DIY home made portable oscilloscope

An ATmega328 based portable home made oscilloscope with ADC from Creative Engineering:

It is basically a small scaled digital oscilloscope. It is capable of displaying all type of waveform like sine, triangular, square, etc. It’s bandwidth is above 1 MHz and input impedance is about 600K. The device is mainly using the ATmega328 micro-controller as the heart and is assisted by a high performance ADC (TLC5510) which is capable of taking up-to 20 mega samples per second and thus increasing the span of bandwidth which can be analyzed by our device. In addition to that, in-order to make the device portable Li-ion battery is used , which will be suitable to be fitted into a confined space.

See project details on Creative Engineering blog.

Check out the video after the break:

Read more »

Edge Impulse makes TinyML available to millions of Arduino developers

This post is written by Jan Jongboom and Dominic Pajak.

Running machine learning (ML) on microcontrollers is one of the most exciting developments of the past years, allowing small battery-powered devices to detect complex motions, recognize sounds, or find anomalies in sensor data. To make building and deploying these models accessible to every embedded developer we’re launching first-class support for the Arduino Nano 33 BLE Sense and other 32-bit Arduino boards in Edge Impulse.

The trend to run ML on microcontrollers is called Embedded ML or Tiny ML. It means devices can make smart decisions without needing to send data to the cloud – great from an efficiency and privacy perspective. Even powerful deep learning models (based on artificial neural networks) are now reaching microcontrollers. This past year great strides were made in making deep learning models smaller, faster and runnable on embedded hardware through projects like TensorFlow Lite Micro, uTensor and Arm’s CMSIS-NN; but building a quality dataset, extracting the right features, training and deploying these models is still complicated.

Using Edge Impulse you can now quickly collect real-world sensor data, train ML models on this data in the cloud, and then deploy the model back to your Arduino device. From there you can integrate the model into your Arduino sketches with a single function call. Your sensors are then a whole lot smarter, being able to make sense of complex events in the real world. The built-in examples allow you to collect data from the accelerometer and the microphone, but it’s easy to integrate other sensors with a few lines of code. 

Excited? This is how you build your first deep learning model with the Arduino Nano 33 BLE Sense (there’s also a video tutorial here: setting up the Arduino Nano 33 BLE Sense with Edge Impulse):

  • Download the Arduino Nano 33 BLE Sense firmware — this is a special firmware package (source code) that contains all code to quickly gather data from its sensors. Launch the flash script for your platform to flash the firmware.
  • Launch the Edge Impulse daemon to connect your board to Edge Impulse. Open a terminal or command prompt and run:
$ npm install edge-impulse-cli -g
$ edge-impulse-daemon
  • Your device now shows in the Edge Impulse studio on the Devices tab, ready for you to collect some data and build a model.
  • Once you’re done you can deploy your model back to the Arduino Nano 33 BLE Sense. Either as a binary which includes your full ML model, or as an Arduino library which you can integrate in any sketch.
Deploy to Arduino from Edge Impulse
Deploying to Arduino from Edge Impulse
  • Your machine learning model is now running on the Arduino board. Open the serial monitor and run `AT+RUNIMPULSE` to start classifying real world data!
Keyword spotting on the Arduino Nano 33 BLE Sense
Keyword spotting on the Arduino Nano 33 BLE Sense

Integrates with your favorite Arduino platform

We’ve launched with the Arduino Nano 33 BLE Sense, but you can also integrate Edge Impulse with your favourite Arduino platform. You can easily collect data from any sensor and development board using the Data forwarder. This is a small application that reads data over serial and sends it to Edge Impulse. All you need is a few lines of code in your sketch (here’s an example).

After you’ve built a model you can easily export your model as an Arduino library. This library will run on any Arm-based Arduino platform including the Arduino MKR family or Arduino Nano 33 IoT, providing it has enough RAM to run your model. You can now include your ML model in any Arduino sketch with just a few lines of code. After you’ve added the library to the Arduino IDE you can find an example on integrating the model under Files > Examples > Your project – Edge Impulse > static_buffer.

