Day: November 19, 2021

Wooden sticks sound good if you clamp them down at one end.

Popsicle-Stick Piano Sounds Sweet

November 19, 2021 by 12 Comments

Technically, this is a kalimbaphone, and not a piano or even a chordophone since there are no strings. But this handcrafted instrument doesn’t just sound sweet, it’s also mellow, and it’s much nicer than you’re probably imagining. Go check out the short build video, which starts with a demo.

[Mash] started by drilling a bunch of holes into a rectangular piece of wood, and then twisted in wood screws far enough to stay in. Then [Mash] laid Popsicle sticks between each set of screws and tuned them one at a time, starting with middle C. The Popsicle stick version didn’t sound so great, so [Mash] upgraded to tongue depressors and moved the black keys up to their own layer. Unfortunately, the owner has turned off embeds for the video, so you’ll have to watch it on YouTube.

We’d love to see [Mash] figure out a way to make the sticks resonate. In the meantime, check out this 3D-printed grand piano mechanism. And if this build has you in the mood to listen to Popcorn on a homemade instrument, well, we’ve got you covered there.

Thanks to [Keith] for the tip!

This Week In Security: Intel Atoms Spill Secrets, ICMP Poisons DNS, And The Blacksmith

November 19, 2021 by 21 Comments

Intel has announced CVE-2021-0146, a vulnerability in certain processors based on the Atom architecture, and the Trusted Platform Module (TPM) is at the center of the problem. The goal of the system around the TPM is to maintain system integrity even in the case of physical access by an attacker, so the hard drive is encrypted using a key stored in a secure chip on the motherboard. The TPM chip holds this encryption key and provides it during the boot process. When combined with secure boot, this is a surprisingly effective way to prevent tampering or data access even in the case of physical access. It’s effective, at least, when nothing goes wrong.

Earlier this year, we covered a story where the encryption key could be sniffed directly from the motherboard, by tapping the traces connecting the TPM to the CPU. It was pointed out that TPM 2.0 can encrypt the disk encryption key on the traces, making this attack impossible.

The entire Trusted Compute Model is based on the premise that the CPU itself is trustworthy. This brings us back to Intel’s announcement that a debug mode could be enabled via physical access. In this debug mode, the CPU master key can be extracted, leading to complete compromise. The drive encryption key can be recovered, and unsigned firmware can be loaded to the Management Engine. This means data in the TPM enclave and the TPM-stored encryption key can be compromised. Updated firmware is rolling out through motherboard vendors to address the problem. Continue reading “This Week In Security: Intel Atoms Spill Secrets, ICMP Poisons DNS, And The Blacksmith”

Change Desktop Environments On… IOS?

November 19, 2021 by 32 Comments

While Apple’s modern operating systems may seem like they exist independently of the rest of the computing world, they are actually close cousins of modern versions of Linux. The primary link between the two is that Apple’s offerings are Unix-based and even though Linux isn’t Unix in the strict sense, it’s built to be extremely Unix-like. Plenty of Linux software is POSIX-compliant, meaning it is effectively compatible with true Unix. But what can we do with that information? Well, to start, we can run Linux desktop environments on top of an iOS install on your favorite iPhone or iPad.

To be sure, we will be filing this hack in the “because you can” category. [Torrekie], the creator of this project, has plenty of builds (Google translate from Chinese) where the boundaries between things like Linux and Unix are either blurred or nonexistant. In this particular project, a jailbroken iOS device is essentially gifted a ported version of XFCE which is able to run fairly well on iOS thanks to its compatibility with Unix environments. Details on how this was accomplished are sparse without a full investigation of the source code right now, but you can head over to the repository if you are curious enough to try this for yourself. [Torrekie] does note that this will only work with iOS devices that have been jailbroken using the “unc0ver” jailbreak only though.

To be sure, the relationship between modern Apple operating systems and Linux is about as close as modern Porsches and the Volkswagen Beetle, but either way the two are close enough to get interesting and impressive mashups like this project. For now only time will tell if using XFCE on iOS will be useful for anyone, but other projects bridging the gap between Linux and Apple are sure to be more immediately fruitful.

Cheap Big Servo For Robot Arm

November 19, 2021 by 10 Comments

[Skyentific] is looking to push the hobbyist robotics state of the art. Motors and their gears, the actuators, are typically the most expensive part. For his build, he realised he needed big servos capable of delivering plenty of torque. Thus, he set about creating a 3D-printed design to get the job done on a budget. (Video, embedded below.)

Stepper motors are the order of the day here, chosen for their low cost compared to brushless solutions, particularly when taking control hardware into account. In this design, the stepper motor drives a sun gear as part of a bigger planetary gearbox with a high gear ratio. Cross-roller bearings are used to allow the servo to effectively handle both radial and axial loads. The servo as a whole is designed to fit neatly into the joints of the robot arm itself, and has external mounting points provisioned as such.

It’s a neat servo that somewhat apes those used on full-sized industrial designs, at least in the sense of being an integrated part of the joints of a robot arm. It also comes in at a relatively-cheap $32 based on the materials used by [Skyentific].

We’ve seen some related work from [Skyentific] before, too – like this interesting cable-driven joint. Video after the break.

Continue reading “Cheap Big Servo For Robot Arm”