Day: October 17, 2017

Control System Fundamentals By Video

October 17, 2017 by 17 Comments

If you’ve had the classic engineering education, you probably have a hazy recollection of someone talking about control theory. If you haven’t, you’ve probably at least heard of PID controllers and open loop vs closed loop control. If you don’t know about control theory or even if you just want a refresher, [Brian Douglas] has an excellent set of nearly 50 video lectures that will give you a great introduction to the topic. You can watch the first lecture, below.

You might think that control systems are only useful in electronics when you are trying to control a process like a chemical plant or a temperature. However, control theory shows up in a surprising number of places from filters to oscillators, to the automatic gain control in a receiver. You’ll find the background behind many familiar results inside control theory. Sort of like when you take calculus and you discover how they came up with all the formulas you memorized in geometry.

Continue reading “Control System Fundamentals By Video”

Sacrificial Bridge Avoids 3D Printed Supports

October 17, 2017 by 25 Comments

[Tommy] shares a simple 3D printing design tip that will be self-evident to some, but a bit of a revelation to others: the concept of a sacrificial bridge to avoid awkward support structures. In the picture shown, the black 3D print has small bridges and each bridge has a hole. The purpose of these bits is to hold a hex nut captive in the area under the bridge; a bolt goes in through the round hole in the top.

Readers familiar with 3D printing will see right away that printing the bridges might be a problem. When a printer gets to the first layer of the bridge, it will be trying to lay filament in empty space. By itself this is not usually a problem as long as a bridge is short, flat, and featureless. Unfortunately this bridge has a hole in it, and that hole means the printer will be trying to draw circles in mid-air, rather than simply stretching filament point-to-point across a gap. One solution would be to add a small amount of support structure, but that just moves the problem. Removing small supports from enclosed spaces can be a real hassle.

To solve this [Tommy] added what he calls a “sacrificial bridge”, shown as blue in the CAD image. He essentially gives the hole a flat bottom, so that the printer first lays down a thin but solid bridge as a foundation. Then, the portion with the round hole is printed on top of that. With this small design change, the print becomes much more reliable with no support structure required.

There is a bit of post-work involved since each hole needs to be drilled out to punch through the thin sacrificial bridge underneath, but it definitely beats digging out little bits of support structure instead.

Click Your Heels Thrice, Hail A Cab Home

October 17, 2017 by 21 Comments

If Dorothy from The Wizard of Oz were to wake up in 2017, with her magic Ruby Slippers on her feet, she’d probably believe she had woken up in a magical world. But modern folks will need a little more magic to impress them. Like Clicking your heels thrice to get home with these Uber ruby slippers. [Hannah Joshua] was tasked by her employer to build a quirky maker project. She got an idea when a friend complained about having trouble hailing a cab at the end of a hard day at work.

[Hannah] started with ruby colored slippers with a platform toe and high heels to allow space to stuff in all the magic dust, err, electronic bits. The initial plan was to use an Arduino with a GSM/GPS shield but that would have needed a separate SIM card and data plan for the shoes. Instead, she opted for the 1Sheeld which connects to a smart phone over Bluetooth. The 1Sheeld gets access to all of the smart phone’s sensors including the GPS as well as the data connection. The Arduino and 1Sheeld are put in a cavity carved out in the toe section. The 9 V battery goes inside another cavity in the heel, where an activation switch is also installed. Three LED’s indicate when the shoe is active, the cab request is accepted, and when the cab is on its way.

The code is basic since this one of her first Arduino projects, but it gets the job done. It sends an http request to Uber’s API to request a cab. The destination is hard-coded, so the slippers only allow you to get from your current location to whatever destination is programmed. The GitHub repository provides code, as well as some additional information on construction. [Hannah] has also added notes explaining some of the design choices and things to take care about if you plan to build one of these magic slippers.

We covered the 1Sheeld when it was introduced several years back, and if you get your hands on one, try building this Hand Waving Door Unlocker.

Continue reading “Click Your Heels Thrice, Hail A Cab Home”

Spare RPi? You Have A Currency Trading Platform

October 17, 2017 by 29 Comments

While Bitcoin and other altcoins are all the rage these days, there is still a lot of activity in the traditional currency exchanges. Believe it or not, there’s money to be made there as well, although it rarely makes fanciful news stories like cryptocurrency has been. Traditional currency trading can be done similar to picking stocks, but if you’d rather automate your particular trading algorithm you can set up a Raspberry Pi to make money by trading money.

This particular project by [dmitry] trades currency on the Forex exchange using an already-existing currency trading software package called MetaTrader. This isn’t an ARM-compatible software suite though, so some auxiliary programs (Wine and ExaGear Desktop) need to be installed to get it working properly. From there, its easy enough to start trading in government-backed currency while reaping all of the low-power-usage benefits that the Pi offers.

