Syringe Pump Turns CNC Machine Into A Frosting Bot

June 28, 2019 by 3 Comments

“Amazing how with only the power of 3D-printing, two different computers, hundreds of dollars in CNC machinery, a lathe, and modern microcontroller magic, I can almost decorate a cupcake as well as a hyperactive ten-year-old.”  We can think of no better way to sum up [Justin]’s experiment in CNC frosting application, which turns out to only be a gateway to more interesting use cases down the road.

Granted, it didn’t have to be this hard. [Justin] freely admits that he took the hard road and made parts where off-the-shelf components would have been fine. The design for the syringe pump was downloaded from Thingiverse and does just about what you’d expect – it uses a stepper motor to press down on the plunger of a 20-ml syringe full of frosting. Temporarily attached in place of the spindle on a CNC router, the pump dispenses onto the baked goods of your choice, although with an irregular surface like a muffin top the results are a bit rough. The extruded frosting tends to tear off and drop to the surface of the cake, distorting the design. We’d suggest mapping the Z-height of the cupcake first so the frosting can dispense from a consistent height.

Quality of the results is not really the point, though. As [Justin] teases, this hardware is in support of bioprinting of hydrogels, along with making synthetic opals. We’re looking forward to those projects, but in the meantime, maybe we can all just enjoy a spider silk beer with [Justin].

Continue reading “Syringe Pump Turns CNC Machine Into A Frosting Bot”

Fish Hooks Embedded In Robot Toes Make Them Climb Like Cockroaches

June 28, 2019 by 5 Comments

Take a dozen or so fish hooks, progressively embed them in plastic with a 3D printer and attach them to the feet of your hexapod and you’ve got a giant cockroach!

Fish hooks embedded in 3D-printed robot feet

A team of researchers at Carnagie Mellon University came up with this ingenious hack which can easily be copied by anybody with a hexpod and a 3D printer. Here you can see the hooks embedded into the ends of a leg. This ‘Microspine technology’ enables their T-RHex robot to climb up walls at a slightly under-whelming 55 degrees, but also grants the ability to cling on severe overhangs.

Our interpretation of these results is that the robot needs to release and place each foot in a much more controlled manner to stop it from falling backwards. But researchers do have plans to help improve on that behavior in the near future.

Sensing and Closed Loop Control: As of now, T-RHex moves with an entirely open-loop, scripted gait. We believe that performance can be improved by adding torque sensing to the leg and tail actuators, which would allow the robot to adapt to large-scale surface irregularities in the wall, detect leg slip before catastrophic detachment,and automatically use the tail to balance during wall climbs.This design path would require a platform overhaul, but offers a promising controls-based solution to the shortcomings of our gait design.

No doubt we will all now want to build cockroaches that will out perform the T-RHex. Embedding fish hooks into plastic is done one at a time. During fabrication, the printer is stopped and a hook is carefully laid down by human hand. The printer is turned on once again and another layer of plastic laid down to fully encapsulate the hook. Repeat again and again!

Your robot would need the aforementioned sensing and closed loop control and also the ‘normal’ array of sensors and cameras to enable autonomy with the ability to assess the terrain ahead. Good luck, and don’t forget to post about your projects (check out Hackaday.io if you need somewhere to do this) and tip us off about it! We’ve seen plenty of, sometimes terrifying, hexapod projects, but watch out that the project budget does not get totally out of control (more to be said about this in the future).

Continue reading “Fish Hooks Embedded In Robot Toes Make Them Climb Like Cockroaches”

Mitch Altman Mentors Manufacturing With Hackaday Prize Expert Session

June 28, 2019 by 7 Comments

For whatever you have built, there is someone who has done it longer, and knows more about it. That is the basic premise of expertise, and for this year’s Hackaday Prize we’re rolling out with a series of mentor sessions. These are master classes that match up experts in product development with the people behind the projects in the Hackaday Prize. We’ve been recording all of these so everyone can benefit from the advice, guidance, and mentorship presented in these fantastic recordings.

The DrumKid, a random drum synthesizer

Mitch Altman is someone who should be very familiar to all Hackaday readers. He’s the inventor of the TV-B-Gone, that wonderful device that simultaneously turns you into a hero and a villain in any sports bar. He’s the President and CEO of Cornfield Electronics and co-founder of the Noisebridge hackerspace in San Francisco. Mitch is an author and teacher, and seems to be at just about every conference and workshop around the world promoting hackerspaces, Open Source hardware, and mentorship where ever he goes.

