut off/ Resume the Oil and Power System
* Set up arm by SMS
* Alarms under Arm State–door alarm, Sensor alarm, ACC alarm.
* Set up silent mode by SMS
* Once the alarm is triggered, tracker will send alarm SMS to authorized number.
* No GSM Network Alarm
* Check the Vehicle State
* Tracker’s Hardware Resetting
* SD Card Slot
* GPS drift suppression
AT&T has discontinued their 2G service in the USA. I was able to get RedPocket to send me a new GSMT (tmobile) 4G SIM card, and had them port over the number and account. Tmobile/RedPocket Pay as you go Refills are $10 for 30 days. This is the cheapest SIM and service I can find. I can confirm that the RedPocketGSMT pay as you go tmobile SIM works in the TK103GPS tracker as of 1/23/2017. If you have trouble, send the SMS command ‘begin123456’ and re-initialize the tracker once the new sim is in and the power has been cycled.
Sony Online Entertainment Accounts Vulnerable to Brute Force Password Reset
A few months ago I began to recieve numerous spam emails from Sony Online Entertainment. Obviously, some poor kid had typed in my email address instead of his own when signing up for the online gaming platform.
As a nice guy, I sent SOE customer service an email asking for my email address to be removed. ( I do not like being awoken by a beeping cell phone in the middle of the night). Sure, I could have just flagged the email as SPAM, and gone on with my life. But I thought the honest, correct and ‘right’ thing to do was to get this poor kids account actually corrected.
I received no response from Sony Online Entertainment Customer Service.
After being awoken several times more, my attitude for SOE turned ‘twords the unfavorable side. I thought, “why don’t these people simply respond, and why won’t they stop sending me crap when requested?”. So I attempted to have this corrected once again:
to Sony
God fucking admit you have the wrong email address stop sending me this
Sent from my iPhone
On Feb 27, 2015, at 4:40 PM, Sony Entertainment Network wrote:
Sony Entertainment
Network
Wallet Transaction Notification: Funds Added.
Dear glenn,
The requested funds have been added to your Sony Entertainment Network wallet. The transaction details are provided below for your records.
Thank you,
The Sony Entertainment Network Team
Online ID: imabad460
Order Number: 8052327724
Date Purchased 02/18/2015 @ 11:10 AM
Charge Method: MC 5516********4375
Funds Added To Wallet: $9.99
Current Wallet Amount*: $9.99
*This wallet amount is current as of the date and time of this transaction.
To update your marketing preferences, please click here.
This e-mail message has been delivered from a send-only address. Please do not reply to this message. For more information about your account, please visit the links below.
Terms of Use and Privacy Policy:
http://www.sonyentertainmentnetwork.com/legal/
“Sony Entertainment Network” and “Sony Entertainment Network Logo” are trademarks of Sony Corporation.
Again, no response. Poor ‘little imabad460. It seems SOE is not interested in fixing this problem for its customer.
Then in March of 2015, after being awoke several times again from SOE spam, I decided to call SOE customer support. The nice foreign guy at the call center did not seem to be concerned that their company was sending out spam to non customers after being asked nicely not to. He said he would send me a password reset. I told him that was the problem, please stop doing so. He then demanded my name, and I explained to him that my name is irrelevant since I am not an SOE customer. This went on and on and they said they would send a verification email to the email address in question. They did, and I responded with:
Do Not Reply do-not-reply@playstation.sony.com via rg4l6fsz62gjayab.5q95zs6dsyqcprg9.a50sj.i-h5efeac.na15.bnc.salesforce.com
Mar 18 (4 days ago)
to me
Send the email to “pscustomer_service@playstation.sony.com”
Subject line: ATTN: Sony Entertainment Network account Email Investigations, Case Number#
Body of the email: Include your name and Case number
Be sure to document in the “Case Feed” the email is being used without permission.
