Author: Tom Nardi

2547 Articles

Hacker Pops Top On NFC Vending Machines

October 16, 2018 by 23 Comments

Vending machines used to be a pretty simple affair: you put some coins in, and food or drink that in all likelihood isn’t fit for human consumption comes out. But like everything else today, they are becoming increasingly complex Internet connected devices. Forget fishing around for pocket change; the Coke machine at the mall more often than not has a credit card terminal and a 30 inch touch screen display to better facilitate dispensing cans of chilled sugar water. Of course, increased complexity almost always goes hand in hand with increased vulnerability.

So when [Matteo Pisani] recently came across a vending machine that offered users the ability to pay from an application on their phone, he immediately got to wondering if the system could be compromised. After all, how much thought would be put into the security of a machine that basically sells flavored water? The answer, perhaps not surprisingly, is very little.

The write-up [Matteo] has put together is an outstanding case study in hacking Android applications, from pulling the .apk package off the phone to decompiling it into its principal components with programs like apktool and jadx. He even shows how you can reassemble the package and get it suitable for reinstallation on your device after fiddling around with the source code. If you’ve ever wanted a crash course on taking a peek inside of Android programs, this is a great resource.

By snooping around in the source code, [Matteo] was able to discover not only the location of the encrypted database that serves as the “wallet” for the user, but the routine that generates the encryption key. To cut a long story short, the program simply uses the phone’s IMEI as the key to get into the database. With that in hand, he was able to get into the wallet and give himself a nice stack of “coins” for the next time he hit the vending machines. Given his new-found knowledge of how the system works, he even came up with a separate Android app that allows adding credit to the user’s account on a rooted device.

In the video after the break, [Matteo] demonstrates his program by buying a soda and then bumping his credit back up to buy another. He ends his write-up by saying that he has reported his findings to the company that manufacturers the vending machines, but no word on what (if any) changes they plan on making. At the end of the day, you have to wonder what the cost-befit analysis looks like for a full security overhaul when when you’re only selling sodas and bags of chips.

When he isn’t liberating carbonated beverages from their capitalistic prisons, he’s freeing peripherals from their arbitrary OS limitations. We’re starting to get a good idea about what makes this guy tick.

Continue reading “Hacker Pops Top On NFC Vending Machines”

Wind Turbine Pushes Limits Of Desktop 3D Printing

October 15, 2018 by 36 Comments

There was a time, not so long ago, when hype for desktop 3D printing as so high that it seemed you could print anything. Just imagine it, and your handy dandy magical 3D printer could manifest it into reality. But now that more people have had first hand experience with the technology, the bubble has burst. Reality has sobered us up a bit, and today we’ve got a much better idea of what can and cannot be printed on a traditional desktop 3D printer.

But that doesn’t mean we aren’t surprised from time to time. As a perfect example, take a look at this almost entirely 3D printed wind turbine designed and built by [Nikola Petrov]. Outside of the electronics, the pole it’s mounted to, and some assorted bits and bobs, he produced all the parts on his own large-format TEVO Black Widow printer. He mentions there are a few things he would do differently if he was to build another one, but it’s hard to find much to complain about with such a gorgeous build.

To be sure, this one isn’t for the 3D printing novice. First of all, you’ll need a printer with a bed that’s at least 370 mm wide just to print the blades. [Nikola] also recommends printing the parts in ABS and coating them with acetone to smooth and harden the outside surfaces. We’d be surprised if you could print such large objects in ABS without a heated enclosure as well, so plan on adding that to your shopping list.

On the flip side though, the electronics are about as simple as they come. The blades are spinning a standard NEMA 17 stepper motor (through a 1:5 gearbox) to produce AC power. This is then fed into two W02M rectifiers and a beefy capacitor, which gives him DC with a minimum of fuss. In theory it should be capable of producing 1A at 12V, which is enough to light LEDs and charge phones. In this design there’s no battery charging circuit or anything like that, as [Nikola] says it’s up to the reader to figure out how to integrate the turbine into their system.

If you don’t think your 3D printing skills are up to the task, no worries. In the past we’ve seen wind turbines built out of ceiling fans, and occasionally, even less.

