This Week In Security: NPM Vandalism, Simulating Reboots, And More

January 14, 2022 by 33 Comments

We’ve covered quite a few stories about malware sneaking into NPM and other JavaScript repositories. This is a bit different. This time, a JS programmer vandalized his own packages. It’s not even malware, perhaps we should call it protestware? The two packages, colors and faker are both popular, with a combined weekly download of nearly 23 million. Their author, [Marak] added a breaking update to each of them. These libraries now print a header of LIBERTY LIBERTY LIBERTY, and then either random characters, or very poor ASCII art. It’s been confirmed that this wasn’t an outside attacker, but [Marak] breaking his own projects on purpose. Why?

It seems like this story starts back in late 2020, when [Marak] lost quite a bit in a fire, and had to ask for money on Twitter. Edit: Thanks to commenter [Jack Dansen] for pointing out an important detail that was missing. Marak was charged for reckless endangerment, and was suspected for possible terrorism aspirations, as bomb-making materials were found in his burned-out apartment. Two weeks later, he tweeted that billions were being made off open source devs’ work, citing a FAANG leak. FAANG is a reference to the big five American tech companies: Facebook, Apple, Amazon, Netflix, and Google. The same day, he opened an issue on Github for faker.js, throwing down an ultimatum: “Take this as an opportunity to send me a six figure yearly contract or fork the project and have someone else work on it.”
Continue reading “This Week In Security: NPM Vandalism, Simulating Reboots, And More”

Game Boy Becomes Super Game Boy With A Pair Of Pis

January 14, 2022 by 13 Comments

For the Nintendo aficionados of the 90s, the Super Game Boy was a must-have cartridge for the Super Nintendo which allowed gamers to play Game Boy games on your TV. Not only did it allow four-color dot-matrix gaming on the big screen, but it let you play those favorite Game Boy titles without spending a fortune on AA batteries. While later handhelds like the PSP or even Nintendo Switch are able to output video directly to TVs without issue, the original Game Boy needed processing help from an SNES or, as [Andy West] shows us, it can also get that help from a modern microcontroller.

Testing the design before installing it in the NES case.

The extra processing power in this case comes from a Raspberry Pi Pico which is small enough to easily fit inside of a donor NES case and also powerful enough to handle the VGA directly. For video data input, the Pico is connected to the video pins on the Game Boy’s main board through a level shifter. The main board is also connected to a second Pico which handles the controller input from an NES controller. Some fancy conversion needed to be done at this point because although the controller layouts are very similar, they are handles by the respective consoles completely differently.

With all of the technical work largely out of the way, [Andy] was able to put the finishing touches on the build. These included making sure the power buttons, status LEDs, and reset button all functioned, and restoring the NES case complete with some custom “Game Guy” graphics to match the original design of the Game Boy. We commend the use of original Game Boy hardware in this build as well, which even made it possible for [Andy] and his wife to play a head-to-head game of Dr. Mario through a link cable with another Game Boy. If you’re looking for a simpler way of playing on original hardware without burning a hole in your wallet buying AA batteries, take a look at this Game Boy restoration which uses a Lithium battery instead.

Continue reading “Game Boy Becomes Super Game Boy With A Pair Of Pis”

This DIY Microscope Design Is All Wet

January 14, 2022 by 5 Comments

[Robert Murray-Smith] wanted to recreate how some ancient microscopes worked: with a drop of water as a lens. The idea is that the meniscus of a drop of water will work as a lens. This works because of surface tension and by controlling the attraction of the water to the surface,  you can actually form convex and concave surfaces.

What’s interesting is that this doesn’t require a lot of equipment. Some plastic, a hole punch, some pens, a flashlight, and some other odds and ends. Then it’s just a matter of grabbing some puddle water and examining the critters inside. Of course, with a single lens, these are more properly magnifying glasses. Some claim that people in China built such instruments thousands of years ago. [Robert] mentions [Antonie van Leeuwenhoek] as the father of the microscope, although he wasn’t the first to build such a device. He did create amazing glass lenses using a method he kept secret but has been worked out using modern science.

It is hard to see much through the camera, but it clearly was magnifying. Not a bad little rainy day kid’s project since you probably have everything you need on hand. We wonder what other readily-available things you could image with a device like this.

Of course, if you want to build a real microscope, the designs are out there. You can even make one using — mostly — LEGO.

