Year: 2017

Javascript Art Is In The URL

May 13, 2017 by 9 Comments

[Alexander Reben] makes tech art, and now he’s encouraging you to do the same — within a URL. The gimmick? Making the code small enough to fit the data portion of a link. And to help with that, he has set up a webpage that uncompresses and wraps code from the URL and inserts it into the HTML on the fly. His site essentially applies or un-applies all the tricks of JS minification in the URL, and turns that into content.

So, for instance,https://4QR.xyz/c/?eJzzSM3JyVcIzy_KSVEEABxJBD4 uncompresses to a webpage that says “Hello World!”. But the fun really starts when you start coding up “art” in Javascript or HTML5. There are a few examples up in the gallery right now, but [Alexander] wants you to contribute your own. The banner is from this link.

Something strikes us as fishy about passing JS code opaquely in links, but since the URL decodes on [Alexander]’s server, we don’t see the XSS attack just yet. If you can find the security problem with this setup, or better yet if you write up a nice animation, let us know in the comments.

Microcontroller Load Meter Tells You How Hard It’s Currently Working

May 13, 2017 by 19 Comments

Writing code for embedded applications can be difficult. There are all sorts of problems you can run into – race conditions, conflicting peripherals, unexpected program flow – any of these can cause havoc with your project. One thing that can really mess things up is if your microcontroller is getting stuck on a routine – without the right debugging hardware and software, this can be a tricky one to spot. [Terry] developed a microcontroller load meter just for this purpose.

It’s a simple setup – a routine named loadmeter-task on the microcontroller sends a train of pulses to a mechanical ammeter. The ammeter is then adjusted with a trimpot to read “0” when the chip is unloaded. As other tasks steal CPU time, there’s less time for loadmeter-task to send its pulses, so the meter falls to the left.

Overall it’s a quick and easy bit of code you could add to any project with a spare GPIO pin, that might help you debug. Plus it’s cool to know how hard your project is pushing the silicon.

If you’d like to know more about what your chip is doing, check out this post about the usefulness of in-circuit debugging, or read about Bil Herd’s experiments with ICE and OBD-II.

Hacklab’s Logo Changes With The Habitat Of A Beet Plant

May 12, 2017 by 2 Comments

Zaragoza, Spain hacklab La Remolacha (“The Beet”) sports a logo which responds to human interaction with a beet plant growing in the space. Sensors keep track of temperature as well as humidity for both air and ground, while buttons add more water, plant food, light, and music.

The shape and activity of the visualization responds to the sensors. The higher the temperature, the more folds in the shape. More distortions appear when there’s more humidity in the soil, while rotation speed increases with air humidity. Adding food increases the size of the visualization, and music triggers more vibrations.

An Arduino keeps track of the buttons and humidity sensors, while a nearby computer, connected via USB, sends the data to a node.js server. The data are displayed on the website through the torus visualization, which is done in WebGL.

The beet’s environment also signals the health of the space, because if no one is visiting, no one can feed the plant. On the other hand, could too many visitors actually kill the thing?

The project was created by [Innovart],  [Miguel Frago], and [Santi Grau] with help from other folks.

Thanks [Esther Borao Moros] for the tip!

Continue reading “Hacklab’s Logo Changes With The Habitat Of A Beet Plant”

Son Of Sonoff

May 12, 2017 by 19 Comments

We’ve covered the Sonoff a few times–a very inexpensive box with an ESP8266, a power supply, and an AC relay along with a way to tap into a power cord. Very inexpensive means $5 or $6. The supplied software will work with several systems (including, recently, Alexa). But what self-respecting hacker wants to run the stock firmware on something with an ESP8266 inside?

[Tzapu] certainly didn’t. But he also knew he didn’t want to start from scratch every time he wanted to deploy a switch. So he built SonoffBoilerplate and put the code on GitHub. The code manages taking configuration (including network settings) using a web-portal, can update itself over the air, and integrates with Blynk and MQTT. If you don’t like that code base, there are other choices including one that has a failsafe reconfiguration mode.

Continue reading “Son Of Sonoff”

Massive Cyber Attack Cripples UK Hospitals, Spreads Globally

May 12, 2017 by 179 Comments

A massive ransomware attack is currently under way. It was first widely reported having crippled the UK hospital system, but has since spread to numerous other systems throughout the world including FedEx in the US, the Russian Interior Ministry, and telecommunications firms in Spain and Russia.