[dmitry] does note that you can easily use MetaTrader on a standard laptop, but you might be tempted to go against your trading algorithms and even then you won’t be reaping the power benefits of the ARM processor. We don’t see too many traditional currency or stock trading tips around here, but don’t forget that it’s still possible to mine some types of cryptocurrency even if BitCoin is out of reach of most now.

Hackaday Prize Entry: Playing With USB Power Delivery

October 17, 2017 by 29 Comments

USB Power Delivery is the technology that’s able to pump 100 Watts down a USB cable. It’s been around for half a decade now, but only in the last few years have devices and power supplies supporting USB PD shown up on the market. This is a really interesting technology, and we can’t wait to see the outcome of people messing around with five amps flowing through a cable they picked up at the dollar store, but where are the DIY solutions to futz around with USB PD?

For his Hackaday Prize entry, [Clayton] is doing just that. He’s built a tiny little power jack for USB PD that has a USB type-C plug on one end and a pair of screw terminals on the other. It’s the USB PD Buddy Sink, and once we find some cheap 100 Watt USB power adapters, this is going to be an invaluable tool.

Getting 100 Watts out of a USB charger is a bit more complex than just soldering a few wires together. The power delivery must be negotiated, and for that [Clayton] is using a simple, cheap STM32F0 ARM microcontroller. Plugging into a USB bus is a bit more complicated, but luckily On Semi has a neat little programmable USB Type-C controller PHY that does all the work. Throw in a few MOSFETS and other ancillary parts, and you have a simple, small 100 Watt power supply that plugs right into your new fancy laptop charger.

The design of the USB PD Buddy Sink is complete, and [Clayton] has a bunch of these on hand. He’s selling them on Tindie, but it’s also a great entry to the Hackaday Prize.

The HackadayPrize2017 is Sponsored by:

Microsoft Bug Tracking Hacked

October 17, 2017 by 15 Comments

It seems that the database containing descriptions of critical and unfixed bugs and/or vulnerabilities in some of the most widely used software in the world, including the Windows operating system, was hacked back in 2013. This database is basically gold for any security researcher, regardless of the color of their hat. To know which programs fail and the preconditions for that to happen is half an exploit right there.

Microsoft discovered the database breach in early 2013 after the highly skilled hacking group Morpho a.k.a. Butterfly a.k.a. Wild Neutron broke into computers at a number of major tech companies, including Apple, Facebook, and Twitter. The group exploited a flaw in the Java programming language to penetrate employees’ Apple Macintosh computers and then use them as pivots into the company internal network.

Official sources say that the Microsoft bug database was poorly protected, with access possible via little more than a password. Four years later, we have official confirmation that it happened. To measure the breach impact, Microsoft started a study to correlate the potential flaws in their databases and subsequent attacks. The study found that the flaws in the stolen database were actually used in cyber attacks, but Microsoft argued the hackers could have obtained the information elsewhere, and that there’s “no evidence that the stolen information had been used in those breaches.”

There is really no way to know besides asking the actual hacking group, which will most likely not happen… unless they are HaD readers, in this case they can feel free to comment.

[via Reuters]

Bad RSA Library Leaves Millions Of Keys Vulnerable

October 17, 2017 by 20 Comments

So, erm… good news everyone! A vulnerability has been found in a software library responsible for generating RSA key pairs used in hardware chips manufactured by Infineon Technologies AG. The vulnerability, dubbed ROCA, allows for an attacker, via a Coppersmith’s attack, to compute the private key starting with nothing more than the public key, which pretty much defeats the purpose of asymmetric encryption altogether.

Affected hardware includes cryptographic smart cards, security tokens, and other secure hardware chips produced by Infineon Technologies AG. The library with the vulnerability is also integrated in authentication, signature, and encryption tokens of other vendors and chips used for Trusted Boot of operating systems. Major vendors including Microsoft, Google, HP, Lenovo, and Fujitsu already released software updates and guidelines for mitigation.

The researchers found and analysed vulnerable keys in various domains including electronic citizen documents (750,000 Estonian identity cards), authentication tokens, trusted boot devices, software package signing, TLS/HTTPS keys and PGP. The currently confirmed number of vulnerable keys found is about 760,000 but could be up to two to three orders of magnitude higher.

Devices dating back to at least 2012 are affected, despite being NIST FIPS 140-2 and CC EAL 5+ certified.. The vulnerable chips were not necessarily sold directly by Infineon Technologies AG, as the chips can be embedded inside devices of other manufacturers.

Continue reading “Bad RSA Library Leaves Millions Of Keys Vulnerable”