Needling Your Projects: 3D Printed PCB Probing Jig Uses Accupuncture Needles

November 15, 2019 by 18 Comments

Trying to probe a modern electronic circuit with tiny SMD components, without letting the magic smoke escape in the process, can be quite a challenge. Especially since we hackers have not yet developed the number of appendages required to hold 3 different probes in place while operating both an oscilloscope and a computer. [Giuseppe Finizia] solved this problem with a 3D printed PCB probing jig that uses acupuncture needles.

As part of [Giuseppe] day job as an engineer at an electronic forensics laboratory, he does technical investigations on seized devices, which involves quite a bit of probing. The jig consists of a base plate with slots in which PCB holders of various configurations slide to hold all shapes and sizes of PCBs. Around the circumference of the plate there are multiple positions for adjustable probing “cranes”, each of which hold an acupuncture needle that is crimped or soldered to a wire. Each needle holder has a bit of flex which allows it to maintain downward pressure for a positive connection.

Making one-off tools and jigs is arguably one of the best applications for 3D printing, of which this is a perfect example. You can of course point solder wires or use test hooks if you have something to grab onto, but for easily probing multiple point on any PCB, this looks like a damn good solution. If you’re trying to trace a single signal, a precision pantograph might be your friend, or you can add a foot switch to your oscilloscope for quickly checking a circuit by hand.

[Jonathon Oxer] from the YouTube channel SuperHouse did a very nice video on the jig and made some small modifications. Check out the video after the break.

This Week In Security: Fuzzing Fixes, Foul Fonts, TPM Timing Attacks, And More!

November 15, 2019 by 11 Comments

An issue was discovered in libarchive through Google’s ClusterFuzz project. Libarchive is a compression and decompression library, widely used in utilities. The issue here is how the library recovers from a malformed archive. Hitting an invalid header causes the memory in use to be freed. The problem is that it’s possible for file processing to continue even after that working memory has been freed, leading to all kinds of problems. So far an actual exploit hasn’t been revealed, but it’s likely that one is possible. The problem was fixed back in May, but the issue was just announced to give time for that update to percolate down to users.

Of note is the fact that this issue was found through Google’s fuzzing efforts. Google runs the oss-fuzz project, which automatically ingests nightly builds from around 200 open source projects and runs ClusterFuzz against them. This process of throwing random data at programs and functions has revealed over 14,000 bugs.
Continue reading “This Week In Security: Fuzzing Fixes, Foul Fonts, TPM Timing Attacks, And More!”

Credit Card Skimmers Evolve – Shimmers Are Here

November 15, 2019 by 91 Comments

Credit cards are loaded with security features, but the game of cat and mouse goes on. Nefarious syndicates continue to develop technology to steal data in new and innovate ways. After SparkFun did a teardown on some illicit hardware, they were visited by local law enforcement, who requested their help once more.

[Nick] from SparkFun refers to the device in question as a “shimmer”. It’s intended to be installed inside the chip reader of a credit card terminal, in between the terminal and the user’s credit card. Fabricated on a flexible film PCB, it’s thin enough to glue inside without being obvious even during maintenance.

The investigation begins with identification of the major components on board, followed by attempts to communicate with the device. Unfortunately, the hardware was largely unresponsive, even when connected to a card reader. In an effort to learn more, a schematic was produced. [Nick]’s analysis raised more questions than answers, and the suspicion is that the hardware may have been damaged at some point. However, the basic capabilities of the device are obvious, given the ability of the hardware to interact with a card via its contacts and offload the data through the onboard nRF24L01 radio module.

Thanks to people like [Nick], and earlier work from SparkFun, we all now have a better understanding of the risks when using payment terminals out in the wild. Unfortunately, unless your local gas station is willing to let you spend 20 minutes disassembling their card reader before paying, there’s not a whole lot the individual can do about it. Stay vigilant, and if you’ve got the skinny on a skimmer, drop us a line.

Penny Diode

A Radio For The Apocalypse

November 15, 2019 by 54 Comments

There’s been a spate of apocalypse related articles over the last few weeks, but when I saw an AM radio made from a hand-wound coil and an oxidized British penny, I couldn’t help but be impressed. We’ve covered foxhole radios, stereotypical radios that are cobbled together from found parts during wartime.

