A Modular Ecosystem That Evolved Around A Simple Diesel Engine

High volume commodity products are a foundation of hacking, we’ve built many projects around popular form factors like NEMA 17 stepper motors, 608 bearings, and 280 DC motors. Their high volume led to lower cost, which further increased popularity, and the cycle repeats. A similar thing happened to a style of single-cylinder diesel engine in China, and [Jalopnik] takes us through an exploration of these “Tuo La Ji” (tractor) machines.

Like many popular standards, circumstances elevated this style of engine to become more popular than its peers. Judging from the pictures, the idea is similar to NEMA 17 in that the core essence is a bolt pattern and an output shaft. Different manufacturers offer various capabilities within this space, and a wild assortment of machinery evolved to take advantage of this class of power source.

It starts with a set of wheels and handlebars to create a walk-behind farm tractor, something pretty common around the world. But this particular ecosystem grew far beyond that to many other applications, including full sized trucks with off-road capability that would embarrass most of the genteel SUVs cruising our roads today. They may not be fast, but they only needed to be faster and have longer endurance than beasts of burden to be effective as “a horseless horse”.

Due to factors such as poor crash safety, absence of diesel emission controls, and affordability of more powerful (and faster!) vehicles, these machines are a dying breed. But that won’t change the fact there was a fantastic amount of mechanical hacking ingenuity that had sprung up around this versatile engine building simple and effective machines. Their creativity drew from the same well that fed into these Indonesian Vespas.

Photo by [Brian Holsclaw] CC BY-ND 2.0

When Toothbrushes, Typewriters, And Credit Card Machines Form A Band

Many everyday objects make some noise as a side effect of their day job, so some of us would hack them into music instruments that can play a song or two. It’s fun, but it’s been done. YouTube channel [Device Orchestra] goes far beyond a device buzzing out a tune – they are full fledged singing (and dancing!) performers. Watch their cover of Take on Me embedded after the break, and if you liked it head over to the channel for more.

The buzz of a stepper motor, easily commanded for varying speeds, is the easiest entry point into this world of mechanical music. They used to be quite common in computer equipment such as floppy drives, hard drives, and flatbed scanners. As those pieces of equipment become outdated and sold for cheap, it became feasible to assemble a large number of them with the Floppotron being something of a high-water mark.

After one of our more recent mentions in this area, when the mechanical sound of a floppy drive is used in the score of a motion picture, there were definite signs of fatigue in the feedback. “We’re ready for something new” so here we are without any computer peripherals! [Device Orchestra] features percussion by typewriters, vocals by toothbrushes, and choreography by credit card machines with the help of kitchen utensils. Coordinating them all is an impressive pile of wires acting as stage manager.

We love to see creativity with affordable everyday objects like this. But we also see the same concept done with equipment on the opposite end of the price spectrum such as a soothing performance of Bach using the coils of a MRI machine.

[Thanks @Bornach1 for the tip]

Continue reading “When Toothbrushes, Typewriters, And Credit Card Machines Form A Band”

Warshipping: A Free Raspberry Pi In The Mail Is Not Always A Welcome Gift

Leading edge computer security is veiled in secrecy — a world where novel attacks are sprung on those who do not yet know what they need to protect against. Once certain tactics have played out within cool kids’ circles, they are introduced to the rest of the world. An IBM red team presented what they’re calling “warshipping”: sending an adversarial network to you in a box.

Companies concerned about security have learned to protect their internet-accessible points of entry. Patrolling guards know to look for potential wardrivers parked near or repeatedly circling the grounds. But some are comparatively lax about their shipping & receiving, and they are the ideal targets for warshipping.

Bypassing internet firewalls and security perimeters, attack hardware is embedded inside a shipping box and delivered by any of the common carriers. Security guards may hassle a van bristling with antennas, but they’ll wave a FedEx truck right through! The hardware can be programmed to stay dormant through screening, waiting to probe once inside the walls.

The presentation described several ways to implement such an attack. There is nothing novel about the raw hardware – Raspberry Pi, GPS receiver, cellular modems, and such are standard fare for various projects on these pages. The creative part is the software and in how they are hidden: in packing material and in innocuous looking plush toys. Or for persistence, they can be hidden in a wall mounted plaque alongside some discreet photovoltaic panels. (Editor’s note: What? No Great Seals?)

With this particular technique out in the open, we’re sure others are already in use and will be disclosed some years down the line. In the meantime, we can focus our efforts on more benign applications of similar technology, whether it is spying on our cat or finding the nearest fast food joint. The hardware is evolving as well: a Raspberry Pi actually seems rather heavyweight for this, how about a compact PCB with both an ESP32 and a cellular modem?

Via Ars Technica.

Orphaned Amazon Dash Buttons Ripe For Hacking

Amazon Dash buttons were the ultimate single purpose networked device; it really can’t get much simpler than a push button that sends a single message to a fixed endpoint. It was an experiment in ultimate convenience, an entry point to a connected home, and a target for critics of consumerism excess and technological overkill.

But soon they’ll be little more than a footnote in the history of online shopping, as CNet reports Amazon will take the order system offline at the end of the month. With the loss of their original intended usage, there’s nothing to stop us from hacking any Dash buttons we can get our hands on.

