Author: Elliot Williams

1433 Articles

Knappa Tutu: Some Dancing Required

November 7, 2015 by 12 Comments

Sometimes, you see a lamp shade and you’re just intoxicated enough to put it on your head like a hat and dance around on the table. Other times, you see the same lamp shade, and decide to wire it up with Neopixels, an accelerometer, and an Arduino and make a flowery, motion-activated light show when you wear it as a dress. Or at least that’s what we’ve heard.

[Cheng] gets full marks for the neo-IKEA name for the project and bonus points for clean execution and some nice animations to boot. The build is straightforward: build up the lamp so that it fits around your waist, zip-tie in the RGB LED strip, and connect up accelerometer and microcontroller. A tiny bit of coding later, and you’re off to the disco. It looks like a ridiculous amount of fun, and a sweet weekend build.

Continue reading “Knappa Tutu: Some Dancing Required”

BitDrones Are Awesome, Ridiculous At Same Time

November 6, 2015 by 29 Comments

At first we thought it was awesome, then we thought it was ridiculous, and now we’re pretty much settled on “ridiculawesome”.

Bitdrones is a prototype of a human-computer interaction that uses tiny quadcopters as pixels in a 3D immersive display. That’s the super-cool part. “PixelDrones” have an LED on top. “ShapeDrones” have a gauzy cage that get illuminated by color LEDs, making them into life-size color voxels. (Cool!) Finally, a “DisplayDrone” has a touchscreen mounted to it. A computer tracks each drone’s location in the room, and they work together to create a walk-in 3D “display”. So far, so awesome.

It gets even better. Because the program that commands the drones knows where each drone is, it can tell when you’ve moved a drone around in space. That’s extremely cool, and opens up the platform to new interactions. And the DisplayDrone is like a tiny flying cellphone, so you can chat hands-free with your friends who hover around your room. Check out the video embedded below the break.

Continue reading “BitDrones Are Awesome, Ridiculous At Same Time”

Stegosploit: Owned By A JPG

November 6, 2015 by 34 Comments

We’re primarily hardware hackers, but every once in a while we see a software hack that really tickles our fancy. One such hack is Stegosploit, by [Saumil Shah]. Stegosploit isn’t really an exploit, so much as it’s a means of delivering exploits to browsers by hiding them in pictures. Why? Because nobody expects a picture to contain executable code.

stegosploit_diagram[Saumil] starts off by packing the real exploit code into an image. He demonstrates that you can do this directly, by encoding characters of the code in the color values of the pixels. But that would look strange, so instead the code is delivered steganographically by spreading the bits of the characters that represent the code among the least-significant bits in either a JPG or PNG image.

OK, so the exploit code is hidden in the picture. Reading it out is actually simple: the HTML canvas element has a built-in getImageData() method that reads the (numeric) value of a given pixel. A little bit of JavaScript later, and you’ve reconstructed your code from the image. This is sneaky because there’s exploit code that’s now runnable in your browser, but your anti-virus software won’t see it because it wasn’t ever written out — it was in the image and reconstructed on the fly by innocuous-looking “normal” JavaScript.

232115_1366x1792_scrotAnd here’s the coup de grâce. By packing HTML and JavaScript into the header data of the image file, you can end up with a valid image (JPG or PNG) file that will nonetheless be interpreted as HTML by a browser. The simplest way to do this is send your file myPic.JPG from the webserver with a Content-Type: text/html HTTP header. Even though it’s a totally valid image file, with an image file extension, a browser will treat it as HTML, render the page and run the script it finds within.

The end result of this is a single image that the browser thinks is HTML with JavaScript inside it, which displays the image in question and at the same time unpacks the exploit code that’s hidden in the shadows of the image and runs that as well. You’re owned by a single image file! And everything looks normal.

We like this because it combines two sweet tricks in one hack: steganography to deliver the exploit code, and “polyglot” files that can be read two ways, depending on which application is doing the reading. A quick tag-search of Hackaday will dig up a lot on steganography here, but polyglot files are a relatively new hack.

[Ange Ablertini] is the undisputed master of packing one file type inside another, so if you want to get into the nitty-gritty of [Ange]’s style of “polyglot” file types, watch his talk on “Funky File Formats” (YouTube). You’ll never look at a ZIP file the same again.