This example uses a variable capacitor for tuning, but that’s technically optional. All that’s really needed is a coil and something to work as a diode. Surprisingly, copper oxide is a semiconductor, and the surface oxidation on a penny is enough to form a rudimentary diode. Though, note, not all pennies have that necessary coating of copper. If a penny has green oxide, it’s likely a candidate.

Need a quickly cobbled together AM radio? Have some wire and a penny? Yeah, watch the video below the break, and you’ll know how to make it happen. When the apocalypse comes, you’ll thank us.

Continue reading “A Radio For The Apocalypse”

Quick And Dirty Digital Conversion For Analog SLR

November 14, 2019 by 37 Comments

The unarguable benefits of digital photography has rendered the analog SLR obsolete for most purposes. This means that a wide selection of cameras and lenses are available on the second hand market for pennies on the dollar, making them ripe targets for hacking. [drtonis] decided to experiment with a quick and easy digital conversion to an old Canon A-1, and it’s got us excited about the possibilities.

Who needs Instagram filters? Just distort in-camera!

It’s a simple hack, but a fun one. The SLR is opened up, and the spring plate for holding the film is removed. A Raspberry Pi camera then has its original lens removed, and is placed inside the film compartment. It’s held in with electrical tape, upon a 3mm shim to space it correctly to work with the original optics.

[drtonis] notes that the build isn’t perfect, with some aberration likely caused by the reflective electrical tape in the film cavity. However, we think it’s a nice proof of concept that could go so much further. A Raspberry Pi Zero could be easily squeezed inside along with the camera, and everything glued in place to make things more robust. A specialist paint such as Stuart Semple’s Black 2.0 could also help cut down on light leaks inside. Plus, there’s plenty of small screens that can be used with the Raspberry Pi that would provide a useful preview function.

We’d love to see more conversions like this one. While it’s unlikely they’ll compete with commercial DSLRs on outright performance, everyone loves a little bit of charming distortion here and there, and all manner of fancy lenses can be had for cheap for analog platforms. We’ll be keeping a close eye on the tipline for further This fundevelopments – you know what to do!

Continue reading “Quick And Dirty Digital Conversion For Analog SLR”

Audio Processing In Rust

November 14, 2019 by 4 Comments

[Michael] volunteers with emergency services, and sometimes has to monitor radio traffic. Sometimes there’s a lot to review, and to make it easier he wrote a noise gate — think of it as a squelch — to break apart recorded audio into parts. Rust has been gaining popularity for writing low level software, and that’s the language he uses. However, you’ll see even if you don’t know Rust, it is pretty easy to figure out.

For test data, [Michael] took some publicly-available recordings of air traffic control. Using some ready-made audio processing functions and a simple state machine makes the code easy to write.

Continue reading “Audio Processing In Rust”

Giant Analog CO2 Meter Sweeps Away Doubt

November 14, 2019 by 11 Comments

Most of us are aware that trees turn CO₂ into oxygen, but we’d venture to guess that many people’s knowledge of this gas ends there. Is it feast or famine out there for the trees? Who can say? We admire [rabbitcreek]’s commitment to citizen science because he’s so focused on making it easy for people to understand their environment. His latest offering, a giant analog CO₂ meter, might be our favorite so far.

The brains of the operation is an Adafruit Feather Adalogger. It reads the CO₂ sensor that’s mounted close to the business end of the nautilus, and becomes the quill that writes the CO₂ value to a FeatherWing e-ink screen. For the giant needle, this lovely meter uses one of those fiberglass poles you mark your driveway with so you can find it under a blanket of snow. The needle is counter-balanced with washers encased in printed plastic.

As you can see in the GIF, there’s a decent delay between the CO₂ blast and the needle response — we like to imagine the CO₂ spiraling slowly through the nautilus like a heavy, ill wind on its way to gravely move the needle.

Want a way to monitor air quality that’s a bit more discreet? Slip this portable meter into your pocket.