The lamp itself is built around a shadow-puppet concept, using a pair of rotating apetures that [Mojoptix] 3D printed. The apetures turn, one in front of the other, and are lit from behind by an IKEA LED light. As the apetures rotate, they present a slowly varying path for the light from the LED, which is projected onto a paper screen placed in in front of the assembly. To generate the long-period rotation, the rotating assembly is turned by the minute hand of a common clock movement. It’s a great way to get a slow-rotating motor and gearbox setup on the cheap, as long as your torque requirements are absolutely miniscule.
Ah, the ever-present PDF, and our love-hate relationship with the format. We’ve lost count of how many vulnerabilities have been fixed in PDF software, but it’s been a bunch over the years. This week, we’re reminded that Adobe isn’t the only player in PDF-land, as Foxit released a round of updates, and there were a couple serious problems fixed. Among the vulnerabilities, a handful could lead to RCE, so if you use or support Foxit users, be sure to go get them updated.
Remember PunkBuster? It’s one of the original anti-cheat solutions, from way back in 2000. The now-classic Return to Castle Wolfenstein was the first game to support PunkBuster to prevent cheating. It’s not the latest or greatest, but PunkBuster is still running on a bunch of game servers even today. [Daniel Prizmant] and [Mauricio Sandt] decided to do a deep dive project on PunkBuster, and happened to find an arbitrary file-write vulnerability, that could easily compromise a PB enabled server.
One of the functions of PunkBuster is a remote screenshot capture. If a server admin thinks a player is behaving strangely, a screenshot request is sent. I assume this targets so-called wallhack cheats — making textures transparent, so the player can see through walls. The problem is that the server logic that handles the incoming image has a loophole. If the filename ends in .png as expected, some traversal attack checks are done, and the png file is saved to the server. However, if the incoming file isn’t a png, no transversal detection is done, and the file is naively written to disk. This weakness, combined with the stateless nature of screenshot requests, means that any connected client can write any file to any location on the server at any time. To their credit, even Balance, the creators of PunkBuster, quickly acknowledged the issue, and have released an update to fix it.
Bullet time became the hottest new cinema effect after it burst on the scene in The Matrix (1999). Back then, the cutting edge special effects required serious hardware and serious processing power to do the job. These days, of course, things have moved along somewhat. [Eric Paré] is no stranger to a high-end setup, but wanted to see what could be done at the lower end of the market. (Video, embedded below.)
Rather then relying on a bank of expensive DSLRs, [Eric] decided to try building a bullet-time camera rig out of 15 Raspberry Pis, and the standard Raspberry Pi Camera. Whereas just one camera in one of his professional setups may cost well over $1000, this entire rig was likely built for less than that in its entirety.
Initial results were jerky and unappealing, but [Eric] persevered. One of the biggest problems was inaccuracy in the camera assemblies, as they were stuck on with thermal paste. With some custom mods and tweaks, [Eric] was eventually able to get things to a passable state. It also has the benefit, compared to a DSLR rig, that the cameras can be mounted much more closely together due to their small size.
When you’re building and launching a variety of advanced model rockets like [Joe Barnard], you don’t want to spend time building (and debugging) specialized flight computers for every rocket configuration. This challenge has led him to create AVA (All Vehicle Avionics), an impressive model rocket flight computer that he intends to use on all his future rockets.
All of [Joe]’s rockets feature active stabilization and guidance, and comprehensive telemetry using a variety of sensors. On the board there are three separate microcontrollers connected over I2C or SPI, each with its own micro USB port. The two smaller microcontrollers are both ATSAMD21s, also used on the Arduino Zero. The first is used for GPS and inertial navigation, and uses data from onboard and external sensors like the two IMUs (one is a backup), GPS and barometer to estimate the rocket’s position, velocity and attitude, The second is for telemetry, and it handles all external communications via a Bluetooth modem or long range 900 Mhz radio. The main processor (MPU) is a NXP MK20DX256 (also used on the Teensy 3.2), which receives data from the other microcontrollers and handles all the real-time operations and control outputs.
[Joe] gives a very detailed overview on the board, it’s capabilities, and the reasoning behind some of his design choices in the video after the break. Most of the sensors and microcontrollers were selected partly because of his experience with them. All three microcontrollers have Arduino bootloaders, also due to familiarity with the framework. AVA is the 12th in the line of flight computers [Joe] has built, and it is clear that a lot of work and hard-earned experience went into the design. Continue reading “Advanced Model Rocket Flight Computer Reaching For The Stars”→