Beating Bitlocker In 43 Seconds

How long does it take to steal your Bitlocker keys? Try 43 seconds, using less than $10 in hardware. Encrypting your hard drive is good security. If you’re running Windows, the most popular system is BitLocker, which has come with Windows since Vista. We’ve known for some time that Bitlocker could be defeated with direct access to the hardware. Microsoft claims that the process requires an attacker with skill and lengthy access to the hardware. [Stacksmashing] wanted to define lengthy, so he gave it a try. The result is a shockingly fast attack.

Anyone who uses Windows has probably run into Bitlocker. Your hard drive is encrypted, and Bitlocker runs silently in the background, decrypting data on demand.  The problem is key storage. In a simplified sense, encryption keys are stored in the Trusted Platform Module (TPM). When your computer boots, it reads the key from the TPM over the LPC (low pin count) bus, which is one of the last remnants of the original ISA bus.

Continue reading “Beating Bitlocker In 43 Seconds”

Custom Calculator Brings Us Back To The 70s

There are certain design aesthetics from every era that manage to survive the fads of their time and live throughout history. Ancient Greek architecture is still drawn upon for design inspiration in modern buildings, the mid-century modern style from the 60s still inspires various designs of consumer goods, and the rounded, clean looking cars from the 90s are still highly desirable qualities in automotive design. For electronics, though, we like this 70s-inspired calculator that [Aaron] recently built.

The calculator hearkens back to the days of calculators like the HP-29C with its large buttons and dot-matrix display. [Aaron] built the case out of various woods with a screen angled towards the user, and it uses a LCD display similar to those found in antique calculators. The brain of the calculator is an Arduino which fits easily into the case, and [Aaron] also built the keyboard from scratch with Cherry MX-style mechanical keys soldered together into a custom shape.

The software to run the calculator is fairly straightforward, but we are most impressed with the woodworking, styling, and keyboard design in this build. [Aaron] is also still ironing out some bugs with the power supply as it uses a DC-DC converter to power the device from a single lithium battery. For those who are more fond of early 2000s graphing calculators instead, be sure to take a look at this graphing calculator arcade cabinet.

Continue reading “Custom Calculator Brings Us Back To The 70s”

Bottle Organ Breakdown

A keen-eyed commenter pointed us to a homemade bottle organ that plays like a piano. The complexity gets turned up with foot-powered bellows and custom keys, but the magic of [Mike] and [Simon Haisell]’s garage-built instrument is not lost in the slightest. We also have the video below the break and there is a bottle organ performance by [Coyote Merlot].

The working concepts are explained well in the video, and that starts with the bellows. In the first few seconds of the video, we see an organist swaying as he plays, and it would be accurate to say the music moves him. The wobbling is to pedal a couple of levers that squeeze a pair of air sacs and slide under wheels that look like a hardware store purchase. The spring-return mechanism is a repurposed bungee cord and you know we dig that kind of resourcefulness. Each bellow valve is made with traditional leather flaps of the type that predate bungee cords and camera phones. These air pumps inflate a big reservoir in the back that provides continuous pressure to a manifold where each of the thirty-six keys control a valve responsible for one bottle. The pair built every wooden part we mentioned with the explicit purpose of creating this organ.

Continue reading “Bottle Organ Breakdown”

Simple Hack Completely Changes The Sound Of This Piano

We’re partial to musical instrument hacks around here, mainly because we find instruments to be fascinating machines. Few are more complex than the piano, and, as it turns out, few are quite so hackable. Still, we have to admit that this ragtime piano hack took us by surprise.

We always thought that the rich variety of tones that can be coaxed from a piano, from the tinny sound of an Old West saloon piano to the rich tones of a concert grand, were due mainly to the construction of the instrument and the way it’s played. Not so, apparently, as [Measured Workshop] demonstrated by installing a “mandolin rail” in a small upright piano. The instrument had seen better days, so step one was disassembly and cleaning. A wooden rail spanning the entire width of the string board was added, with a curtain of fabric draping down to the level of the hammers. The curtain was cut into a fringe in the same spacing as the hammers – marking the hammer locations with cornstarch was a nice trick – and metal clips were crimped to each fringe. The completed mandolin rail can be raised and lowered using a new foot pedal, completely changing the tone as the hammers hit the strings with the metal clips rather than their soft felt heads. It makes the piano sound a little like a harpsichord, or the aforementioned saloon instrument, and at the touch of a foot, it’s back to its original tone.

