A clock with an e-paper display in a 3D-printed case

Low Power Challenge: E-Paper Shelf Label Becomes Ultra-Frugal Clock

February 24, 2023 by 12 Comments

Over the past two decades, e-paper has evolved from an exotic and expensive display technology to something cheap enough to be used for supermarket price tags. While such electronic shelf labels are now easy to find, actually re-using them is often tricky due to a lack of documentation. Luckily, [Aaron Christophel] has managed to reverse engineer many types of shelf labels, and he’s demonstrated the results by turning one into an ultra-low-power clock called Triink. It’s based on a 128×296 pixel e-ink display paired with an nRF52832 BlueTooth Low-Energy SoC and uses just 65 micro-amperes on average: low enough to keep it running for more than a year on a single battery charge.

A PCB for an e-ink clock
Power on the left, e-ink on the right: the custom PCB is clever and compact, too

The clock is housed in an enclosure that’s simple but effective: a 3D-printed triangular prism with a slot for the screen and space for the 18650 lithium battery. One side can be opened to access the internal components, although that’s really only needed to charge the battery. You can see how cleverly everything snaps together in the video embedded below. Continue reading “Low Power Challenge: E-Paper Shelf Label Becomes Ultra-Frugal Clock”

Toroid Transformers Explained

February 24, 2023 by 34 Comments

HF radios often use toroidal transformers and winding them is a rite of passage for many RF hackers. [David Casler, KE0OG] received a question about how they work and answered it in a recent video that you can see below.

Understanding how a conventional transformer works is reasonably simple, but toroids often seem mysterious because the thing that makes them beneficial is also what makes them confusing. The magnetic field for such a transformer is almost totally inside the “doughnut,” which means there is little interaction with the rest of the circuit, and the transformer can be very efficient.

The toroid itself is made of special material. They are usually formed from powdered iron oxide mixed with other metals such as cobalt, copper, nickel, manganese, and zinc bound with some sort of non-conducting binder like an epoxy. Ferrite cores have relatively low permeability, low saturation flux density, and low Curie temperature. The powder also reduces the generation of eddy currents, a source of loss in transformers. Their biggest advantage is their high electrical resistivity, which helps reduce the generation of eddy currents.

If you haven’t worked through how these common little transformers work, [David]’s talk should help you get a grip on them. These aren’t just for RF. You sometimes see them in power supplies that need to be efficient, too. If you are too lazy to wind your own, there’s always help.

Continue reading “Toroid Transformers Explained”

Hackaday Podcast 207: Modular Furniture, Plastic Prosthetics, And Your Data On YouTube

February 24, 2023 by 6 Comments

Join Editor-in-Chief Elliot Williams and Managing Editor Tom Nardi as they explore the best and most interesting stories from the last week. The top story if of course the possibility that at least some of the unidentified flying objects the US Air Force valiantly shot down were in fact the work of amateur radio enthusiasts, but a quantitative comparison of NASA’s SLS mega-rocket to that of popular breakfast cereals is certainly worth a mention as well.

Afterwards the discussion will range from modular home furnishings to the possibility of using YouTube (or maybe VHS tapes) to backup your data and AI-generated Pong. Also up for debate are cheap CO2 monitors which may or may not be CO2 monitors, prosthetic limbs made from locally recycled plastic, and an answer to Jenny’s Linux audio challenge from earlier this month.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Download it your own bad self!

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 207: Modular Furniture, Plastic Prosthetics, And Your Data On YouTube”

Hunting For Space Pirates

February 24, 2023 by 14 Comments

Ever since the first artificial satellite was launched into orbit, radio operators around the world have been tuning in to their space-based transmissions. Sputnik 1 only sent back pulses of radio waves, but in the decades to follow ever more advanced radio satellites were put into service that could support two-way communications from Earth to space and back again.

Some of these early satellites were somewhat lacking in security, though, and have been re-purposed by various pirates around the world for their own ends. [Gabe] aka [saveitforparts] is here to show us how to hunt for those pirates and listen in on their radio traffic.

Pirates on these satellites have typically used them for illicit activities, and it is still illegal to use them for non-governmental or non-military purposes, so [Gabe] notes that he will only be receiving, not transmitting. The signals he is tuning in to are VHF transmissions, specifically around 220 MHz. That puts them easily within the reach of the RTL-SDR and common ham radio equipment, but since they are coming from space a more directional antenna is needed. [Gabe] quickly builds a Yagi antenna from scrap, tuned specifically to 255 MHz, and mounts it to an old remote-controlled security camera mount which allows him to point it exactly at the satellite and monitor transmissions.

