Since the 1980s, we’ve seen innumerable attempts to revolutionize the way we interact with computers. Since the advent of keyboards and mice, we’ve seen everything from magic wands to electric gloves, with [Deemo Chen]’s project fitting into the latter category.
The build takes on a cyberpunk aesthetic, with addressable LEDs installed along each digit. The various digits light up randomly, and the wearer of the glove must tap a button on the corresponding digit in order to test their reaction times. An Arduino Uno runs the show, and keeps track of the score, displaying the results on an attached HD44870-compatible LCD.
The mess-o’-wires aesthetic, with bare electronics hanging off the glove, goes a long way to making this look like a proper bit of sci-fi kit. The lurid, colorful glow is a key part of this look, and something we’ve seen on many projects over the years.
Overall, the reaction trainer served as a great freshman project for [Deemo], along with their chums [Dhruv] and [Ryan]. Along the way, the team clearly picked up skills in microcontroller programming, as well as learning how to work with LCD displays and addressable LEDs. Master these skills and you can pull off some impressive feats. Video after the break.
[Daljeet Nandha] from [RoboCoffee] writes to us, sharing his research on cryptographic signature-based firmware authenticity checks recently added to the Xiaomi Mi scooter firmware. Those scooters use an OTA firmware update mechanism over BLE, so you can update your scooter using nothing but a smartphone app – great because you can easily get all the good new features, but suboptimal because you can easily get all the bad new features. As an owner of a Mi 1S scooter but a hacker first and foremost, [Daljeet] set up a HTTPS proxy and captured the firmware files that the app downloaded from Xiaomi servers, dug into them, and summarized what he found.
Confirming this update will indefinitely lock you out of any third-party OTA updates
Unlike many of the security measures we’ve seen lacking-by-design, this one secures the OTA firmware updates with what we would consider the industry standard – SHA256 hash with elliptic cryptography-backed signing. As soon as the first firmware version implementing signature checks is flashed into your scooter, it won’t accept anything except further firmware binaries that come with Xiaomi’s digital signature. Unless a flaw is found in the signature checking implementation, the “flash a custom firmware with a smartphone app” route no longer seems to be a viable pathway for modding your scooter in ways Xiaomi doesn’t approve of.
Having disassembled the code currently available, [Daljeet] tells us about all of this – and more. In his extensive writeup, he shares scripts he used on his exploration journey, so that any sufficiently motivated hacker can follow in his footsteps, and we highly recommend you take a look at everything he’s shared. He also gives further insights, explaining some constraints of the OTA update process and pointing out a few security-related assumptions made by Xiaomi, worth checking for bypassing the security implemented. Then, he points out the firmware filenames hinting that, in the future, the ESC (Electronic Speed Control, responsible for driving the motors) board firmware might be encrypted with the same kind of elliptic curve cryptography, and finds a few update hooks in the decompiled code that could enable exactly that in future firmware releases.
One could argue that these scooters are typically modified to remove speed limits, installed there because of legal limitations in a variety of countries. However, the legal speed limits are more nuanced than a hard upper boundary, and if the hardware is capable of doing 35km/h, you shouldn’t be at mercy of Xiaomi to be able to use your scooter to its full extent where considerate. It would be fair to assert, however, that Xiaomi did this because they don’t want to have their reputation be anywhere near “maker of scooters that people can modify to break laws with”, and therefore we can’t expect them to be forthcoming.
Once upon a time, I was doing on-site support for a hardware install at a hotel a few years ago. The remote tech’s remote desktop software didn’t want to play with my Linux laptop, so he couldn’t get into the switch he needed to configure, to make the install work. I asked if it had an SSH port he could use, were he were in the room with me. Of course it did, but that didn’t do him much good. I ran a reverse SSH tunnel out to my public server, and pointed it at the switch on the local side. I convinced him to SSH to my server on the given port, and he was magically connected to his switch. He was literally in awe of that trick, and demanded to know how it could be done. SSH is magical, but tunneling traffic over SSH is straight-up wizardry. [Shawn Powers] agrees, and decided to help the rest of us understand the process. Continue reading “SSH Is Magic, But Tunnels Are Even Better”→
For all their portability, multiple laptops can be a bit clunky to manage on a desk, so [Marco]’s solution definitely saves space while keeping things accessible. The laptop in the front can be open for use and easy access, while the two in the back are held vertically and can be attached to external monitors or other peripherals.