05183358 this is the case
ref:_00Di0H5ef._500i0MVrtu:ref
Laguna Computer
Mar 18 (4 days ago)
to pscustomer_service@playstation.sony.com
Yes I do not have a Sony account, please stop sending me emails. The account holder has used the wrong email address
Sent from my iPhone
> On Mar 18, 2015, at 12:44 PM, Do Not Reply wrote:
>
> Send the email to “pscustomer_service@playstation.sony.com”
>
> Subject line: ATTN: Sony Entertainment Network account Email Investigations, Case Number#
>
> Body of the email: Include your name and Case number
>
> Be sure to document in the “Case Feed” the email is being used without permission.
>
> 05183358 this is the case
>
>
> ref:_00Di0H5ef._500i0MVrtu:ref
Since then, I just keep receiving Account password links from Sony. So I thought to myself. “I will just fix it myself!”. I clicked on the password reset link that they sent me, and was taken to a birthdate verification page. This is where the exploit was found.
That is when I discovered that the Sony Online Entertainment password reset webpage does not timeout for failout after x amount of attempts. This is a large security hole. By my math it should take 365 dates (1-31x12months) x 40 ‘years’ (1975-2015) approx less than 15,000 attempts before the password reset is brute forced.
Weak Sauce SOE! Can’t you just remove my email address from your system as requested?
The original code is for an Arduino YUN. The YUNs have built in ethernet and some code had to be changed to get it to work with my standard Uno with an ethernet shield.
Basically i had to strip out the Console.print and the Bridge.h commands, changing them to Serial.print . Also ,I had to shift the response string lookup digits a few places, because it was offset with the original YUN code. I just copied the RESPONSE from the serial monitor into Notepad, and counted the digits by using the right arrow key, taking note to count the spaces as well.
Here is the modified code that works on an Arduino Uno with an Ethernet shield. Dont forget to get your TembooAccount.h file from the temboo site.
Also, I had issues with the header code box not populating correctly while following the instructions. Try hitting refresh, switch between Arduino YUN and Arduino code using the box at the top of the temboo website.
You will need to edit the code below to include YOUR twilio auth code and ID. This code will turn a LED on digital pin7 if you send a text as “lights on” and turn the led off if you send “lights off”
/* Setup shield-specific #include statements */
/*Use the pic above, for the header setup, my WordPress software hides the code from this part in this post */
#include
#include
#include
#include
#include
#include
#include "TembooAccount.h" // Contains Temboo account information
#include
/*REPLACE THE FIRST 10 Lines with those shown in the pic above ^ */
int numRuns = 1; // Execution count, so this doesn't run forever
int maxRuns = 5; // Maximum number of times the Choreo should be executed
int ledPin = 13; // Led for debug
int buzzerPin = 2; // buzzer's connected to pin 2
int lightsPin = 7; // The pin where your Xmas lights are connected to.
int timeToWait = 600000; //Delay between calls
String bodyMsgLast = "none"; // This variable holds the last text message read.
void setup() {
Serial.begin(9600);
// For debugging, wait until the serial console is connected.
