Symmetrical Gear Spins One-Way, Harvesting Surrounding Chaos

August 30, 2024 by 12 Comments

Here’s a novel ratchet mechanism developed by researchers that demonstrates how a single object — in this case a gear shaped like a six-pointed star — can rectify the disordered energy of its environment into one-way motion.

5x speed video of gear in agitated water bath.

The Feynman–Smoluchowski ratchet has alternating surface treatments on the sides of its points, accomplished by applying a thin film layer to create alternating smooth/rough faces. This difference in surface wettability is used to turn agitation of surrounding water into a ratcheting action, or one-way spin.

This kind of mechanism is known as an active Brownian ratchet, but unlike other designs, this one doesn’t depend on the gear having asymmetrical geometry. Instead of an asymmetry in shape, there’s an asymmetry in the gear tooth surface treatments. You may be familiar with the terms hydrophobic and hydrophilic, which come down to a difference in surface wettability. The gear’s teeth having one side of each is what rectifies the chaotic agitation of the surrounding water into a one-way spin. Scaled down far enough, these could conceivably act as energy-harvesting micromotors.

Want more detail? The published paper is here, and if you think you might want to play with this idea yourself there are a few different ways to modify the surface wettability of an object. High voltage discharge (for example from a Tesla coil) can alter surface wettability, and there are off-the-shelf hydrophobic coatings we’ve seen used in art. We’ve even seen an unusual clock that relied on the effect.

Dual-Port RAM For A Simple VGA Card

August 30, 2024 by 7 Comments

Making microcontrollers produce video has long been a staple of hardware hacking, but as the resolution goes up, it becomes a struggle for less capable silicon. To get higher resolution VGA from an Arduino, [Marcin Chwedczuk] has produced perhaps the most bulletproof solution, to create dual-port RAM with the help of a static RAM chip and a set of 74-series bus transceivers, and let a hardware VGA interface take care of the display. Yes, it’s not a microcontroller doing VGA, but standalone VGA for microcontrollers.

Dual-port memory is a special type of memory with two interfaces than can independently be used to access the contents. It’s not cheap when bought in integrated form, so seeing someone making a substitute with off-the-shelf parts is certainly worth a second look. The bus transceivers are in effect bus-width latches, and each one hangs on to the state while the RAM chip services each in turn. The video card part is relatively straightforward, a set of 74 chips which produce the timings and step through the addresses, and a shift register to push out simple black or white pixel data as a rudimentary video stream. We remember these types of circuits being used back in the days of home made video terminals, and here in 2024 they still work fine.

The display this thing produces isn’t the most impressive picture, but it is VGA, and it does work. We can see this circuit being of interest to plenty of other projects having less capable processing power, in fact we’d say the challenge should lie in how low you can go if all you need is the capacity to talk 74-series logic levels.

Interested in 74-series VGA cards? This isn’t the first we’ve seen.

2024 Tiny Games Contest: Realistic Steering Wheel Joystick In Miniature

August 30, 2024 by 3 Comments

For racing games, flight simulators, and a few other simulation-style games, a simple controller just won’t do. You want something that looks and feels closer to the real thing. The major downsides to these more elaborate input methods is that they take up a large amount of space, requiring extra time for setup, and can be quite expensive as well. To solve both of these problems [Rahel zahir Ali] created a miniature steering wheel controller for some of his favorite games.

While there are some commercial offerings of small steering wheels integrated into an otherwise standard video game controller and a few 3D printed homebrew options, nothing really felt like a true substitute. The main design goal with this controller was to maintain the 900-degree rotation of a standard car steering wheel in a smaller size. It uses a 600P/R rotary encoder attached to a knob inside of a printed case, with two spring-loaded levers to act as a throttle and brake, as well as a standard joystick to adjust camera angle and four additional buttons. Everything is wired together with an Arduino Leonardo that sends the inputs along to the computer.

Now he’s ready to play some of his favorite games and includes some gameplay footage using this controller in the video linked below. If you’re racing vehicles other than cars and trucks, though, you might want a different type of controller for your games instead.