Teardown: D50761 Aircraft Quick Access Recorder

October 15, 2018 by 37 Comments

Everyone’s heard of the “black box”. Officially known as the Flight Data Recorder (FDR), it’s a mandatory piece of equipment on commercial aircraft. The FDR is instrumental in investigating incidents or crashes, and is specifically designed to survive should the aircraft be destroyed. The search for the so-called “black box” often dominates the news cycle after the loss of a commercial aircraft; as finding it will almost certainly be necessary to determine the true cause of the accident. What you probably haven’t heard of is a Quick Access Recorder (QAR).

While it’s the best known, the FDR is not the only type of recording device used in aviation. The QAR could be thought of as the non-emergency alternative to the FDR. While retrieving data from the FDR usually means the worst has happened, the QAR is specifically designed to facilitate easy and regular access to flight data for research and maintenance purposes. Its data is stored on removable media and since the QAR is not expected to survive the loss of the aircraft it isn’t physically hardened. In fact, modern aircraft often use consumer-grade technology such as Compact Flash cards and USB flash drives as storage media in their QAR.

Through the wonders of eBay, I recently acquired a vintage Penny & Giles D50761 Quick Access Recorder. This was pulled out of an aircraft which had been in service with the now defunct airline, Air Toulouse International. Let’s crack open this relatively obscure piece of equipment and see just what goes into the hardware that airlines trust to help ensure their multi-million dollar aircraft are operating in peak condition.

Continue reading “Teardown: D50761 Aircraft Quick Access Recorder”

The 3D Printed Plotter You Didn’t Know You Needed

October 15, 2018 by 19 Comments

We’ve been seeing an influx of repurposed 3D printers recently. Thrifty hackers have been leveraging cheap 3D printers as a way to bootstrap their builds, on everything from laser engravers to pick and place machines. There’s nothing wrong with that, and honestly when you can get a cheap 3D printer for less than the cost of the components separately thanks to the economies of scale, you’d be foolish not to.

But there’s still something to be said for the classic RepRap mentality of building things using printed parts and smooth rods. Case in point, the largely 3D printed plotter that [darth vader] sent in for our viewing pleasure. This isn’t somebody sicking a pen on the extruder of their open box Monoprice special, this is a purpose built plotter and it shows. In the video after the break you can see not only how well it draws, but also how large of a work area it has compared to a modified 3D printer.

If you know your way around a 3D printer, most of it should look pretty familiar to you. Using the same GT2 belts, steppers, end stop switches, and linear bearings which are ubiquitous in 3D printers, it shouldn’t be difficult to source the parts to build your own. It even uses a Mega 2560 with RAMPS 1.4 running Marlin 1.1.9 for control.

The biggest difference is the physical layout. Since there’s no heavy hotend or extruder assembly to move around, the plotter has a cantilever design which gives it far greater reach. As it only needs to sightly lift the pen off the paper, there’s no need for a complex Z axis with leadscrews either; a simple servo mounted to the end of the arm is used to raise and lift the pen. We especially like the use of a tape measure as strain relief for his wiring, a fantastic tip that we (and many of you) fell in love with last year.

While it’s hard to beat just tossing a pen onto the business end of your desktop 3D printer in terms of convenience, we think it’s pretty clear from this build that the results don’t quite compare. If you want a real plotter, build a real plotter.

Continue reading “The 3D Printed Plotter You Didn’t Know You Needed”

Trashed TV Gets RGB LED Backlight

October 11, 2018 by 34 Comments

It might not be obvious unless you’ve taken one apart, but most of the TVs and monitors listed as “LED” are simply LCD panels that use a bank of LEDs to illuminate them from behind. Similarly, what are generally referred to as “LCDs” are LCD panels that use fluorescent tubes for illumination. To get a true LED display with no separate backlight, you need OLED. Confused? Welcome to the world of consumer technology.

With those distinctions in mind, the hack that [Zenodilodon] recently performed on a broken “LED TV” is really rather brilliant. By removing the dead white LED backlights and replacing them with RGB LED strips, he not only got the TV working again, but also imbued it with color changing abilities. Perfect for displaying music visualizations, or kicking your next film night into high gear with a really trippy showing of Seven Samurai.

In the video after the break, [Zenodilodon] starts his RGB transplant by stripping the TV down to its principal parts. The original LEDs were toasted, so they might as well go straight in the bin alongside their driver electronics. But the LCD panel itself was working fine (tested by shining a laser pointer through it to see if there was an image), and the plastic sheets which diffuse the LED backlight were easily salvaged.

