Making Flexible Overmolded Parts With Urethane Resin

July 19, 2019 by 11 Comments

Resin casting videos have taken social media by storm of late. Everything from inlaid driftwood tables to fancy pens are getting the treatment. Pouring some nicely colored epoxy is straightforward enough, but it’s just the tip of the iceberg. [Eric Strebel] has some serious skills in resin casting, and has lately been working on some overmolded electroniics with urethane resin (Youtube link, embedded below).

The build starts with the creation of a silicone mold, using a 3D printed SLA master. The part in question is for a prototype medical device, and requires overmolding, in which a flexible PCB is covered in flexible urethane. Wooden pins are used to allow the flexible PCB to clip into the mold for accurate location, and a small shield is placed over the metal contacts of the PCB to avoid them being covered in silicone.

Initial tests are done with an empty mold to determine the correct material to use, before the actual parts are ready to produce. [Eric] takes great care with the final production, as any mistakes would waste the expensive prototype PCBs provided to him by the client. With the electronics placed in the mold, the resin is degassed and carefully injected, using a syringe to minimise the chance of any air bubbles. With some delicate cleanup by hand, the completed parts are ready for delivery.

It’s a process that covers the basics of overmolding for a prototype part, as well as showing off [Eric]’s skill at producing quality prototype parts. We’ve seen [Eric]’s work before, too – like his discussion of the value of cardboard in product design. Video after the break.

Continue reading “Making Flexible Overmolded Parts With Urethane Resin”

This Week In Security: Ransomware Keys, IOS Woes, And More

July 19, 2019 by 12 Comments

Remember the end of GandCrab we talked about a couple weeks back? A new wrinkle to this story is the news that a coalition of law enforcement agencies and security researchers have released a decrypter and the master decryption keys for that ransomware. It’s theorized that researchers were able to breach the command and control servers where the master keys were stored. It’s yet to be known whether this breach was the cause for the retirement, or was a result of it.

Apple’s Secure Enclave is Broken?

A Youtube video and Reddit thread show a way to bypass the iPhone’s TouchID and FaceID, allowing anyone to access the list of saved passwords. The technique for breaking into that data? Tap the menu option repeatedly, and cancel the security prompts. Given enough rapid tries, the OS gives up on the validation and simply shows the passwords!

The iPhone has an onboard security chip, the Secure Enclave, that is designed to make this sort of problem nearly impossible. The design specification dictates that data like passwords are encrypted, and the only way to decrypt is to use the Enclave. The purpose is to mitigate the impact of programming bugs like this one. It seems that the issue is limited to the iOS 13 Beta releases, and you’d expect bugs in beta, but a bug like this casts some doubt on the effectiveness of Apple’s Security Enclave.

URL Scheme Hijacking

Our next topic is also iOS related, though it’s possible the same issue could effect Android phones: URL scheme problems. The researchers at Trend Micro took a look at how iOS handles conflicting app URLs. Outside of the normal http: and https: URLs, applications can register custom URL schemes in order to simplify inter-process communication. The simplest example is something like an email address and the mailto: scheme. Even on a desktop, using one of these links will open a different application to handle that request. What could go wrong?

One weakness in using URL schemes like this is that not all apps properly validate what launched the request, and iOS allows multiple apps to use the same URL scheme. In the example given, a malicious app could register the same URL handler as the target, and effectively launch a man-in-the-middle attack.

Bluekeep, and Patching Systems

It has been five weeks since Bluekeep, the Remote Desktop Protocol vulnerability, was revealed. Approximately 20% of the vulnerable systems exposed to the internet have been patched. Bitsight has been running scans of the remaining vulnerable machines, and estimates about 800,000 remaining vulnerable systems. You may remember this particularl vulnerability was considered so problematic that even the NSA released a statement encouraging patching. So far, there hasn’t been a worm targeting the vulnerability, but it’s assumed that at least some actors have been using this vulnerability in attacks.

Farting Baseball; From The Makers Of Self-Solving Rubik’s Cube

July 19, 2019 by 12 Comments

Some hackers have a style all their own that is immediately recognizable from one project to the next. For instance, you can tell a [Takashi Kaburagi] by its insides. The behavior of his Farting Baseball project (machine translation) is amusing, but the joke is only skin deep. Look inside and you’ll gain a huge appreciation for what has been done here. It’s not as mind-boggling as his work on the self-solving Rubiks cube robot, but the creativity and design constraints are similarly impressive.

Clever detail is the square of soft material used to cushion impact

This whimsical project is a curve ball no matter who throws it. While in flight, a jet of compressed gas can alter the trajectory at the press of a button. Inside is a small pressure vessel that is filled with HFC134A refrigerant commonly used on gas blowback pistols. It’s a non-combustible that lies in wait until a solenoid is activated to release the pressure in a powerful jet. The ball carries a CR2032 to power the wireless link for activation, but that solenoid needs more juice so capacitors are charged for this purpose.

It’s worth digging through the details on this one, including the article on measuring discharge time (machine translation). There are numerous nice touches, like the yellow Whoopee Cushion neck that directs the jet, the capacitor discharge materials so there is not an accidental activation when not in use, and clever and clean construction that make everything fit.

Another hacker with an equally iconic style is [Mohit Bhoite]’s work; make his flywire sculptures your next stop.

Continue reading “Farting Baseball; From The Makers Of Self-Solving Rubik’s Cube”

Hybrid Drones Could Have Massively Extended Flight Times

July 19, 2019 by 130 Comments

Multirotor drones truly took off with the availability of lithium polymer batteries, brushless motors, and cheap IMUs. Their performance continues to improve, but their flight time remains relatively short due to the limits of battery technology. [Nicolai Valenti] aims to solve the problem by developing a hybrid generator for drones.

