Darwin Approves: Berkeley Evolves Analog Design

September 27, 2019 by 6 Comments

Digital design is hard. But in the right environment, digital circuits are more forgiving than analog. That 3.3V signal coming out of the chip has to drop a lot along the way to not be a logic level at the destination. If you are trying to push the boundary then digital design has much of analog design, but mostly you get a bit of a pass on many things that plague analog designers. Berkeley’s AI research group has been experimenting with using deep learning to evolve analog IC design.

Analog ICs are plagued with noise sources and often don’t have the margins that digital circuit designers enjoy. According to the post by [Kourosh Hakhamaneshi], designers often build a few blocks and attempt to lay them out in a way that should work and meet other requirements. Then they employ simulation, make changes as required, and simulate again. Accurate simulations can be very time intensive. You can read the actual paper, too, should you want to dig into the details.

Continue reading “Darwin Approves: Berkeley Evolves Analog Design”

When Your Car Breaks Down, Simply Hack It Into A Simulator

September 27, 2019 by 15 Comments

When [Nishanth]’s Subaru BRZ came to a sudden halt, he was saddened by the wait to get a new engine installed. Fortunately, he was able to cheer himself up by hacking it into a car simulator in the mean time. This would have the added benefit of not being limited to just driving on the Road Atlanta where the unfortunate mishap occurred, but any course available on Forza and similar racing games.

On paper it seemed fairly straight-forward: simply tap into the car’s CAN bus for the steering, throttle, braking and further signals, convert it into something a game console or PC can work with and you’re off to the races. Here the PC setup is definitely the cheapest and easiest, with a single part required: a Macchina M2 Under the Dash kit ($97.50). The XBox required over $200 worth of parts, including the aforementioned Macchina part, an XBox Adaptive Controller and a few other bits and pieces. And a car, naturally.

https://www.notion.so/image/https%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fsecure.notion-static.com%2Fd49697c6-29ae-4b4d-a27b-e2da019d32de%2FUntitled.png?table=block&id=ed4e1bf2-91c6-4494-8e0f-f10964620869&width=5120&cache=v2

The Macchina M2 is the part that listens to the CAN traffic via the OBD2 port, converting it into something that resembles a USB HID gamepad. So that’s all a matter of plug’n’play, right? Not so fast. Every car uses their own CAN-based system, with different peripherals and addresses for them. This means that with the Macchina M2 acquired, [Nishanth]’s first task was to reverse-engineer the CAN signals for the car’s controls.

At this point the story is pretty much finished for the PC side of things, but the XBox One console is engineered to only accept official peripherals. The one loop-hole here is the Adaptive Controller, designed for people with disabilities, which allows the use of alternative inputs. This also enables using a car as an XBox One controller, which is an interesting side-effect.

Continue reading “When Your Car Breaks Down, Simply Hack It Into A Simulator”

The Zen Of Mechanical Keyboard Wiring

September 27, 2019 by 24 Comments

Mechanical keyboards are all the rage right now, but the vast majority of them are purchased commercially. Only the most dedicated people are willing to put in the time and effort required to design and assemble their own custom board, and as you might imagine, we’ve featured a number of such projects here on Hackaday in the past.

But what makes this particular mechanical keyboard build from [kentlamh] so special isn’t the final product (though it’s certainly quite nice), but the care he took when hand-wiring all of the switches to the Teensy 2.0 microcontroller that serves as its controller. There’s no PCB inside this custom board, it’s all rainbow colored wires, individual diodes, and the patience to put it all together with tweezers.

[kentlamh] takes the reader through every step of the wiring process, and drops a number of very helpful hints which are sure to be of interest to anyone who might be looking to embark on a similar journey. Such as bending the diode legs en masse on the edge of a table, or twisting them around a toothpick to create a neat loop that will fit over the pin on the back of the switch.

He also uses a soldering iron to melt away the insulation in the middle of the wires instead of suffering through hundreds of individual jumpers. We’ve seen this trick before with custom keyboards, and it’s one of those things we just can’t get enough of.

Some will no doubt argue that the correct way to do this would be to use an automatic wire stripper, and we don’t necessarily disagree. But there’s something undeniably appealing about the speed and convenience of just tapping the wire with the iron at each junction to give yourself a bit of bare copper to work with.

Even if you aren’t enough of a mechanical keyboard aficionado to travel all the way to Japan to attend the official meetup or discuss the finer points of their design at the Hackaday Superconference, there’s an undeniable beauty to this custom board. With a little guidance from [kentlamh], perhaps it will be your own handwired masterpiece that’s next to grace these pages.

