A USB-Controlled POV Light Stick

Wanting to showcase their USB LED strip controller, the folks at Maniacal Labs built a POV LED stick this weekend. Yes, it’s pretty much the same as any other POV LED display you’ve seen; set a camera for a long exposure, wave the POV light stick around, and get a cool pixely image in mid-air. This build is a little different, though: it’s controlled over WiFi with a Raspberry Pi connected to a WiFi network.

The USB LED strip controller in question is the AllPixel, a small board that controls NeoPixels, WS2801, LDP8806, and a bunch of other LED strip controllers over USB. The Stick used for this project consisted of two meters of LPD8806 LEDs, giving 96 pixels of horizontal resolution. A big battery and Raspberry Pi rounds out the rest of the electronics.

Building a LED POV display isn’t that much different from building a LED matrix display; all you have to do is break up the image into individual columns and display them sequentially. To do this, the Maniacal Labs folks whipped up a LEDPOV class that does just that. To get the images, just open the shutter on a camera, wave the stick around, and if you get it right, you’ll have a great pixely image of nyan cat or the rainbow wrencher.

Discovering the Protocol in a USB VoIP Phone

[Daniel] picked up a cheap USB handset to use with his VoIP provider, and included in the box was a CD with all the software that would make this handset work with Windows. [Daniel] is running Linux on his main battlestation, rendering the included CD worthless. Using the handset under Linux would be a problem; although the speaker and mic worked, the buttons and screen did not. No problem, then: [Daniel] just played around with the command line until he figured it out.

The handset presented itself to the Linux box as a soundcard and HID device. The soundcard was obviously the speaker and mic, leaving the buttons and display as the HID device. [Daniel] checked this out by running a hexdump on the HID device and pressed a few buttons. His suspicions were confirmed, and he could easily read the button with a little bit of Python.

With the speaker, mic, and buttons on the handset figured out, [Daniel] turned his attention to the one bit of electronics on the phone he hadn’t yet conquered: the display. After firing some random data at the phone, the display blinked and showed a messy block of pixels, confirming the display was controlled through the HID driver. Loading up usbsnoop to see what the original software does to update the screed showed [Daniel] the data format the display accepts, allowing him to control everything in this VoIP phone.

Espruino Pico, Javascript on a USB Stick

There are probably very few official numbers for this, but web developers at least seem to outnumber the amount of people who regularly poke pins and registers with C. For them, the embedded world must be a scary and foreboding domain, full of bitwise operations and dynamic types. [Gordon] figured there was another way and built a Javascript interpreter for a microcontroller. The latest board built around this interpreter is up on Kickstarter, and its even smaller and more capable than his earlier version.

This isn’t [Gordon]’s first rodeo; last year he launched the (full-sized) Espruino, featuring an ARM Cortex M3 and his very own Javascript interpreter. The large-scale Espruino was a rousing success, and now he’s moving on to a smaller thumb drive-sized footprint for the Pico. The hardware is a bit better, relying on the ARM Cortex M4 STM32F4 with a bit more RAM, and this time the board is slightly cheaper. It still runs the same Javascript interpreter, though, so all the code is exactly what you’d expect.

We haven’t seen many projects using this tiny Javascript of Things, but the new layout does make it fantastically useful. Depending on how the crowd funding campaign turns out, [Gordon] might be adding socket, and USB HID support, along with inline C functions.

Introducing USB Armory, a Flash Drive Sized Computer

[Andrea] tipped us about USB armory, a tiny embedded platform meant for security projects. It is based on the 800MHz ARM Cortex-A8 Freescale i.MX53 together with 512MB of DDR3 SDRAM, includes a microSD card slot, a 5-pin breakout header with GPIOs/UART, a customizable LED and is powered through USB.

This particular processor supports a few advanced security features such as secure boot and ARM TrustZone. The secure boot feature allow users to fuse verification keys that ensure only trusted firmware can be executed on the board, while the ARM TrustZone enforces domain separation between a “secure” and a “normal” world down to a memory and peripheral level. This enables many projects such as electronic wallets, authentication tokens and password managers.

The complete design is open hardware and all its files may be downloaded from the official GitHub repository. The target price for the final design of the first revision is around €100.

BadUSB Means We’re All Screwed

Does anyone else get the feeling that the frequency of rather horrible vulnerabilities coming to light is accelerating? Off the top of our head, there’s Heartbleed, Shellshock, and now this one. The BadUSB exploit attack stems from the “invisible” microcontroller in most USB devices.

We first heard about it when we were attending DEFCON in August. The exploit had been announced the same week at Blackhat but there wasn’t much information out yet. Now the talk has been posted and there’s a well-explained overview article at Big Mess o’ Wires.