To run your models as fast and energy-efficiently as possible we automatically leverage the hardware capabilities of your Arduino board – for example the signal processing extensions available on the Arm Cortex-M4 based Arduino Nano BLE Sense or more powerful Arm Cortex-M7 based Arduino Portenta H7. We also leverage the optimized neural network kernels that Arm provides in CMSIS-NN.

A path to production

This release is the first step in a really exciting collaboration. We believe that many embedded applications can benefit from ML today, whether it’s for predictive maintenance (‘this machine is starting to behave abnormally’), to help with worker safety (‘fall detected’), or in health care (‘detected early signs of a potential infection’). Using Edge Impulse with the Arduino MKR family you can already quickly deploy simple ML based applications combined with LoRa, NB-IoT cellular, or WiFi connectivity. Over the next months we’ll also add integrations for the Arduino Portenta H7 on Edge Impulse, making higher performance industrial applications possible.

On a related note: if you have ideas on how TinyML can help to slow down or detect the COVID-19 virus, then join the UNDP COVID-19 Detect and Protect Challenge. For inspiration, see Kartik Thakore’s blog post on cough detection with the Arduino Nano 33 BLE Sense and Edge Impulse.

We can’t wait to see what you’ll build!

Jan Jongboom is the CTO and co-founder of Edge Impulse. He built his first IoT projects using the Arduino Starter Kit.

Dominic Pajak is VP Business Development at Arduino.

Read more »

Design your own Internet of Things with HackSpace magazine

In issue 31 of HackSpace magazine, out today, PJ Evans looks at DIY smart homes and homemade Internet of Things devices.

In the last decade, various companies have come up with ‘smart’ versions of almost everything. Microcontrollers have been unceremoniously crowbarred into devices that had absolutely no need for microcontrollers, and often tied to phone apps or web services that are hard to use and don’t work well with other products.

Put bluntly, the commercial world has struggled to deliver an ecosystem of useful smart products. However, the basic principle behind the connected world is good – by connecting together sensors, we can understand our local environment and control it to make our lives better. That could be as simple as making sure the plants are correctly watered, or something far more complex.

The simple fact is that we each lead different lives, and we each want different things out of our smart homes. This is why companies have struggled to create a useful smart home system, but it’s also why we, as makers, are perfectly placed to build our own. Let’s dive in and take a look at one way of doing this – using the TICK Stack – but there are many more, and we’ll explore a few alternatives later on.

Many of our projects create data, sometimes a lot of it. This could be temperature, humidity, light, position, speed, or anything else that we can measure electronically. To be useful, that data needs to be turned into information. A list of numbers doesn’t tell you a lot without careful study, but a line graph based on those numbers can show important information in an instant. Often makers will happily write scripts to produce charts and other types of infographics, but now open-source software allows anyone to log data to a database, generate dashboards of graphs, and even trigger alerts and scripts based on the incoming data. There are several solutions out there, so we’re going to focus on just one: a suite of products from InfluxData collectively known as the TICK Stack.

InfluxDB

The ‘I’ in TICK is the database that stores your precious data. InfluxDB is a time series database. It differs from regular SQL databases as it always indexes based on the time stamp of the incoming data. You can use a regular SQL database if you wish (and we’ll show you how later), but what makes InfluxDB compelling for logging data is not only its simplicity, but also its data-management features and built-in web-based API interface. Getting data into InfluxDB can be as easy as a web post, which places it within the reach of most internet-capable microcontrollers.

Kapacitor

Next up is our ‘K’. Kapacitor is a complex data processing engine that acts on data coming into your InfluxDB. It has several purposes, but the common use is to generate alerts based on data readings. Kapacitor supports a wide range of alert ‘endpoints’, from sending a simple email to alerting notification services like Pushover, or posting a message to the ubiquitous Slack. Multiple alerts to multiple destinations can be configured, and what constitutes an alert status is up to you. More advanced uses of Kapacitor include machine learning and anomaly detection.

