Automate The Freight: Drones Across The Sea

April 20, 2017 by 105 Comments

When you think about which of the many technological advances of the 20th century had the most impact on the global economy, which one would you rank as the most important? Would it be the space program, which gave rise to advances in everything from communications satellites to advanced composite materials? Or would it be the related aerospace industry, which stitched the world together so tightly that you can be almost anywhere on the planet within 24 hours? Or perhaps it’s the Internet, the global platform for buying almost anything from almost anyone.

Those are all important, but for the most economically impactful technology of the 20th century, I’d posit that the lowly shipping container and the containerized cargo industry that grew around it win, hands down.

Continue reading “Automate The Freight: Drones Across The Sea”

A Wordsearch Twist On The Word Clock

March 16, 2017 by No comments

We love seeing new takes on existing ideas, and [Danny] certainly took the word clock concept in an unusual direction with his Wordsearch Clock. Instead of lighting up words to spell out the time, [Danny] decided to embrace the fact that the apparent jumble of letters on the clock face resembles a word search puzzle.

In a word search puzzle, words can be found spelled forward or backward with letters lined up horizontally, diagonally, or vertically. All that matters is that the correct letters are in a line and sequentially adjacent to one another. [Danny]’s clock lights up the correct letters and words one after the other, just as if it were solving a word search puzzle for words that just happen to tell the correct time. You can see it in action in the video, embedded below.

[Danny] went the extra mile in the planning phase. After using a word search puzzle generator tool to assist in designing the layout, he wrote a Processing sketch to simulate the clock’s operation. Visually simulating the clock allowed him to make tweaks to the layout, identify edge cases to address, and gain insight into the whole process. If you’re interested in making your own, there is a GitHub repository for the project.

Continue reading “A Wordsearch Twist On The Word Clock”

Cloudbleed — Your Credentials Cached In Search Engines

February 24, 2017 by 25 Comments

In case you are still wondering about the SHA-1 being broken and if someone is going to be spending hundreds of thousands of dollars to create a fake Certificate Authority and sniff your OkCupid credentials, don’t worry. Why spend so much money when your credentials are being cached by search engines?… Wait, what?

A serious combination of bugs, dubbed Cloudbleed by [Tavis Ormandy], lead to uninitialized memory being present in the response generated by the reverse proxies and leaked to the requester. Since these reverse proxies are shared between Cloudflare clients, this makes the problem even worst, since random data from random clients was leaking. It’s sort of like Heartbleed for HTTP requests. The seriousness of the issue can be fully appreciated in [Tavis] words:

“The examples we’re finding are so bad, I cancelled some weekend plans to go into the office on Sunday to help build some tools to cleanup. I’ve informed cloudflare what I’m working on. I’m finding private messages from major dating sites, full messages from a well-known chat service, online password manager data, frames from adult video sites, hotel bookings. We’re talking full https requests, client IP addresses, full responses, cookies, passwords, keys, data, everything.”

sexAccording to Cloudflare, the leakage can include HTTP headers, chunks of POST data (perhaps containing passwords), JSON for API calls, URI parameters, cookies and other sensitive information used for authentication (such as API keys and OAuth tokens). An HTTP request to a Cloudflare web site that was vulnerable could reveal information from other unrelated Cloudflare sites.

Adding to this problem, search engines and any other bot that roams free on the Internet, could have randomly downloaded this data. Cloudflare released a detailed incident report explaining all the technicalities of what happened and how they fixed it. It was a very quick incident response with initial mitigation in under 47 minutes. The deployment of the fix was also quite fast. Still, while reading the report, a sense that Cloudflare downplayed this issue remains. According to Cloudflare, the earliest date that this problem could have started is 2016-09-22 and the leak went on until 2017-02-18, five months, give or take.

Just to reassure the readers and not be alarmist, there is no evidence of anyone having exploiting what happened. Before public exposure, Cloudflare worked in proximity with search engines companies to ensure memory was scrubbed from search engine caches from a list of 161 domains they had identified. They also report that Cloudflare has searched the web (!), in sites like Pastebin, for signs of leaks and found none.

On the other hand, it might be very well impossible to know for sure if anyone has a chunk of this data cached away somewhere in the aether. It’s impossible to know. What we would really like to know is: does [Tavis] get the t-shirt or not?

Pumping Up An Antenna From A Stream Of Sea Water

January 9, 2017 by 31 Comments

Our Hackaday readership represent a huge breadth of engineering experience and knowledge, and we get a significant number of our story tips from you. For instance, today we are indebted to [sonofthunderboanerges] for delivering us a tip in the comment stream of one of our posts, detailing an antenna created by coupling RF into a jet of sea water created with a pump. It’s a few years old so we’re presenting it as an object of interest rather than as a news story, but it remains a no less fascinating project for that.

