Making A Wall Power Adapter For A Digital Camera

November 3, 2011 by 20 Comments

Instructables user [txoof] was unhappy with the fact that Olympus didn’t manufacture a wall power adapter for the E-510 camera and decided to do something about it. The resulting new power adapter is described in this article. What it amounts to is a fake battery pack made out of plywood.

A 2.5mm DC power adapter is attached as seen in the picture above and the fake battery contacts are made with a thin brass or steel plate. According to the article, a steel soda can or bean tin works well for this.  Google sketchup with the slicer plugin is used to make slices of wood to be glued together in a “battery” shape.  Alternatively, something like this would be a good project for a 3D printer or CNC router.

Although there is nothing that revolutionary about this hack, it solves a problem that many people have with cameras or other electronics without a readily available wall power supply. This can be especially evident when trying to do time-lapse photography or other activities that need a long time span. For another hacked-together wooden camera project, check out this remote trigger built using plywood and air freshener components.

Remove Wall Plugs Fast With A Custom Tool

April 18, 2024 by 40 Comments

The best thing about buying your own home is that you can hang things on the walls. It’s a human right all too often denied to renters the world over. Regardless, five years later, when you’re doing the mandatory minimalist remodel, you’ll be ruing the day you put in all those wall anchors. At that point, consider removing them with this nifty tool from [XDIY with Itzik].

The design aims to remove wall anchors as cleanly as possible. It’s easiest to watch the video to get the idea of how it works.

The tool features a block which holds a bearing. That bearing acts as a rotating stop for a wood screw. The idea is that you place the block against the wall, and use a power drill to drive a wood screw into the anchor at high speed. The screw can’t move forward, so the threads basically yank the plug out of the wall, and relatively neatly at that. Once removed, there’s a little push stopper you can use to hold the old plug in place as you remove the wood screw from the device, ready to go again.

[Itzik] demonstrates the device by removing ten wall plugs in just 40 seconds. If you’ve got a lot to do, or it’s a job you do regularly, you might like to have this tool in your kit.

Oftentimes, having the right tool can make a job ten times faster, and this seems like one of those cases. Video after the break.

Continue reading “Remove Wall Plugs Fast With A Custom Tool”

A standard-compliant MXM card installed into a laptop, without heatsink

MXM: Powerful, Misused, Hackable

April 18, 2024 by 23 Comments

Today, we’ll look into yet another standard in the embedded space: MXM. It stands for “Mobile PCI Express Module”, and is basically intended as a GPU interface for laptops with PCIe, but there’s way more to it – it can work for any high-power high-throughput PCIe device, with a fair few DisplayPort links if you need them!

You will see MXM sockets in older generations of laptops, barebones desktop PCs, servers, and even automotive computers – certain generations of Tesla cars used to ship with MXM-socketed Nvidia GPUs! Given that GPUs are in vogue today, it pays to know how you can get one in low-profile form-factor and avoid putting a giant desktop GPU inside your device.

I only had a passing knowledge of the MXM standard until a bit ago, but my friend, [WifiCable], has been playing with it for a fair bit now. On a long Discord call, she guided me through all the cool things we should know about the MXM standard, its history, compatibility woes, and hackability potential. I’ve summed all of it up into this article – let’s take a look!

This article has been written based on info that [WifiCable] has given me, and, it’s also certainly not the last one where I interview a hacker and condense their knowledge into a writeup. If you are interested, let’s chat!

Continue reading “MXM: Powerful, Misused, Hackable”

This Week In Security: Peering Through The Wall, Apple’s GoFetch, And SHA-256

March 29, 2024 by 1 Comment

The Linux command wall is a hold-over from the way Unix machines used to be used. It’s an abbreviation of Write to ALL, and it was first included in AT&T Unix, way back in 1975. wall is a tool that a sysadmin can use to send a message to the terminal session of all logged-in users. So far nothing too exciting from a security perspective. Where things get a bit more interesting is the consideration of ANSI escape codes. Those are the control codes that moves the cursor around on the screen, also inherited from the olden days of terminals.

The modern wall binary is actually part of util-linux, rather than being a continuation of the old Unix codebase. On many systems, wall runs as a setgid, so the behavior of the system binary really matters. It’s accepted that wall shouldn’t be able to send control codes, and when processing a message specified via standard input, those control codes get rejected by the fputs_careful() function. But when a message is passed in on the command line, as an argument, that function call is skipped.