Chronograf

The problem with Kapacitor is the configuration. It’s a lot of work with config files and the command line. Thoughtfully, InfluxData has created Chronograf, a graphical user interface to both Kapacitor and InfluxDB. If you prefer to keep away from the command line, you can query and manage your databases here as well as set up alerts, metrics that trigger an alert, and the configurations for the various handlers. This is all presented through a web app that you can access from anywhere on your network. You can also build ‘Dashboards’ – collections of charts displayed on a single page based on your InfluxDB data.

Telegraf

Finally, our ’T’ in TICK. One of the most common uses for time series databases is measuring computer performance. Telegraf provides the link between the machine it is installed on and InfluxDB. After a simple install, Telegraf will start logging all kinds of data about its host machine to your InfluxDB installation. Memory usage, CPU temperatures and load, disk space, and network performance can all be logged to your database and charted using Chronograf. This is more due to the Stack’s more common use for monitoring servers, but it’s still useful for making sure the brains of our network-of-things is working properly. If you get a problem, Kapacitor can not only trigger alerts but also user-defined scripts that may be able to remedy the situation.

Get HackSpace magazine issue 31 — out today

HackSpace magazine issue 31: on sale now!

You can read the rest of HackSpace magazine’s DIY IoT feature in issue 31, out today and available online from the Raspberry Pi Press online store. You can also download issue 31 for free.

The post Design your own Internet of Things with HackSpace magazine appeared first on Raspberry Pi.

Read more »

International Proposals for Warrantless Location Surveillance To Fight COVID-19

Time and again, governments have used crises to expand their power, and often their intrusion into citizens’ lives. The COVID-19 pandemic has seen this pattern play out on a huge scale. From deploying drones or ankle monitors to enforce quarantine orders to proposals to use face recognition or thermal imaging cameras for monitoring public spaces, governments around the world have been adopting intrusive measures in their quest to contain the pandemic.

EFF has fought for years against the often secretive governmental use of cell phone location data. Governments have repeatedly sought to obtain this data without a court order, dodged oversight of how they used and accessed it, misleadingly downplayed its sensitivity, and forced mobile operators to retain it. In the past, these uses were most often justified with arguments of law enforcement or national security necessity. Now, some of the same location surveillance powers are being demanded—or sometimes simply seized—without making a significant contribution to contain COVID-19. Despite the lack of evidence to show the effectiveness of location data to stop the spread of the virus, a number of countries’ governments have used the crisis to introduce completely new surveillance powers or extend old ones to new COVID-related purposes. For example, data retention laws compel telecom companies to continuously collect and store metadata of a whole population for a certain period of time. In Europe, the Court of Justice of the European Union declared such mandates illegal under EU law

Like other emergency measures, it may be an uphill battle to roll back new location surveillance once the epidemic subsides. And because governments have not shown its effectiveness, there’s no justification for this intrusion on people’s fundamental freedoms in the first place.

Individualized Location Tracking 

Mobile carriers happen to know their subscribers’ phone’s locations (usually the same as the locations of the subscribers themselves) from moment to moment because of the way cellular networks work. That knowledge has turned into one of the most extensive data sources for governments—and not infrequently advertisers, stalkers, or spies—interested in tracking people’s movements. But while phone location data is sufficient to show whether someone went to church or the movies, it simply is not accurate enough to show whether two people were close enough together to transmit the virus (commonly characterized as a distance of two meters, or about six feet).

While location surveillance is problematic at any time, the coronavirus crisis has led to a rapid uptick in its use; many measures to facilitate it have been passed by fast-tracked legislative procedures during national state of emergencies. Some governments have even bypassed legislators entirely and relied on executive power to roll out expanded location surveillance—making it even less transparent and democratically legitimate than usual. Governments may use the urgency of the crisis to erode limits on the ways people’s location histories can be used, demand this data be turned over to authorities in bulk, or require companies to stockpile records of where their customers have been.

