Month: April 2021

This Week In Security: The Facebook Leak, The YouTube Leak, And File Type Confusion

April 9, 2021 by 21 Comments

Facebook had a problem, way back in the simpler times that was 2019. Something like 533 million accounts had the cell phone number associated with the account leaked. It’s making security news this week, because that database has now been released for free in its entirety. The dataset consists of Facebook ID, cell number, name, location, birthday, bio, and email address. Facebook has pointed out that the data was not a hack or breach, but was simply scraped prior to a vulnerability being fixed in 2019.

The vulnerability was in Facebook’s contact import service, also known as the “Find Friends” feature. The short explanation is that anyone could punch a random phone number in, and get a bit of information about the FB account that claimed that number. The problem was that some interfaces to that service didn’t have appropriate rate limiting features. Combine that with Facebook’s constant urging that everyone link a cell number to their account, and the default privacy setting that lets anyone locate you by your cell number, and the data scraping was all but inevitable. The actual technique used may have been to spoof that requests were coming from the official Facebook app.

[Troy Hunt]’s Have i been pwned service has integrated this breach, and now allows searching by phone number, so go check to see if you’re one of the exposed. If you are, keep the leaked data in mind every time an email or phone call comes from someone you don’t know. Continue reading “This Week In Security: The Facebook Leak, The YouTube Leak, And File Type Confusion”

Taking A Peek Inside The Newest Echo Show 10

April 9, 2021 by 26 Comments

When Amazon released the original Echo, it was a pretty simple affair. Cylinder, some LEDs on top, done. Then they came out with the Echo Dot, which was basically the same thing, but shorter. It seemed like there was a pretty clear theme for awhile, but then at some point Amazon decided it would be a good idea to start producing Echo devices in every form factor imaginable, from wall plugs to literal sunglasses, and things got a lot more complicated. As a perfect example, take a look at this teardown of the third generation Echo Show 10 by [txyzinfo].

Granted the base still looks a bit like the Echos of old, but the family resemblance stops there. As you can probably gather from the name, the Show features a high resolution 10.1 inch LCD panel, greatly improving the number and type of advertisements Amazon is able to force on the user. In true Black Mirror fashion, there’s even a brushless motor in the base that allows the machine to rotate the display towards the user no matter how hard they try to escape.

A salvageable part if there ever was one.

The teardown is presented with no commentary; in both the video below and on the Hackaday.IO page, all you’ll find are clear and well-lit images of the device’s internals. But for those who are just interested in what the inside of one of these $250 USD gadgets looks like, that’s all you really need.

At this point, it doesn’t seem like [txyzinfo] is trying to reverse engineer the Show or figure out how it all works, and looking at the complexity of that main board, we’re not surprised. Still, it’s a marvel to look at all the hardware they packed into such a relatively small device.

If you’re looking for a more technical examination at the newer Echo devices, [Brian Dorey] did some impressive poking around on the third generation Dot in 2019 and [electronupdate] went as far as decapping a few of the chips inside the Flex. On the software side of things, check out the recent efforts to craft an open source firmware for the original Echo.

Continue reading “Taking A Peek Inside The Newest Echo Show 10”

Stepper Motors Quick And Simple

April 9, 2021 by 37 Comments

If you want a simple and easy introduction to stepper motors, check out the [IMSAI Guy]’s short video where he designs a very basic stepper motor controller and packs in a lot of quick lessons along the way. (Embedded below.)

He first goes over the fundamentals of a stepper motor in a practical, hands-on approach, and also shows us how to ring out the connections if the pinout is unknown. Next he demonstrates stepping the motor manually and then makes a simple FET driver circuit. Just when you’re expecting a small microcontroller to appear, the [IMSAI Guy] instead digs deep into his junk box and explains how to drive the motor with a 22V10 GAL (an electrically erasable PAL) and a 555 timer module. Based on a clearly-explained logic table for driving the coils, a sneaky way to introduce Karnaugh maps, he proceeds to write the output equations in WinCUPL.

Mature Readers will recall the “Happy PAL” Character

WinCUPL is the modern version of CUPL (Compiler for Universal Programmable Logic) originally written by a company called Assisted Technology, now owned by Altium. CUPL and peers like PALASM from Monolithic Memories, Inc. (MMI) and ABEL from Data I/O Corporation were basic Hardware Description Languages specifically designed for PALs, GALs, and CPLDs. PALs were small arrays of logic gates with fusible interconnections, and your design is “burned” into the fuses much like a (EE)PROM. When designing with PALs, you could clearly visualize the connections in your mind, something that has since been remedied by the advent of modern FPGAs.

Alas, he cuts out the part where the source code is compiled and the 22V10 is programmed, and jumps directly into testing the circuit on a breadboard. Spoiler alert — it does work. Zooming in close and squinting, the nifty 555 timer breadboard module that he points out is called a TP353, which you can find from your favorite online supplier.

There is a lot to learn in this tutorial, and the [IMSAI Guy] does a great job at making the subject approachable to hobbyists and novices. We also covered another of his tutorials a couple of weeks ago on image sensors. Thanks to [itsevilbert] for the tip.

