iBling is an LED Display Necklace

Are you tired of being ignored? Do you want a fashion accessory that says, “Pay attention to me!” If so, you should check out [Al’s] recent instructable. He’s built himself a necklace that includes a display made up of 512 individual LEDs.

This project was built from mostly off-the-shelf components, making it an easy beginner project. The LED display is actually a product that you can purchase for just $25. It includes 512 LEDs aligned in a 16 x 32 grid. The module is easily controlled with a Pixel maker’s kit. This board comes with built-in functionality to control one of these LED modules and can accept input from a variety of sources including Android or PC. The unit is powered from a 2000 mAH LiPo battery.

[Al] had to re-flash the firmware of the Pixel to set it to a low power mode. This mode allows him to get about seven hours of battery life with the 2000 mAH battery. Once the hardware was tested and confirmed to work correctly, [Al] had to pretty things up a bit. Some metallic gold spray paint and rhinestones transformed the project’s cyberpunk look into something you might see in a hip hop video, or at least maybe a Weird Al hip hop video.

The Pixel comes with several Android apps to control the display via Bluetooth. [Al] can choose one of several modes. The first mode allows for pushing animated gif’s to the display. Another will allow the user to specify text to scroll on the display. The user can even specify the text using voice recognition. The final mode allows the user to specify a twitter search string. The phone will push any new tweets matching the terms to the display as scrolling text.

When Responsible Disclosure Isn’t Enough

Moonpig is a well-known greeting card company in the UK. You can use their services to send personalized greeting cards to your friends and family. [Paul] decided to do some digging around and discovered a few security vulnerabilities between the Moonpig Android app and their API.

First of all, [Paul] noticed that the system was using basic authentication. This is not ideal, but the company was at least using SSL encryption to protect the customer credentials. After decoding the authentication header, [Paul] noticed something strange. The username and password being sent with each request were not his own credentials. His customer ID was there, but the actual credentials were wrong.

[Paul] created a new account and found that the credentials were the same. By modifying the customer ID in the HTTP request of his second account, he was able to trick the website into spitting out all of the saved address information of his first account. This meant that there was essentially no authentication at all. Any user could impersonate another user. Pulling address information may not sound like a big deal, but [Paul] claims that every API request was like this. This meant that you could go as far as placing orders under other customer accounts without their consent.

[Paul] used Moonpig’s API help files to locate more interesting methods. One that stood out to him was the GetCreditCardDetails method. [Paul] gave it a shot, and sure enough the system dumped out credit card details including the last four digits of the card, expiration date, and the name associated with the card. It may not be full card numbers but this is still obviously a pretty big problem that would be fixed immediately… right?

[Paul] disclosed the vulnerability responsibly to Moonpig in August 2013. Moonpig responded by saying the problem was due to legacy code and it would be fixed promptly. A year later, [Paul] followed up with Moonpig. He was told it should be resolved before Christmas. On January 5, 2015, the vulnerability was still not resolved. [Paul] decided that enough was enough, and he might as well just publish his findings online to help press the issue. It seems to have worked. Moonpig has since disabled its API and released a statement via Twitter claiming that, “all password and payment information is and has always been safe”. That’s great and all, but it would mean a bit more if the passwords actually mattered.

Coffee Payment System Doesn’t Void Your Warranty

[Oliver] is back with an update to his recent coffee maker hacks. His latest hack allowed him to add a coffee payment system to an off-the-shelf coffee maker without modifying the coffee maker itself. This project is an update to his previous adventures in coffee maker hacking which logged who was using up all of the coffee.

The payment system begins with an Arduino Uno clone inside of a small project enclosure. The Arduino communicates with the coffee maker via serial using the coffee maker’s service port. This port is easily available from outside the machine, so you won’t have to crack open the case and risk voiding your warranty.

The system also includes an RFID reader and a Bluetooth module. The RFID reader allows each user to have their own identification card. The user can swipe their card over the reader and the system knows how many credits are left in their account. If they have enough credit, the machine will pour a delicious cup of coffee.

The Arduino communicates to an Android phone using the Bluetooth module. [Oliver’s] Android app was built using MIT’s app inventor. It keeps track of the account credits and allows the user to add more. The system can currently keep track of up to forty accounts. [Oliver] also mentions that you can use any Bluetooth terminal program to control the system instead of a smart phone app. Continue reading “Coffee Payment System Doesn’t Void Your Warranty”

Arduino Plays White Tiles On Your Mobile Touchscreen

Like many mobile gamers, [Daniel] has found himself caught up by the addictive “White Tiles” game. Rather than play the game himself though,  [Daniel] decided to write his own automatic White Tiles player. While this hack has been pulled off before, it’s never been well documented. [Daniel] used knowledge he gleaned on Hackaday and Hackaday.io to achieve his hack.

