Author: Jenny List

3292 Articles

Encryption For The Most Meager Of Devices

October 15, 2017 by 57 Comments

It seems that new stories of insecure-by-design IoT devices surface weekly, as the uneasy boundary is explored between the appliance and the Internet-connected computer. Manufacturers like shifting physical items rather than software patches, and firmware developers may not always be from the frontline of Internet security.

An interesting aside on the security of IoT traffic comes from [boz], who has taken a look at encryption of very low data rate streams from underpowered devices. Imagine perhaps that you have an Internet-connected sensor which supplies only a few readings a day that you would like to keep private. Given that your sensor has to run on tiny power resources so a super-powerful processor is out of the question, how do you secure your data? Simple encryption schemes are too easily broken.

He makes the argument for encryption from a rather unexpected source: a one-time pad. We imagine a one-time pad as a book with pages of numbers, perhaps as used by spies in Cold-War-era East Berlin or something. Surely storing one of those would be a major undertaking! In fact a one-time pad is simply a sequence of random keys that are stepped through, one per message, and if your message is only relatively few bytes a day then you have no need to generate more than a few K of pad data to securely encrypt it for years. Given that even pretty meager modern microcontrollers have significant amounts of flash at their disposal, pad storage for sensor data of this type is no longer a hurdle.

Where some controversy might creep in is the suggestion that a pad could be recycled when its last entry has been used. You don’t have to be a cryptologist to know that reusing a one-time pad weakens the integrity of the cypher, but he has a valid answer there too, If the repeat cycle is five years, your opponent must have serious dedication to capture all packets, and at that point it’s worth asking yourself just how sensitive the sensor data in question really is.

MIDI And A Real Vox Humana Come To A Century-Old Melodeon

October 15, 2017 by 6 Comments

A hundred years or more of consumer-level recorded music have moved us to a position in which most of us unconsciously consider music to be a recorded rather than live experience. Over a century ago this was not the case, and instead of a hi-fi or other device, many households would have had some form of musical instrument for their own entertainment. The more expensive ones could become significant status symbols, and there was a thriving industry producing pianos and other instruments for well-to-do parlours everywhere.

One of these parlour instruments came the way of [Alec Smecher], a pump organ, also known as a harmonium, or a melodeon. He’s carefully added a MIDI capability to it, and thus replaced its broken “Vox Humana” tremolo effect intended as a 19th century simulation of a choir, with a set of genuine human sounds. There is an almost Monty Python quality to his demonstration of this real Vox Humana, as you can see in the video below.

Lest you think though that he’s gutted the organ in the process of conversion, be rest assured that this is a sensitively applied piece of work. A microswitch has been placed beneath each key, leaving the original mechanism intact and working. An Arduino Leonardo has the microswitches multiplexed into a matrix similar to a keyboard, and emulates a USB MIDI device. It’s fair to say that it therefore lacks the force sensitivity you might need to emulate a piano, but it does result in rather an attractive MIDI instrument that also doubles as a real organ.

Continue reading “MIDI And A Real Vox Humana Come To A Century-Old Melodeon”

Nintendo Power Glove Achieves Its Promise As Vive Controller

October 14, 2017 by 11 Comments

You have to hand it to Nintendo, for blazing the virtual reality trail in consumer products a couple of decades before everyone else, even if the best that can be said for their efforts in that direction is that they weren’t exactly super-successful. Their 1989 Power Glove became little more than a difficult-to-use peripheral for everyday console games, and their 1995 Virtual Boy console was streets ahead of its time but had a 3D effect that induced discomfort in its players.

Many years later though, the Power Glove remains an intriguing product, and one that can be readily found second-hand. The folks at Teague Labs think that perhaps its time has come as the basis of a peripheral for modern VR systems, as a controller for the HTC Vive.

They’ve taken a Power Glove, and through an Arduino Due with a custom shield, interfaced it to the Vive controller mounted where the buttons would have been in its Nintendo days. The Vive provides positional data, while the Nintendo sensors provide hand data. Thus they’ve made an accomplished glove peripheral with a lot less heartache than they would have seen had they done so from scratch.

They show us a couple of environments using the glove, an iPad simulation which we’re having a little difficulty getting our heads round, and a rock/paper/scissors game which looks rather fun. If you are interested in further work, all their code is on GitHub.

We’ve shown you another hugely-upgraded Power Glove in the past, but how about one controlling a quadcopter?

Get Your Smarties Or M&Ms From A Vending Machine

October 12, 2017 by 19 Comments

There are some debates that split the world down the middle. Serious stuff: M&Ms, or Smarties*? Yes, the two chocolate beans may bear a superficial resemblance to each other, but you’re either a Smartie lover, or an M&M lover. No compromises.