The first hardware creator to meet Mitch is Matt Bradshaw, creator of the DrumKid. This is a pocket-sized drum machine that is heavily inspired by Teenage Engineering’s Pocket Operators. Years ago, Matt built a web app that generated drum tracks, and this project is simply taking that idea into the physical realm. For Mitch, this is well-tread territory; years ago, Mitch also built an Arduino-based synth, and for the most part, both Mitch and Matt’s projects are remarkably similar. There were, however, some improvements to be made with Matt’s circuit. The power supply was two AAA batteries and a switching regulator that introduced noise and added cost. Mitch suggested that the ATMega328 could be run directly from three AA batteries reducing the cost and the noise.

eAgrar, a system for monitoring conditions of plants and weather conditions at agricultural fields

The next project up for review is eAgrar, a system for monitoring conditions of plants and the weather in fields. This project comes from Slaven Damjanovic and Marko Čalić. They’ve been developing this device for almost two years building the entire system around the ATMega328. Slaven ran into a problem with this chip in that he didn’t have enough inputs and outputs. The firmware is already written, but thanks to the Arduino IDE, there’s no reason to keep using that ATMega. Mitch suggested using an STM32 or another ARM core. That’s what he’s using for one of his synthesizer projects, and you get more than enough inputs and outputs for the same price as an ATMega.

Finally, we come to Joseph, with his project, the Pilates Reformer. A Pilates Reformer is a bit of exercise equipment that’s only made by three companies and everything costs thousands of dollars. Joseph is bringing that cost down, but there’s a problem: how do you build a hundred or two hundred of these? Mitch suggested simply finding another manufacturer that could build this design, and not necessarily one that builds Pilates machines. This makes sense — if all you’re doing is cutting and connecting structural beams, any manufacturer can do this, that’s what manufacturers do.

This is the third in our series of Hackaday Prize mentor sessions this year, and we have far more we need to edit, and many more we need to record. That doesn’t mean you can’t get help from experts from your prize entry; we’re looking for people who need help with their project and we have a lot of mentors willing to dispense advice. If you’re interested in having someone look over your shoulder, sign up your entry.

Continue reading “Mitch Altman Mentors Manufacturing With Hackaday Prize Expert Session”

Building A Foam Machine From A Leaf Blower And A Water Pump

June 28, 2019 by 24 Comments

Imagine a tub overflowing with bubble bath, except it’s a club dancefloor and music is pumping all night. This is what is known as a “foam party” — a wild and exciting concept that nonetheless many are yet to experience. The concept exploded in popularity in Ibiza in the 1990s, and foam parties are regularly held at nightclubs and festivals the world over.

Foam is generated with the obviously-named foam machine, and these can be readily purchased or hired for anyone wishing to host such an event. However, that’s not the hacker way. If you’re a little ingenious and take heed of the safety precautions, here’s how you can do it yourself.

Continue reading “Building A Foam Machine From A Leaf Blower And A Water Pump”

Hackaday Podcast 025: Of Cheese Graters, Fauxberries, Printed Gears, Power Latching, And Art-Loving AI

June 28, 2019 by 3 Comments

Hackaday Editors Mike Szczys and Elliot Williams dish their favorite hacks from the past week. Seems like everyone is trying to mill their own Mac Pro grille and we love seeing how they go about it. Elliot is gaga over a quintet of power latching circuits, Mike goes crazy for a dough sheeter project, and we dig through the news behind methane on Mars, the Raspberry Pi 4 release, and spoofing Presidential text alerts with SDR. If you like mini-keyboards you need to see the Fauxberry, Artificial Intelligence became an art critic this week, and poorly-lit rooms have been solved with a massive mirror system.

Take a look at the links below if you want to follow along, and as always tell us what you think about this episode in the comments!

And note: next week we’re taking a break to go outside and shoot off some 4th of July fireworks, so there will be no podcast and you’ve got some time to listen through our 24 previous episodes for anything you’ve missed.  You’ll hear from us again the week after.

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (60 MB or so.)