Continue reading “This DIY Microscope Design Is All Wet”

Pico Does PID

January 13, 2022 by 23 Comments

If you wanted to, say, control a temperature you might think you could just turn on a heater until you reach the desired temperature and then turn the heater off. That sort of works, but it is suboptimal — you’ll tend to overshoot the goal and then as the system cools down, you’ll have to catch up and the result is often a system that oscillates around the desired value but never really settles on the correct temperature. To solve that, you can use a PID — proportional integral derivative — loop and that’s what [veebch] has done with a Rasberry Pi PICO and Micropython.

The idea is to control an output signal based on the amount of difference between the actual temperature and the desired temperature (the proportional error). In addition, the amount is adjusted based on the long term error (integral) and any short term change (the derivative). You can also see a video about using the control loop to make a better sous vide burger, below. Continue reading “Pico Does PID”

Microwave Sampler Is Like Time Domain Mixer

January 13, 2022 by 17 Comments

[Gregory] is building some microwave gear and wanted to convert a 3.3 GHz signal to a 12 MHz intermediate frequency. You might think of using a mixer, but you’d need a local oscillator of nearly 3.3 GHz which is not only hard to build, but also will be very close to the signal of interest which is not a great idea. Instead, [Gregory] opted for a sampler, which uses an effect you usually try to avoid — aliasing — to allow downconversion with a much smaller local oscillator. You can see the design in the video below.

In the case of converting 3.3 GHz to 12 MHz, the local oscillator is around 100 MHz. How does that work? Watch the video and find out. The final project will triple the 3.3 GHz signal and we presume the 12 MHz downconvert is to easily phase lock the frequency using a PLL (phase-locked loop).

Continue reading “Microwave Sampler Is Like Time Domain Mixer”

Soviet-Era Auto Dialler Uses Magnetic Rope Core Memory

January 13, 2022 by 12 Comments

We’ve seen a few interesting magnetic core memories on these fine pages over the years, but we don’t recall seeing too many user programmable magnetic core memory devices. This interesting Russian telephone auto dialer in its day would have been a very useful device, capable of storing and dialing forty user programmable 7-digit numbers. [mikeselectricstuff] tore into one (video, embedded below), and found some very interesting tech. For its era, this is high technology stuff. Older Russian tech has a reputation for incredibly ingenious use of older parts, that can’t be denied. After all, if it works, then there’s no need to change it. But anyway, what’s interesting here is how the designers decided to solve the problem of programming and recalling of numbers, without using a microprocessor, by using discrete logic and core rope memory.

This is the same technology used by the Apollo Guidance Computer, but in a user configurable form, and obviously much smaller storage capacity. The core array consists of seven, four-bit words, one word per telephone digit, which will be read out sequentially bottom to top. The way you program your number is to take your programming wire, insert it into the appropriate hole (one row related to numbers 1-20, the other row is shifted 1-20 for the second bank) and thread it along the cores in a weave type pattern. Along the way, the wire is passed through or bypasses a particular core, depending upon the digit you are coding for. They key for this encoding is written on the device’s lid. At the end, you then need to terminate the wire in the matching top connector, to allow the circuit to be completed.

As far as we can tell, the encoding is a binary sequence, with a special ‘stop’ code to indicate telephone numbers with less than seven digits. We shall leave further analysis to interested parties, and just point you at the Original manufacturer schematics. Enjoy!

Of course we’re not just going to mention rope core memory and the AGC without linking to a fantastic article about the very same, and if that’s wetting your appetite for making a rope core memory, here’s a little thing about that too!

Continue reading “Soviet-Era Auto Dialler Uses Magnetic Rope Core Memory”

Ride-on Tracked Vehicle Is A Stout Metal Build

January 13, 2022 by 17 Comments

When we think of tracked vehicles, we normally think of tanks, or perhaps heavy construction machinery. Meanwhile the average member of the public is left out of the fun. [Bob] of [Making Stuff] won’t be one of them, however, having put together a ride-on tracked vehicle for his own enjoyment.

The machine is welded together from plenty of steel, making it more than tough enough to soak up the punishment of off-road duty. The design features four suspended buggy wheels on either side running inside rubber tracks, with a cogged drive wheel at the front. Propulsion is thanks to a 440 cc DuroMax engine good for a full 18 horsepower and 26 ft-lbs of torque, driving the tracks through a differential mounted up front.

The design has one major issue at the moment. The heavy engine is mounted ahead of the front wheel inside the tracks, which means the vehicle wants to nosedive at the slightest provocation. Such an event would be highly uncomfortable for the rider, so mods are needed, either by scooching the engine back a little or pushing the wheels forward.

We look forward to seeing [Bob] fix the issues and get the machine driving soon. We’ve seen other tracked builds before, too – often on the smaller scale. Video after the break.

Continue reading “Ride-on Tracked Vehicle Is A Stout Metal Build”