It Came From Outer Space: Listening To The Deep Space Network

Ham radio operators love to push the boundaries of their equipment. A new ham may start out by making a local contact three miles away on the 2m band, then talk to somebody a few hundred miles away on 20m. Before long, they may find themselves chatting to fellow operators 12,000 miles away on 160m. Some of the adventurous return to 2m and try to carry out long-distance conversations by bouncing signals off of the Moon, waiting for the signal to travel 480,000 miles before returning to Earth. And then some take it several steps further when they listen to signals from spacecraft 9.4 million miles away.

That’s exactly what [David Prutchi] set out to do when he started building a system to listen to the Deep Space Network (DSN) last year. The DSN is NASA’s worldwide antenna system, designed to relay signals to and from spacecraft that have strayed far from home. The system communicates with tons of inanimate explorers Earth has sent out over the years, including Voyager 1 & 2, Juno, and the Mars Reconnaissance Orbiter. Because the craft are transmitting weak signals over a great distance (Voyager 1 is 14 billion miles away!), the earth-based antennas need to be big. Real big. Each of the DSN’s three international facilities houses several massive dishes designed to capture these whispers from beyond the atmosphere — and yet, [David] was able to receive signals in his back yard.

Sporting a stunning X-band antenna array, a whole bunch of feedlines, and some tracking software, he’s managed to eavesdrop on a handful of spacecraft phoning home via the DSN. He heard the first, Bepi-Colombo, in May 2020, and has only improved his system since then. Next up, he hopes to find Juno, and decode the signals he receives to actually look at the data that’s being sent back from space.

We’ve seen a small group of enthusiasts listen in on the DSN before, but [David]’s excellent documentation should provide a fantastic starting point for anybody else interested in doing some interstellar snooping.

Lowering The Bar For Exam Software Security

Most standardized tests have a fee: the SAT costs $50, the GRE costs $200, and the NY Bar Exam costs $250. This year, the bar exam came at a much larger cost for recent law school graduates — their privacy.

Many in-person events have had to find ways to move to the internet this year, and exams are no exception. We’d like to think that online exams shouldn’t be a big deal. It’s 2020. We have a pretty good grasp on how security and privacy should work, and it shouldn’t be too hard to implement sensible anti-cheating features.

It shouldn’t be a big deal, but for one software firm, it really is.

The NY State Board of Law Examiners (NY BOLE), along with several other state exam boards, chose to administer this year’s bar exam via ExamSoft’s Examplify. If you’ve missed out on the Examplify Saga, following the Diploma Privilege for New York account on Twitter will get you caught up pretty quickly. Essentially, according to its users, Examplify is an unmitigated disaster. Let’s start with something that should have been settled twenty years ago.

Continue reading “Lowering The Bar For Exam Software Security”

Homemade Gear Cutting Indexer Blends Art With Engineering

Ordinarily, when we need gears, we pop open a McMaster catalog or head to the KHK website. Some of the more adventurous may even laser cut or 3D print them. But what about machining them yourself?

[Uri Tuchman] set out to do just that. Of course, cutting your own gears isn’t any fun if you didn’t also build the machine that does the cutting, right? And let’s be honest, what’s the point of making the machine in the first place if it doesn’t double as a work of art?

[Uri’s] machine, made from brass and wood, is simple in its premise. It is placed adjacent to a gear cutter, a spinning tool that cuts the correct involute profile that constitutes a gear tooth. The gear-to-be is mounted in the center, atop a hole-filled plate called the dividing plate. The dividing plate can be rotated about its center and translated along linear stages, and a pin drops into each hole on the plate as it moves to index the location of each gear tooth and lock the machine for cutting.

The most impressive part [Uri’s] machine is that it was made almost entirely with hand tools. The most advanced piece of equipment he used in the build is a lathe, and even for those operations he hand-held the cutting tool. The result is an elegant mechanism as beautiful as it is functional — one that would look at home on a workbench in the late 19th century.

[Thanks BaldPower]

Continue reading “Homemade Gear Cutting Indexer Blends Art With Engineering”

Making Music With A Go Board Step Sequencer

Ever wonder what your favorite board game sounds like? Neither did we. Thankfully [Sara Adkins] did, and created a step sequencer called Let’s Go that uses the classic board game Go as input.

In the game Go, two players place black and white tokens on a grid, vying for control of the board. As the game progresses, the configuration of game pieces gets more complex and coincidentally begins to resemble Conway’s Game of Life (or a weird QR Code). Sara saw music in the evolving arrangement of circles and transformed the ancient board game into a modern instrument so others could hear it too.