The virus is known by names WannaCrypt, WannaCry, and a few other variants. It spreads using the ExternalBlue exploit in unpatched Windows machines older than version 10. The tools used to pull off this attack were likely from an NSA toolset leaked by the Shadow Brokers.

So far the strongest resource for technical information that we’ve found is this factsheet hosted on GitHub.

NHS Services at a Standstill in the UK

NHS services across England and Scotland have been hit by the ransomware attack, crippling multiple hospitals and doctor’s practices. The UK has universal healthcare — the National Health Service  — covering Doctors, Hospitals and generally everything medical related is free at the point of service. but today they have had to turn away patients and cancel consultations.

NHS is unable to access medical records of patients unless they pay £230 ($300) in bitcoin for infected machines. There is no evidence patient data has been compromised, NHS Digital has said. The BBC has stated that up to 39 NHS organisations and some GP practices have been affected.

The National Cyber Security Centre (NCSC) was “working closely” with the NHS and that they will protect patient safety. We are aware that a number of NHS organisations have reported that they have suffered from a ransomware attack.

-Prime Minister Theresa May

Infected Systems Throughout the World

Computers in regions across the globe have been under attack today, including Telefonica (O2 in the UK), with at least 45,000 computers compromised in Russia, Ukraine, India, and Taiwan alone. There’s no indication of who is behind the attack yet.

The ransomware’s code takes advantage of an exploit called EternalBlue, made public in April by Shadow Brokers which was patched by Microsoft in March, It comes as a shock that an organisation the size of the NHS seem not to have kept their computers updated. This is perhaps just a taster of what is to come in the future as cyber crime and warfare become more and more commonplace.

[Ransomware screenshots via @UID_]

Another Printer With An Infinite Build Volume

May 12, 2017 by 16 Comments

Very rarely do we see a 3D printer that is more than just a refinement of what’s currently standard practice. [Prusa]’s single-hotend, four-color printer makes the list, but that came out a while ago. The novel 32-bit controller board found in last year’s $200 Monoprice printer has the potential to change a cottage industry. Save those two exceptions, innovation in 3D printing really isn’t seeing the same gains we saw in 2010 or 2011.

A company out of the Netherlands, Blackbelt 3D, is bringing out the most innovative 3D printer we’ve seen since last March. It’s an infinite volume 3D printer that’s built for autonomous production. This printer can produce row after row of 3D printed parts, or it can print an object longer than the build plate. If you have enough time, filament, and electricity, there’s no reason you couldn’t print a plastic beam hundreds of meters long.

The specs on this printer are about what you would expect from a large machine meant for industry or prototyping, as opposed to a machine designed to print out tugboats and fidget spinners. The Blackbelt uses interchangeable print heads for the hotend with 0.4, 0.6 or 0.8 mm nozzles. The filament feed is a Bowden with the extruder hidden under the control panel. The frame is explicitly Bosch extrusion, and the machine’s build volume is 340 mm by 340 mm by whatever. Retail price (on Kickstarter) comes in at €9,500, but for an extra €3,000 you can also get a neat stand with casters on the bottom. Of course, with an infinite build volume, you could also print a stand. Continue reading “Another Printer With An Infinite Build Volume”

Hackaday Prize Entry: Modular Stepper Control

May 12, 2017 by 22 Comments

Stepper motors are a great solution for accurate motion control. You’ll see them on many 3D printer designs since they can precisely move each axis. Steppers find uses in many robotics projects since they provide high torque at low speeds.

Since steppers are used commonly used for multi-axis control systems, it’s nice to be able to wire multiple motors back to a single controller. We’ve seen a few stepper control modules in the past that take care of the control details and accept commands over SPI, I2C, and UART. The AnanasStepper 2.0 is a new stepper controller that uses CAN bus for communication, and an entry into the 2017 Hackaday Prize.

A CAN bus has some benefits in this application. Multiple motors can be connected to one controller via a single bus. At low bit rates, it can work on kilometer long busses. The wiring is simple and cheap: two wires twisted together with no shielding requirements. It’s also designed to be reliable in high noise environments such as cars and trucks.

The project aims to implement an API that will allow control from many types of controllers including Arduino, Linux CNC, several 3D printer controllers, and desktop operating systems. With a few AnanasSteppers one of these controllers, you’d be all set up for moving things on multiple axes.

The HackadayPrize2017 is Sponsored by: