Day: July 31, 2020

The Internet Of Bubble Machines

July 31, 2020 by 15 Comments

Everyone loves a good bubble machine. These oddly satisfying novelty items have brought children and adults mindless entertainment since their inception. [8BitsAndAByte] had the same thought, but wanted to give their bubble machine a taste of the IoT-age.

First, they modified an off-the-shelf bubble machine with a Raspberry Pi and relay module. The Pi can easily trigger the bubbling mechanism by controlling power to the machine using the relay. Seems simple enough. The part of this project that might be a bit more unfamiliar to you is controlling the robot over the internet using remo.tv.

Remo.tv is a robot controller platform that’s both free and open-source, and we’ve seen [8BitsAndAByte] take advantage of this web controller before. Seems like they’re really getting the hang of it. Their writeup links to a detailed setup guide for configuring the Pi, so hopefully, that’s not too much trouble.

Couple the IoT setup with a Pi camera and you’ve got a live stream that’s admittedly oddly satisfying to watch with or without the bubbles.

Continue reading “The Internet Of Bubble Machines”

This Week In Security: Twilio, PongoTV, And BootHole

July 31, 2020 by 5 Comments

Twilio, the cloud provider for all things telecom, had an embarrassing security fail a couple weeks ago. The problem was the Amazon S3 bucket that Twilio was using to host part of their public facing content. The bucket was configured for public read-write access. Anyone could use the Amazon S3 API to make changes to the files stored there.

The files in question were protected behind Cloudflare’s CDN, but there’s a catch to Cloudflare’s service. If you know the details of the service behind Cloudflare, it can often be interacted with directly. In many cases, knowing the IP address of the server being protected is enough to totally bypass Cloudflare altogether. In this case, the service behind the CDN is Amazon’s S3. Any changes made to the files there are picked up by the CDN.

Someone discovered the insecure bucket, and modified a Javascript file that is distributed as part of the Twilio JS SDK. That modification was initially described as “non-malicious”, but in the official incident report, Twilio states that the injected code is part of an ongoing magecart campaign carried out against misconfigured S3 buckets.
Continue reading “This Week In Security: Twilio, PongoTV, And BootHole”

Patent Law And The Legality Of Making Something Similar

July 31, 2020 by 61 Comments

When [Erich Styger] recently got featured on Hackaday with his meta-clock project, he probably was not expecting to get featured again so soon, this time regarding a copyright claim on the ‘meta-clock’ design. This particular case ended with [Erich] removing the original blog article and associated PCB design files, leaving just the summaries, such as the original Hackaday article on the project.

Obviously, this raises the question of whether any of this is correct; if one sees a clock design, or other mechanisms that appeals and tries to replicate its looks and functioning in some fashion, is this automatically a breach of copyright? In the case of [Erich]’s project, one could argue that at first glance both devices look remarkably similar. One might also argue that this is rather unavoidable, considering the uncomplicated design of the original. Continue reading “Patent Law And The Legality Of Making Something Similar”

Fewer Millimeters Make A Useful ESP32 Devboard

July 31, 2020 by 32 Comments

Sometimes the most useful hacks aren’t the flashiest, they’re the ones that improve an already great tool and make something better. Through hole components are still the fastest and perhaps most satisfying way to prototype a new electronics project so it’s extra frustrating when the happy hacker discovers their new devboard is too wide to fit in a standard breadboard. [Tobias] had the same thought and redesigned the standard ESP32 “NodeMCU” style devboard to be almost exactly the same, but narrower.

Interactive BOMs make assembly a snap

Not to trivialize, but that’s pretty much it. And we love it! The new design retains the great support of the original devboard but adds a few nice tweaks. Obviously there’s the small size change that allows it to fit on a standard 5×5 breadboard leaving sockets available on either side for interfacing. Even in this smaller size [Tobias] managed to retain the boot mode and reset buttons though the overall pinout has changed slightly. And for easier connections ye olde micro USB socket has been swapped for sleek modern USB-C. You have cables for that common standard now, right?

How do you get one? As far as we know [Tobias] isn’t selling these but the design is completely open source and the design, fab, and BOM files are all in the github repository. [Tobias] even went so far as to include the extremely handy interactive BOM to speed up hand assembly. The real trick here is that the board is designed to facilitate the extremely inexpensive turnkey assembly now available from our favorite fab houses, with an example cost of $8/piece for a run of five. The repo includes a properly formatted BOM and fab files to make ordering them a snap. See the bottom of the README for details about what to order.