Continue reading “2024 Tiny Games Contest: Realistic Steering Wheel Joystick In Miniature”

Hackaday Podcast Episode 286: Showing Off SAOs, Hiding From HOAs, And Beautiful Byproducts

August 30, 2024 by 2 Comments

Even when the boss is away, the show must go on, so Dan slid back behind the guest mic and teamed up with Tom to hunt down the freshest of this week’s hacks. It was a bit of a chore, with a couple of computer crashes and some side-quests down a few weird rabbit holes, but we managed to get things together in the end.

Tune in and you’ll hear us bemoan HOAs and celebrate one ham’s endless battle to outwit them, no matter what the golf cart people say about his antennas. Are you ready to say goodbye to the magnetic stripe on your credit card? We sure are, but we’re not holding our breath yet. Would you 3D print a 55-gallon drum? Probably not, but you almost can with a unique Cartesian-polar hybrid printer. And, if you think running MS-DOS on a modern laptop is hard, guess again — or, maybe you just have to get really lucky.

We also took a look at a digital watch with a beautiful display, a hacked multimeter, modern wardriving tools, switchable magnets, and debate the eternal question of v-slot wheels versus linear bearings. And finally, you won’t want to miss our look at what’s new with 3D scanning, and the first installment of Kristina’s new “Boss Byproducts” series, which delves into the beauty of Fordite.

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Download the DRM-free MP3.

Continue reading “Hackaday Podcast Episode 286: Showing Off SAOs, Hiding From HOAs, And Beautiful Byproducts”

Is That Antenna Allowed? The Real Deal On The FCCs OTARD Rule

August 30, 2024 by 110 Comments

The Hackaday comments section is generally a lively place. At its best, it’s an endless wellspring of the combined engineering wisdom of millions of readers which serves to advance the state of the art in hardware hacking for all. At its worst — well, let’s just say that at least it’s not the YouTube comments section.

Unfortunately, there’s also a space between the best and the worst where things can be a bit confusing. A case in point is [Bryan Cockfield]’s recent article on a stealth antenna designed to skirt restrictions placed upon an amateur radio operator by the homeowners’ association (HOA) governing his neighborhood.

Hiding an antenna in plain sight.

Putting aside the general griping about the legal and moral hazards of living under an HOA, as well as the weirdly irrelevant side-quest into the relative combustibility of EVs and ICE cars, there appeared to be a persistent misapprehension about the reality of the US Federal Communications Commission’s “Over-the-Air Reception Devices” rules. Reader [Gamma Raymond] beseeched us to clarify the rules, lest misinformation lead any of our readers into the unforgiving clutches of the “golf cart people” who seem to run many HOAs.

According to the FCC’s own OTARD explainer, the rules of 47 CFR § 1.400 are intended only to prevent “governmental and nongovernmental restrictions on viewers’ ability to receive video programming signals” (emphasis added) from three distinct classes of service: direct satellite broadcasters, broadband radio service providers, and television broadcast services.

Specifically, OTARD prevents restrictions on the installation, maintenance, or use of antennas for these services within limits, such as dish antennas having to be less than a meter in diameter (except in Alaska, where dishes can be any size, because it’s Alaska) and restrictions on where antennas can be placed, for example common areas (such as condominium roofs) versus patios and balconies which are designated as for the exclusive use of a tenant or owner. But importantly, that’s it. There are no carve-outs, either explicit or implied, for any other kind of antennas — amateur radio, scanners, CB, WiFi, Meshtastic, whatever. If it’s not about getting TV into your house in some way, shape, or form, it’s not covered by OTARD.

It goes without saying that we are not lawyers, and this is not to be construed as legal advice. If you want to put a 40′ tower with a giant beam antenna on your condo balcony and take on your HOA by stretching the rules and claiming that slow-scan TV is a “video service,” you’re on your own. But a plain reading of OTARD makes it clear to us what is and is not allowed, and we’re sorry to say there’s no quarter for radio hobbyists in the rules. This just means you’re going to need to be clever about your antennas. Or, you know — move.

