Possible FLR Hacking?

Hey everyone,

I know this is nothing more than speculation, but it’s extremely fishy. While our team was at the Finger Lake Regional in New York, several teams had their robots suddenly act erratically during teleop, sometimes in a very suspicious manner.

For example, team 843 and Sab-BOT-tage all had their robots act oddly. One of them even had their robot completely out of their control, as in, it kept playing the game correctly during teleop without any hands on the controls. The other two teams had similar encounters. When the robots started to act strangely, things like spontaneous minibot deployment occurred, as if someone was trying to figure out their controls.

In addition to that, our robot at one point lost the link to FMS just as the match started, and then magically gained it back immediately when the match ended. During this time, we found out their last reading for our battery was 3 volts, and when we checked, it was actually still charged to 10 volts, so an underpowered bridge is most likely not the issue.

All of this happened to the red side only on Friday. What do you all think of this? Out of control robots that can still play the game are hardly the result of field or user error.

EDIT: I don’t know why I would have suspected hacking. Forget about that and think more about what else could cause these issues.

I don’t think you should be too quick to jump to malicious intent. There could be dozens of reasons for what went on and the interpretations of the status indicators and/or movements (or lack-of) of the robots on the playing fields.

I know it’s frustrating for teams when something they can’t logically explain or figure out happens. It’s happened to me before and it sure will happen again in the future but I don’t think that malicious intent would have been involved in any of these scenarios.

Perhaps if the teams that were having these issues on each of their robots could more thoroughly explain what went on then perhaps we could have a better inside into the problem(s) and if any solutions came of them.

i dont think all teams really beleive in honorable play. in our 2008 regional, our leftside motor plugs were suspiciously disengaged while the team was at lunch costing us the quarterfinal round. the refs told us it was probably a stray ball, but seeing as how our electrical board and indeed the inside of our robot was protected by blueberry netting i found that a little hard to swallow. BUT, nothing could be proven, it was just dissapointing.

It’s more than a little disappointing people are so quick to blame. I guessed it’s human nature.

Perhaps some one was able to drive it off their iphone?

Perhaps. But I don’t think you should jump straight to someone causing some foul play. It’s technology and sometimes it has its own mind.

I think you guys all have a pretty severe misunderstanding of technology if you think this is possible.

First - aren’t robot communications WPA encrypted?

Second - why would they target you and not the teams in the run for winning the event?

are you sure that it was not a glitch that was causing multiple robots to be controlled by one driver station, like, team 1, 2, and 3 all being controlled by team 1’s driver station. that would be my guess as to the culprit.

I was only joking about the Iphone thing, It is always funny when we practice and the drivers suddenly lose control and one of our coaches takes over driving and everyone is so lost lol.

All you need is enough packets – of which you will get plenty from a robot.

  1. It could just be someone entertaining themselves more than trying to ruin a winning team.

That’s really only useful for WEP. The FRC bridge is encrypted with WPA, which is really only cracked through brute force, which, within the period of a single regional, is really not feasible (unless you get really, really lucky).

Edit: ditto, rahilm

WPA2 security, as used by FIRST, has no known weaknesses, meaning that there no methods better than brute force for obtaining a key. WEP has critical weaknesses which can be exploited by the software you mention, but FIRST doesn’t use WEP, nor should anybody else.

This is highly unlikely. The field controls have real time status updates on communication between controller and robot. Had alarms been raised by the FTA, the match would have likely been re-run. Not knowing any details on the field side, I can only guess that there was no cause for concern according to the FTA.

In addition to that, our robot at one point lost the link to FMS just as the match started, and then magically gained it back immediately when the match ended. During this time, we found out their last reading for our battery was 3 volts, and when we checked, it was actually still charged to 10 volts, so an underpowered bridge is most likely not the issue.

10 volts (which is really, really low btw) at idle could certainly drop to 3 volts when you start actually driving.

Here’s an alternate theory:
-The 10V robot started the match, and as soon as the drivers engaged the power-hungry main motors, the voltage dropped so low the various voltage regulators couldn’t keep the cRio and bridge functional
-The 2011 bridge takes about 90 seconds to reboot in our timing
-By the time the bridge rebooted and reconnected to FMS, the match was over.

Yea, 10 volts is a depleted battery, NOT a charged battery.

Don’t EVER play with a 10v battery…

We were seeded fourth so we were in the running for winning the event.
And apparently something fishy was going on. Our team leader said someone was in our pits and may have been messing with our bumpers and left a note on our robot . He contacted the volunteer co-ordinator to sort it out.

Don’t discount the idea of someone remotely controlling a robot by iPhone /iPad. There are two free iOS apps called DSLite and IAMDriver which CAN drive a robot. It is not out of the question.

Hacking WPA2 seems tremedously unlikely.

Robots dying mid-match only to come back on after a while is likely because, unlike last year’s radio, this year’s bridge has a long reboot time for even momentary power losses.

Last year, a momentary power loss means a stuttering robot control. This year, it means a dead robot for most of a match.

DSLite would still require the iPhone to have the wireless key and iAMdriver only works if you’re using the iAMdriver control system instead of the cRIO.

Not true, within the last year a vulnerability was disconvered in the WPA2 spec known as Hole196. However it doesn’t help in finding the key only helps you do nefarious things once you know it.

Also there is really no need to brute force the key, it would be far easier to just take the pieces of paper that have the wireless keys written on them. Many of the competitions I’ve been at teams will leave the paper they’re given with the key just laying around their pit. In the frantic pace of the event no one would likely notice if it went missing.

All of that being said I have significant doubts that there was a malicious person at FLR remotely controlling robots. I’ve seen many robots do weird things over the years due to low batteries, bad wiring, faulty programming, etc. We build very complex machines and when they don’t function as expected it can be frustrating. However there should be a lot of thought given before anyone makes accusations of cheating.

Agreed! At WPI this last year 1915 (1519’s practice robot) lost a key match as I couldn’t control the robot since the voltage was dropping down to 10 volts which caused erratic and uncontrolled behavior.

Also check your controls and code!