Continue reading “Stepper Motors Quick And Simple”

Three-Piece Cyberdeck Plays The Role Of Military Computer That Never Was

April 8, 2021 by 15 Comments

While we’re not at all sick of the cyberdeck movement yet, we do have to admit that some of the builds we see are starting to fall into categories that are beginning to seem a little familiar. The clamshell aesthetic comes to mind, but really, with spaces for a display and a keyboard, the form factor is pretty much a natural for cyberdecking. Which is why we like this three-piece twist on the cyberdeck concept so much.

Like many cyberdeck builds, inspiration for the awesomely mustachioed [Max]’s deck came from the military surplus world. As the story goes, he has a smallish clamshell case that once held radio tools and supplies for the Bundeswehr. Figuring it would make the perfect case for half of a split keyboard, he tracked down a couple more of the sturdy aluminum cases and got to work. As a mechanical keyboard aficionado, [Max] already had PCBs that would fit into two of the cases, so he populated those with suitably clicky switches, came up with cool-looking faceplates, and connected the two boxes with retractile cables. The third case got a Raspberry Pi 4 with a trimmed-down heatsink, a battery and power management, and a generous touchpad and LCD panel display. A Kali Linux install completes the tacticool look.

The three-piece cyberdeck looks very cool when all wired up together, but [Max] needed one more piece to really sell it. So he 3D-printed a slipcase for all three units; painted in military colors and suitably distressed, the whole thing really just works. We’ve seen a lot of cyberdecks lately in all sorts of styles, but this one really pleases.

Continue reading “Three-Piece Cyberdeck Plays The Role Of Military Computer That Never Was”

Hacking The Classroom

April 8, 2021 by 4 Comments

With so many students attending class virtually these days, how can you give kids — or adults — some hands on experience with electronics projects? [Ben Finio] says you can by moving your lab to the virtual world using — of all things — Tinkercad. [Ben] should know something about a classroom since he is a lecturer at Cornell.

Of course, you could do this trick with any online simulator, but Tinkercad is nice because it is easy to use, looks real, and doesn’t cost the students a dime. [Ben] mentions there are some scenarios where it is especially useful like large classes or online classes. There are probably some cases where it doesn’t make sense, like teaching RF design, for example. Even then, maybe you just need a different tool.

Continue reading “Hacking The Classroom”

Someone Get This Minimalist Wooden PC A Martini

April 8, 2021 by 19 Comments

It’s interesting to imagine what computers may have looked like throughout different time periods that precede their portability or even their existence altogether. In the 1950s and ’60s, computers still filled entire rooms, but if the age of the PC had arrived earlier one is left to wonder what might a minimalist mid-century PC might look like.

Well, if we were lucky, it would have looked something like [xmorneau]’s cubical computing creation. This DIY beauty is made of scrap oak and a sexy set of hairpin legs. As hot as it looks, [xmorneau] shouldn’t have to worry about overheating — the bottom is completely open except for an intake fan, there’s another fan at the top that exhausts hot air through a mesh grille, and those lovely little legs elevate it four inches off the desk. Our favorite part (after the legs) has to be the secret lid that blends in beautifully.

The cube measures 32cm³ (~12.6in³), so [xmorneau] went with a mini-ATX motherboard, but was able to fit in a full-size graphics card. Everything is mounted internally to wood except for the mobo, which is mounted on a panel of sheet metal that makes up the back wall.

We love the way this looks and are glad to see that this build changed [xmorneau]’s opinion of RGB a little bit, because we can’t help but like it both ways.

Too sophisticated for your taste? Check out this LEGO-Minecraft mashup.

An Open Source Smart Watch You’d Actually Wear

April 8, 2021 by 38 Comments

We’ve seen a number of open source smart watches over the years, and while they’ve certainly been impressive from a technical standpoint, they often leave something to be desired in terms of fit and finish. Exposed PCBs and monochromatic OLED displays might be fine for a trip to the hackerspace, but it wouldn’t be our first choice for date night attire.

Enter the Open-SmartWatch from [pauls_3d_things]. This ESP32 powered watch packs a gorgeous circular 240×240 TFT display, DS323M RTC, BMA400 three-axis accelerometer, and a 450 mAh battery inside of a 3D printed enclosure that can be produced on your average desktop machine. WiFi and Bluetooth connectivity are a given with the ESP32, but there’s also an enhanced edition of the PCB that adds another 4 MB of RAM, a micro SD slot, and a Quectel L96 GPS receiver.

The GPS edition of the PCB

As it’s an open source project you’re free to download the PCB design files and get the board produced on your own, but [pauls_3d_things] has actually partnered with LILYGO to do a run of the Open-SmartWatch electronics which you can pick up on AliExpress right now for just $24 USD. You’ll still need to order the battery separately and 3D print your own case, but it still seems like a pretty sweet deal to us.

On the software front, things are pretty basic right now. The watch can update the time from NTP using a pre-configured WiFi network, and there’s a Bluetooth media controller and stopwatch included. Of course, as more people get the hardware in their hands (or on their wrists, as the case may be), we’ll likely start seeing more capabilities added to the core OS.

While getting our own code running on commercially produced smartwatches holds a lot of promise, the Open-SmartWatch is arguably the best of both worlds. The partnership with LILYGO brings professional fabrication to the open hardware project, and the GPLv3 licensed firmware is ripe for hacking. We’re very excited to see where the community takes this project, and fully expect to start seeing these watches out in the wild once we can have proper cons again.

Continue reading “An Open Source Smart Watch You’d Actually Wear”