Day: December 16, 2016

Retrotechtacular: The Aerolux Light Corporation

December 16, 2016 by 38 Comments

The humble incandescent lightbulb is an invention just about anyone born in the 20th Century is more than familiar with. But it’s not the be all and end all of lighting technology – there are neon lights, compact fluorescent bulbs, and even LEDs are finally being adopted for interior lighting. But with the endless march forward, there are vintage throwbacks to the past – how many hipster cafes have you been to lately with great big industrial-looking filament bulbs hanging from the ceiling?

Even when switched off, they have a striking appearance.

However, that’s not all history has to give us. These gas discharge bulbs from yesteryear are absolute works of art.

The bulbs contain delicate floral sculptures in metal, coated with phosphor, and the bulbs are filled with neon or argon gas. Applying mains voltage to the electrodes inside the bulb causes the phospor to fluoresce, creating a glowing flower that is hauntingly beautiful.

These bulbs were manufactured by the Aerolux Light Company, from the 1930s to the 1970s. Once upon a time, they could be had for as little as 20 cents a bulb – nowadays you’re likely to pay over $50 on eBay or Etsy. The bulbs work by the glow discharge effect, not at all dissimilar to garden variety neon lamps.

While it’s not easy, it is possible to make your own vacuum tubes. Maybe it’s time to order some phospor powder and a tank of neon and get to work? Be sure to document your attempt on Hackaday.io.

Thanks to [Itay Ramot] for the tip!

 

 

Reliably Exploiting Apport In Ubuntu

December 16, 2016 by 17 Comments

[Donncha O’Cearbhaill] has successfully exploited two flaws in Apport, the crash report mechanism in Ubuntu. Apport is installed by default in all Ubuntu Desktop installations >= 12.10 (Quantal). Inspired by [Chris Evan] work on exploiting 6502 processor opcodes on the NES, [Donncha] describes the whole process of finding and exploiting a 0-day on a modern linux system.

One of the flaws, tracked as CVE-2016-9949, relies on a python code injection in the crash file. Apport blindly uses the python eval() function on an unsanitized field (CrashDB) inside the .crash file. This leads directly to arbitrary python code execution. The other flaw, tracked as CVE-2016-9950, takes advantage of a path traversal attack and the execution of arbitrary Python scripts outside the system hook_dirs. The problem arises when another field (Package) from the crash report file is used without sanitizing when building a path to the package hook files.

CVE-2016-9949 is easily exploitable, if an attacker can trick a user into opening a specially crafted file (apport .crash file), the attacker can execute the python code of his/her choice. Two details make it a very interesting exploit.

The first thing to note is the exploit’s reliability. Given that it is pure python code execution, an attacker doesn’t have to worry about ASLR, Non-Exec Memory, Stack Canaries and other security features that Ubuntu ships by default. As the author notes:

“There are lots of bugs out there which don’t need hardcore memory corruption exploitation skills. Logic bugs can be much more reliable than any ROP chain.”

Another interesting detail is that the exploit file doesn’t need to have the .crash extension, as long as its content starts with the string “ProblemType: ” and the file extension is not associated already with other software, Ubuntu considers it being of mime-type type=”text/x-apport” (for example, .ZlP or .0DF). This significantly improves the chances of an unsuspecting user being fooled into open the file.

Continue reading “Reliably Exploiting Apport In Ubuntu”

Massive 20-oz. Copper PCB Enables Electric Racing

December 16, 2016 by 49 Comments

Is twenty times the copper twenty times as much fun to work with? Ask [limpkin] and follow along as he fabricates a DC/DC block for a Formula E race car on 20-oz copper PCBs.

The typical boards you order from OSH Park and the like usually come with 1-ounce copper – that’s one ounce of copper cladding per square foot of board. For those averse to Imperial units, that’s a copper layer 34 micrometers thick. [limpkin]’s Formula E control board needs to carry a lot of current, so he specified 700-micrometer thick cladding, or 20-oz per square foot. The board pictured cost $2250, so you’d figure soldering on the components would be an exotic process, but aside from preheating the board, [limpkin] took it in stride. Check out the image gallery of the session and you’ll see nothing but a couple of regular high-wattage soldering irons, with dirty tips to boot.

