Roomba vacuum cleaner hacking

Late last year I got a Roomba vacuum cleaner from a friend. My wife and I wanted to evaluate such a device for a while. The battery was completely dead, and before spending lots of money on a  new battery, for a device that I didn’t know if it still worked, I tried to hook it up with the battery from my old netbook. That didn’t work out, so I ordered an original part. The friend didn’t want the Roomba anymore, so I thought if it’s not good for cleaning, I would use it as base to build some robot.

We still use it to clean the floor. Well, it doesn’t quite meet the cleanliness requirements of my wife, but she does clean the floor less often manually. Nonetheless, I looked around how to hack the device. I found lots of information on how to connect to it through the serial connector as well as an alternative firmware. The connector is a mini-din 7 and it is said that a MacMini connector should work as well. The local Mac store didn’t have a MacMini cable, so I ordered a mini-din-7 connector from Conrad. I had the cable soldered together quickly.

Of course the ideal device to connect to the Roomba would have wireless connectivity already in place as you don’t want to span wires across the floor as it drives around. As it turns out I have my old OpenMoko Freerunner still laying around, waiting for a new purpose. A perfect fit, i thought. Especially since I wanted to implement some SLAM for the roomba, and that could well run on the freerunner. Continue reading “Roomba vacuum cleaner hacking”

Pilot 4 a day with a Jaguar driver

Every once in a while I get to do a pilot for a day. That’s our premium offer at, and admittedly the most fun to do. Depending on the weather we either do a cross country flight or multiple flights from various mountains. This time, the weather looked promising, but not good enough for cross country. So we set out to do the first flight early from the Rigi. Christoph, todays passenger came with a beautiful Jaguar E-Type, and he is also member of the Jaguar Driver’s Club. The residual cloud cover that should disappear quickly in the morning was lower and more durable than was predicted. So we spent more than an hour para-waiting in the fog. When the fog finally lifted, we had a nice flight with some weak thermals and a couple of tight circles down to Goldau.

After having lunch on a lakeview terrace in Lauerz, we drove with our two Jaguars to Brunnen. Then we headed to the Fronalpstock. From the main takeoff, we followed the ski slope down to Stoos, flying along the rock cliffs to the alp above Morschach. Next, I took course straight to Brunnen and with lots of excess altitude, we floated around and did some sightseeing. The smooth landing was on the Auslandschweizerplatz, one of my favorite landing zones, near to the lake front.

For the third flight I came up with something very special. With the steam boat we crossed the lake, and took the bus and cablecar to the Niederbauen. Like on the other mountains before, the view was marvelous. Sadly, the wind at takeoff had an unusually suboptimal direction, hence I was not certain if we really could cross the lake. We took off, and heading towards Seelisberg town I grew more and more confident that we would make it. Along the rock cliffs of the Seelisberg mountain we soared with the birds, making ground without loosing altitude. Above the lake, we did another photo session, and we even had enough altitude left to fly to the Auslandschweizerplatz.

Full disk encryption with the crypto stick

Last week I finished the udacity applied cryptography course. I did not as well as in the other courses, nonetheless I learned a lot and it was (as always) really interesting. We learned about symmetric and asymmetric encryption, hashes as well as key exchange and management. Each week in addition to the regular homework, we got a challenge question. For most of them, I invested some time, but then had to surrender. Well, I still managed to complete some of the challenges. The most fun for me was a side channel attack on the diffie hellman key exchange protocol. We had information on how many multiplications were required for the fast exponentiation of the RSA key on one end. That was enough to decypher the secret message. It was a good illustration of what has to be taken into account when developing real world cryptographic algorithms. And it reminded me of how some smart cards were hacked by closely monitoring the power consumption.

Now, it was time to put my crypto stick to use. My netbook still ran Ubuntu Maverick due to the horrible graphics card (gma500). So I waited for the release of Linux Mint 13 LTS. In the 3.3 line of kernels there is a poulsbo driver already included.

First I prepared the crypto stick according to this tutorial. After initially generating the keys on the stick for maximum security, I let myself convince to generate them on the computer to be able to make backups. I could not regenerate the authentication key so far, and thus I can’t use it for ssh at the moment. I’m still looking for a solution on that.

Then I installed the operating system along with the full disk encryption according to this tutorial. At first it didn’t work, but then I discovered that there was a mount command missing in the tutorial and thus the generated ramdisk was not written to the correct boot partition.

Here is how it works (as I understand it):

  • grub loads the kernel along with the initial ramdisk which contains everything necessary to communicate with the card.
  • The ramdisk also contains the keyfile for the encrypted root partition. Upon entering the correct pin, the smart card decrypts the key file (asymmetrically).
  • The key file in turn is used to (symmetrically) on the fly decrypt (and encrypt) all accesses to the root partition.

It was new to me how to put stuff into the vmlinuz ramdisk. Apparently the script to ask for the key and decrypt the key file, as well as the keyfile itself and all the other required stuff can be added by installing a hook that is executed whenever a new ramdisk is created. For example when installing a new kernel.

Not that I would have something stored on the harddisk, that would require such a level of security. But it’s interesting to set up and see how it works in action. The crypto stick adds a fair bit of security. As it has a smart card built in, a trojan couldn’t get hold of the private key, and a 2048 bit key is way harder to crack than a password that one can remember and type in every time.