The antenna relies on the conductivity of sea water to view a jet of water as simply another conductor to which RF can be coupled. The jet is simply adjusted by altering the flow rate until it is a quarter wavelength long at the desired frequency, at which point it is a good analogue of a metal whip antenna. The RF is coupled at the base by a ferrite cored transformer that clips around the nozzle ejecting the water, and a bandwidth from 2MHz to 400MHz is claimed. If you work with RF you will probably wince at the sight of salt water coming near the RF connector, as we did.

The advantage of the system is that it allows antennas of multiple frequencies to be created at very short notice and using very little space or weight when not in use. The creator of the antenna at the US Navy’s SPAWAR technology organization points to its obvious application on Navy warships. Whether or not the sailors are using these antennas now isn’t clear, but one thing’s for certain, the idea hasn’t gone away. Early last year Popular Mechanics reported on a similar project under way courtesy of Mitsubishi, in Japan.

Continue reading “Pumping Up An Antenna From A Stream Of Sea Water”

MIT Researchers Can Read Closed Books (and Defeat CAPTCHA)

September 14, 2016 by 59 Comments

Ten years ago, MIT researchers proved that it was possible to look through an envelope and read the text inside using terahertz spectroscopic imaging. This research inspired [Barmak Heshmat] to try the same technique to read a book through its cover. A new crop of MIT researchers led by [Heshmat] have developed a prototype to do exactly that, and he explains the process in the video after the break. At present, the system is capable of correctly deciphering individual letters through nine pages of printed text.

They do this by firing terahertz waves in short bursts at a stack of pages and interpreting the return values and travel time. The microscopic air pockets between the pages provide boundaries for differentiation. [Heshmat] and the team rely on these pockets to reflect the signal back to a sensor in the camera. Once they have the system dialed in to be able to see the letters on the target page and distinguish them from the shadows of the letters on the other pages, they use an algorithm to determine the letters. [Heshmat] says the algorithm is so good that it can get through most CAPTCHAs.

The most immediate application for this technology is reading antique books and other printed materials that are far too fragile to be handled, potentially opening up worlds of knowledge that are hidden within disintegrating documents. For a better look at the outsides of things, there is Reflectance Transformation Imaging.

Continue reading “MIT Researchers Can Read Closed Books (and Defeat CAPTCHA)”

Hackaday Prize Entry: Lucid Dreaming Research

September 4, 2016 by 21 Comments

Lucid dreaming is one of the rare psychological phenomenon terrible sci-fi frequently gets right. Yes, lucid dreaming does exist, and one of the best ways to turn a normal dream into a lucid dream is to fixate on a particular object, sound, or smell. For their Hackaday Prize entry, [Jae] is building a device to turn the electronic enthusiast community on to lucid dreaming. It’s a research platform that allows anyone to study their own dreams and access a world where you can do anything.

The core of this project is an 8-channel EEG used to measure the electrical activity in the brain during sleep. These EEG electrodes are fed into a 24-bit ADC which is sampled 250 times per second by an ARM Cortex M4F microcontroller. The captured data is recorded or sent to a PC or smartphone over a Bluetooth connection where a familiar sound can be played (think of the briefcase in Inception), or some other signal that will tell the dreamer they’re dreaming.

We’ve seen a few similar builds in the past, most famously a NeuroSky MindWave headset turned into a comfortable single-channel EEG-type device. The NeuroSky hardware is limited, though, and a setup with proper amplifiers and ADCs will be significantly more helpful in debugging the meatspace between [Jae]’s ears.

The HackadayPrize2016 is Sponsored by:

Subsea ROV Has 6 Degrees Of Freedom + Autopilot

May 18, 2016 by 16 Comments

This is what happens when you give Norwegian engineering students half a year to develop an ROV for their class.

The team utilized 3D printing to design and print their own thruster propellers and ducts for the ROV. It’s powered by HobbyKing motors with VESC speed controllers. This allows them to get from 0.6 to 30N of thrust from each propeller at 12V. Because of this accuracy they’re able to use a PID system to do automatic pitch, roll and depth control!

The electronics are housed in a 200mm acrylic tube (15mm wall thickness) with aluminum end caps and o-rings — an exact pressure rating is not given, but the team could flood the chamber with non-conductive oil to increase that even more — they just don’t need to for tests in a swimming pool. The undersea wire connectors they use (Subconn) are rated for 700 and 600 bar!

Continue reading “Subsea ROV Has 6 Degrees Of Freedom + Autopilot”