Of course, this decision should come as little surprise. Amazon’s in-home retail point of sale has graduated from these very limited $5 buttons to Alexa-powered voice controlled devices. Many people also carry a cell phone at all times capable of submitting Amazon orders. While there are many good reasons to be skeptical of internet connected appliances, they’re undeniably finding a niche in the market and some have integrated their own version of a Dash button to re-order household supplies.

But are hackers still interested in hacking Dash buttons? Over the lifespan of Amazon Dash buttons, our project landscape has shifted as well. We’re certainly still interested in the guts an Echo Dot. But if we wanted to build a simple networked button, we can use devices like an ESP8266 which are almost as cheap and far easier to use. Using something intended for integration means we don’t have headaches like determining which generation hardware we have.

Despite those barriers, we’ve had many Dash button hacks on these pages. A to-do list updater was the most recent and we doubt it will be the last, especially as Amazon’s deactivation should mean a whole new flood of these buttons will become available for hacking.

[via Ars Technica]

The Not Quite USB-C Of Nintendo Switch Accessories

Historically gaming consoles are sold at little-to-no profit in order to entice customers with a low up-front price. The real profits roll in afterwards from sales of games and accessories. Seeking a slice of the latter, aftermarket accessory makers jump in with reverse-engineered compatible products at varying levels of “compatible”.

When the Nintendo Switch was released with a standard USB-C port for accessories, we had hoped those days of hit-or-miss reverse engineering were over, but reality fell short. Redditor [VECTORDRIVER] summarized a few parts of this story where Nintendo deviated from spec, and accessory makers still got things wrong.

Officially, Nintendo declared the Switch USB-C compliant. But as we’ve recently covered, USB-C is a big and complicated beast. Determined to find the root of their issues, confused consumers banded together on the internet to gather anecdotal evidence and speculate. One theory is that Nintendo’s official dock deviated from official USB-C dimensions in pursuit of a specific tactile feel; namely reducing tolerance on proper USB-C pin alignment and compensating with an internal mechanism. With Nintendo playing fast and loose with the specs, it makes developing properly functioning aftermarket accessories all the more difficult.

But that’s not the only way a company can slip up with their aftermarket dock. A teardown revealed Nyko didn’t use a dedicated chip to manage USB power delivery, choosing instead to implement it in software running on ATmega8. We can speculate on why (parts cost? time to market?) but more importantly we can read the actual voltage on its output pins which are too high. Every use becomes a risky game of “will this Switch tolerate above-spec voltage today?” We expect that as USB-C becomes more common, it would soon be cheapest and easiest to use a dedicated chip, eliminating the work of an independent implementation and risk of doing it wrong.

These are fairly typical early teething problems for a new complex technology on their road to ubiquity. Early USB keyboard and mice didn’t always work, and certain combination of early PCI-Express cards and motherboards caused damage. Hopefully USB-C problems — and memories of them — will fade in time as well.

[via Ars Technica]

[Main image source: iFixit Nintendo Switch Teardown]

USB-C: One Plug To Connect Them All, And In Confusion Bind Them

USB stands for Universal Serial Bus and ever since its formation, the USB Implementers Forum have been working hard on the “Universal” part of the equation. USB Type-C, which is commonly called USB-C, is a connector standard that signals a significant new chapter in their epic quest to unify all wired connectivity in a single specification.

Many of us were introduced to this wonder plug in 2015 when Apple launched the 12-inch Retina MacBook. Apple’s decision to put everything on a single precious type-C port had its critics, but it was an effective showcase for a connector that could handle it all: from charging, to data transfer, to video output. Since then, it has gradually spread to more devices. But as the recent story on the Raspberry Pi 4’s flawed implementation of USB-C showed, the quest for a universal connector is a journey with frequent setbacks.

Continue reading “USB-C: One Plug To Connect Them All, And In Confusion Bind Them”

Watch Earthquake Roll Across A Continent In Seismograph Visualization Video

If your only exposure to seismologists at work is through film and television, you can be forgiven for thinking they still lay out rolls of paper to examine lines of ink under a magnifying glass. The reality is far more interesting in a field that has eagerly adopted all available technology. A dramatic demonstration of modern earthquake data gathering, processing, and visualization was Tweeted by @IRIS_EPO following a central California quake on July 4th, 2019. In this video can see the quake’s energy propagate across the continental United States in multiple waves of varying speed and intensity. The video is embedded below, but click through to the Twitter thread too as it has a lot more explanation.

The acronym IRIS EPO expands out to Incorporated Research Institutions for Seismology, Education and Public Outreach. We agree with their publicity mission; more people need to know how cool modern seismology is. By combining information from thousands of seismometers, we could see forces that we could not see from any individual location. IRIS makes seismic data available to researchers (or curious data science hackers) in a vast historical database or a real time data stream. Data compilations are presented in several different forms, this particular video is a GMV or Ground Motion Visualization. Significant events like the 4th of July earthquake get their own GMV page where we can see additional details, like the fact this visualization compiled data from 2,132 stations.

If this stirred up interest in seismology, you can join in the fun of networked seismic data. A simple seismograph can be built from quite humble components, but of course there are specially designed chips for the task as well.

Continue reading “Watch Earthquake Roll Across A Continent In Seismograph Visualization Video”