Online Game Becomes Unexpected PixelFlut

August 30, 2024 by 3 Comments

Blink and you could have missed it, but a viral sensation for a few weeks this summer was One Million Checkboxes, a web page with as you might expect, a million checkboxes. The cool thing about it was that it was interactive, so if you checked a box on your web browser, everyone else seeing that box also saw it being checked. You could do pixel art with it, and have some fun. While maintaining it, its author [eieio] noticed something weird, a URL was appearing in the raw pixel data. Had he been hacked? Investigation revealed something rather more awesome.

The display of checkboxes was responsive rather than fixed-width, on purpose to stop people leaving objectionable content. Any pixel arrangement would only appear as you made it to someone viewing with exactly the same width of checkboxes. But still, the boxes represented a binary bitfield, so of course people saw it and had fun hacking. The URLs appeared because they were ASCII encoded in the binary, and were left on purpose as a message to the developer inviting him to a forum.

On it he found a disparate group of teen hackers who’d formed a community having fun turning the game into their own version of a Pixelflut. If you’ve not seen the game previously, imagine a screen on which all pixels are individually addressable over the internet. Place it in a hackerspace or in the bar at a hacker camp, and of course the coders present indulge in a bit of competitive pixel-spamming to create a colorful and anarchic collaborative artwork. In this case as well as artwork they’d encoded the forum link in several ways, and had grown a thriving underground community of younger hackers honing their craft. As [eieio] did, we think this is excellent, and if any of the checkbox pixelflutters are reading this, we salute you!

Before he eventually took the site down he removed the rate limit for a while to let them really go to town, and predictably, they never gave up on the opportunity, and didn’t let him down.

Some people would call the activity discussed here antisocial, but in particular we agree with the final point in the piece. Young hackers like this don’t need admonishment, they need encouragement, and he’s done exactly the right thing. If you want to read more about Pixelflut meanwhile, we’ve been there before.

This Week In Security: The Rest Of The IPv6 Story, CVE Hunting, And Hacking The TSA

August 30, 2024 by 1 Comment

We finally have some answers about the Windows IPv6 vulnerability — and a Proof of Concept! The patch was a single change in the Windows TCP/IP driver’s Ipv6pProcessOptions(), now calling IppSendError() instead of IppSendErrorList(). That’s not very helpful on its own, which is why [Marcus Hutchins]’s analysis is so helpful here. And it’s not an easy task, since decompiling source code like this doesn’t give us variable names.

The first question that needs answered is what is the list in question? This code is handling the option field in incoming IPv6 packets. The object being manipulated is a linked list of packet structs. And that linked list is almost always a single member list. When calling IppSendErrorList() on a list with a single member, it’s functionally equivalent to the IppSendError() in the fixed code. The flaw must be in the handling of this list with multiple members. The only way to achieve that criteria is to send a lot of traffic at the machine in question, so it can’t quite keep up with processing packets one at a time. To handle the high throughput, Windows will assemble incoming packets into a linked list and process them in batch.

So what’s next? IppSendErrorList(), takes a boolean and passes it on to each call of IppSendError(). We don’t know what Microsoft’s variable name is, but [Marcus] is calling it always_send_icmp, because setting it to true means that each packet processed will generate an ICMP packet. The important detail is that IppSendError() can have side effects. There is a codepath where the packet gets reverted, and the processing pointer is set back to the beginning of the packet. That’s fine for the first packet in the list, but because the function processes errors on the entire list of packets, the state of the rest of those packets is now much different from what is expected.

This unexpected but of weirdness can be further abused through IPv6 packet fragmentation. With a bit of careful setup, the reversion can cause a length counter to underflow, resulting in data structure corruption, and finally jumping code execution into the packet data. That’s the Remote Code Execution (RCE). And the good news, beyond the IPv6-only nature of the flaw, is that so far it’s been difficult to actually pull the attack off, as it relies on this somewhat non-deterministic “packet coalescing” technique to trigger the flaw.

Continue reading “This Week In Security: The Rest Of The IPv6 Story, CVE Hunting, And Hacking The TSA”