COVID-inspired cell phone location surveillance around the globe

Attempts at rapid expansions of government location surveillance authority have come to light in at least seven countries.

In Israel, in a significant win for privacy, Israel’s High Court of Justice has recently revoked the authorization of the police to access location data for contact tracing without a court order. On March 16th, the government had approved emergency regulations, 48 hours after Prime Minister Benjamin Netanyahu announced his government’s intention to approve health tracking methods. The regulations enabled both the police and Israel's domestic security agency (usually known as Shabak or Shin Bet, after its Hebrew acronym) to track the whereabouts of persons that might be infected or are suspected to be infected with COVID-19 without a warrant. The emergency regulation has now been suspended, and the Court has ordered that the government address the use of mobile phone tracking through legislation. Despite the win, the fight against warrantless access to location data is far from over: on May 5th, the parliament’s Intelligence Subcommittee voted 6-3 to extend the Shin Bet’s warrantless access to location data to track infected people, while the government is working towards advancing legislation to enable this form of surveillance more permanently. Right after the approval of the emergency regulations on March 16th, the Association for Civil Rights in Israel filed a petition to Israel’s High Court stressing the need to protect democracy during the pandemic:

Democracy is measured precisely in those situations when the public is afraid, exposed day and night to nightmare scenarios [...]. Precisely in such moments, it is vital to act in a considered and level-headed manner, and not to take draconian and extreme decisions and to accustom the public to the use of undemocratic means [...].

In South Africa, where a state of disaster has been in place since March 15th, the government amended a law to create a COVID-19 Tracing Database. The database will include personal data of those who are infected or suspected to be infected of COVID-19, including their COVID-19 test results, as well as the details of those who have come or are suspected to have come into contact with them. The Act authorizes the Director-General of Health to order telecom companies to disclose the location of infected or suspected to be infected person, without prior notice, as well as the location of those who were in contact or suspected to have been in contact with them, and to included all of this data in the COVID-19 Tracing Database. The law was met with severe backlash from civil society, and has since been amended twice. In a win for privacy, the last amendment deleted the provisions that obliged telecommunications companies to disclose location data for inclusion in that database. 

Poland, which has been in a state of emergency since mid-March, has a track record of encroaching on the rule of law, even triggering the EU's legal process for addressing violations of European values. The EU Commission has stated that the Polish judiciary is under “the political control of the ruling majority. In the absence of judicial independence, serious questions are raised about the effective application of EU law." Now with COVID-19, the Polish government has also introduced several COVID acts, providing new surveillance powers for the executive. Article 11 of the COVID-19 act obliges telecom operators to collect and give access to location data of people infected with COVID-19 or those under quarantine upon a simple request, as well as aggregate location data of an operator’s clients. The new legislation states that these measures will remain in place until the pandemic has ended.

Slovakia is another eastern European country that has expanded telecom companies’ obligations to retain metadata during the crisis. Slovakia has been in a partial state of emergency since March 15th, during which several amendments to the country’s telecommunications act were fast tracked through parliament. The amendments, which immediately caused outrage, authorized national health authorities to obtain location data from telecommunications operators in the context of a pandemic. As in Poland, the amended law allows both for the retention of anonymized aggregate data, as well as for individual location data.  After  being challenged before the Slovakian Constitutional Court, these measures have recently been suspended due to their vagueness and insufficient safeguards against misuse.

Croatia’s government attempted to introduce similar, fast-tracked amendments to the country’s electronic communications law. The bill would have authorized the exceptional processing of location data to “protect national and public safety,” and would have obliged telecommunications operators to share the data with the Ministry of Health. As in other countries, the proposal was met with outrage among civil society, experts, and opposition, as  more than forty civil society organizations signed onto a letter demanding the government to withdraw the bill. The criticism was eventually successful, but the Croatian example underlines the wider pattern of states looking to expand at any opportunity new surveillance powers in the crisis, in the Balkans and beyond.