Sweet hack, right? Who says the hardware guys get to have all the fun?

Logic Noise: Digital To Analog With An R-2R DAC

November 5, 2015 by 28 Comments

Making sound with digital logic usually calls for a Digital to Analog converter. Building one can be very simple, and the sound quality out of an R-2R Ladder is actually pretty good.

In the last edition of Logic Noise, we built up a (relatively) simple VCO — voltage-controlled oscillator — that had roughly one-volt-per-octave response. I even demonstrated it working mostly in tune with another synth’s keyboard. But what if you don’t have a control-voltage keyboard sitting around or you want to combine all of the logic-based circuits that we’ve been building with other circuits under voltage control? That’s where the digital to analog (DAC) voltage converter comes in.

Continue reading “Logic Noise: Digital To Analog With An R-2R DAC”

IPhone Jailbreak Hackers Await $1M Bounty

November 3, 2015 by 33 Comments

According to Motherboard, some unspecified (software) hacker just won a $1 million bounty for an iPhone exploit. But this is no ordinary there’s-a-glitch-in-your-Javascript bug bounty.

On September 21, “Premium” 0day startup Zerodium put out a call for a chain of exploits, starting with a browser, that enables the phone to be remotely jailbroken and arbitrary applications to be installed with root / administrator permissions. In short, a complete remote takeover of the phone. And they offered $1 million. A little over a month later, it looks like they’ve got their first claim. The hack has yet to be verified and the payout is actually made.

But we have little doubt that the hack, if it’s actually been done, is worth the money. The NSA alone has a $25 million annual budget for buying 0days and usually spends that money on much smaller bits and bobs. This hack, if it works, is huge. And the NSA isn’t the only agency that’s interested in spying on folks with iPhones.

Indeed, by bringing something like this out into the open, Zerodium is creating a bidding war among (presumably) adversarial parties. We’re not sure about the ethics of all this (OK, it’s downright shady) but it’s not currently illegal and by pitting various spy agencies (presumably) against each other, they’re almost sure to get their $1 million back with some cream on top.

We’ve seen a lot of bug bounty programs out there. Tossing “firmname bug bounty” into a search engine of your choice will probably come up with a hit for most firmnames. A notable exception in Silicon Valley? Apple. They let you do their debugging work for free. How long this will last is anyone’s guess, but if this Zerodium deal ends up being for real, it looks like they’re severely underpaying.

And if you’re working on your own iPhone remote exploits, don’t be discouraged. Zerodium still claims to have money for two more $1 million payouts. (And with that your humble author shrugs his shoulders and turns the soldering iron back on.)

Stellarator Is Germany’s Devilishly Complex Nuclear Fusion

November 2, 2015 by 82 Comments

You may not have heard of a Stellarator before, but if all goes well later this month in a small university town in the far northeast of Germany, you will. That’s because the Wendelstein 7-X is finally going to be fired up. If it’s able to hold the heat of a fusion-capable plasma, it could be a huge breakthrough.

So what’s a stellarator? It’s a specific type of nuclear fusion containment geometry that, while devilishly complex to build and maintain, stands a chance at being the first fusion generator to achieve break-even, where the energy extracted from the fusion reaction is greater or equal to the energy used in creating the necessary hot plasma.

There’s an awesome video on the W7-X, and some of the theory behind the reactor just below the break.

Continue reading “Stellarator Is Germany’s Devilishly Complex Nuclear Fusion”

3D Scanned, CNC-Milled, Pumpkin Selfie

October 31, 2015 by 11 Comments

When you have a CNC mill sitting around, it almost seems anachronistic to pull out a kitchen knife to carve a pumpkin. You can hardly blame [Nathan Bentall] for choosing an endmill instead. If you’re feeling the same, check out his blog post where [Nathan] works through all the steps involved in going from a raw pumpkin to a 3D RGB LED bust of himself. To put his head on the pumpkin’s shoulders he captured a depth map using a Kinect and then got down to some unorthodox milling.

Continue reading “3D Scanned, CNC-Milled, Pumpkin Selfie”