[Thanks to Psybird for the tip.]

Here’s Your First Look At The Talks Of The 2019 Hackaday Superconference

September 27, 2019 by 21 Comments

The ultimate hardware conference returns this November as the Hackaday Superconference springs to life in Pasadena, California. It is our pleasure to announce the first set of accepted speakers who have confirmed their appearances at Supercon. This reveal is only the tip of the iceberg, so keep your eye on Hackaday as we continue to reveal the rest of the exemplary talks and workshops that make up this year’s conference.

However, don’t wait to get your ticket. Yes, we sell out every year, but the pace of ticket sales has been much faster this year and soon they will all be gone. Don’t miss out, as you can see from the small sample below, Supercon will be packed with amazing people and you need to be one of them!

The Talks (Part One of Many)


  • Matthias Balwierz aka bitluni

    Multimedia Fun with the Esp32

    The ESP32 microcontroller is a beast! Everyone knows that already. Composite video and VGA are common now. But a few years ago these capabilities weren’t obvious. This talk will recap the journey of squeezing out every possible bit of performance to generate audio and video with the least amount of additional components. It’s a detail-packed discussion of the projects I’ve documented on my YouTube channel bitluni’s lab.


  • Sarah Kaiser

    Hacking Quantum Key Distribution Hardware or How I Learned to Stop Worrying and Burn Things with Lasers

    Quantum devices are the next big addition to the general computing and technology landscape. However, just like classical hardware, quantum hardware can be hacked. I will share some of my (successful) attempts to break the security of quantum key distribution hardware with the biggest laser I could find!


  • Mohit Bhoite

    Building Free-Formed Circuit Sculptures

    I’ll be talking about building free-formed circuit sculptures, and how anyone with the right tools can get involved in this art form. We’ll explore ways to make these sculptures interact with the environment around them or with the user.


  • Thea Flowers

    Creating a Sega-Inspired Hardware Synthesizer from the Ground Up.

    What makes the Sega Genesis sound chip unique? I’ll share some short history about why the Genesis happened at a very specific moment to have this sort of chip. I’ll talk about designing and building a synthesizer around it and the challenges I encountered by trying to do this as my first hardware project.


  • Helen Leigh

    Sound Hacking and Music Technologies

    I will explore the ways in which music is influenced by making and hacking, including a whistle-stop tour of some key points in music hacking history. This starts with 1940s Musique Concrete and Daphne Oram’s work on early electronic music at the BBC, and blossoms into the strange and wonderful projects coming out of the modern music hacker scenes, including a pipe organ made of Furbies, a sound art marble run, robotic music machines and singing plants.


  • Adam Zeloof

    Thermodynamics for Electrical Engineers: Why Did My Board Melt (And How Can I Prevent It)?

    In this presentation I will provide circuit designers with the foundation they need to consider thermal factors in their designs. Heat transfers through on-board components and knowing how to characterize this means we can choose the right heat sink for any application. Learn about free simulation tools that can be used to perform these analyses and boost your knowledge of thermodynamics and heat transfer (although those who are already familiar with the subject will find some utility in it as well).


  • Samy Kamkar

    FPGA Glitching & Side Channel Attacks

    I will explore some of the incredible work that has been done by researchers, academics, governments, and the nefarious in the realm of side channel analysis. We’ll inspect attacks that were once secret and costly, but now accessible to all of us using low cost hardware such as FPGAs. We’ll learn how to intentionally induce simple yet powerful faults in modern systems such as microcontrollers.


  • Daniel Samarin

    Debugging Electronics: You Can’t Handle the Ground Truth!

    Root-causing quickly is all about having the right tools, having the right infrastructure in place, and knowing how to use them. Is it the firmware, the circuit, a bad crimp, or backlash in the gears? I will outline strategies for finding out what the issue is, so that you can focus on fixing the right thing.

You Miss It, You’ll Miss It

If there’s any way you can make it to Supercon in person, you should. One of the two talk stages will be live-streamed, and the other recorded, but there is no substitute for hanging out with these eight awesome people, plus five hundred of our closest friends. Anyone who’s made it to the conference before can tell you that the intimate atmosphere is packed with opportunities to meet new people, connect with those you’ve only seen on the internet, and learn about the newest developments happening in the world of hardware creation. See you in November!