Bulgaria, yet another Eastern European country in a state of emergency, has passed an emergency law, which included amendments to the country’s electronic communications act. The law now obliges telecommunications companies to store and (upon request) provide metadata to competent authorities, including the police, to monitor citizens' compliance with quarantine measures. The law does not require requests to be authorized by courts but merely provides for a after-the-fact judicial review process which the country also uses when retaining data to  prevent terrorist attacks. Not limited in time, the measures will remain in force even after the state of emergency has come to an end.  Like Poland, Bulgaria has been showing authoritarian tendencies for several years, and this extension of the country’s data retention regime, ushered in during the COVID crisis, may help solidify autocracy. The pattern of European countries reaching for location data surveillance also pokes holes in the popular image of the European Union as particularly protective of the right to privacy.

Peru, like some European countries, has also issued a state of emergency decree. It compels telephone companies to grant emergency call centers access to cell sites and GPS data of those who have called the national emergency number and are infected or suspected of COVID-19. The decree also authorizes the emergency call centers to access the historical location data of the devices from which the call was made, including three days before such call. Peruvian digital rights NGO cast doubts about the legal basis of such surveillance measures. It also raised concern of potential pitfalls that restricting the right to privacy in a state of emergency can cause in Peru. Regularly Peru has declared a state of emergency in conflict rural areas where activists have been protesting to defend their land, the environment, and their rights.  

South Korea, a country that has been fighting coronavirus outbreaks since the Middle East Respiratory Syndrome (MERS) epidemic in 2015, has dramatically restricted the right to privacy in the context of the pandemic. The Infectious Disease Control and Prevention Act and its enforcement decree allows health officials to obtain sensitive personal data on the infected and those suspected to be infected, as well as their contacts and those suspected to be in contact. Such data includes names, resident registration numbers, addresses, telephone numbers, prescriptions, medical treatment records, immigration control records, credit card, debit card, and pre-paid card statements, transit card records, and CCTV recordings from third parties companies. Police can seize this personal data without consent of the data subjects and without any judicial oversight. The Act also allows health officials and administrators of municipalities to collect location data on the infected (or suspected to be infected) and their contacts (or suspected contacts) from telecommunications operators and location data providers (from cell site and GPS).

Ecuador, the country with the third-worst COVID-19 outbreak in Latin America, has also relied on executive powers to expand location surveillance using GPS and cell site data. President Lenin Moreno issued a vaguely worded emergency decree authorizing the government to “use satellites and mobile telephone companies to monitor the location of people in a state of quarantine or mandatory isolation”. Latin American NGOs immediately reacted, reminding Ecuador that any surveillance measure should be necessary and proportionate, and hence, effective to contain the virus. The NGOs statement echos the words of the U.N Special Rapporteurs, who jointly called upon U.N Member States to follow international human rights standards:

"While we recognize the severity of the current health crisis and acknowledge that the use of emergency powers is allowed by international law in response to significant threats, we urgently remind States that any emergency responses to the coronavirus must be proportionate, necessary and non-discriminatory". 

The appeal builds upon the UN High Commissioner for Human Rights to put Human Rights at the centre of the Coronavirus outbreak response.

Conclusion
Location surveillance comes with a host of risks to citizens’ privacy, freedom of expression and data protection rights. EFF has long been fighting against warrantless access to location data or blanket data retention mandates, and has called on governments to be more transparent on their surveillance programs. Especially now, during a major health crisis, in which the government has not shown the efficacy of location data using GPS or cell site data about individuals, governments should be as transparent as possible about what data they are collecting for what purposes. Above all, the necessity and proportionality of any location data surveillance schemes must be demonstrated.

