Inspiration can strike from the strangest places. Unearthing a forgotten Melexis MLX90614 thermopile from his ‘inbox,’ [Saulius Lukse] used it to build a panoramic thermal camera.
[Lukse] made use of an ATmega328 to control the thermal sensor, and used the project to test a pair of two rotary stage motors he designed for tilt and pan, with some slip rings to keep it in motion as it captures a scene. That said, taking a 720 x 360 panoramic image one pixel at a time takes over an hour, and compiling all that information into an intelligible picture is no small feat either. An occasional hiccup are dead pixels in the image, but those are quickly filled in by averaging the temperature of adjoining pixels.
The camera rig works — and it does turn out a nice picture — but [Lukse] says an upgraded infrared camera to captured larger images at a time and higher resolution would not be unwelcome.
Another clever use of a thermopile might take you the route of this thermal flashlight. if you don’t build your own thermal camera outright.
His latest project is quite exciting. He has incorporated his robotic glockenspiel with a hacked hard drive rhythm section to play audio controlled via a PIC 16F84A microcontroller. The song choice is Axel-F. If you had a cell phone around the early 2000’s you were almost guaranteed to have used this song as a ringtone at some point or another. This is where music is headed these days anyway; the sooner we can replace the likes of Justin Bieber with a robot the better. Or maybe we already have?
For those that suffer them, seizures are a dangerous thing. Outside the neurological effects, there is always the possibility of injury from the surrounding environment as well – consider the dangers of having a seizure near a busy road, or even simply a glass table. Some detection methods exist for seizure sufferers, but they are primarily based on detecting the jerking motion of the patient. [akhil2001us] thinks it’s possible to do better – by measuring brainwaves to detect the onset of seizures.
The build is centered around the Neurosky Mindwave headset. This is an off-the-shelf product designed specifically for capturing EEG data. It outputs raw brainwave data which is key for doing proper analysis. The project then uses an Arduino Mega to tie everything together, along with some Sparkfun Bluetooth modules to talk to a cell phone to send an SMS for help in the event of a seizure.
The real difficulty in a project like this comes from developing an algorithm that can reliably detect seizures, as well as a unit robust enough to work in the real world. It’s no use if your headset is detecting a seizure in progress, but the help message is never sent because a wire fell out of your breadboard. It’s considerations like this, combined with the threat of litigation, behind why medical devices are so rigorously engineered and certified. For a proof of concept, however, such concerns are not as important.
A few weeks ago we published an article on the newly released Keysight 1000X, an oscilloscope that marks Keysight’s late but welcome entry into the hacker-centric entry-level market. Understandably, this scope is causing a lot of excitement as it promises to bring some of the high-end pedigree of the well-known 2000X and 3000X models down to a much affordable price. Now couple that with the possibility of hacking its bandwidth lock and all this fuss is well justified.
[Dave Jones] from the EEVblog got his hands on one, and while conducting a UART dump saw the scope report 200 MHz bandwidth despite being labelled as a 100 MHz model. He then proceeded to actually hack the main board to unlock an undocumented 200 MHz bandwidth mode. This created a lot of confusion: some said [Dave] got a “pre-hacked” version, others assumed all 100 MHz versions actually have a stock bandwidth of 200 MHz.
Alongside the question of bandwidth, many wondered how this would fare against the present entry-level standard, the Rigol 1054Z. Is the additional cost and fewer channels worth the Keysight badge?
Keysight’s response to our queries and confusion was the promise to send us a review unit. Well, after receiving it and playing around with it, clearly a lot of Keysight’s high-end excellence has trickled down to this lower end version. However, this machine was not without some silly firmware issues and damning system crashes! Read on the full review below. Continue reading “Scope Review: Keysight 1000 X-Series”→
What’s the worst thing that could happen if you strapped a chainsaw motor to a tricycle? Turns out the worst that happened to [ThisDustin] and his friends is that it turned out hilariously awesome.
This aptly-named ‘chainsawtrike’ isn’t much in the way of comfort, so a pair of foot pegs had to be welded onto the front forks, along with a mount for the chainsaw motor. The rear axle had to be replaced with 5/8″ keyed stock, trimmed to fit the trike wheel and secured with keyed hubs. [ThisDustin] and crew also needed an intermediate sprocket to act as a reduction gear.
After a test that saw the chain jump off the sprockets and working out a few kinks — like the ability to turn — the chainsawtrike can haul around its rider at a pretty decent clip. Check out the video of it in action after the break.
Betteridge’s Law of Headlines states, “Any headline that ends in a question mark can be answered by the word no.” This law remains unassailable. However, recent claims have called into question a black box hidden deep inside every Intel chipset produced in the last decade.