delay(4000);
while(!Serial);
//Turn lights off on boot up
digitalWrite(lightsPin, HIGH);
delay(5000); //simulates a button press for 5 seconds
digitalWrite(lightsPin, LOW);
delay(1000);
//Bridge.begin();
//Console.begin();
}
void loop() {
if (numRuns <= maxRuns) {
Serial.println("Running GetLastMessageThatContains - Run #" + String(numRuns++));
TembooChoreo GetLastMessageThatContainsChoreo(client);
// Invoke the Temboo client
GetLastMessageThatContainsChoreo.begin();
// Set Temboo account credentials
GetLastMessageThatContainsChoreo.setAccountName(TEMBOO_ACCOUNT);
GetLastMessageThatContainsChoreo.setAppKeyName(TEMBOO_APP_KEY_NAME);
GetLastMessageThatContainsChoreo.setAppKey(TEMBOO_APP_KEY);
// Set Choreo inputs
String AuthTokenValue = "6e0aecedb5461c4ccbc7f72535c7c569";
GetLastMessageThatContainsChoreo.addInput("AuthToken", AuthTokenValue);
String FilterValue = "lights";
GetLastMessageThatContainsChoreo.addInput("Filter", FilterValue);
String AccountSIDValue = "AC25eb0f996fbe268825f00405885f6fba";
GetLastMessageThatContainsChoreo.addInput("AccountSID", AccountSIDValue);
// Set Choreo inputs
GetLastMessageThatContainsChoreo.addInput("AuthToken", " PUT YOUR TWILIO AUTH TOKEN HERE "); //Twilio Authentication Token
GetLastMessageThatContainsChoreo.addInput("Filter", "ights"); // Filter for incoming messages holding this word
GetLastMessageThatContainsChoreo.addInput("AccountSID", " PUT YOUR TWILIO ACCOUNT ID HERE "); //Twilio account ID
GetLastMessageThatContainsChoreo.addInput("ResponseMode", "simple"); //Response Mode
// Identify the Choreo to run
GetLastMessageThatContainsChoreo.setChoreo("/Library/Twilio/SMSMessages/GetLastMessageThatContains");
// Run the Choreo; when results are available, print them to serial
GetLastMessageThatContainsChoreo.run();
String bodyMsg; // This contains the whole Message
while(GetLastMessageThatContainsChoreo.available()) {
char c = GetLastMessageThatContainsChoreo.read();
Serial.print(c);
bodyMsg += c; //The characters are being fed to the bodyMsg string
}
//Serial.println(bodyMsg+ "<-- is bodyMsg" );
if (bodyMsg != bodyMsgLast) { //Only runs if this message is different than the one stored.
if (bodyMsg.substring(33, 35) == "on") { //This only works if the 17th to 19 letters are "on"".
// This works if you're seinding the message "Lights on"
// Characters before Lights on are other info from Twilio
// Turn lights on
//digitalWrite(ledPin, HIGH); //turns on debug LED
digitalWrite(lightsPin, HIGH);
//delay(800);
//digitalWrite(lightsPin, LOW); //Simulated button press for less than a second
Serial.println("Lights are on");
//tone(buzzerPin, 2000, 3000); //beeps for 3 seconds
} else if (bodyMsg.substring (33, 36) == "off") { //17 20reads "off" from a message saying "Lights off"
//digitalWrite(ledPin, LOW); //turns off debug LED
//tone(buzzerPin, 4200, 1000); //beeps
digitalWrite(lightsPin, LOW);
//delay(5000); //simulates a 5 second button press to turn the lights off
//digitalWrite(lightsPin, LOW);
//delay(1000);
Serial.println("Lights are off");
}
bodyMsgLast = bodyMsg; //Copies this message to the Last message variable
} else {
Serial.println("Identical to Last"); //if identical, do nothing.
}
Serial.println();
Serial.println("Waiting...");
delay(timeToWait); // wait a period between GetLastMessageThatContains calls
GetLastMessageThatContainsChoreo.close();
}
Serial.println("\nWaiting...\n");
delay(30000); // wait 30 seconds between GetLastMessageThatContains calls
}
TembooAccount.h
you must edit your tembooaccount.h file as well. make sure you get an up to date app key FOR YOUR APP from the temboo website.
/*
IMPORTANT NOTE about TembooAccount.h
TembooAccount.h contains your Temboo account information and must be included
alongside your sketch. To do so, make a new tab in Arduino, call it TembooAccount.h,
and copy this content into it.
*/
#define TEMBOO_ACCOUNT "lagunabeachcomputer" // Your Temboo account name
#define TEMBOO_APP_KEY_NAME "myFirstApp" // Your Temboo app key name
#define TEMBOO_APP_KEY "2761f18fae384543af4f... xxxx " // Your Temboo app key
/*
The same TembooAccount.h file settings can be used for all Temboo SDK sketches.
Keeping your account information in a separate file means you can share the
main .ino file without worrying that you forgot to delete your credentials.
*/