Read more »

Reserve Now! Kids Craft And Program Bugs LIVE, With Codejoy and Adam Lazarus

In this new and exclusive Maker Camp series, you can join CodeJoy’s Kelsey Derringer and PBS host Adam Lazarus for an educational and fun maker exploration of bugs, crafts, and coding. This private series has limited seats available, so reserve yours now ($50 per household). Your ticket gets you entry […]

Read more on MAKE

The post Reserve Now! Kids Craft And Program Bugs LIVE, With Codejoy and Adam Lazarus appeared first on Make: DIY Projects and Ideas for Makers.

Read more »

Sink every shot with this robotic backboard

With many years of practice and discipline, you too can improve your basketball skills. Or you could just choose to play with Shane Wighton’s automated backboard that sinks nearly any shot that you take.

The setup uses a Microsoft Kinect, along with a Windows-based computer to calculate the inbound ball’s trajectory. On approach it passes data to an Arduino, which then moves the hoop into position via three large steppers and a linkage system. 

While this compensates for the “occasional” error, as shown in the excellent explainer/demo video below, you do have to actually hit the backboard for it to work!

Read more »

Adorama’s New York Rhapsody is a Love Letter to NYC #celebratephotography

Watching this video as the warm spring air wafts through my window, well, it’s a bit overwhelming. I guess for now you’ll just find me inside by the window, waiting to enjoy all the places with all the people I’ll never know. Thank you Adorama.

On the notes of George Gershwin’s immortal “Rhapsody in Blue,” New York City wakes up and begins the daily cycle of life, dreams, and their inevitable intersections. We follow three creatives as they hustle and fight against and within the rhythm of the city to chase their artistic visions.

See more on YouTube


Photofooter

We #celebratephotography here at Adafruit every Saturday. From photographers of all levels to projects you have made or those that inspire you to make, we’re on it! Got a tip? Well, send it in!

If you’re interested in making your own project and need some gear, we’ve got you covered. Be sure to check out our Raspberry Pi accessories and our DIY cameras.

Read more »

Setting up two-factor authentication on your Raspberry Pi

Enabling two-factor authentication (2FA) to boost security for your important accounts is becoming a lot more common these days. However you might be surprised to learn that you can do the same with your Raspberry Pi. You can enable 2FA on Raspberry Pi, and afterwards you’ll be challenged for a verification code when you access it remotely via Secure Shell (SSH).

Accessing your Raspberry Pi via SSH

A lot of people use a Raspberry Pi at home as a file, or media, server. This is has become rather common with the launch of Raspberry Pi 4, which has both USB 3 and Gigabit Ethernet. However, when you’re setting up this sort of server you often want to run it “headless”; without a monitor, keyboard, or mouse. This is especially true if you intend tuck your Raspberry Pi away behind your television, or somewhere else out of the way. In any case, it means that you are going to need to enable Secure Shell (SSH) for remote access.

However, it’s also pretty common to set up your server so that you can access your files when you’re away from home, making your Raspberry Pi accessible from the Internet.

Most of us aren’t going to be out of the house much for a while yet, but if you’re taking the time right now to build a file server, you might want to think about adding some extra security. Especially if you intend to make the server accessible from the Internet, you probably want to enable two-factor authentication (2FA) using Time-based One-Time Password (TOTP).

What is two-factor authentication?

Two-factor authentication is an extra layer of protection. As well as a password, “something you know,” you’ll need another piece of information to log in. This second factor will be based either on “something you have,” like a smart phone, or on “something you are,” like biometric information.

We’re going to go ahead and set up “something you have,” and use your smart phone as the second factor to protect your Raspberry Pi.

Updating the operating system

The first thing you should do is make sure your Raspberry Pi is up to date with the latest version of Raspbian. If you’re running a relatively recent version of the operating system you can do that from the command line:

$ sudo apt-get update
$ sudo apt-get full-upgrade

If you’re pulling your Raspberry Pi out of a drawer for the first time in a while, though, you might want to go as far as to install a new copy of Raspbian using the new Raspberry Pi Imager, so you know you’re working from a good image.

