Every now and then we’ll see a 3D printer that can print an entire house out of concrete or print an entire rocket out of metal. But usually, for our budget-friendly hobbyist needs, most of our 3D printers will be printing small plastic parts. If you have patience and a little bit of salt water, though, take a look at this 3D printer which has been modified to cut parts out of any type of metal, built by [Morlock] who has turned a printer into a 5-axis CNC machine.
Of course, this modification isn’t 3D printing metal. It convers a 3D printer’s CNC capabilities to turn it into a machining tool that uses electrochemical machining (ECM). This process removes metal from a work piece by passing an electrode over the metal in the presence of salt water to corrode the metal away rapidly. This is a remarkably precise way to cut metal without needing expensive or heavy machining tools which uses parts that can easily be 3D printed or are otherwise easy to obtain. By using the 3D printer axes and modifying the print bed to be saltwater-resistant, metal parts of up to 3 mm can be cut, regardless of the type of metal used. [Morlock] also added two extra axes to the cutting tool, allowing it to make cuts in the metal at odd angles.
Using a 3D printer to perform CNC machining like this is an excellent way to get the performance of a machine tool without needing to incur the expense of one. Of course, it takes some significant modification of a 3D printer but it doesn’t need the strength and ridigity that you would otherwise need for a standard CNC machine in order to get parts out of it with acceptable tolerances. If you’re interested in bootstraping one like that using more traditional means, though, we recently featured a CNC machine that can be made from common materials and put together for a minimum of cost.
As most anyone in this community knows, there’s an excellent chance that any consumer product on the market that’s advertised as “smart” these days probably has some form of Linux running under the hood. We’re also keenly aware that getting companies to hold up their end of the bargain when it comes to using Linux and other GPL licensed software in their products, namely releasing their modified source, isn’t always as cut and dried as it should be.
Occasionally these non-compliant companies will get somebody so aggravated that they actually try to do something about it, which is where smart TV manufacturer Vizio currently finds itself. The Software Freedom Conservancy (SFC) recently announced they’re taking the Irvine, California based company to court over their repeated failures to meet the requirements of the GPL while developing their Linux-powered SmartCast TV firmware. In addition to the Linux kernel, the SFC also claims Vizio is using modified versions of various other GPL and LGPL protected works, such as U-Boot, bash, gawk, tar, glibc, and ffmpeg.
According to the SFC press release, the group isn’t looking for any monetary damages. They simply want Vizio to do what’s required of them as per the GPL and release the SmartCast source code, which they hope will allow for the development of an OpenWrt-like replacement firmware for older Vizio smart TVs. This is particularly important as older models will often stop receiving updates, and in many cases, will no longer be able to access all of the services they were advertised as being able to support. Clearly the SFC wants this case to be looked at as part of the larger Right to Repair debate, and given the terrible firmware we’ve seen some of these smart TVs ship with, we’re inclined to agree.
Now of course, we’ve seen cases like this pop up in the past. But what makes this one unique is that the SFC isn’t representing one of the developers who’s software has been found to be part of Vizio’s SmartCast, they’re actually the plaintiff. By taking the position of a consumer who has purchased a Vizio product that included GPL software, the SFC is considered a third-party beneficiary, and they are merely asking the court to be given what’s due to them under the terms of the license.
As firm believers in the open source movement, we have zero tolerance for license violators. Vizio isn’t some wide-eyed teen, randomly copying code they found from GitHub without understanding the implications. This is a multi-billion dollar company that absolutely should know better, and we’ll be happy to see them twist in the wind a bit before they’re ultimately forced to play by the rules.
[Ivan Miranda] comes from a land where the shops close on Sundays. Thus, when he found himself in need of a cutting blade, he realised he would have to build his own, or simply wait. He elected to do the former, and we get to enjoy the journey. (Video, embedded below.)
His first attempt was to cut a wooden plank with a 3D-printed cutting blade fitted to a mitre saw. After setting up the mitre saw to cut while he was at a safe distance, [Ivan] elected to test the blade. Alas, it simply melted, and the wood was barely scratched, so [Ivan] went back to the drawing board.
His second attempt was to CNC mill an aluminium blade, which was a full 6 mm thick. The saw needed some modifications to the saw to fit properly, but it was able to cut wood without major drama!
Returning to the 3D-printed concept, [Ivan] suspected reducing the surface speed of the cutting disc could reduce friction-induced heating. This would allow the 3D-printed blade to cut wood without melting, in theory. To achieve this, he built his own basic drop saw using a steel frame and a brushless motor. With a little water spray, and careful control of speed and pressure, the blade was able to slowly chew through a plank of wood. Afterwards, the teeth were almost completely worn down.
The fact is, 3D-printed blades are usually going to be too soft to do any real useful work. However, it’s fun to watch, and that’s good enough for us. If you want something more useful though, consider building your own knives.
Hackaday editors Mike and Elliot Williams catch up on a week’s worth of hacks. It turns out there are several strange radio bands that don’t require a license, and we discuss this weekend’s broadcast where you can listen in. It’s unlikely you’ve ever seen the website check-box abused quite like this: it’s the display for playing Doom! Just when you thought you’d seen all the ESP32’s tricks it gets turned into a clock styled after Out Run. Mike geeks out over how pianos work, we’re both excited to have Jeremy Fielding giving a Keynote talk at Remoticon, and we wrap things up with a chat about traffic rules in space.
Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!
What’s round, has what looks like a vacuum tube in the center, and was made in the 1950s by HP? We don’t know either, but [The Signal Path] restored one and shows us this mystery instrument in a recent video that you can see below. We aren’t going to spoil the surprise over what the device is, but we will share that he does reveal what it is very early in the video, so there’s not much of a tease.
We will, however, give you a few hints. Looking at it, you can guess that it is meant for high voltage use and, in fact, it is rated for up to 25 kV. We’ll also drop the hint that it is made for use with AC, not DC. The shape of the plug at the end of the wire is also a clue, we think.
There isn’t much inside the unusual round case (another clue, by the way), but there are some vintage parts we haven’t seen in quite awhile. One last clue: Why is there a metal rod and ball sticking out of one side of the device?
Honestly, the insides are a bit underwhelming so unlike some teardown videos we’ve seen, the real star of this video is the unusual device more so than its inner workings. If you have a hankering for a more sophisticated HP exploration, check out the HP3458A repair we covered earlier. Or go old school and peek inside an HP 150A.
The government of Argentina has a national ID card system, and as a result maintains a database containing data on every citizen in the country. What could possibly go wrong? Predictably, an attacker has managed to gain access to the database, and is offering the entire dataset for sale. The Argentinian government has claimed that this wasn’t a mass breach, and only a handful of credentials were accessed. This seems to be incorrect, as the seller was able to provide the details of an arbitrary citizen to the journalists investigating the story.
Patch Tuesday
Microsoft has released their monthly round of patches for October, and there are a couple doozies. CVE-2021-40486 is an RCE in Microsoft Word, and this flaw can trigger via the preview pane. CVE-2021-38672 and CVE-2021-40461 are both RCE vulnerabilities in Hyper-V. And finally, CVE-2021-40449 is a privilege upgrade actively being used in the wild, more on that in a moment. Oh, and you thought the Print Nightmare was over? CVE-2021-36970 is yet another print spooler vulnerability. The unfortunate thing about the list of Microsoft vulnerabilities is that there is hardly any information available about them.
On the other hand, Apple just patched CVE-2021-30883, a 0-day that’s being actively exploited in iOS. With the release of the fix, [Saar Amar] has put together a very nice explanation of the bug with PoC. It’s a simple integer overflow when allocating a buffer, leading to an arbitrary memory write. This one is particularly nasty, because it’s not gated behind any permissions, and can be triggered from within app sandboxes. It’s being used in the wild already, so go update your iOS devices now.
Kaspersky brings us a report on a CVE-2021-40449 being used in the wild. It’s part of an attack they’re calling MysterySnail, and seems to originate from IronHusky out of China. The vulnerability is a use-after-free, and is triggered by making a the ResetDC API call that calls its own callback. This layer of recursive execution results in an object being freed before the outer execution has finished with it.
Since the object can now be re-allocated and controlled by the attacker code, the malformed object allows the attacker to run their code in kernel space, achieving privilege escalation. This campaign then does some data gathering and installs a Remote Access Trojan. Several Indicators of Compromise are listed as part of the write-up.
Off to the Races
Google’s Project Zero is back with a clever Linux Kernel hack, an escalation of privilege triggered by a race condition in the pseudoterminal device. Usually abbreviated PTY, this kernel device can be connected to userspace applications on both ends, making for some interesting interactions. Each end has a struct that reflects the status of the connection. The problem is that TIOCSPGRP, used to set the process group that should be associated with the terminal, doesn’t properly lock the terminal’s internal state.
As a result, calling this function on both sides at the same time is a race condition, where the reference count can be corrupted. Once the reference count is untrustworthy, the whole object can be freed, with a dangling pointer left in the kernel. From there, it’s a typical use-after-free bug. The post has some useful thoughts about hardening a system against this style of attack, and the bug was fixed December 2020.
AI vs Pseudorandom Numbers
[Mostafa Hassan] of the NCC Group is doing some particularly fascinating research, using machine learning to test pseudorandom number generators. In the first installment, he managed to break the very simple xorshift128 algorithm. Part two tackles the Mersenne Twister, which also falls to the neural network. Do note that neither of these are considered cryptographic number generators, so it isn’t too surprising that a ML model can determine their internal state. What will be most interesting is the post to come, when he tackles other algorithms thought to be secure. Watch for that one in a future article.
L0phtcrack Becomes Open Source
In a surprise to me, the L0phtcrack tool has been released as open source. L0phtcrack is the password cracking/auditing tool created by [Mudge] and company at L0pht Heavy Industries, about a billion years ago. Ownership passed to @stake, which was purchased by Symantec in 2004. Due to export regulations, Symantec stopped selling the program, and it was reacquired by the original L0pht team.
In April 2020, Terahash announced that they had purchased rights to the program, and began selling and supporting it as a part of their offerings. Terahash primarily builds GPU based cracking hardware, and has been hit exceptionally hard by the chip shortage. As a result of Terahash entering bankruptcy protection, the L0phtcrack ownership has reverted back to L0pht, and version 7.2.0 has been released as Open Source.
In a surprise to me, 
