This Week In Security: BatBadBut, DLink, And Your TV Too

April 12, 2024 by 22 Comments

So first up, we have BatBadBut, a pun based on the vulnerability being “about batch files and bad, but not the worst.” It’s a weird interaction between how Windows uses cmd.exe to execute batch files and how argument splitting and character escaping normally works. And what is apparently a documentation flaw in the Windows API.

When starting a process, even on Windows, the new executable is handed a set of arguments to parse. In Linux and friends, that is a pre-split list of arguments, the argv array. On Windows, it’s a single string, left up to the program to handle. The convention is to follow the same behavior as Linux, but the cmd.exe binary is a bit different. It uses the carrot ^ symbol instead of the backslash \ to escape special symbols, among other differences. The Rust devs took a look and decided that there are some cases where a given string just can’t be made safe for cmd.exe, and opted to just throw an error when a string met this criteria.

And that brings us to the big questions. Who’s fault is it, and how bad is it? I think there’s some shared blame here. The Microsoft documentation on CreateProcess() strongly suggests that it won’t execute a batch file without cmd.exe being explicitly called. On the other hand, This is established behavior, and scripting languages on Windows have to play the game by Microsoft’s rules. And the possible problem space is fairly narrow: Calling a batch file with untrusted arguments.

Almost all of the languages with this quirk have either released patches or documentation updates about the issue. There is a notable outlier, as the Java language will not receive a fix, not deeming it a vulnerability. It’s rather ironic, given that Java is probably the most likely language to actually find this problem in the wild. Continue reading “This Week In Security: BatBadBut, DLink, And Your TV Too”

The Future Looks Bleak For Alexa Skill Development

April 12, 2024 by 30 Comments

While the average Hackaday reader is arguably less likely than most to install a megacorp’s listening device in their home, we know there’s at least some of you out there that have an Amazon hockey puck or two sitting on a shelf. The fact is, they offer some compelling possibilities for DIY automation, even if you do have to jump through a few uncomfortable hoops to bend them to your will.

That being said, we’re willing to bet very few readers have bothered installing more than a few Alexa Skills. But that’s not a judgment based on any kind of nerd stereotype — it’s just that nobody seems to care about them. A fact that’s evidenced by the recent revelation that even Amazon looks to be losing interest in the program. In a post on LinkedIn, Skill developer [Mark Tucker] shared an email he received from the mothership explaining they were ending the AWS Promotional Credits for Alexa (APCA) program on June 30th.

Continue reading “The Future Looks Bleak For Alexa Skill Development”

Make Your Music Simpler With The User-Unfriendliest Cassette Deck Ever

April 12, 2024 by 17 Comments

Call us crazy, but music was a whole lot more fun when it was on physical media. Or perhaps just easier to use, especially in the car. Whether your particular vintage favored CDs, cassettes, or even 8-tracks, being able to fish out that favorite album and slam it in the player while never taking your eyes off the road was a whole lot easier than navigating a playlist on a locked phone, or trying to control an infotainment system through soft buttons on a touch screen.

It seems like [Jarek Lupinski] is as much a Spotify Luddite as we are, since his “tape-deck” project is aimed to be as user-unfriendly as possible. It’s just an auto-reversing cassette deck movement stripped bare of all useful appurtenances, like a way to fast forward or rewind. You just put a cassette in and it plays, start to finish, before auto-reversing to play the other side in its entirety. It doesn’t even have a volume control — his cheeky advice is to “listen to louder or quieter albums” to solve that problem. Pretty easy, really, and not a EULA or advertisement in sight. Build files are available if you hate yourself enough to build one of your own.

All kidding aside, this is kind of a nice reminder of how much things have changed, and how much complexity we’ve layered onto the simplest of pleasures. If you like the minimalist approach of this project but not the deconstructed aesthetics, we’ve got you covered.

The Aimbot V3 Aims To Track & Terminate You

April 11, 2024 by 18 Comments

Some projects we cover are simple, while some descend into the sort of obsessive, rabbit-hole-digging-into-wonderland madness that hackers everywhere will recognize. That’s precisely where [Excessive Overload] has gone with the AimBot V3, a target-tracking BB-gun that uses three cameras, two industrial servos, and an indeterminate amount of computing power to track objects and fire up to 40 BB gun pellets a second at them.

The whole project is overkill, made of CNC-machined metal, epoxy-cast gears, and a chain-driven pan-tilt system that looks like it would take off a finger or two before you even get to the shooty bit. That’s driven by input from the three cameras: a wide-angle one that finds the target and a stereo pair that zooms in on the target and determines the distance from the gun, using several hundred frames per second of video. This is then used to aim the BB gun stock, a Polarstar mechanism that fires up to 40 pellets a second. That’s fed by a customized feeder that uses spring wire.

The whole thing comes together to form a huge gun that will automatically track the target. It even uses motion tracking to discern between a static object like a person and a dart fired by a toy gun, picking the dart out of the air at least some of the time.