[Maximusvo] has sensibly dodged all questions of brand loyalty in his text if not in his images even though it’s obvious what kind of confectionery he’s working with in his candy vending machine. The hard-shell chocolates are loaded into a hopper, from which a colourful cascade is released onto a scale. When the desired weight has been accumulated, it is tipped into a drawer for the hungry recipient.

Behind it all is an Arduino with a motor to release the beans, a load cell to weigh them, and an LCD display to give a status report. A motor vibrates the chute to ensure they move down it, but as can be seen in the video demo below the break it’s not doing an entirely successful job. There is an external buzzer to indicate delivery, and aside from the wooden construction of the machine there are 3D printed parts in the scale.

Continue reading “Get Your Smarties Or M&Ms From A Vending Machine”

One Man’s Tale Of EMC Compliance Testing

October 9, 2017 by 31 Comments

If you turn over almost any electronic device, you should find all those compliance logos: CE, FCC, UL, TÜV, and friends. They mean that the device meets required standards set by a particular region or testing organisation, and is safe for you, the consumer.

Among those standards are those concerning EMC, or ElectroMagnetic Compatibility. These ensure that the device neither emits RF radiation such that it might interfere with anything in its surroundings, nor is it unusually susceptible to radiation from those surroundings. Achieving a pass in those tests is something of a black art, and it’s one that [Pero] has detailed his exposure to in the process of seeing a large 3-phase power supply through them. It’s a lengthy, and fascinating post.

He takes us through a basic though slightly redacted look at the device itself, before describing the testing process, and the EMC lab. These are fascinating places with expert staff who can really help, though they are extremely expensive to book time in. Since the test involves a mains power supply he describes the Line Impedance Stabilisation Network, or LISN, whose job is to safely filter away the RF component on the mains cable, and present a uniform impedance to the device.

In the end his device failed its test, and he was only able to achieve a pass with a bit of that black magic involving the RF compliance engineer’s secret weapons: copper tape and ferrite rings. [Pero] and his colleagues are going to have to redesign their shielding.

We’ve covered our visits to the EMC test lab here before.

A Converter You Won’t Have: PS/2 Mouse To Serial Mouse

October 9, 2017 by 68 Comments

When did you last buy a mouse? Did it have a little adapter in the box? There was a time when if you bought a USB mouse, in the box was also an adapter to allow it to be used with the older PS/2 interface. And if you were to go back a few more years into the past, you’d have found when you bought a mouse with a PS/2 connector fitted, it may well have come with an adapter for a 9-pin RS232 serial port. Those mice from a decade or more ago would have contained the software to recognise the interface into which they were plugged, and emulate it accordingly. It is unlikely then that you could take a modern USB-only device and an unholy chain of USB-to-PS/2-to-serial adapters, and have it work as a serial mouse. Want to run Windows 3.1 on a 386DX? You need a serial mouse.

Happily, [matze525] has come along with a solution for those of you with a need to drive an ancient PC with a serial mouse. He’s created a PS/2 to RS232 mouse converter, and it takes the form of a little PCB with an AT90S2313P microcontroller to do the translation and an RS232 level converter chip.

It might sound like a rather unexpected device to produce, but we can see it fills an important niche. In the early 1990s mice were not the reliable optical devices we have today, instead they had nasty mechanical connections inside, or if you were extremely lucky, optical encoder wheels. The supply of still-reliable RS232 mice must therefore be dwindling, and if you have a Windows 3.1 PC to keep alive then we can see the ability to use a more modern pointing device has a lot going for it.

If you have one of those machines from that era that came with proprietary interfaces, maybe you can make use of a USB to quadrature converter.

Your Hard Disk As An Accidental Microphone

October 8, 2017 by 30 Comments

We’re used to attaching peripherals to our computers, when we have a need for them to interact with the world around them. An Arduino Uno needs a shield to turn on the lights, for example. Just sometimes though there is the potential for unintended interaction between a computer and the real physical world which surrounds it, and it’s one of those moments that [Alfredo Ortega] has uncovered in his talk at the EKO Party conference in Buenos Aires. He demonstrates how a traditional spinning-rust computer hard disk interacts with vibration in its surroundings, and can either become a rudimentary microphone, or be compromised by sound at its resonant frequency (PDF).

It seems that you can measure the response time of the hard drive head during a read operation without requiring any privilege escalation. This timing varies with vibration, so can be used to reconstruct the sound that the drive is facing. Thus it becomes a microphone, albeit not a very good one with a profoundly bass-heavy response. He goes on to investigate the effect of sound on the drive, discovering that it has a resonant frequency at which the vibration causes it to be unreadable.

Sadly the talk itself appears not yet to be online, but given that previous years’ EKO talks are on YouTube it is likely that when the dust has settled you will be able to see it in full. Meanwhile he’s posted a video demonstration which we’ve posted below the break.

Continue reading “Your Hard Disk As An Accidental Microphone”