D-Link Router Captcha Broken

May 19, 2009 by Eliot 24 Comments

d-link

We reported last week that D-Link was adding captchas to their routers to prevent automated login by malware. Unsurprisingly, it doesn’t work all time. The team from SourceSec grabbed the new firmware and began poking at it. They found that certain pages don’t require the authentication to be passed for access. One of these is WPS activation. WPS lets you do push button WPA configuration. Once activated, any nearby client can request the WPA key using a tool like WPSpy. Only user level credentials are needed to pull this off, so changing just the admin password won’t prevent it.

[photo: schoschie]

HVACMonitor: Web Enabled Monitoring

May 19, 2009 by Caleb Kraft 12 Comments

hvac

[Marc] submitted this project he’s been building. It’s a web enabled HVAC monitoring system. He’s using a pic-web development board with a custom I/O daughter board to control the HVAC system. The project allows for the system to be monitored and controlled via the web. It should be able to interface with most commercial and residential systems. As usual, schematics and source files are available on his site.

Laser Overkill, IPhone Style

May 19, 2009 by Caleb Kraft 11 Comments

laserphone

Ever wanted a projector for your iPhone? How about a laser projector? These guys did, they made one using an individual laser for each pixel. They have a 5×7 grid to work with, so they have to keep it simple. Well, as simple as it gets with 35 lasers. We think maybe a scanning POV style projector might be more efficient.

Goggle Camera Mod

May 19, 2009 by Caleb Kraft 21 Comments

finished-goggles (Custom)

[Will] submitted his ski goggle mod. He has mounted an Oregon Scientific ATC3K digicam in his goggles. This should make recording ski trips a lot easier. Most of the electronics fit just fine in the mask, though he did need to use an IDE cable to extend parts of it to the custom pack mounted on the strap. We’re also curious how much wind noise he’s going to get on that microphone.

Snoozy The Sloth

May 18, 2009 by Caleb Kraft 25 Comments

[vimeo = 4703152]

Snoozy the Sloth clings to you and sleeps. While this may sound easily done, the maker wanted the sloth to actually simulate breathing with exhaled breath to add to the realism. To do this, they had to build a “respiratory system” out of a rubber glove, a solenoid, and a couple pumps. This kind of toy can be very beneficial to special needs children. The lifelike and calm behavior helps the child connect to the toy. The pumps and solenoid are said to not be too distracting, but we are curious just how loud they are. This seems well executed, and much more sloth like than slothra, another sloth toy from last week. Were these guys in an Arduino powered sloth making class together?

Punchy Punchout, Improved

May 18, 2009 by Caleb Kraft 23 Comments

[youtube=http://www.youtube.com/watch?v=kuHxfYfs9XY]

[Sam] submitted this fun project, a Punchout interface that you actually punch. If you recall, we’ve done a Punchout interface that you punch, but this one takes it a step further. Instead of being a blob on a desk that you’re mashing around, the new one is a Slam Man boxing dummy. They’ve mounted the buttons on different areas of the dummy so you can punch him to completely control the game. As you can see in the video, it seems to work ok, though we doubt the buttons will hold up very long under those conditions. They do say that this is just to hold them over till the Wii version, so maybe those buttons will last just long enough.

Nerf Sentry Gun With Image Recognition

May 17, 2009 by Caleb Kraft 45 Comments

[youtube=http://www.youtube.com/watch?v=PGRBjCrnjhs]

Here’s another hacked Nerf Vulcan rifle. This time it is an automated sentry gun. You must present it your badge, if no badge is found, you are assaulted with a fiery storm of small nerf darts. All encounters are logged and a photos are kept. This was a final project at Cornell, and for once it wasn’t ECE. This was for CS1114. They did a pretty good job with the tracking, now they need to add some more interesting voice options to it.