Happy New Year Extra

Goodbye 1167627600 –1199167140 1199163540.

[Justin] is having fun telling everyone that an exploit has been found for the Archos 605 media player. The hack gets you remote root access on the player… need I say more?

[Gene] sent in his polar coordinate based LEGO 3d printer. He’s still working on the driver end, but it’s an interesting project.

[Kyle] sent in the gutting of his flip video camera.

Need some new storage? [forrest] sent in his price/GB price comparison script. It scrapes New Egg and graphs out the results.

Despite the link on our old post being dead, [Txoof] built his own CCFL macro light from a dead laptop LCD.

[Dan] sent in his LED cube matrix. The LEDs are wired in a matrix, so he can actually address them individually.

Frostbot: CNC cookie frosting

[Brian Schmalz] sent in his Frostbot. It’s a fun CNC bot project that he built to frost cookies for his latest holiday party. He (wussed out a bit) and started with a kit based CNC machine, but he made up for it by driving it with his own control hardware (that sparkfun happens to have for sale). His USB bit wacker interface certainly looks interesting – I might consider adding it in front of the stepper controllers on my cnc mill. Especially interesting is the HPGL interpreter software that converts graphics to stepper commands via the bit whacker interface.

24C3 Toying with barcodes

[FX] from Phenoelit gave an entertaining talk about barcode security. He covered both how the systems are implemented and how they’ve been exploited. The first example was a parking garage in Dresden that issues non unique barcodes for the unlimited passes that hotels give out. Anyone code print out an image of that particular code and park for free. German grocery stores have automated machines that refund you for your empty beer bottles. The barcode generated just states the refund amount (5 digits) that you’ll get at the register. Just stick the barcode under something like a six pack and it’ll scan even without the cashier seeing it.

Check out the video to find out more silliness involving DVD rentals, boarding passes, asset management, and SQL injection via the scanner. You can even find higher res versions in the 24C3 media archives.

Raid your network file shares

[Motoma] sent in his take on the virtual RAID 5 post. He didn’t like the layered system requirements, so he put together a proof of concept that only requires a Linux box. For his proof, he used a NFS share, a SMB share and did everything from the command line. He didn’t cover FTP, but the Gentoo wiki has a nice cheat sheet for mounting FTP and folders over SSH if you want some alternatives. He uses some very interesting partition tricks to make things happen. If you need some help to get things rolling, the Ubuntu forums software raid how-to is a good place to start.

DIY Wakeboarding winch

[exhaltingidiotz] is just one of the guys who’s built his own wakeboard winch. These things are pretty low tech, but using a winch to wakeboard has to be one of the most original ideas that I’ve seen in a while. Winches have some interesting advantages over boats: less fuel, no licensing and shallow water that no boat or jet ski would ever work in suddenly becomes usable. Here’s a basic design that’s typical and a simple demo video. The forums are a bit annoying to search for info, so here’s a fantastic winch build writeup.

DIY Home Theater Preamplifier

[Dane] built this excellent home theater pre-amplifier. He used [Mark Hennesy]’s pre-amp design to start with, and added selectable XLR, RCA, SPDIF and even USB audio inputs. Discrete inputs from his DVD player provide surround input, and an analog matrix creates 7.1 surround from the 5.1 input. The design is very elegant, and even uses a VFD display that appears blue with some filters. I usually just buy my HT gear, but projects like this make me seriously consider re-building my entire HT from scratch.

24C3 Build your own UAV

The 24th annual Chaos Communications Congress in Berlin is already off to a great start. The first talk we attended was [Antoine Drouin] and [Martin Müller] presenting Paparazzi – The Free Autopilot. Paparazzi is an open source hardware and software project for building autonomous unmanned aerial vehicles. The main hardware board has an ARM processor and GPS. It uses inertial and infrared sensors to determine orientation and altitude. The four infrared thermopiles measure the air temperature. The ground is warmer than the sky and if you compare the temperature in the direction of each wing tip your can tell what angle the airplane is at. It’s really that simple.

They did a pretty amazing live demo. Using the network connection they controlled a UAV flying in France and another in Germany. Both planes were streaming live video from belly mounted cameras. One relaying through a home DSL connection and the other through a UMTS cellphone. They were able to change way-points on the fly and issue flight pattern commands. There is a ground crew at each location with a security pilot that will switch the controls to manual if things get out of hand.