Liberating Birds For A Cheap Electric Scooter

December 7, 2018 by 85 Comments

A few months ago, several companies started deploying electric scooters on the sidewalks of cities around the United States. These scooters were standard, off-the-shelf electric scooters made in China, loaded up with battery packs, motors, and a ‘brain box’ that has a GPS unit, a cellular modem, and a few more electronics that turn this dumb electric scooter into something you can ride via an app. Dropping electronic waste on cities around the country was not looked upon kindly by these municipalities, and right now there are hundreds of Bird and Lime scooters in towing yards, just waiting to be auctioned off to the highest bidder.

This is a remarkable opportunity for anyone who can turn a screwdriver and handle a soldering iron. For mere pennies on the dollar you can buy dozens of these scooters, and you can own thousands of dollars in batteries and electronics if you show up to the right auction. [humanbeing21] over on the scootertalk forums is preparing for the Bird apocalypse, and he’s already converted a few of these scooters to be his personal transportation device.

The subject of this conversion are scooters deployed by Bird, which are in actuality Xiaomi MIJIA M365 scooters with a few added electronics to connect to the Internet. The ‘conversion kit’ for a Bird scooter comes directly from China, costs $30, and is apparently a plug-and-play sort of deal. The hardest part is finding a screwdriver with the right security bits, but that again is a problem eBay is more than willing to solve.

Right now, [humanbeing21] is in contact with a towing company that has well over a hundred Bird scooters on their lot, each accruing daily storage fees. Since these scooters only cost about $400 new, we’re probably well past the time when it makes sense for Bird to pay to get them out of storage. This means they’ll probably be heading for an auction where anyone can pick them up — all of them — for a hundred bucks or so.

Right now, scooter hacking is becoming one of the most interesting adventures in modern-day hacking. You’ve got batteries and electronics and motors just sitting there, ready for the taking (and yes, through these auctions you can do this legally). We’re looking at a future filled with 18650-based Powerwalls from discarded electric scooters and quadcopters built around scooter motors filling the skies. This is cyberpunk, and we can’t wait to see the other builds these scooters will become.

Building The World’s Smallest Jet Turbine By Hand

December 7, 2018 by 39 Comments

There are very few machines as complex to build as a turbojet engine. The turbine blades on a commercial airliner are grown from a single crystal of metal. The engineering tolerances are crazy, and everything spins really, really fast. All of these problems aren’t a concern for [Igor], who’s building what will probably end up being the world’s smallest turbojet engine. He’s doing it in his home shop, and a lot of the work is being done by hand. We don’t know the Russian translation for ‘hold my beer’, but [Igor] certainly does.

The design of this turbojet — as far as we can tell — is a centrifugal flow turbine, or something that’s not terribly different than the projects we’ve seen that turn the turbocharger from a diesel engine into a jet. The innovation here is using a lathe to machine the compressor stages by mounting an end mill to the headstock and the compressor blank on the cross slide, in a rotary table. It’s weird, but you really can’t argue with something that looks like it’ll work.

[Igor] has made a name for himself by creating some crazy contraptions. The most impressive, by far, is a gigantic remote controlled plane, powered by a handmade jet engine. This is an enormous fiberglass plane with a homebrew engine that spins at 90,000 RPM and doesn’t fly apart. That’s impressive by any measure.

[Igor] is posting a lot of his build process on YouTube and Instagram, including heat treating the compressor stages with a blowtorch. This is an amazing project, and even if this tiny turbine will be able to self-sustain, that’s an amazing accomplishment. You can check out a few more videos from [Igor] below.

Continue reading “Building The World’s Smallest Jet Turbine By Hand”

Racing The Beam On A Thin Client, In FPGAs

December 7, 2018 by 60 Comments

A few years back, a company by the name of Pano Logic launched a line of FPGA-based thin clients. Sadly, the market didn’t eventuate, and the majority of this stock ended up on eBay, to eventually be snapped up by eager hackers. [Tom] is one of those very hackers, and decided to try some raytracing experiments with the hardware.

[Tom] has one of the earlier Pano Logic clients, with VGA output and a Xilinx Spartan-3E 1600 FPGA under the hood. Due to limited RAM in the FPGA, and wanting to avoid coding a custom DRAM controller for the memory on the board, there just wasn’t room for a framebuffer. Instead, it was decided that the raytracer would instead “race the beam” – calculating each pixel on the fly, beating the monitor’s refresh rate.

This approach means that resource management is key, and [Tom] notes that even seemingly minor changes to the raytracing environment require inordinately large increases in calculation. Simply adding a shadow and directional light increased core logic utilisation from 66% to 92%!

While the project may not be scalable, [Tom] was able to implement the classic reflective sphere, which bounces upon a checkered plane and even added some camera motion to liven things up through an onboard CPU core. It’s a real nuts-and-bolts walkthrough of how to work with limited resources on an FPGA platform. Code is available on Github if you fancy taking a further peek under the hood.

If you’re new to FPGAs yourself, why not check out our FPGA bootcamp?