The basic problem is sensing white vs black tiles and activating the iPad’s capacitive touch screen. On the sensing end, [Daniel] could have used phototransistors, but it turned out that simple CdS cells, or photoresistors, were fast enough in this application. Activating the screen proved to be a bit harder. [Daniel] initially tried copper tape tied to transistors, but found they wouldn’t reliably trigger the screen. He switched over to relays, and that worked perfectly. We’re guessing that changing the wire length causes enough of a capacitance change to cause the screen to detect a touch.

The final result is a huge success, as [Daniel’s] Arduino-based player tears through the classic game in only 3.9 seconds! Nice work [Daniel]!

Click past the break to see [Daniel’s] device at work, and to see a video of him explaining his creation.

Continue reading “Arduino Plays White Tiles On Your Mobile Touchscreen”

Home Automation Setup Keeps You Informed

[johannes] wrote in to tell us about his latest project, a home automation setup he named Botman. While he calls it a home automation system, controlling lights and home appliances (which it does wirelessly on 433MHz) is just a small part of its functionality. The front panel of Botman includes a servo which points to laser-etched icons of the current weather. It also has a display which shows indoor and outdoor weather conditions along with the status of public transportation around [johannes]’s house.

Botman is built around an Arduino with an Ethernet shield. The Arduino has very little memory, so [johannes] used the Google Apps engine as a buffer between his Arduino and the JSON APIs of his data sources. This significantly reduces the amount of data the Arduino has to keep in memory and parse.

[johannes] also wrote an Android app that communicates with Botman. The app has buttons for controlling lights in his house and duplicates all the information shown on the front panel. [johannes] also built some logging features into Botman. The temperature readings and other information are uploaded from the Arduino to a Google Docs spreadsheet where he can view and graph them from anywhere. Check out the video after the break to see Botman in action.

Continue reading “Home Automation Setup Keeps You Informed”

Timelapse Photography on an Android-Powered Dolly

If you’re heading off on a trip to Alaska, you need to make sure you have plenty of supplies on hand for the wilderness that awaits. If you’re [Bryce], that supply list includes some interesting photography equipment, including a camera dolly that he made to take time-lapse video of the fantastic scenery.

On the hardware side, the dolly carries the camera on a rail that is set up on a slant. The camera starts on one side and moves up and towards the otherside which creates a unique effect in the time-lapse. The rig is driven by a stepper motor, and rides on some pretty fancy bearings. The two cameras [Bryce] plans to use are a Canon T2i and a EOS-M which sit on the top from a tripod.

The software and electronics side is interesting as well. Instead of the usual Arduino, [Bryce] opted for controlling the rig through Android and a IOIO board. This gives the project a lot of options for communications, including Bluetooth. The whole thing is powered by a 19V battery pack. If you’re looking for something a little simpler, you might want to check out the egg timer for time lapse! Check out the video of [Bryce]’s rig in action after the break.

Continue reading “Timelapse Photography on an Android-Powered Dolly”

An RV Converted into a Spaceship Simulator

Hackerspaces always breed innovative projects. The outlandish ideas that come out of these areas typically push the boundaries of what is possible. This giant spaceship simulator is no exception, which is normally housed at the London Hackspace.

It was created by a team of DIY hackers that wanted an immersive experience that didn’t involve virtual reality goggles. Instead, they chose more of a holodeck-type game that literally would shake the people inside the sci-fi styled caravan as they traveled through virtual space fighting aliens along the way.

The cockpit consisted of three seats – one for a pilot, one for a tactical officer, and one an engineer. Countless amounts of computer monitors, joysticks, switches, and a wide variety of arcade-like buttons line the walls inside.

The main radar screen was modeled off of the 1984 space trading video game named Elite, which has been a game geared toward virtual reality from its early beginnings. In fact, a recent sequel called Elite: Dangerous has quickly gained traction as one of the Oculus Rift’s most popular experiences so far.

The difference here is that the caravan acts more like a ride rather than a virtual reality game. Interaction with this simulated experience is hands-on the entire way through.

The whole game is run by another member of the team who controls the experience with two Android tablets in a back room, and can trigger an unidentified space creature (a friend with an inflatable tentacle arm) to attack the unsuspecting space travelers.

141036173395118The game looks like a lot of fun, and it will be exciting to see if this project inspires other engineers to develop something similar. Perhaps someone will make a room into a Dreamatorium play area (as seen in the television show Community); or maybe go full out and attempt to recreate the actual Star Trek holodeck.

If anyone does decide to fashion together a large-scale simulator, be sure to send in photos of the progression of the project and put it up on Hackaday.io!

[via Motherboard – Vice Magazine]