In February, I saw Robert Lucian’s Raspberry Pi based license plate reader project on Hackaday.  His project is different, in that he wrote his own license plate recognition algorithm, which runs in the cloud - the Pi feeds the images to the cloud for processing.  He had great results - 30 frames per second, with 1 second of latency.  This is awesome, but I want to process on the device - I want to avoid cellular data and cloud charges.  Once I get this working, I’ll look at improving performance with a more capable processor, like the nVidia Jetson or the Intel Neural compute stick.

I’m building a Node application hosted on a Raspberry Pi, that will not be connected to the internet. A user will interface with the application through the browser on their phone. The application calls the browser for its GPS coordinates using the HTML Geolocation API.

In iOS, the HTML Geolocation API only works for HTTPS sites. I found an excellent post on Stackoverflow for creating a self signed cert that works in most browsers. I created the cert, added it to my desktop and phone. HTTPS worked great.

After only a couple of uses, I decided the Alexa-powered TV remote I built earlier this year was not very useful. In my experience, there are few cases where voice control makes sense, and powering on my TV is not one of these cases. So I set out to build my own remote.

I built my own Arduino on a prototype board, using a circuit I had used before, the RRRRRRRRRRBBA really bare bones Arduino design. As I want it to last for a while on a set of batteries, I wired the buttons into an interrupt line. The micro-controller is programmed to be in sleep mode until a button is pressed, and then it wakes up, and sends the corresponding signal to the infrared LED. It will be interesting to see how long the batteries last - I’m hoping at least 6 months!

Background

I have an old TV which was acquired used, without a remote. The power button has become a little finicky. Rather than going out and buying a new TV, or a universal remote, I thought it would be fun to build one. I had a Sparkfun ESP8266 dev board that wasn’t currently being used, and an Amazon Echo Dot in the same room as my TV, so I decided to make an Amazon Alexa-controlled remote rather than build a physical one with buttons.

In 2018, after reading an article on Hackaday, I picked up an Amazon Echo Dot to experiment with building voice interfaces. It was surprisingly easy, and with no experience, I got something up and running in a couple hours.

I haven’t looked at this in a while, and had another project in mind. Looking at the Alexa development documentation today, all the examples leverage Amazon’s Lambda’s compute service. For my project, I didn’t want to use Lambda, I just wanted to use Express on Node JS. Amazon has NPM library for this, ask-sdk-express-adapter, but I couldn’t find ANY end-to-end example, and I struggled for a bit to get it to work. I think it took me longer the 2nd time around!

By Richard Audette, richard@hotelexistence.ca

Introduction

Web skimming is a form of internet or carding fraud whereby a payment page on a website is compromised when malware is injected onto the page via compromising a third-party script service in order to steal payment information.
from: https://en.wikipedia.org/wiki/Web_skimming

In a web skimming attack, a malicious actor injects Javascript into a target website through some vulnerability. The Javascript is typically activated on the websites’ checkout page, and is run in the user’s browser. The Javascript collects (“skims”) the information entered by the end user, and sends this information from the browser to server controlled by the malicious actor. From the user’s and the website operator’s perspective, the intended transaction is completed successfully. The malicious actor has obtained the user’s information before it is stored on the website operator’s servers. It requires a different form of detection.