Day: July 19, 2019

Making Flexible Overmolded Parts With Urethane Resin

July 19, 2019 by 11 Comments

Resin casting videos have taken social media by storm of late. Everything from inlaid driftwood tables to fancy pens are getting the treatment. Pouring some nicely colored epoxy is straightforward enough, but it’s just the tip of the iceberg. [Eric Strebel] has some serious skills in resin casting, and has lately been working on some overmolded electroniics with urethane resin (Youtube link, embedded below).

The build starts with the creation of a silicone mold, using a 3D printed SLA master. The part in question is for a prototype medical device, and requires overmolding, in which a flexible PCB is covered in flexible urethane. Wooden pins are used to allow the flexible PCB to clip into the mold for accurate location, and a small shield is placed over the metal contacts of the PCB to avoid them being covered in silicone.

Initial tests are done with an empty mold to determine the correct material to use, before the actual parts are ready to produce. [Eric] takes great care with the final production, as any mistakes would waste the expensive prototype PCBs provided to him by the client. With the electronics placed in the mold, the resin is degassed and carefully injected, using a syringe to minimise the chance of any air bubbles. With some delicate cleanup by hand, the completed parts are ready for delivery.

It’s a process that covers the basics of overmolding for a prototype part, as well as showing off [Eric]’s skill at producing quality prototype parts. We’ve seen [Eric]’s work before, too – like his discussion of the value of cardboard in product design. Video after the break.

Continue reading “Making Flexible Overmolded Parts With Urethane Resin”

This Week In Security: Ransomware Keys, IOS Woes, And More

July 19, 2019 by 12 Comments

Remember the end of GandCrab we talked about a couple weeks back? A new wrinkle to this story is the news that a coalition of law enforcement agencies and security researchers have released a decrypter and the master decryption keys for that ransomware. It’s theorized that researchers were able to breach the command and control servers where the master keys were stored. It’s yet to be known whether this breach was the cause for the retirement, or was a result of it.

Apple’s Secure Enclave is Broken?

A Youtube video and Reddit thread show a way to bypass the iPhone’s TouchID and FaceID, allowing anyone to access the list of saved passwords. The technique for breaking into that data? Tap the menu option repeatedly, and cancel the security prompts. Given enough rapid tries, the OS gives up on the validation and simply shows the passwords!

The iPhone has an onboard security chip, the Secure Enclave, that is designed to make this sort of problem nearly impossible. The design specification dictates that data like passwords are encrypted, and the only way to decrypt is to use the Enclave. The purpose is to mitigate the impact of programming bugs like this one. It seems that the issue is limited to the iOS 13 Beta releases, and you’d expect bugs in beta, but a bug like this casts some doubt on the effectiveness of Apple’s Security Enclave.

URL Scheme Hijacking

Our next topic is also iOS related, though it’s possible the same issue could effect Android phones: URL scheme problems. The researchers at Trend Micro took a look at how iOS handles conflicting app URLs. Outside of the normal http: and https: URLs, applications can register custom URL schemes in order to simplify inter-process communication. The simplest example is something like an email address and the mailto: scheme. Even on a desktop, using one of these links will open a different application to handle that request. What could go wrong?

One weakness in using URL schemes like this is that not all apps properly validate what launched the request, and iOS allows multiple apps to use the same URL scheme. In the example given, a malicious app could register the same URL handler as the target, and effectively launch a man-in-the-middle attack.

Bluekeep, and Patching Systems

It has been five weeks since Bluekeep, the Remote Desktop Protocol vulnerability, was revealed. Approximately 20% of the vulnerable systems exposed to the internet have been patched. Bitsight has been running scans of the remaining vulnerable machines, and estimates about 800,000 remaining vulnerable systems. You may remember this particularl vulnerability was considered so problematic that even the NSA released a statement encouraging patching. So far, there hasn’t been a worm targeting the vulnerability, but it’s assumed that at least some actors have been using this vulnerability in attacks.

Farting Baseball; From The Makers Of Self-Solving Rubik’s Cube

July 19, 2019 by 12 Comments

Some hackers have a style all their own that is immediately recognizable from one project to the next. For instance, you can tell a [Takashi Kaburagi] by its insides. The behavior of his Farting Baseball project (machine translation) is amusing, but the joke is only skin deep. Look inside and you’ll gain a huge appreciation for what has been done here. It’s not as mind-boggling as his work on the self-solving Rubiks cube robot, but the creativity and design constraints are similarly impressive.

Clever detail is the square of soft material used to cushion impact

This whimsical project is a curve ball no matter who throws it. While in flight, a jet of compressed gas can alter the trajectory at the press of a button. Inside is a small pressure vessel that is filled with HFC134A refrigerant commonly used on gas blowback pistols. It’s a non-combustible that lies in wait until a solenoid is activated to release the pressure in a powerful jet. The ball carries a CR2032 to power the wireless link for activation, but that solenoid needs more juice so capacitors are charged for this purpose.

It’s worth digging through the details on this one, including the article on measuring discharge time (machine translation). There are numerous nice touches, like the yellow Whoopee Cushion neck that directs the jet, the capacitor discharge materials so there is not an accidental activation when not in use, and clever and clean construction that make everything fit.

Another hacker with an equally iconic style is [Mohit Bhoite]’s work; make his flywire sculptures your next stop.

Continue reading “Farting Baseball; From The Makers Of Self-Solving Rubik’s Cube”

Hybrid Drones Could Have Massively Extended Flight Times

July 19, 2019 by 130 Comments

Multirotor drones truly took off with the availability of lithium polymer batteries, brushless motors, and cheap IMUs. Their performance continues to improve, but their flight time remains relatively short due to the limits of battery technology. [Nicolai Valenti] aims to solve the problem by developing a hybrid generator for drones.

The basic concept consists of a small gasoline engine, connected to a brushless motor employed as a generator. The electricity generated is used to run the main flight motors of the multirotor drone. The high energy density of gasoline helps to offset the added weight of the generator set, and [Nicolai] is aiming to reach a goal of two hours of flight time.

There are many engineering problems to overcome. Engine starting, vibration and rectification are all significant challenges, but [Nicolai] is tackling them and has already commenced flight testing. Experiments are ongoing with 500 W, 1,000 W, and 2,000 W designs, and work is ongoing to optimise the engine and electronics package.

It’s a project that holds the potential to massively expand the range of operation for medium to large multirotors, and should unlock certain capabilities that have thus far been limited by short battery runtimes. Gasoline powered drones aren’t a new idea, but we’ve seen precious little in the hybrid space. We look forward to seeiing how this technology develops. Video after the break.

Continue reading “Hybrid Drones Could Have Massively Extended Flight Times”