Hackaday Podcast 037: Two Flavors Of Robot Dog, Hacks That Start As Fitness Trackers, Clocks That Wound Themselves, And Helicopter Chainsaws

September 27, 2019 by No comments

Hackaday Editors Mike Szczys and Elliot Williams take a look at the latest hacks from the past week. We keep seeing awesome stuff and find ourselves wanting to buy cheap welders, thermal camera sensors, and CNC parts. There was a meeting of the dog-shaped robots at ICRA and at least one of them has super-fluid movements. We dish on 3D printed meat, locking up the smartphones, asynchronous C routines, and synchronized clocks.

Take a look at the links below if you want to follow along, and as always tell us what you think about this episode in the comments!

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (60 MB or so.)

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 037: Two Flavors Of Robot Dog, Hacks That Start As Fitness Trackers, Clocks That Wound Themselves, And Helicopter Chainsaws”

This Week In Security: Patch Monday Mysteries, CentOS 8 And CentOS Stream, Russian Surveillance, And CSRF

September 27, 2019 by 5 Comments

So first off this week is something of a mystery. Microsoft released an out-of-cycle patch for Internet Explorer. The exploitability assessment from Microsoft indicates that this bug is under active exploitation, but not many details are available. Let’s take a look at what information has been released, and see what we can learn.

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer.

It’s a remote code execution vulnerability, it affects Internet Explorer, it’s in the scripting engine, and it happens due to objects in memory being mishandled. We could take some guesses, but later in this document we’re given a few other clues. The workaround is to disable jscript.dll, and the impact is limited, as jscript9.dll is the default JavaScript engine. jscript.dll is apparently a legacy JavaScript engine that a website can request.

“Jscript” is what Microsoft called their shameless copy implementation of JavaScript. The older jscript.dll seems to be present in newer versions of Internet Explorer for compatibility reasons. So it’s a problem in how the older JavaScript library handles objects. Any website can request this legacy engine, so the attack vector is basically unlimited.

The urgency implied by the out-of-cycle patch, combined with the otherwise eery silence surrounding this patch, suggests this 0-day was possibly being used in a targeted attack. We hope the details will eventually be revealed.

CentOS 8 and CentOS Stream

CentOS 8 was released this week, the community repackage of Red Hat Enterprise Linux (RHEL) 8. In 2014, Red Hat announced that CentOS was officially becoming a Red Hat sponsored project. This week, CentOS Stream was also announced.

The Fedora distribution has long served as a test-bed for upcoming RHEL releases, with RHEL 8 being based on Fedora 28. CentOS Stream will serve as a “midstream” distribution, a rolling release that pulls updates from Fedora, and will eventually become future RHEL/CentOS releases. It remains to be seen exactly how far ahead of the main CentOS distribution Stream will stay. A long-standing problem with CentOS is that by the time a release hits end-of-life, some of the software versions are very old. Even though security fixes are quickly backported to these older versions, there are security issues that arise as a result. For example, CentOS 7 contains PHP 5.4 with no official path to installing a newer version of PHP. WordPress now requires PHP 5.6.20 as the oldest supported PHP version. Red Hat may backport fixes to PHP 5.4, but that doesn’t help the out-of-date installs of WordPress, running on otherwise up-to-date CentOS machines.

Hopefully CentOS Stream will provide the much needed middle-ground between the bleeding-edge pace of Fedora, and the frustratingly slow march of CentOS/RHEL.

Russian Surveillance

A Nokia employee accidentally backed up a company drive to his home storage device, which was unintentionally Internet accessible. The data contained on this drive was detailed information on Russia’s SORM (System for Operative Investigative Activities), the government’s wiretapping program. The amount of data revealed is staggering, 1.7 terabytes. Passwords, administrative URLs, and even precise physical locations were included. The breadth of information makes one wonder if it was actually an accident, or if this was intended to be another Snowden style data leak. Just an aside, it’s not clear that the revealed wiretapping effort is as broad or onerous as the one Snowden revealed.

PHPMyAdmin CSRF

Running PHPMyAdmin on one of your servers? You should probably go update it. Version 4.9.1 was released on Saturday the 21st, and contains a fix for CVE-2019-12922. This vulnerability is a Cross Site Request Forgery, or CSRF. A CSRF attack can be as simple as an image link on one site, that links to another site, and triggers an action on that second site. Let’s look at the PHPMyAdmin example:

img src="
http://server/phpmyadmin/setup/index.php?page=servers&mode=remove&id=1";
style="display:none;"

A hidden image will actually trigger an HTTP GET request, which asks for the server’s page, and tries to remove the first entry. If a user is logged in to the PHPMyAdmin server that the link is targeting, the command will silently complete. This is one of the reasons that HTTP GET requests should never make state changes, and only ever retrieve information. An HTTP POST message is much harder to generate in this way, though not impossible.