The basic concept consists of a small gasoline engine, connected to a brushless motor employed as a generator. The electricity generated is used to run the main flight motors of the multirotor drone. The high energy density of gasoline helps to offset the added weight of the generator set, and [Nicolai] is aiming to reach a goal of two hours of flight time.

There are many engineering problems to overcome. Engine starting, vibration and rectification are all significant challenges, but [Nicolai] is tackling them and has already commenced flight testing. Experiments are ongoing with 500 W, 1,000 W, and 2,000 W designs, and work is ongoing to optimise the engine and electronics package.

It’s a project that holds the potential to massively expand the range of operation for medium to large multirotors, and should unlock certain capabilities that have thus far been limited by short battery runtimes. Gasoline powered drones aren’t a new idea, but we’ve seen precious little in the hybrid space. We look forward to seeiing how this technology develops. Video after the break.

Continue reading “Hybrid Drones Could Have Massively Extended Flight Times”

Turning A Single Bolt Into A Combination Lock

July 18, 2019 by 27 Comments

In our search for big-box convenience, we tend to forget that locksmiths once not only copied keys but also created complex locks and other intricate mechanisms from scratch. [my mechanics] hasn’t forgotten, and building a lock is his way of celebrating of the locksmith’s skill. Building a combination lock from a single stainless bolt is probably also showing off just a little, and we’re completely fine with that.

Granted, the bolt is a rather large one – an M20x70 – and a few other materials such as brass rod and spring wire were needed to complete the lock. But being able to look at a single bolt and slice it up into most of the stock needed for the lock is simply amazing. The head became the two endplates, while the shank was split in half lengthwise and crosswise after the threads were turned off; those pieces were later turned down into the tubes and pins needed to create the lock mechanism. The combination wheels probably could have come from another – or longer – bolt, but we like the look of the brass against the polished stainless, as well as the etched numbers and subtle knurling. The whole thing is a locksmithing tour de force, and the video below captures all of it without any fluff or nonsense.

If working in steel and brass isn’t your thing, fear not – a 3D-printed combination lock is probably within your reach. Or laser cut wood. Or even plain paper, if you’re not into the whole security thing.

Continue reading “Turning A Single Bolt Into A Combination Lock”

A (Card) Table-Top Turing Machine Of Magic: The Gathering Cards

July 18, 2019 by 8 Comments

Within normal rules of collectible card game Magic: The Gathering a player may find themselves constrained to only a single legal course of action forward. It’s a situation players could craft to frustrate their opponents, though the victims usually break free after a few moves. But under a carefully crafted scenario, players would have no choice but to become the execution engine for a Turing-complete programming language written with Magic cards via techniques detailed in this paper.

One of the authors of this paper, [Alex Churchill], started working on this challenge in 2010. We covered an earlier iteration of his work here, and his own criticism that it was dependent on player cooperation. At various points, the game rules state a player “may” take certain actions and the construct falls apart if our player chooses the wrong thing. It would be as if a computer was built out of transistors that “may” switch as commanded or not, which would not be a very reliable method of computation.

To improve reliability of this particular Turing machine execution engine, the team combed through rules and cards to devise an encoding where the player is only ever presented with a single legal course forward. This ensures deterministic execution of the instruction stream, and now with proof of Turing-completeness in hand, we congratulate [Alex] on a successful conclusion to his decade-long quest.

We have a primer available for anyone who wants a refresher on Turing machines. They are utterly impractical but fun for hackers to build, and they are typically constructed of electronics and LEDs instead of ink on cardboard.

Via Ars Technica, who have presented their own analysis of this machine.

Main image: Unspecified set of Magic: The Gathering cards by [Robert] CC BY 2.0

Live Apollo 11 Transcript On EInk Display

July 18, 2019 by 1 Comment

There are few moments in history that have ever been recorded in more detail or analyzed as thoroughly as the Apollo 11 mission to the Moon. Getting three men to our nearest celestial neighbor and back in one piece took a lot of careful planning, and recording every moment of their journey was critical to making sure things were going smoothly. As we celebrate the 50th anniversary of man’s first steps off our world, these records give us a way to virtually tag along with Armstrong, Aldrin, and Collins.

As part of the 50th anniversary festivities at the Parkes Radio Telescope in Australia, [Andrew] created a badge that would let him wear a little piece of Apollo 11. Using an ESP32 and an eInk screen, it replays the mission transcript between the crew and ground control in real-time. It’s a unique way to experience the mission made possible by that meticulous data collection that’s a hallmark of the National Aeronautics and Space Administration.

[Andrew] was inspired by the “Apollo 11 In Real Time” website, but rather than pulling the content from the Internet, he’s loaded the mission transcripts onto the ESP32’s SPIFFS filesystem as a CSV file. Not that the badge is completely offline, it does need to connect to the Internet (via a hotspot on his phone) so it can keep its internal clock synchronized with NTP. Keeping everything local does reduce power consumption compared to streaming it from the Internet, but he admits that otherwise he didn’t give much thought to energy efficiency and there’s definitely some room for improvement.

The LILYGO TTGO board he’s using combines the ESP32 with a 2.13 inch eInk display, in a formfactor not unlike the Badgy we’ve covered previously. He was able to find a STL for a 3D printed case on Thingiverse which he modified to fit a battery. Unfortunately the original model was released under a license that prevents him from distributing his modified version, but it doesn’t sound too difficult to replicate if you’re interested in building your own running ticker of humanity’s greatest adventure.