From there he is able to pick up what looks like a few encrypted and/or digital transmissions, plus analog transmissions of likely pirates speaking a language he guesses to be Portuguese. He also hears what he thinks is a foreign TV broadcast, but oddly enough turns out to be NPR. These aren’t the only signals in space to tune to, either. There are plenty of purpose-built ham radio satellites available for any licensed person to use, and we’ve also seen this other RTL-SDR configured to snoop on Starlink signals.

Continue reading “Hunting For Space Pirates”

This Week In Security: GoDaddy, Joomla, And ClamAV

February 24, 2023 by 1 Comment

We’ve seen some rough security fails over the years, and GoDaddy’s recent news about a breach leading to rogue website redirects might make the highlight reel. The real juicy part is buried on page 30 of a PDF filing to the SEC.

Based on our investigation, we believe these incidents are part of a multi-year campaign by a sophisticated threat actor group that, among other things, installed malware on our systems and obtained pieces of code related to some services within GoDaddy.

That multi-year campaign appears to goes back to at least October 2019, when an SSH file was accessed and altered, leading to 28,000 customer SSH usernames and passwords being exposed. There was also a 2021 breach of the GoDaddy WordPress environment, that has been linked to the same group.

Reading between the lines, there may be an implication here that the attackers had an ongoing presence in GoDaddy’s internal network for that entire multi-year period — note that the quote above refers to a single campaign, and not multiple campaigns from the same actor. That would be decidedly bad.

Joomla’s Force Persuasion

Joomla has a critical vulnerability, CVE-2023-23752, which is a trivial information leak from a web endpoint. This flaw is present in all of the 4.x releases, up to 4.2.8, which contains the fix. The issue is the Rest API, which gives access to pretty much everything about a given site. It has an authentication component, of course. The bypass is to simply append ?public=true. Yes, it’s a good old “You don’t need to see his identification” force suggestion.

There’s even a PoC script that runs the request and spits out the most interesting data: the username, password, and user id contained in the data. It’s not quite as disastrous as that sounds — the API isn’t actually leaking the administrative username and password, or even password hash. It’s leaking the SQL database information. Though if your database is accessible from the Internet, then that’s pretty much as bad as it could be. Continue reading “This Week In Security: GoDaddy, Joomla, And ClamAV”

Answering Some Pico Balloon Questions

February 24, 2023 by 29 Comments

When the US Air Force shot down some suspected Chinese spy balloons a couple of weeks ago, it was widely reported that one of the targets might have been a much more harmless amateur radio craft. The so-called pico balloon K9YO was a helium-inflated Mylar balloon carrying a tiny solar-powered WSPR beacon, and it abruptly disappeared in the same place and time in which the USAF claimed one of their targets. When we coveredĀ  the story it garnered a huge number of comments both for and against the balloonists, so perhaps it’s worth returning with the views of a high-altitude-ballooning expert.

[Dave Akerman] has been sending things aloft for a long time now, we think he may have been one of the first to put a Raspberry Pi aloft back in 2012. In his blog post he attempts to answer the frequently asked questions about pico balloons, their legality, whether they should carry a beacon, and what the difference is between these balloons and the latex “weather balloon” type we’re familiar with. It’s worth a read, because not all of us are part of the high-altitude balloon community and thus it’s good to educate oneself.

Meanwhile, you can read our original report here.

Tiny Machine Learning On As Little As 2 KB Of RAM

February 24, 2023 by 6 Comments

All of the machine language stuff coming out lately doesn’t affect you if you are developing with embedded microcontrollers, right? Perhaps not. Microsoft Research India wants you to use their EdgeML tool to do machine learning tasks such as gesture recognition in tiny devices like an Arduino Uno. According to the developers, you might need as little as 2 KB of RAM. There’s no network connection required and the work is using Tensorflow underneath, so it is compatible with much of what you’ll find for bigger computers.

If you add processing power, you can get more capability. For example, one of the demonstrations is a wake-word recognizer on a Raspberry Pi Zero (although the page for that demo seems to be missing at the moment; try the GesturePod, instead).

The system generally uses Python, but there are efficient C++ implementations for selected algorithms. The code lives on GitHub. There are also a number of research papers about each tool that you can find on the GitHub page. There’s also a recent paper on MinUn, an attempt to make things even more efficient for ARM microcontrollers. In particular, MinUn can store approximate numbers to save space, allows for variable precision of tensors, and tries to reduce memory fragmentation, an important feature for CPUs that don’t have memory management units.

If you haven’t studied TensorFlow yet, start here. Why use something like this with a microcontroller? How about smarter robots?