Hacking the Amazon Dash button
13 Dec 2015Like most others, I treated Amazon’s dash button concept as a flight of fancy. Quickly dismissing it, I never bothered about the buttons. Until now!
Not long ago, I undertook the project of connecting my car garage to the internet. More than anything, it was to get my feet wet with the emerging IoT wave. After implementing it, I felt the need for a generic physical button to act as a trigger. I saw a few products online, but didn’t take the plunge due to the cost. Spending $40-80 for a button, didn’t seem right. Then I found an article, where someone had hacked the $5 Amazon Dash button and made it work as an IoT button. Voila!
I ordered one and followed the article to sucessfully set it up. The setup involves partially setting up the button and then detecting ARP probes.
I felt constant probe monitoring to be inefficient, so took a different approach to detect button presses. As I use Tomato firmware on my router, I was able to use the bundled DNSMASQ capability of script execution on probing. This has the advantage of running completely on the router without requiring a separate machine for probe program execution. I created firewall rules to reject DNS and HTTPS traffic generated by the button (REJECT instead of DROP, as button tries longer to get online with DROP). Dash button does not maintain persistent connections, instead upon pressing the button, it powers up and tries to connect to the Wifi. DNSMASQ detects this and using its dhcp-script
option, I was able to trigger a custom shell script on this. The button tries to make internet connections, but the firewall rejects all such traffic.
One thing to notice is that the script trigger happens whenever DNSMASQ starts up, or the lease renews/expires. But as we are only interested in triggers when the button is actually pressed, we can employ the DNSMASQ_SUPPLIED_HOSTNAME
environment variable to make this distinction. It is only supplied for actions when a host joins or resumes an existing lease, since this data is not held by dnsmasq’s lease database. So with this setup, I was able to use a push notification mechanism instead of the probe monitoring pull mechanism.
I’m happy with the functionality they provide for just $5. Give these little marvels a shot.