To an observer, [Sara’s] adaptation looks fairly indistinguishable from the version played in China 2,500 years ago — with the exception of an overhead webcam and nearby laptop, of course. The laptop uses OpenCV to digitize the board layout. It feeds that information via Open Sound Control (OSC) into popular music creation software Max MSP (though an open-source version could probably be implemented in Pure Data), where it’s used to control a step sequencer. Each row on the board represents an instrumental voice (melodic for white pieces, percussive for black ones), and each column corresponds to a beat.

Every new game is a new piece of music that starts out simple and gradually increases in complexity. The music evolves with the board, and adds a new dimension for players to interact with the game. If you want to try it out yourself, [Sara] has the project fully documented on her website, and all of the code is available on GitHub. Now we’re just left wondering what other games sound like — [tinkartank] already answered that question for chess, but what about Settlers of Catan?

Continue reading “Making Music With A Go Board Step Sequencer”

Teaching An Old Lathe New Tricks With A Programmable Power Feed

Ask anybody whose spent time standing in front of a mill or lathe and they’ll tell you that some operations can get tedious. When you need to turn down a stainless rod by 1/4″ in 0.030″ increments, you get a lot of time to reflect on why you didn’t just buy the right size stock as you crank the wheel back and forth. That’s where the lead screw comes in — most lathes have a gear-driven lead screw that can be used to actuate the z-axis ( the one which travels parallel to the axis of rotation). It’s no CNC, but this type of gearing makes life easier and it’s been around for a long time.

[Tony Goacher] took this idea a few steps further when he created the Leadscrew Buddy. He coupled a beautiful 1949 Myford lathe with an Arduino, a stepper motor, and a handful of buttons to add some really useful capabilities to the antique machine. By decoupling the lead screw from the lathe’s gearbox and actuating it via a stepper motor, he achieved a much more granular variable feed speed.

If that’s not enough, [Tony] used a rotary encoder to display the cutting tool’s position on a home-built Digital Readout (DRO). The pièce de résistance is a “goto” command. Once [Tony] sets a home position, he can command the z-axis to travel to a set point at a given speed. Not only does this make turning easier, but it makes the process more repeatable and yields a smoother finish on the part.

These features may not seem so alien to those used to working with modern CNC lathes, but to the vast majority of us garage machinists, [Tony]’s implementation is an exciting look at how we can step up our turning game. It also fits nicely within the spectrum of lathe projects we’ve seen here at Hackaday- from the ultra low-tech to the ludicrously-precise.

Continue reading “Teaching An Old Lathe New Tricks With A Programmable Power Feed”

WiFi Hacking Mr. Coffee

You wake up on a Sunday, roll out of bed, and make your way to the centerpiece of your morning, the magical device that helps you start your day: the coffee machine. You open the companion app, because everything has an app in 2020, and select a large latte with extra froth. As you switch open a browser to check Hackaday, the machine beeps. Then the built-in grinder cranks up to 100, the milk frother begins to whir, and the machine starts spraying water. Frantic, you look at the display for an error code and instead see a message instructing you to send $75 to a bitcoin wallet, lest your $300 machine become a doorstop.

Outlandish though it may seem, this has become quite a real possibility, as [Martin Hron] at the Avast Threat Labs demonstrates. In fact, he could probably make your modern macchiato machine do this without setting foot in your house (so long as it comes with a built-in ESP8266, like his did).

Building on others’ work that identified the simple commands that control the machine over it’s WiFi connection (nothing says “brew me a nice cup o’ joe” like 0x37), [Martin] reverse-engineered the Smarter Coffee companion app to extract and reverse engineer its firmware. He was actually able to find the entire firmware image packaged within the app- relatively uncommon in the world of Over-The-Air (OTA) updates, but convenient in this case. Using Interactive Disassembler (IDA) to sift through the firmware’s inner workings, he identified the functions that handle all basic operations, including displaying images on the screen, controlling the heating elements, and of course, beeping. From there, he modified the stock firmware image to include some malicious commands and ran an OTA update.

The mind-boggling part here is that not only was the firmware transmitted as unencrypted plaintext over unsecured WiFi, but the machine didn’t even require a user to confirm the update with a button press. With one quick reboot, the trap was set. The machine operated normally, while waiting for “Order 66,” causing it to turn all the heating elements on, spool up the built-in grinder, and beep. Constantly.

While a broken coffee machine seems relatively innocuous, there are some pretty significant lapses in hardware/firmware security here that, while avoidable, almost seem unnecessary in the first place. It makes us wonder- why does Mr. Coffee need a smartphone in the first place?

Continue reading “WiFi Hacking Mr. Coffee”