The downside is that it only works on targets with a retroreflective patch: it includes a 15 watt IR LED on the front of the gun. The camera detects the bright reflection and uses it to track the target, so all you have to do to avoid this particular Terminator is make sure you aren’t wearing anything too shiny.

Continue reading “The Aimbot V3 Aims To Track & Terminate You”

A finger points at a stack of yellow plastic plates sandwiched together like on a bookshelf. A grey metal rectangle holds the top together and black plastic sticks off to the left. The top of the pack has copper and nickel (or some other silver-colored metal) tabs pointing up out of the assembly.

Tearing Into A Sparky Sandwich

April 11, 2024 by 35 Comments

We’re still in the early days of modern EV infrastructure, so minor issues can lead to a full high voltage pack replacement given the lack of high voltage-trained mechanics. [Ed’s Garage] was able to source a Spark EV battery pack that had succumbed to a single bad cell and takes us along for the disassembly of the faulty module.

The Spark EV was the predecessor to the more well-known Chevy Bolt, so its nearly ten year old systems might not reflect the state-of-the-art in EV batteries, but they are certainly more modern than the battery in your great-grandmother’s Baker Electric. The Li-ion polymer pouch cells are sandwiched together with cooling and shock absorbing panels to keep the cells healthy and happy, at least in theory.

In a previous video, [Ed’s Garage] takes apart the full pack and shows how the last 2P16S module has assumed a darker color on its yellow plastic, seeming to indicate that it wasn’t receiving sufficient cooling during its life in the car. It would seem that the cooling plates inside the module weren’t quite up to the task. These cells are destined for other projects, but it doesn’t seem like this particular type of battery module would be too difficult to reassemble and put back in a car as long as you could get the right torque settings for the compression bolts.

If you’re looking for other EV teardowns, might we suggest this Tesla Model S pack or one from a passively-cooled Nissan Leaf?

Continue reading “Tearing Into A Sparky Sandwich”

Small, Quiet Air Compressor Puts 3D-Printed Parts To Best Use

April 11, 2024 by 14 Comments

When the only tool you’ve got is a hammer, every problem starts to look like a nail. Similarly, while a 3D printer is a fantastic tool to have, it can make you think it’s possible to build all the things with printed parts. Knowing when to print ’em and when to machine ’em is important, a lesson that [Diffraction Limited] has taken to heart with this semi-printed silent air compressor.

The key to this compressor’s quiet operation is a combination of its small overall size. its relatively low output, and its strategic use of plastic components, which tend to dampen vibrations. The body of the compressor and the piston arms are the largest 3D-printed parts; the design calls for keeping printed parts in compression for longer life, while the parts of the load path in tension travel through fasteners and other non-printed parts. The piston design is interesting — rather than being attached to connecting rods via wrist pins, the machined Delrin pistons are solidly attached to the piston arms. This means they have to swivel within the cylinders, which are made from short pieces of metal tubing, with piston seals designed to move up and down in grooves on the pistons to allow air to move past them. The valve bodies atop each cylinder are salvaged from another compressor.

When powered by a NEMA23-frame BLDC motor via a belt drive, the compressor is remarkably quiet; not quite silent perhaps, but still impressively smooth, and capable of 150 PSI at low speeds. And as a bonus, the split crankcase makes it easy to open up and service, or just show off how it works. We’ve seen a variety of 3D-printed compressors, from screw-type to Wankel, but this one really takes the prize for fit and finish. Continue reading “Small, Quiet Air Compressor Puts 3D-Printed Parts To Best Use”

Garage Door Automation With No Extra Hardware

April 11, 2024 by 10 Comments

Home automation projects have been popular as long as microcontrollers have been available to the general public. Building computers to handle minutiae so we don’t have to is one of life’s great joys. Among the more popular is adding some sort of system to a garage door. Besides adding Internet-connected remote control to the action of opening and closing, it’s also helpful to have an indicator of the garage door state for peace-of-mind. Most add some sensors and other hardware to accomplish this task but this project doesn’t use any extra sensors or wiring at all.

In fact, the only thing added to the garage door for this build besides some wiring is the microcontroller itself. After getting the cover of the opener off, which took some effort, a Shelly Uni was added and powered by the 12V supply from the opener itself. The garage door opener, perhaps unsurprisingly, has its own way of detecting when the door is fully open or closed, so some additional wire was added to these sensors to let the microcontroller know the current state. Shelly Uni platforms have a WiFi module included as well, so nothing else was needed for this to function as a complete garage door automation platform.

[Stephen] uses Home Assistant as the basis for his home automation, and he includes all of the code for getting this platform up and running there. It wouldn’t be too hard to get it running on other openers or even on other microcontroller platforms; the real key to this build is to recognize that sometimes it’s not necessary to reinvent the wheel with extra sensors, limit switches, or even power supplies when it’s possible to find those already in the hardware you’re modifying. This isn’t always possible, though, especially with more modern devices that might already be Internet-connected but probably don’t have great security.