66% or better

Google Releases Project Ara MDK

Ara Modules

 

It’s been a little while since we’ve heard about modular smartphones, but Google has just released the Module Developers Kit (MDK) for Project Ara. The development kit gives an overview of the inner workings of the project, and provides templates for building your own modules.

Once you’ve agreed to the license agreement and downloaded the MDK, you’ll find a large specification document. It explains how a phone will comprise of many modules loaded into an endoskeleton, giving mechanical support and electrical connections. An interface block provides each module with power and data over LVDS. Modules are held in place by an electro-permanent magnet which can be toggled by software.

When you’re finished with the specification document, you can dive into the reference designs. These include templates and actual modules for WiFi, thermal imaging, a battery pack, and more. Mechanical CAD is provided as STEP files and drawings, and electrical design files are provided as Altium projects and PDF schematics.

We discussed both Project Ara and Phonebloks on Hackaday in the past, but now we’re starting to see real details. Google’s Project Ara Developer Conference takes place on April 15th and 16th, and you can register to take part remotely for free. Is this the start of an open, modular phone? Let us know what you think.

[Thanks to Adam for the tip]

Google Security Certificates Forged

Chain of Trust

Recently, Google discovered that a certificate authority (CA) issued forged certificates for Google domains. This compromises the trust provided by Transport Layer Security (TLS) and Secure HTTP (HTTPS), allowing the holder of the forged certificates to perform a man-in-the-middle attack.

To validate that the website you’re visiting is actually who they claim to be, your browser ensures that the certificate presented by the server you’re accessing was signed by a trusted CA. When someone requests a certificate from a CA, they should verify the identity of the person making the request. Your browser, and operating system, have a set of ultimately trusted CAs (called root CAs). If the certificate was issued by one of them, or a intermediate CA that they trust, you will trust the connection. This whole structure of trust is called a Chain of Trust.

With a forged certificate, you can convince a client that your server is actually http://www.google.com. You can use this to sit between a client’s connection and the actual Google server, eavesdropping their session.

In this case, an intermediate CA did just that. This is scary, because it undermines the security that we all rely on daily for all secure transactions on the internet. Certificate pinning is one tool that can be used to resist this type of attack. It works by associating a host with a specific certificate. If it changes, the connection will not be trusted.

The centralized nature of TLS doesn’t work if you can’t trust the authorities. Unfortunately, we can’t.

Controlling Chromecast: AirCast APK released

aircast

[Koush] is at it again, this time releasing AirCast, an Android app that’ll push videos to the Chromecast from Dropbox, Google Drive, and your phone’s Gallery. Astute Hackaday readers will recall that AirCast has been around for a few weeks now, but limited to only his whitelisted Chromecast. As [Koush] explains it, he had to reverse engineer the protocols and now he simply avoids the Chromecast SDK entirely. If you’re lucky enough to have a Chromecast, you’ll want to hurry and grab the APK (direct download link) and have some fun with it before it self-destructs. [Koush] isn’t ready to release it for more than a 48 hour period, but we encourage you to take advantage of AirCast and contribute to his call for feedback, bugs, and crash reports. You have a little under a day left.

See “AllCast” work its magic in the video below. No, that’s not a typo. Apparently [Koush] has been struggling with available names for the app, and you’ll hear him call it “AllCast” in the Youtube video. That name was taken for some other product, though, and “AirCast” has now replaced it. If you suddenly regret not immediately ordering a Chromecast and are sitting this one out, go read [Mike's] rant and get psyched up for when they’re back in stock.

[Read more...]

Rant: Why I love what the Chromecast stands for

chromecast-and-box

I’ve had my hands on this Chromecast for almost a week now and I love it. Years ago I hacked my first Xbox after seeing [Kevin Rose] do it on The Screensavers (I did the hardware mod but that’s inconsequential). Why did I do this? So that I could run Xbox Media Center, the predecessor of XBMC. Since then I’ve dreamed of a device which can be hung on the back of the TV with Velcro and run XBMC. We basically got there with the Raspberry Pi, but the Chromecast is the form-factor that I had always envisioned. This lets me watch Netflix, while the RPi runs XBMC. The two are match made in heaven for under a hundred bucks.

That’s why I love the Chromecast device itself, but the bigger picture is that I love what it stands for. Keep reading to see what i mean.

[Read more...]

Google Science Fair finalist explains squid-inspired underwater propulsion

google-sciencefair-finalist-squid-propulsion

Meet [Alex Spiride]. He’s one of the fifteen finalists of the 2013 Google Science Fair. A native of Plano, Texas, [Alex] entered his squid-inspired underwater propulsion system in the 13-14 year old category.

The red cylinder shown in the image inlay is his test rig. It is covered well on his project site linked above. You just need to click around the different pages using the navigation tiles in the upper right to get the whole picture. The propulsion module uses water sprayed out the nozzle to push the enclosure forward. The hull is made of PVC, with a bladder inside which is connected to the nozzle. The bladder is full of water, but the cavity between it and the hull is full of air. Notice the plastic hose which is used to inject pressurized air, squeezing the bladder to propel the water out the nozzle. Pretty neat huh?

We think [Alex's] work stands on its own. But we can’t help thinking what the next iteration could look like. We wonder what would happen if you wrapped that bladder in muscle wire? Would it be strong enough to squeeze the bladder?

You can see all fifteen finalists at the GSF announcement page. Just don’t be surprised if you see some of those other projects on our front page in the coming days.

[Read more...]

Raspi Internet radio with Google Music

SAMSUNG

It’s not his first Internet radio, but [Matthias]‘ modernization of a classic Bakelite radio is a real, functional piece of art. Not only does it retain the look of an old radio, it also has the capability to listen to streams and his entire MP3 collection through the Internet.

For the software, [Matthias] used jquery to pull down web radio streams and soon figured out how to play all his MP3s through Google Music. This, and a web-based remote for his mobile device, allows the new old-school Internet radio to play everything [Matthias] would ever want to listen to.

The controls for the radio are rotary encoders, with indication provided by a really fabulous numbered LED display (seen above) replacing the 70-year-old tuning dial. These numbers indicate both the current Google Music playlist or the currently playing Internet stream, depending on what mode the selector knob is at.

It’s a beautiful piece of work, and the knobs and dials look like something that could have come from a real 70-year-old radio. That’s a win in our book.

[Limor] from Adafruit to hang out with President [Obama]

adafruit_1200-1

In a positive twist on the usual publicity events that our administration has experimented with over the years, President [Obama] will be hosting a google+ hangout with some lucky people to discuss, well, whatever matters. It is nice to see the people running the country finally getting to grips with some technology. It is still scary to hear how many people making the laws about data still don’t even use a computer.

[Limor] from Adafruit was selected as one of the few that would get to ask the President some questions. She will be focusing on manufacturing and small businesses.  We think she’s a great candidate to do so. We’ve watched her go from someone who just did some really well documented hacks to someone who runs a successful business focusing on open information and education (and gadgets of course). You can also submit your own questions, and if they get enough votes, the president will answer them.