Year: 2022

Remove A Speaker’s Voice From A Recording Using Ultrasound

August 12, 2022 by 15 Comments

What if you could effectively prevent someone from recording your voice? This is the focus of a study by Guo et al. (2022) at Michigan State University, in which they use a dynamically calculated audio signal that effectively cancels out one’s voice in a recording device. This relies on an interesting aspect of certain micro-electro-mechanical system (MEMS) microphones, which are commonly used in smartphones and other recording devices.

Pressure sensitivity of a MEMS microphone. (credit: Brian R. Elbing)
Pressure sensitivity of a MEMS microphone. (credit: Brian R. Elbing)

A specially crafted ultrasound signal sent to the same microphone which is recording one’s voice can result in the voice audio signal being gone on the final recording. The approach taken by the authors involves using a neural network that is trained on voice samples of the person (“Bob”) whose voice has to be cancelled. After recording Bob’s voice during a conversation, the creatively named Neurally Enhanced Cancellation (NEC) system determines the ultrasound signal to be sent to the target recording device. Meanwhile the person holding the recording device (“Alice”) will still perceive Bob’s voice normally.

As ultrasound is highly directional, the system can only jam a specific microphone and wouldn’t affect hidden microphones in a room. As noted by the authors, it is possible to do general microphone jamming using other systems, but this is legally problematic, which should not be an issue with their NEC system.

Thanks to [JohnU] for the tip!

This Week In Security: Breaches, ÆPIC, SQUIP, And Symbols

August 12, 2022 by 9 Comments

So you may have gotten a Slack password reset prompt. Something like half a percent of Slack’s userbase had their password hash potentially exposed due to an odd bug. When sending shared invitation links, the password hash was sent to other members of the workspace. It’s a bit hard to work out how this exact problem happened, as password hashes shouldn’t ever be sent to users like this. My guess is that other users got a state update packet when the link was created, and a logic error in the code resulted in too much state information being sent.

The evidence suggests that the first person to catch the bug was a researcher who disclosed the problem mid-July. Slack seems to use a sane password policy, only storing hashed, salted passwords. That may sound like a breakfast recipe, but just means that when you type your password in to log in to slack, the password goes through a one-way cryptographic hash, and the results of the hash are stored. Salting is the addition of extra data, to make a precomputation attack impractical. Slack stated that even if this bug was used to capture these hashes, they cannot be used to directly authenticate as an affected user. The normal advice about turning on 2-factor authentication still applies, as an extra guard against misuse of leaked information. Continue reading “This Week In Security: Breaches, ÆPIC, SQUIP, And Symbols”

Young Inventor Builds Motor Without Rare Earths

August 12, 2022 by 49 Comments

[Robert Sansone] is a 17-year-old from Florida and, like most of us, he likes to tinker. He’s apparently got the time for it because he’s completed at least 60 projects ranging from animatronic hands to a high-speed go-kart. However, his interest in electric vehicles coupled with his understanding of the issues around them led him to investigate synchronous reluctance motors — motors that don’t depend on expensive rare earth magnets. His experiments have led to a novel form of motor that has greater torque than existing designs.

Rare earths are powerful but expensive, costing much more than common metals like copper or steel. Traditionally, synchronous reluctance motors use steel rotors and air gaps and exploit the difference in reluctance — a term for magnetic resistance– to generate rotation. [Robert’s] idea was to replace the air gap with a different material to increase the ratio of reluctance between the rotor and the gap. Reconfiguring the motor to a more traditional configuration shows startling results: the new design generated almost 40% more torque and did so more efficiently, as well.

His work has earned him first prize, and $75,000, in this year’s Regeneron International Science and Engineering Fair. It took 15 tries to get the motor to its current state, something made easier with 3D printing. There are plans for a 16th version that [Robert] hopes will perform even better. We can’t wait to see what he’ll do next.

Electric vehicles have made people look into many motor design topologies. The reluctance motor has been around for a long time, but controlling them has become significantly easier. That’s true of many kinds of motors.

Continue reading “Young Inventor Builds Motor Without Rare Earths”

TVout Library Brings Cardboard Arcade To Life

August 12, 2022 by 12 Comments

Recycling old CRTs is a true Hackaday tradition, and [Rob’s] mini arcade is sure to grab your attention.

First of all, you’ll probably appreciate [Rob] circumventing the supply shortage by getting all his components from recycled material. That’s probably the only way to get anything these days. He salvaged a small CRT from an old-school video intercom system and snagged the buttons, speakers, and switches from other unused devices laying around. Not all is lost, however, as [Rob] was able to purchase an Arduino Nano and a few resistors online. So maybe things are turning around in that category, who knows?

