HackerTrans
TopNewTrendsCommentsPastAskShowJobs

ColdHeat

no profile record

Submissions

Taking over a Dead IoT Company

blog.kchung.co
4 points·by ColdHeat·4 года назад·0 comments

FDA orders Juul to pull all of its vaping products from the U.S. market

npr.org
10 points·by ColdHeat·4 года назад·2 comments

Former Seattle tech worker convicted of wire fraud and computer intrusions

justice.gov
1 points·by ColdHeat·4 года назад·0 comments

Compass to Cut About 10% of Workforce Amid US Housing Slowdown

bloomberg.com
5 points·by ColdHeat·4 года назад·0 comments

Betterment Announces Crypto Portfolios

betterment.com
2 points·by ColdHeat·4 года назад·0 comments

Marvel Character or Font?

marvel-or-font.web.app
2 points·by ColdHeat·5 лет назад·0 comments

Is USDC Another Tether?

singlelunch.com
2 points·by ColdHeat·5 лет назад·0 comments

Faster Python with Go shared objects

blog.kchung.co
1 points·by ColdHeat·5 лет назад·0 comments

comments

ColdHeat
·4 года назад·discuss
Sure I took out the relevant section and put it here: https://docs.google.com/document/d/e/2PACX-1vTYSTUp3eTjfD-hG...
ColdHeat
·4 года назад·discuss
Thanks for letting me know. I will have to take a look. I setup Ghost a long time ago and just really use it for the blogging...
ColdHeat
·4 года назад·discuss
Yes the exploit removes the AWS IoT connection so that updates can come from the recreated API.

There was only one type of sign but it did come in various different cases.
ColdHeat
·4 года назад·discuss
I actually had written more about the exploit & vulnerability in my original drafts but I cut it out because it was a bit boring to read.

You are correct that with domain control I am able to serve content to any sign but the content will only be loaded once at boot time. Any future updates would have needed to come from their defunct AWS IoT connection (ignoring full restarts).

Using the exploit I remove the connection to AWS IoT and update some of the code to better connect it to the recreated API so users can update their signs in mostly real time.
ColdHeat
·4 года назад·discuss
Here's my reply to him from https://news.ycombinator.com/item?id=34328461

> Good question! No signs connected to the server until I reached out to some other sign owners to try out my instructions.

I do not know how many signs are out there. I imagine most people would have just unplugged their sign after the company's API vanished since any data would be stale and useless.
ColdHeat
·4 года назад·discuss
Yes I reached out to another owner who was able to connect the sign to the API. I've reached out to more people but haven't gotten too many responses. It's been 5 years after all. If you know anyone with one of these signs send them this post!
ColdHeat
·4 года назад·discuss
Good question! No signs connected to the server until I reached out to some other sign owners to try out my instructions.
ColdHeat
·4 года назад·discuss
The key point here would be "did things correctly" :)

The sign did use AWS IoT for real time configuration updates however initial configuration was pulled from their HTTP server. Using the vulnerability I describe in the article I just remove the connection to AWS IoT.
ColdHeat
·4 года назад·discuss
I had found some tweets by the company where they talked about using an Adafruit panel that was $40. The price on Amazon was about $30 so I figured I would go with the lower price. They may have switched to a lower cost panel but my guess is that didn't happen.

EDIT: Here is the specific tweet: https://twitter.com/NYCTRAINSIGN/status/926106932573810688
ColdHeat
·4 года назад·discuss
Another explanation that I saw [0] was that it was for people to pop the back panel out. I think this is the most likely explanation but it didn't occur to me while working with the sign. I feel like a little notch would have been more appropriate for an actual product.

[0] https://hackaday.com/2023/01/09/iot-archaeology-leads-to-api...
ColdHeat
·4 года назад·discuss
Thank you for the kind words! Made my morning!
ColdHeat
·4 года назад·discuss
Hello, author here. Happy to answer any questions!

My apologies for the downtime, I wasn't expecting much traffic today since I submitted the post to HN yesterday but I've started scaling my server now!
ColdHeat
·4 года назад·discuss
With regards to 3, isn’t the management plane alone $72 for GKE without considering the cost for the nodes? How are your costs so low?
ColdHeat
·4 года назад·discuss
I've eaten their strawberries and they're pretty good! The berries are held in a plastic tray with the berries individually floating on plastic wrap so they don't get squished from their own weight.

While I don't think the berries are worth the price tag, I'd definitely be interested in trying some of the new products they mention in the article (tomatoes, melons).
ColdHeat
·5 лет назад·discuss
The Gitlab integration for Pages is also pretty immature. It doesn't appear to currently work with Groups/Subgroups. I've been back and forth with people on their Discord for maybe a week now trying to just get it setup for a test.
ColdHeat
·5 лет назад·discuss
I would be very interested if you or tsholmes could discuss the thought process behind identifying and reverse engineering the format!
ColdHeat
·5 лет назад·discuss
It seems doable. You can edit it under runtime settings: https://aws.amazon.com/blogs/aws/aws-lambda-functions-powere....
ColdHeat
·5 лет назад·discuss
I believe the owner is https://twitter.com/levicook https://github.com/levicook?
ColdHeat
·5 лет назад·discuss
I used to use this site until I found https://checkip.amazonaws.com/. Switched because I wasn't sure who was behind icanhazip.com and it's tough to beat AWS. Glad to hear that it will likely be maintained for awhile longer!
ColdHeat
·5 лет назад·discuss
Sure, I reported an issue to the Gogs maintainer over two weeks ago and he hasn't acknowledged it at all. Here's the public reference that their SECURITY.md asks for: https://github.com/gogs/gogs/issues/6534

Here's another one posted about a week ago: https://github.com/gogs/gogs/issues/6536