Day: September 1, 2021

The Postmortem Password Problem

September 1, 2021 by 82 Comments

Death and passwords: two things we just can’t avoid. With so much of our lives tied up in cloud services nowadays, there’s good reason to worry about what happens to these accounts if we drop dead tomorrow. For many of us, important documents, photos, financial information and other data will be locked behind a login prompt. Your payment methods will also expire shortly after you have, which could lead to data loss if not handled promptly. The most obvious way to address this is to give a trusted party access in case of emergency.

A Bad Solution

Let’s start with the simplest solution: using the same password everywhere.  Great, all you need to do is put this on a Post-it note, stuff it in an envelope, and let someone know where to find it. Unfortunately, using a single password for many services is a terrible idea. Password breaches happen, and if you’re using a single password across the internet, they can be disastrous.

Password breaches are usually the result of an attacker finding a vulnerability that allows reading password data from an application’s database. Odds are high that your information has been leaked in one of these breaches. You can check if your email is on a list of known breaches with Have I Been Pwned. Don’t feel bad if you’ve been pwned, my email shows up on six different breaches, and this service only indexes publicly known breaches!

Depending on the competency of the company that was breached, your password may have been stolen in a few different formats. In the worst case, the passwords were stored as-is (i.e., cleartext), and the breach contains your actual password. Nowadays, storing passwords in cleartext is never considered acceptable. A hash of the password is stored instead. Attackers need to use a tool like hashcat to try to recover the passwords via brute force hash cracking. This is slow for complex passwords, but is always getting faster as GPUs improve.

So we really need to use different passwords everywhere, or our Tumblr account from 2013 could give access to our bank account. Given the large number of services we use and our inability to remember passwords, we’re going to need to use a password manager. Continue reading “The Postmortem Password Problem”

New Part Day: DLP300s The Next Big Thing For Low Cost Resin Printing?

September 1, 2021 by 73 Comments

The majority of non-SLA resin 3D printers, certainly at the hacker end of the market, are most certainly LCD based. The SLA kind, where a ultraviolet laser is scanner via galvanometers over the build surface, we shall consider no further in this article.

What we’re talking about are the machines that shine a bright ultraviolet light source directly through a (hopefully monochrome) LCD panel with a 2, 4 or even 8k pixel count. The LCD pixels mask off the areas of the resin that do not need to be polymerised, thus forming the layer being processed. This technique is cheap and repeatable, hence its proliferance at this end of the market.

They do suffer from a few drawbacks however. Firstly, optical convergence in the panel causes a degree of smearing at the resin interface, which reduces effective resolution somewhat. The second issue is one of thermal control – the LCD will transmit less than 5% of the incident light, so for a given exposure at the resin, the input light intensity needs to be quite high, and this loss in the LCD results in significant internal heating and a need for active cooling.  Finally, the heating in the LCD combined with intense UV radiation degrades the LCD over time, making the LCD itself a consumable item.

Continue reading “New Part Day: DLP300s The Next Big Thing For Low Cost Resin Printing?”

Test For 3D Printer Runaway

September 1, 2021 by 22 Comments

A few 3D printers have had a deserved reputation for bursting into flames. Most — but apparently not all — printers these days has firmware that will detect common problems that can lead to a fire hazard. If you program your own firmware, you can check to see if you have the protection on, but what if you have a printer of unknown provenance? [Thomas] shows you how to check for a safe printer. Also check out his video, embedded below.

The idea is to fake the kind of failures that will cause a problem. Primarily, you want to have the heaters turned on while the thermistor isn’t reading correctly. If the thermistor is stuck reading low or is reading ambient, then it is possible to just drive the heating element to get hotter and hotter. This won’t always lead to a fire, but it could lead to noxious fumes.

Continue reading “Test For 3D Printer Runaway”