You’ll probably also appreciate how remarkably simple this hack is. No need for a Raspberry Pi as your standard 8-bit microcontroller will do the trick. And, fortunately, [Rob] found a nice library to help him generate the composite video signal, doing most of the work for him. All that was left to do was to build the arcade cabinet. Recreating the classic design was a pretty easy step, but you might opt for something a little nicer than cardboard though. But, hey, if it does the trick, then why not?

Cool project, [Rob]! We’re definitely happy to add this project to our retro collection here at Hackaday.

Continue reading “TVout Library Brings Cardboard Arcade To Life”

a full gaming rig built into a LCD-386

A Portable Computer Living In 1988 But Also In The Future

August 11, 2022 by 35 Comments

Every once in a while, there will be a project that is light on details but inundated with glorious, drool-worthy pictures. [Nexaner7] recently showed off his cyberdeck he built over a year inside an old LCD-386. So what’s special about it? This isn’t just a Raspberry Pi or some SBC inside but a complete AMD Ryzen 5600, Nvidia RTX 3060, screen, and keyboard in a 19.5-liter space (0.68 cubic feet). Since there wouldn’t be enough space inside for decent airflow, he decided to water-cool everything, which added to the build.

the back of the sleeper LCD-386 cyberdeck

While [Nexaner7] doesn’t have a video walkthrough, he does have a build log with dozens of pictures in two parts: part 1 and part 2. As you can imagine, there were copious amounts of 3d printing for brackets and holders, trying various screens and GPUs to see what fit and what didn’t. He tried to use the original keyboard, even with a 5-pin DIN to PS2 to USB adapter, but the keyboard was flakey, likely due to rust. He dropped in a CM Quickfire TK PCB with a few modifications as it was close to the same size. He swapped the display for a 1440p portable monitor with a thin ribbon HDMI cable to route from the GPU to the screen.

We’re happy to report that the parts inside were sold to someone who restores old PC, so a somewhat rare LCD-386 wasn’t destroyed. With a gorgeous build like this, perhaps he should enter the Cyberdeck contest. Eagle-eyed readers might notice that recently we covered an LCD-386 with its contents retrieved via a hacked-together serial bus.

Hack Your Engine Virtually

August 11, 2022 by 21 Comments

It is no secret that we like simulating circuits before we build something and there are plenty of great tools for that. But what about those of us who work on cars? Well, you might try engine-sim which is a real-time internal combustion engine simulation. Honestly, the program freely admits that it isn’t accurate enough to do engineering or engine tuning. But on the plus side, it has audio output and is at least good as an educational tool to show an engine running and how different parameters might affect it. You can see a video of the tool below.

[Ange-Yaghi] mentions that the code was primarily to power the YoutTube demo. However, the Readme hints that it might be better — or at least different — and collaboration to make it better is welcome.

Continue reading “Hack Your Engine Virtually”

Back Up Encrypted ZFS Data Without Decrypting It, Even If TrueNAS Doesn’t Approve

August 11, 2022 by 9 Comments

[Michael Lynch] recently replaced his Synology NAS with a self-built solution built on ZFS, a filesystem with a neat feature: the ability to back up encrypted data without having to decrypt it first. The only glitch is that [Michael] is using TrueNAS, and TrueNAS only wants to back up unencrypted ZFS data to another TrueNAS system. Fortunately, there’s a way around this that isn’t particularly complicated, but definitely requires leveraging the right tools. It also provides an educational walkthrough for how ZFS handles these things.

The solution is a small handful of shell scripts to manage full and incremental backups and restores of encrypted datasets, without having to decrypt the data first. As mentioned, this is something TrueNAS will handle by default, but only if the destination is also a TrueNAS system. Now, [Michael] can send that backup to off-site cloud storage with only a little extra work.

There’s one additional trick [Michael] uses to monitor his backups. He leverages a paid (but with a free tier) service called Cronitor. It’s not very obvious from the site’s features, but there is a way to implement cron job monitoring that doesn’t require adding any software whatsoever. Here’s how that part works: Cronitor provides a custom, unique URL. If that URL isn’t visited regularly (for example, because the cron job fails), then the user is notified. By integrating this into an existing cron job, one can be notified. Such an integration would look like this:

0 0 3 * * monthly-job && curl --silent https://cronitor.link/p/<API-KEY>/monthly-job?state=complete

In short, if the cron job runs successfully, curl checks in by visiting the custom URL. If that doesn’t happen, the user gets a notification. No added software, just a simple leveraging of a free service for some added peace of mind.

Backups are easy to neglect, so maybe it’s time to take a few moments to consider what you do for data storage, including how you’d recover from disaster.