Enabling Secure Shell

The Raspbian operating system has the SSH server disabled on boot. However, since we’re intending to run the board without a monitor or keyboard, we need to enable it if we want to be able to SSH into our Raspberry Pi.

The easiest way to enable SSH is from the desktop. Go to the Raspbian menu and select “Preferences > Raspberry Pi Configuration”. Next, select the “Interfaces” tab and click on the radio button to enable SSH, then hit “OK.”

You can also enable it from the command line using systemctl:

$ sudo systemctl enable ssh
$ sudo systemctl start ssh

Alternatively, you can enable SSH using raspi-config, or, if you’re installing the operating system for the first time, you can enable SSH as you burn your SD Card.

Enabling challenge-response

Next, we need to tell the SSH daemon to enable “challenge-response” passwords. Go ahead and open the SSH config file:

$ sudo nano /etc/ssh/sshd_config

Enable challenge response by changing ChallengeResponseAuthentication from the default no to yes.

Editing /etc/ssh/ssd_config.

Then restart the SSH daemon:

$ sudo systemctl restart ssh

It’s good idea to open up a terminal on your laptop and make sure you can still SSH into your Raspberry Pi at this point — although you won’t be prompted for a 2FA code quite yet. It’s sensible to check that everything still works at this stage.

Installing two-factor authentication

The first thing you need to do is download an app to your phone that will generate the TOTP. One of the most commonly used is Google Authenticator. It’s available for Android, iOS, and Blackberry, and there is even an open source version of the app available on GitHub.

Google Authenticator in the App Store.

So go ahead and install Google Authenticator, or another 2FA app like Authy, on your phone. Afterwards, install the Google Authenticator PAM module on your Raspberry Pi:

$ sudo apt install libpam-google-authenticator

Now we have 2FA installed on both our phone, and our Raspberry Pi, we’re ready to get things configured.

Configuring two-factor authentication

You should now run Google Authenticator from the command line — without using sudo — on your Raspberry Pi in order to generate a QR code:

$ google-authenticator

Afterwards you’re probably going to have to resize the Terminal window so that the QR code is rendered correctly. Unfortunately, it’s just slightly wider than the standard 80 characters across.

The QR code generated by google-authenticator. Don’t worry, this isn’t the QR code for my key; I generated one just for this post that I didn’t use.

Don’t move forward quite yet! Before you do anything else you should copy the emergency codes and put them somewhere safe.

These codes will let you access your Raspberry Pi — and turn off 2FA — if you lose your phone. Without them, you won’t be able to SSH into your Raspberry Pi if you lose or break the device you’re using to authenticate.

Next, before we continue with Google Authenticator on the Raspberry Pi, open the Google Authenticator app on your phone and tap the plus sign (+) at the top right, then tap on “Scan barcode.”

Your phone will ask you whether you want to allow the app access to your camera; you should say “Yes.” The camera view will open. Position the barcode squarely in the green box on the screen.

Scanning the QR code with the Google Authenticator app.

As soon as your phone app recognises the QR code it will add your new account, and it will start generating TOTP codes automatically.

The TOTP in Google Authenticator app.

Your phone will generate a new one-time password every thirty seconds. However, this code isn’t going to be all that useful until we finish what we were doing on your Raspberry Pi. Switch back to your terminal window and answer “Y” when asked whether Google Authenticator should update your .google_authenticator file.

Then answer “Y” to disallow multiple uses of the same authentication token, “N” to increasing the time skew window, and “Y” to rate limiting in order to protect against brute-force attacks.

You’re done here. Now all we have to do is enable 2FA.

Enabling two-factor authentication

We’re going to use Linux Pluggable Authentication Modules (PAM), which provides dynamic authentication support for applications and services, to add 2FA to SSH on Raspberry Pi.