With the old LEDs removed, [Zenodilodon] laid out his new strips and soldered them up to the external controller. He was careful to use all white wires, as he was worried colored wires might reflect the white light and be noticeable on the display. After buttoning the TV back up, he went through a few demonstrations to show how the image looked with the white LEDs on, as well as some interesting effects that could be seen when the LEDs are cycling through colors.

The RGB strips don’t light up the display as well as the original backlight did, as there are some obvious dark spots and you can see some horizontal lines where the strips are. But [Zenodilodon] says the effect isn’t too bad in real-life, and considering it was a cheap TV the image quality was probably never that great to begin with.

On the flip side, if you find an LED TV or monitor in the trash with a cracked screen, it might be worth taking it home to salvage its super-bright white LEDs for your lighting projects.

Continue reading “Trashed TV Gets RGB LED Backlight”

International Space Station Is Racing The Clock After Soyuz Failure

October 11, 2018 by 120 Comments

Today’s failed Soyuz launch thankfully resulted in no casualties, but the fate of the International Space Station (ISS) is now in question.

Just two minutes after liftoff, the crew of the Soyuz MS-10 found themselves in a situation that every astronaut since the beginning of the manned space program has trained for, but very few have ever had to face: a failure during launch. Today the crew of two, Russian Aleksey Ovchinin and American Nick Hague, were forced to make a ballistic re-entry into the Earth’s atmosphere; a wild ride that put them through higher G forces than expected and dropped the vehicle approximately 430 km from the launch site in Baikonur. Both men walked away from the event unharmed, but while the ordeal is over for them, it’s just beginning for the crew of the ISS.

Until a full investigation can be completed by Roscosmos, Russia’s space agency, the Soyuz rocket is grounded. This is standard procedure, as they obviously don’t want to launch another rocket and risk encountering the same issue. But as the Soyuz is currently the only way we have to get humans into space, this means new crew can’t be sent to the ISS until Roscosmos is confident the issue has been identified and resolved.

Soyuz MS-11, which would have brought up three new crew members to relieve those already on the Station, was scheduled for liftoff on December 20th. While not yet officially confirmed, that mission is almost certainly not going to be launching as scheduled. Two months is simply not long enough to conduct an investigation into such a major event when human lives are on the line.

The failure of Soyuz MS-10 has started a domino effect which will deprive the ISS of the five crew members which were scheduled to be aboard by the end of 2018. To make matters worse, the three current crew members must return to Earth before the end of the year as well. NASA and Roscosmos will now need to make an unprecedented decision which could lead to abandoning the International Space Station; the first time it would be left unmanned since the Expedition 1 mission arrived in November 2000.

Continue reading “International Space Station Is Racing The Clock After Soyuz Failure”

The Crustacean Battle Bot Of Your Nightmares

October 11, 2018 by 10 Comments

We’ve all seen a movie or TV show that got our imagination going, and the more studious of us might get fired up over a good book (one without pictures, even). You never know were inspiration might come from, which is why it’s so hard to track down in the first place. But one place we don’t often hear about providing many hackers with project ideas is the grocery store. But of course the more we learn about [Michael Kohn], the more we realize he’s got a very unique vision.

On a recent trip to the grocery store, [Michael] saw a two pack of frozen lobsters and thought they would make fine battling robots. You know, as one does. Unfortunately the process of taking a frozen lobster and turning it into a combat droid (which incidentally does include eating the thing at some point in the timeline) ended up being so disgusting that he only finished one of them. Whether that makes this poor fellow the winner or loser though…that’s a question that will require some contemplation.

The first step was cooking and eating the beast, and after that came cleaning the shell of as much remaining meat and innards as possible. He then baked it in a toaster oven for 40 minutes and let it sit for a couple of days to make sure it didn’t have any residual smell. Once he confirmed the shell was clean, he glued it back together and got started on mounting it to his hardware.

A wooden frame under the lobster holds the dual HD-1711MG mini servos that power the karate chop action of the claws, as well as the electronics. [Michael] used a ATtiny85 and NTD4963N MOSFETs to make a basic RC platform which responds to IR from a Syma S107 toy helicopter controller. He tried to power everything with AAA and then AA batteries, but found they just didn’t give him the juice he needed once the bot got going. So the final version utilizes a 5 V regulator and a standard RC 7.2v LiPO battery pack.

If you’re not big on shellfish, never fear. He’s created similar roving contraptions based around sausages and carrots too. One could say he’s truly a man of refined…taste.

Continue reading “The Crustacean Battle Bot Of Your Nightmares”