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 025: Of Cheese Graters, Fauxberries, Printed Gears, Power Latching, And Art-Loving AI”

Be On Twitter Without Being On Twitter

June 28, 2019 by 1 Comment

Social media can connect us to a vibrant worldwide community, but it is also a huge time sink as it preys on both our need for attention and our insatiable curiosity. Kept on a leash by those constant notification sounds, we can easily look up from our phones to find half a day has gone and we’re behind with our work. [Laura Lytle] has a plan to tackle this problem, her OutBox project involves a single button press machine that posts a picture to Twitter of whatever is put in it. It’s not just another gateway to social media addiction though, she tells us it follows Design For Disuse principles in which it must be powered up and adjusted for each picture, and that it provides no feedback to satisfy the social media craving.

Under the hood of the laser-cut housing reminiscent of an older hobby 3D printer is a Raspberry Pi 3 Model A+ and a webcam, with a ring of LEDs for illumination. On top is the only interface, a small “arm” button to set things up and a big red arcade button to do the business. The software is in Python, and provides glue between resizing the photo, uploading it to a cloud service, and triggering ITTT to do the Tweeting. You can see the whole thing in the video below, and the result is a rather eye-catching device.

Of course, there are other ways to keep yourself off social media.

Continue reading “Be On Twitter Without Being On Twitter”

This Week In Security: Invalid Curve Attacks, OpenSSH Shielded, And More Details On Coinbase

June 28, 2019 by 19 Comments

AMD Epyc processors support Secure Encrypted Virtualization (SEV), a technique that prevents even a hypervisor reading memory belonging to a virtual machine. To pull this off, the encryption and decryption is handled on the fly by the Platform Security Processor (PSP), which is an ARM core that handles processor start-up and many security features of modern AMD processors. The vulnerability announced this week is related to the encryption scheme used. The full vulnerability is math heavy, and really grokking it requires a deeper understanding of elliptical curve cryptography (ECC) than your humble author currently possesses.

During the process of starting a virtual machine, the VM process goes through a key-sharing process with the PSP, using an ECC Diffie-Hellman key exchange. Rather than raising prime numbers to prime exponents, an ECC-DH process bounces around inside an elliptical curve in order to find a shared secret. One of the harder problems to solve when designing an ECC based cryptographic system, is the design of the curve itself. One solution to this problem is to use a published curve that is known to be good. AMD has taken this route in their SEV feature.

The attack is to prime the key exchange with invalid data, and observing the shared key that is generated. A suitably simple initial value will leak information about the PSP’s secret key, allowing an attacker to eventually deduce that key and decrypt the protected memory. If you’d like to bone up on invalid curve attacks, here’s the seminal paper. (PDF)

OpenSSH Shielding

[Damien Miller] of OpenSSH was apparently tired of seeing that project tied to vulnerabilities like Rambleed and Rowhammer, so added a technique he’s calling key-shielding. OpenSSH now encrypts private keys in memory using a 16 kB pre-key. While an attacker with full knowledge of the process’s memory wouldn’t be deterred, the error rate of Rambleed and similar attacks is high enough that the 16 kB of randomness is likely to thwart the attempt to recover the secret key.

Firefox and Coinbase

We mentioned Firefox vulnerabilities and updates last week, and as anticipated, more information is available. [Philip Martin] from Coinbase shared more information on Twitter. Coinbase employees, as well as other cryptocurrency companies, were targeted with fishing emails. These lured employees to a malicious page that attempted to exploit a pair of Firefox vulnerabilities. Coinbase has a security system in place that was able to prevent the exploit, and their security team was able to reverse engineer the attack.

The first vulnerability has been dissected in some detail by a Google security researcher. It’s a weakness in Firefox’s Javascript engine related to type handling. An object is created with one data type, and when that data is changed to another type, not all the data handlers are appropriately updated. Under the hood, a value is assumed to be a pointer, but is actually a double-length value, controlled by the attacker.

The second vulnerability is in the functions used to prompt for user interaction. Specifically the call to “Prompt:Open” isn’t properly validated, and can result in the un-sandboxed Firefox process loading an arbitrary web location. I suspect the sandbox escape is used to run the initial exploit a second time, but this time it’s running outside the sandbox.

Odds and Ends

[Tom] wrote a great intro into how to Impersonate The President With Consumer-Grade SDR, go check it out!

Another city, more ransomware. Riviera Beach, Florida was hit with a ransomware attack, and paid $600,000 in an attempt to get their data back. For a city of 35,000 inhabitants, that’s $17.14 in ransom per man, woman, and child. According to the linked article, though, the city was insured.