Here’s how this one goes: all USB devices rely on a microcontroller to handle the peripheral-side of USB communications. The computer doesn’t care which microcontroller, nor does it have a way of knowing even if it wanted to. The uC is “invisible” in this situation, it’s the interface and data flowing through it that the computer cares about. BadUSB is an attack that adds malicious functionality to this microcontroller. To the computer it’s a perfectly normal and functional USB device, while all the bad stuff is happening on the peripheral’s controller where the computer can’t see it.


How deeply do you think about plugging each and every USB device? Check out what happens at 19:20 into the video below. The USB device enumerates and very quickly sets up a spoofed Ethernet connection. You can still load a webpage via WiFi but the fake connection is forwarding packets to a second server.

Once discovered, you can wipe the computer and this will stop happening; until you plug the same device again and reinfect. Worse yet, because the controller is invisible to the computer there’s almost no way to scan for infected devices. If you are smart enough to suspect BadUSB, how long will it take you to figure out if its your mouse, your keyboard, a thumb drive, a webcam, your scanner… you get the point.

Continue reading “BadUSB Means We’re All Screwed”

USB to DB25 Adapter Uses GRBL For Parallel Port CNC Communication

With the continuing manufacture of new computers, there is a clear and obvious trend of the parallel port becoming less and less common. For our younger readers; the parallel port is an interface standard used for bi-directional communication between a computer and a variety of peripherals. The parallel port’s demise is partially due to the invention of the USB standard.

If tinkering with CNC Machines is one of your hobbies then you are familiar with the parallel port interface being fairly popular for CNC control board connections. So what do you do if your new fancy computer doesn’t have a parallel port but you still want to run your CNC Machine? Well, you are certainly not stuck as [Bray] has come up with a USB to Parallel Port Adapter solution specifically for CNC use.

A cheap off-the-shelf USB to DB25 adapter may look like a good idea at first glance but they won’t work for a CNC application. [Bray’s] adapter is Arduino-based and runs GRBL. The GRBL code is responsible for taking the g-code commands sent from the computer, storing them in a buffer until they are ready to be converted to step and direction signals and sent to the CNC controller by way of the parallel port DB25 connector. This is a great solution for people needing to control a CNC Machine but do not have a parallel port available.

[Bray] is using a Raspberry Pi running GRBLweb to control his adapter board. However, there are other programs you can use to communicate with GRBL such as Universal G-Code Sender and GRBL Controller.

The board has been created in Eagle PCB Software and milled out using [Bray’s] CNC Router. The design is single-sided which is great for home-brew PCBs. He’s even made a daughter board for Start, Hold and Reset input buttons. As all great DIYers, [Bray] has made his board and schematic files available for others to download.

Ask Hackaday: Can Paper USB Business Cards Exist?

swivel business card

The swivelCard Kickstarter campaign recently received a lot of press coverage and makes some impressive claims as their goal is the development of USB and NFC business cards at a $3 unit price. While most USB-enabled business cards we featured on Hackaday were made of standard FR4, this particular card is made of paper as the project description states the team patented

a system for turning regular paper into a USB drive.

As you can guess this piqued our interest, as all paper based technologies we had seen until now mostly consisted of either printed PCBs or paper batteries. ‘Printing a USB drive on regular paper’ (as the video says) would therefore involve printing functional USB and NFC controllers.

Luckily enough a quick Google search for the patents shown in one of the pictures (patent1, patent2) taught us that a storage circuitry is embedded under the printed USB pads, which may imply that the team had an Application-Specific Integrated Circuit (ASIC) designed or that they simply found one they could use for their own purposes. From the video we learn that ‘each card has a unique ID and can individually be programmed’ (the card, not the UID) and that it can be setup to open any webpage URL. The latter can even be modified after the card has been handed out, hinting that the final recipient would go to a ‘www.swivelcard.com/XXXX” type of address. We therefore got confused by

Imagine giving your business card with pictures, videos, presentations, and websites for the recipient to interact with!

paragraph that the project description contains.

This leads us to one key question we have: what kind of USB drive can make a given user visit a particular website, given that he may have Linux, Windows, Mac or any other OS? They all have similar USB enumeration processes and different key strokes to launch a browser… our wild guess is that it may be detected as storage with a single html file in it. Unfortunately for us the USB detection process is not included in the video.

Our final question: Is it possible to embed both USB and NFC controllers in a thin piece of paper without worrying about broken ICs (see picture above)? NFC enabled passports have obviously been around for a long time but we couldn’t find the same for USB drives.

Possible or not, we would definitely love having one in our hands!

Edit: One of our kind readers pointed out that this campaign actually is a re-launch of a failed indiegogo one which provides more details about the technology and confirms our assumptions.