Not only does it save space, but the stand provides ample spots to anchor cable ties for securing the inevitable mess of wires and cables that dealing with three laptops brings. It makes for a tidier desk, that’s for sure.
The stand was designed in Fusion 360 and was cut from plywood with a CNC router. Does this design give you any ideas, or would you like to make one for yourself? The design files are here.
For anyone old enough to have worked with the hell of multiple incompatible character sets, Unicode has been a liberation; a true One Character Set To Contain Them All. We have so many Unicode characters to play with that there’s a fascinating pursuit in itself in probing at the obscure corners of what can be rendered on screen as a Unicode glyph. With so many disparate character sets having been brought together to make the Unicode standard there are plenty of unusual characters to choose from, and it’s one of them that [Jonathan Chan] has examined in detail.
U+237C ⍼, or the right angle with downwards zigzag arrow, is a mysterious Unicode symbol with no known use and from an unknown origin. XKCD featured it as a spoof “Larry Potter”, but as [Jonathan]’s analysis shows it’s proving impossible to narrow down where it came from. Mystical cult symbol? Or perhaps fiscal growth in an economy in which time runs downwards? Either way, when its lineage has been traced into the early 1990s with no answer to the question it appears that there may be a story behind it.
Hackaday readers never cease to amaze us with the breadth of their knowledge, ingenuity, and experience, so we think it’s not impossible that among you there may be people who will turn and pull a dusty computer manual from the shelf to give us the story behind this elusive glyph. We’d love to hear in the comments below.
It’s a problem that has dogged electronic engineers since the first electrons were coaxed along a wire: that measuring instruments can themselves disrupt the operation of a circuit. Older multimeters for example had impedances low enough to pull resistor values, thus our multimeters today have high-impedance FET inputs. [Christoph] faced it with his oscilloscope probe, its input capacitance was high enough to put unacceptable load on a crystal oscillator and stop it oscillating. He thus built a FET input probe for higher RF frequencies, and its construction is an accessible view of wideband RF instrumentation design.
The circuit is a very simple one using a dual-gate FET, but the interest comes in the PCB and screening can design to ensure good RF performance. Off-the-shelf cans have four sides, so to accommodate the circuit one wall of the can had to be removed. The end result is a tiny PCB with miniature co-ax connectors for power and signal, which when characterised was found to have a 1.3 GHz bandwidth and a very low input capacitance.
As we’ve learned from past experience, videos from [HowToLou] tend to be a bit controversial. His unique style of expedient engineering isn’t everyone’s cup of tea, especially when it’s combined with a devil-may-care attitude towards safety. On the other hand, there’s no arguing that his methods get results. His video on converting an 18 HP riding mower into something akin to a go-kart is a perfect example.
The first phase of the project involves removing all the hardware related to mowing, as obviously you won’t be cutting any grass while pushing speeds of 48 kph (30 mph). This both saves weight, and removes a lot of mechanical complication that would be in the way of further modification. That said, it also leaves the mower immobile, as there’s no longer be any connection between the engine and transaxle.
The new drivetrain features some beefy bracing.
In its place, [HowToLou] installs an off-the-shelf torque converter kit that uses a continuously variable transmission (CVT) clutch. As he quickly demos, the CVT technology allows the gear ratio to automatically adapt to the engine RPM thanks to pulleys that change their size depending on how fast they’re spinning. It’s a big improvement over the system he originally yanked out, though as you might expect, fitting it into the mower required some custom work. The final step was to pull the old pulley off of the transaxle and replace it with one that’s less than half the original size.
Wearing his protective flip-flops, [HowToLou] hops on the souped-up mower and is nearly thrown off the back of it as soon as he steps on the gas. Clearly the modifications were a success, and the video ends with some open road testing — presumably he’s riding off to the store to go buy a helmet.
We actually missed this video when it first made the rounds, but it has since picked up steam and is pulling in some impressive numbers. [HowToLou] tells us he thinks it’s due to the fact that a lot of people are upgrading to more modern zero-turn mowers, meaning there’s a surplus of these second-hand mini tractors on the market. Whatever the reason, we’re happy to see this backyard engineer get some mainstream success; his methods might not always be by the book, but they’re always entertaining.