Most of the piano hacks we offer tend toward the electronic variety, so it’s nice to see a purely mechanical piano hack for a change. And if the hacked piano doesn’t work out as an instrument, you can always turn it into a workbench.

Continue reading “Simple Hack Completely Changes The Sound Of This Piano”

Portable Pi Teensy Thumboard

Even on the go, there is no substitute for a physical keyboard with buttons that move and click. Sure, you could solder a bunch of tactile switches to some perfboard, but how about going all out and making something robust as [Anthony DiGirolamo] did for his Teensy Thumboard. Everything is insertion-mount so it is an approachable project for anyone who knows the dangerous end of a soldering iron, and that also makes it easy to hack on.

Each pin of the Teensy has an adjacent empty hole tied to it for easy access, and the serial data pins are exposed at the top of the board. All the holes use standard 0.1″ (2.54mm) spacing. The I/O points used by the keyboard are labeled, and the rest of them can use the space under the controller where proto-board style holes add some extra space for an IMU or whatever sensors suit your slant.

Most impressive is the shell, which is freely available on Thingiverse, where you can also find a bill of materials with links to everything you will need in case you don’t have drawers full of those tactile switches.

If this looks familiar, you have probably seen the PocketCHIP, and it is no secret that this project is an homage to that versatile pocket computer. We appreciate this kind of love for PocketCHIP, especially since they are now a limited commodity.

MIDISWAY Promises To Step Up Your Live Show

If you like to read with gentle music playing, do yourself a favor and start the video while you’re reading about [Hugo Swift]’s MIDISWAY. The song is Promises, also by [SWIFT], which has piano phrases modulated during the actual playing, not in post-production.

The MIDISWAY is a stage-worthy looking box to sit atop your keys and pulse a happy little LED. The pulsing corresponds to the amount of pitch bending being sent to your instrument over a MIDI DIN connector. This modulation is generated by an Arduino and meant to recreate the effect of analog recording devices like an off-center vinyl or a tape that wasn’t tracking perfectly.

While recording fidelity keeps inching closer to perfect recreation, it takes an engineer like [Hugo Swift] to decide that a step backward is worth a few days of hacking. Now that you know what the MIDISWAY is supposed to do, listen closely at 2:24 in the video when the piano starts. The effect is subtle but hard to miss when you know what to listen for.

MIDI projects abound at Hackaday like this MIDI → USB converter for getting MIDI out of your keyboard once you’ve modulated it with a MIDISWAY. Maybe you are more interested in a MIDI fighter for controlling your DAW. MIDI is a robust and time-tested protocol which started in the early 1980s and will be around for many more years.

Continue reading “MIDISWAY Promises To Step Up Your Live Show”

TruffleHog Sniffs Github For Secret Keys

Secret keys are quite literally the key to security in software development. If a malicious actor gains access to the keys securing your data, you’re toast. The problem is, to use keys, you’ve got to write them down somewhere – oftentimes in the source code itself. TruffleHog has come along to sniff out those secret keys in your Github repository.

It’s an ingenious trick — a Python script goes through the commit history of a repository, looking at every string of text greater than 20 characters, and analyzing its Shannon entropy. This is a mathematical way of determining if it looks like a relatively random string of numbers and letters. If it has high entropy, it’s probably a key of some sort.

Sharing source code is always a double-edged sword for security. Any flaws are out for all to see, and there are both those who will exploit the flaws and those who will help fix them. It’s a matter of opinion if the benefits outweigh the gains, but it’s hard to argue with the labor benefits of getting more eyes on the code to hunt for bugs. It’s our guess though, that a lot of readers have accidentally committed secret keys in a git repository and had to revert before pushing. This tool can crawl any publicly posted git repo, but might be just as useful in security audits of your own codebase to ensure accidentally viewable keys are invalidated and replaced.

For a real world example of stolen secret keys, read up on this HDMI breakout that sniffs HDCP keys.