Now we need to configure PAM to add 2FA:

$ sudo nano /etc/pam.d/sshd

Add auth required pam_google_authenticator.so to the top of the file. You can do this either above or below the line that says @include common-auth.

Editing /etc/pam.d/sshd.

As I prefer to be prompted for my verification code after entering my password, I’ve added this line after the @include line. If you want to be prompted for the code before entering your password you should add it before the @include line.

Now restart the SSH daemon:

$ sudo systemctl restart ssh

Next, open up a terminal window on your laptop and try and SSH into your Raspberry Pi.

Wrapping things up

If everything has gone to plan, when you SSH into the Raspberry Pi, you should be prompted for a TOTP after being prompted for your password.

SSH’ing into my Raspberry Pi.

You should go ahead and open Google Authenticator on your phone, and enter the six-digit code when prompted. Then you should be logged into your Raspberry Pi as normal.

You’ll now need your phone, and a TOTP, every time you ssh into, or scp to and from, your Raspberry Pi. But because of that, you’ve just given a huge boost to the security of your device.

Now you have the Google Authenticator app on your phone, you should probably start enabling 2FA for your important services and sites — like Google, Twitter, Amazon, and others — since most bigger sites, and many smaller ones, now support two-factor authentication.

The post Setting up two-factor authentication on your Raspberry Pi appeared first on Raspberry Pi.

Read more »

Book review: Hacker States #Books #Hacking @wmmna

we-make-money-not-art.com reviews Hacker States, by political sociologist Luca Follis and cultural anthropologist, documentary video producer and interdisciplinary scholar Adam Fish.

The Publisher writes:

Luca Follis and Adam Fish examine the entanglements between hackers and the state, showing how hackers and hacking moved from being a target of state law enforcement to a key resource for the expression and deployment of state power. Follis and Fish trace government efforts to control the power of the internet; the prosecution of hackers and leakers (including such well-known cases as Chelsea Manning, Edward Snowden, and Anonymous); and the eventual rehabilitation of hackers who undertake “ethical hacking” for the state. 

And WMMNA states:

The protagonists in the book are more or less famous (when they’ve been identified that is.) Chelsea Manning, Edward Snowden, Anonymous, Lauri Love, Julian Assange. There’s the hacktivists, the whistleblowers and other courageous actors of civil disobedience. Then come the Twitter bots, the cybercriminals, the fabricated Americans, the cyber mercenaries, WannaCry and the trolls. But also the FBI, the NSA, GCHQ, the police, the banks, the corporations, the lawyers and the courts. In the middle of all that jolly crowd and trying to make sense of it, there’s the press and of course, there’s you and I who live in what the authors of this book rightly call “high breach societies.”

The motivations of the hackers and the states might differ widely, their morality and beliefs might be at opposite ends of the ethical spectrum but they end up mingling more or less willingly. The authors explore the concept of “boundary” and how states redraw and expand borders and boundaries to enfold or remove hackers. States unleash law enforcement crackdown on hackers but they also attempt to neutralise, co-opt and exploit their power.

The summary is “The book is very U.S.-centred, with mentions of the UK, China, Russia, a couple of nods to North Korea, Latin America and the Islamic State in Syria (ISIS.) As for Europe, Iran and Israel, they are reduced to footnotes. Either we need other volumes of Hacker States or the message is that if it doesn’t happen within the elastic boundaries of the U.S., hacking simply doesn’t matter. I’d go for the first option.”

See the entire review here.

Read more »

Plan C Live: The Montana Mask – Thursday May 7th

PLAN C LIVE is an online conversation with Dorothy Jones-Davis of Nation of Makers and Dale Dougherty of Make: Community and a panel of makers about the civic response to COVID-19. Thank you to those who have been participating as panelists and those of you who attended through Zoom. We […]

Read more on MAKE

The post Plan C Live: The Montana Mask – Thursday May 7th appeared first on Make: DIY Projects and Ideas for Makers.

Read more »