This allows any user that can send wall messages to also send ANSI control codes. Is that really a security problem? There are two scenarios where it could be. The first is that some terminals support writing to the system clipboard via command codes. The other, more creative issue, is that the output from running a binary could be overwritten with arbitrary text. Text like:
Sorry, try again.
[sudo] password for jbennett:

You may have questions. Like, how would an attacker know when such a command would be appropriate? And how would this attacker capture a password that has been entered this way? The simple answer is by watching the list of running processes and system log. Many systems have a command-not-found function, which will print the failing command to the system log. If that failing command is actually a password, then it’s right there for the taking. Now, you may think this is a very narrow attack surface that’s not going to be terribly useful in real-world usage. And that’s probably pretty accurate. It is a really fascinating idea to think through, and definitively worth getting fixed. Continue reading “This Week In Security: Peering Through The Wall, Apple’s GoFetch, And SHA-256”

Building Nanoleaf-Inspired Wall Panels That Look Great

January 28, 2024 by 12 Comments

Nanoleaf is well-known as being that company that makes those lovely glowing tiles that you can hang on your wall. The only thing is, they’re not cheap. So if you want a really cool layout, you have to spend a great amount of money. [Projects with Red] was inspired by the basic concept, though, and whipped up their own gem-shaped wall tiles along similar lines.

The devices can work as a big clock if you so desire.

The irregular hexagon shape of each gem has ten connection points to attach the segments together. Physical connections are made using the 3D printed housings of each segment, while connections are simply made with wires and connectors hanging out the back for flexibility.

Each segment features a black printed housing with a solid lid and a translucent acrylic sheet to act as a diffuser. An addressable LED strip is mounted to the lid for illumination, with Dupont connectors for hooking them up to power and data. An ESP32 is used to drive the addressable LED chain, running the WLED.me software for easy control of the lights and animations. The video below also explains how to configure the segments into a giant colorful 7-segment display.

It’s a neat way to build some LED wall art, with plenty of scope to reconfigure it to suit your own needs. We’ve seen some other fun LED tile projects before, too.
Continue reading “Building Nanoleaf-Inspired Wall Panels That Look Great”

How To Build A Small Solar Power System

December 30, 2023 by 41 Comments

We live in an exciting time with respect to electrical power, one in which it has never been easier to break free from mains electricity, and low-frequency AC power in general. A confluence of lower-power appliances and devices using low-voltage external switch-mode supplies, readily available solar panels and electronic modules, and inexpensive high-capacity batteries, means that being your own power provider can be as simple as making an online order.

But which parts should you choose? Low Tech Magazine has the answer, in the form of a guide to building a small solar power system. The result is an extremely comprehensive guide, and though it’s written for a general audience there’s still plenty of information for the Hackaday reader.

Perhaps the most important part is that it’s demystifying the subject, there in front of us are a set of pretty straightforward recipes for personal power. The computer this is being written on spends a significant proportion of its time on the road with the ever-present company of a very hefty USB-C power pack for example, and the realization that a not-too-expensive solar panel and USB PD source could lessen the range anxiety and constant search for a train seat with a socket for a writer on the move is quite a powerful one.

Take a look and see whether your life could use bit of inexpensive off-grid power, meanwhile we’re quite pleased that the USB-C PD standard has eased some of the DC problems we expressed frustration at back in 2016.

This Week In Security: Browser Exploits, Play Protect, And Turn ON Your Firewall!

October 20, 2023 by 5 Comments

Google Chrome has done a lot of work on JavaScript performance, pushing the V8 engine to more and more impressive feats. Recently, that optimization has one more piece, the Maglev compiler, which sits between Sparkplug and TurboFan, as a mid-tier optimization step. With a Just In Time (JIT) system, the time saving of code optimization steps has to be carefully weighed against the time costs, and Maglev is another tool in that endless hunt for speed. And with anything this complicated, there’s the occasional flaw found in the system. And of course, because we’re talking about it here, it’s a security vulnerability that results in Remote Code Execution (RCE).

The trick is to use Maglev’s optimization against it. Set up a pair of classes, such that B extends A. Calling new B() results in an attempt to use the constructor from A. Which works, because the compiler checks to make sure that the constructors match before doing so. There’s another way to call a constructor in JS, something like Reflect.construct(B, [], Array);. This calls the B constructor, but indicates that the constructor should return an Array object. You may notice, there’s no array in the A class below. Tricking the compiler into using the parent class constructor in this fashion results in the array being uninitialized, and whatever happens to be in memory will set the length of the array. Continue reading “This Week In Security: Browser Exploits, Play Protect, And Turn ON Your Firewall!”