Yesterday, on the Semiaccurate blog, [Charlie Demerjian] announced a remote exploit for the Intel Management Engine (ME). This exploit covers every Intel platform with Active Management Technology (AMT) shipped since 2008. This is a small percentage of all systems running Intel chipsets, and even then the remote exploit will only work if AMT is enabled. [Demerjian] also announced the existence of a local exploit.
Intel’s ME and AMT Explained
Beginning in 2005, Intel began including Active Management Technology in Ethernet controllers. This system is effectively a firewall and a tool used for provisioning laptops and desktops in a corporate environment. In 2008, a new coprocessor — the Management Engine — was added. This management engine is a processor connected to every peripheral in a system. The ME has complete access to all of a computer’s memory, network connections, and every peripheral connected to a computer. The ME runs when the computer is hibernating and can intercept TCP/IP traffic. Management Engine can be used to boot a computer over a network, install a new OS, and can disable a PC if it fails to check into a server at some predetermined interval. From a security standpoint, if you own the Management Engine, you own the computer and all data contained within.
The Management Engine and Active Management Technolgy has become a focus of security researchers. The researcher who finds an exploit allowing an attacker access to the ME will become the greatest researcher of the decade. When this exploit is discovered, a billion dollars in Intel stock will evaporate. Fortunately, or unfortunately, depending on how you look at it, the Managment Engine is a closely guarded secret, it’s based on a strange architecture, and the on-chip ROM for the ME is a black box. Nothing short of corporate espionage or looking at the pattern of bits in the silicon will tell you anything. Intel’s Management Engine and Active Management Technolgy is secure through obscurity, yes, but so far it’s been secure for a decade while being a target for the best researchers on the planet.
Semiaccurate’s Claim
In yesterday’s blog post, [Demerjian] reported the existence of two exploits. The first is a remotely exploitable security hole in the ME firmware. This exploit affects every Intel chipset made in the last ten years with Active Management Technology on board and enabled. It is important to note this remote exploit only affects a small percentage of total systems.
The second exploit reported by the Semiaccurate blog is a local exploit that does not require AMT to be active but does require Intel’s Local Manageability Service (LMS) to be running. This is simply another way that physical access equals root access. From the few details [Demerjian] shared, the local exploit affects a decade’s worth of Intel chipsets, but not remotely. This is simply another evil maid scenario.
Should You Worry?
This hacker is unable to exploit Intel’s ME, even though he’s using a three-hole balaclava.
The biggest network security threat today is a remote code execution exploit for Intel’s Management Engine. Every computer with an Intel chipset produced in the last decade would be vulnerable to this exploit, and RCE would give an attacker full control over every aspect of a system. If you want a metaphor, we are dinosaurs and an Intel ME exploit is an asteroid hurtling towards the Yucatán peninsula.
However, [Demerjian] gives no details of the exploit (rightly so), and Intel has released an advisory stating, “This vulnerability does not exist on Intel-based consumer PCs.” According to Intel, this exploit will only affect Intel systems that ship with AMT, and have AMT enabled. The local exploit only works if a system is running Intel’s LMS.
This exploit — no matter what it may be, as there is no proof of concept yet — only works if you’re using Intel’s Management Engine and Active Management Technology as intended. That is, if an IT guru can reinstall Windows on your laptop remotely, this exploit applies to you. If you’ve never heard of this capability, you’re probably fine.
Still, with an exploit of such magnitude, it’s wise to check for patches for your system. If your system does not have Active Management Technology, you’re fine. If your system does have AMT, but you’ve never turned it on, you’re fine. If you’re not running LMT, you’re fine. Intel’s ME can be neutralized if you’re using a sufficiently old chipset. This isn’t the end of the world, but it does give security experts panning Intel’s technology for the last few years the opportunity to say, ‘told ‘ya so’.
Watching Tony Stark wave his hands to manipulate projected constructs is an ever-approaching reality — at least in terms of gesture-tracking. Lift — a prototype built by a team from UC Irvine and FX Palo Alto Laboratory — is able to track up to ten fingers with 1.7 mm accuracy!
Lift’s gesture-tracking is achieved by using a DLP projector, two Arduino MKR1000s, and a light sensor for each digit. Lift’s design allows it to work on virtually any flat surface; the projected image acts as a grid and work area for the user. As their fingers move across the projected surface, the light sensors feed the information from the image to the Arduinos, which infers the location of each finger and translate it into a digital workspace. Sensors may also be mounted on other objects to add functionality.
So far, the team has used Lift as an input device for drawing, as well as using it to feign gesture controls on a standard laptop screen. The next step would be two or more projectors which would allow Lift to function fully and efficiently in three dimensions and directly interacting with projected media content. Can it also operate wirelessly? Yes. Yes, it can.