It’s pretty neat comparing what’s needed for power electronics versus the normal small signal stuff we usually see. We’d recommend looking at [Brian Benchoff]’s “Creating a PCB in Everything” series for design tips, but we’re not sure traditional tools will work for boards like these. And just for fun, check out the Formula E highlights video below the break to see what this build is part of.

Continue reading “Massive 20-oz. Copper PCB Enables Electric Racing”

Revealed: Homebrew Controller Working In Steam VR

December 16, 2016 by 6 Comments

[Florian] has been putting a lot of work into VR controllers that can be used without interfering with a regular mouse + keyboard combination, and his most recent work has opened the door to successfully emulating a Vive VR controller in Steam VR. He uses Arduino-based custom hardware on the hand, a Leap Motion controller, and fuses the data in software.

We’ve seen [Florian]’s work before in successfully combining a Leap Motion with additional hardware sensors. The idea is to compensate for the fact that the Leap Motion sensor is not very good at detecting some types of movement, such as tilting a fist towards or away from yourself — a movement similar to aiming a gun up or down. At the same time, an important goal is for any added hardware to leave fingers and hands free.

Continue reading “Revealed: Homebrew Controller Working In Steam VR”

Building The First Ternary Microprocessor

December 16, 2016 by 92 Comments

Your computer uses ones and zeros to represent data. There’s no real reason for the basic unit of information in a computer to be only a one or zero, though. It’s a historical choice that is common because of convention, like driving on one side of the road or having right-hand threads on bolts and screws. In fact, computers can be more efficient if they’re built using different number systems. Base 3, or ternary, computing is more efficient at computation and actually makes the design of the computer easier.

For the 2016 Hackaday Superconference, Jessie Tank gave a talk on what she’s been working on for the past few years. It’s a ternary computer, built with ones, zeros, and negative ones. This balanced ternary system is, ‘Perhaps the prettiest number system of all,’ writes Donald Knuth, and now this number system has made it into silicon as a real microprocessor.

Continue reading “Building The First Ternary Microprocessor”

Books You Should Read: The Hardware Hacker

December 16, 2016 by 20 Comments

There’s no one quite like Andrew ‘Bunnie’ Huang. His unofficial resume begins with an EE degree from MIT, the author of Hacking the Xbox, creator of the Chumby, developer of the Novena, the first Open Source laptop, and has mentored thousands of people with dozens of essays from his blog.

Above all, Bunnie is a bridge across worlds. He has spent the last decade plying the markets of Shenzhen, working with Chinese manufacturers, and writing about his experiences of taking an idea and turning it into a product with the help of Chinese partners. In short, there is no person better suited to tell the story of how Shenzhen works, what can be done, and how to do it.

Bunnie’s The Hardware Hacker ($29.95, No Starch Press) is the dead tree expression of years of living and working in Shenzhen, taking multiple products to market, and exploring the philosophy that turned a fishing village into a city that produces the world’s electronic baubles.

Continue reading “Books You Should Read: The Hardware Hacker”

[Huan] Liberates A Router

December 16, 2016 by 32 Comments

[Huan Truong] was given a WiFi router and thought he’d improve it by installing a free firmware on it. Unfortunately, the router in question is a bit old, and wasn’t ever popular to begin with, which meant that it was unsupported by the usual open firmware suspects. The problem was that it only had a 4 MB flash to boot off of, but [Huan] was determined to make it work. (Spoiler: he did it, and documented it fully.)

The flash workaround consisted basically of repartitioning the space, and then telling u-boot where to find everything. On a router like the WNR2000 that [Huan] had, the flash is memory-mapped, which meant adding an offset to the flash start (0xbf000000 instead of 0x00000000) and remembering to do this consistently so that he doesn’t overwrite things like the MAC address.

[Huan] went for the LEDE fork of OpenWRT, and rebuilt it from source because he needed a small version to fit inside his limited flash. With this task completed, it worked. All done? Nope, [Huan] then submitted a pull request to LEDE, and now you can enjoy the fruits of his labor without replicating it. But if you’ve got another low-flash, obscure router, you’ve got a head start in getting LEDE up and running on it.

Routers are perhaps the most-hacked device that we see here, and they can be made pretty darn useful with the right firmware. Sometimes getting a custom firmware running is relatively easy, as it was here, and sometimes it requires some deep reverse engineering. But it’s good to keep up your router-hacking chops, because they may not always be as open as they are now.