Magic Wand Learns Spells Through Machine Learning And An IMU

December 7, 2018 by 6 Comments

Jennifer Wang likes to dress up for cosplay and she’s a Harry Potter fan. Her wizarding skills are technological rather than magical but to the casual observer she’s managed to blur those lines. Having a lot of experience with different sensors, she decided to fuse all of this together to make a magic wand. The wand contains an inertial measurement unit (IMU) so it can detect gestures. Instead of hardcoding everything [Jennifer] used machine learning and presented her results at the Hackaday Superconference. Didn’t make it to Supercon? No worries, you can watch her talk on building IMU-based gesture recognition below, and grab the code from GitHub.

Naturally, we enjoyed seeing the technology parts of her project, and this is a great primer on applying machine learning to sensor data. But what we thought was really insightful was the discussions about the entire design lifecycle. Asking questions to scope the design space such as how much money can you spend, who will use the device, and where you will use it are often things we subconsciously answer but don’t make explicit. Failing to answer these questions at all increases the risk your project will fail or, at least, not be as successful as it could have been.

Continue reading “Magic Wand Learns Spells Through Machine Learning And An IMU”

Better Mechanical Keyboards Through 3D Printing

December 7, 2018 by 14 Comments

You’re not cool unless you have a mechanical keyboard. No, you won’t be able to tell if your coworkers don’t like it, because you won’t be able to hear their complaining over the sound of your clack-clack-clacking. You can even go all-in with switch modifications, o-rings, and new springs, or you could use your 3D printer to modify the touch of your wonderful Cherry MX switches. That’s what a few researchers did, and the results are promising.

The ‘problem’ this research is attempting to solve is bottoming out on Cherry MX keyswitches. If you’re bottoming out, you’re doing it wrong, but nevertheless, you can get a publication out of solving repetitive strain injury. This was done by modeling the bottom housing of a Cherry MX switch by printing most of it in nylon on a Stratasys Objet 350 polyjet printer, with a tiny bit of of the housing printed with a polymer with a hardness of Shore 40. No, Shore A, Shore B, or Shore 00 was not specified, but hey, it’s just a conference paper.

The experimental test for this keyswitch was dropping a 150 gram weight from 125 mm onto the keyswitch, with a force sensitive resistor underneath the switch, connected to an Arduino. Data was logged, filtered, and fitted in Excel to create a plot of the force on dampened, rigid, and commercial switch housings. Results from ANOVA were p > 0.05 (p=0.12).

Despite the lack of significant results, there is something here. The Objet is one of the few printers that can do multimaterial printing with the resolution needed to replicate an injection molded part. There is a trend to the data, and printing squishy parts into a keyswitch should improve typing feel. There will be more work on this, but in the meantime we’re hopeful some other experimenters will pick up this train of research.

Weaponized Networked Printing Is Now A Thing

December 7, 2018 by 37 Comments

It’s a fairly safe bet that a Venn diagram of Hackaday readers and those who closely follow the careers of YouTube megastars doesn’t have a whole lot of overlap, so you’re perhaps blissfully unaware of the man who calls himself [PewDiePie]. As such, you might not know that a battle between himself and another YouTube channel which uploads Bollywood music videos has reached such a fever pitch that his fans have resorted to guerrilla hacking to try to sway public opinion towards their side. It’s perhaps not the dystopian future we imagined, but it just might be the one we deserve.

To briefly summarize the situation, a hacker known only by the handle [TheHackerGiraffe] decided to help out Dear Leader by launching an automated attack against 50,000 Internet connected printers. When the hack was successful, the printer would spit out a page of digital propaganda, complete with fist ASCII art, that urged the recipient to go on YouTube and pledge their support for [PewDiePie]. There’s some debate about how many of the printers [TheHackerGiraffe] targeted actually delivered their payload, but judging by reactions throughout social media, it was enough to get the message out.

While the stunt itself may have come as a surprise, the methodology wasn’t. In fact, the only surprising element to the security researchers who’ve weighed in on the situation is that this hasn’t happened more often. It certainly isn’t the first time somebody’s done it, but the fact that this time its been connected to such a high profile Internet celebrity is putting more eyes on the problem then there have been in the past. Now that the proverbial cat is out of the bag, there are even websites springing up which claim to be purveyors of “Printer Advertising”. Odds are good this won’t be the last time somebody’s printer starts running off more than TPS reports.

We here at Hackaday don’t have much interest in the battle for YouTube supremacy. We’re just pulling for Dave Jones’s EEVBlog channel to join [AvE] in breaking a million subscribers. But we’re very interested in the technology which made this attack possible, how likely it is we’re going to see more people exploit it, and what are we supposed to do now that even our own printers can be turned against us?

Continue reading “Weaponized Networked Printing Is Now A Thing”

5G Cellphone’s Location Privacy Broken Before It’s Even Implemented

December 7, 2018 by 52 Comments

Although hard to believe in the age of cheap IMSI-catchers, “subscriber location privacy” is supposed to be protected by mobile phone protocols. The Authentication and Key Agreement (AKA) protocol provides location privacy for 3G, 4G, and 5G connections, and it’s been broken at a basic enough level that three successive generations of a technology have had some of their secrets laid bare in one fell swoop.

When 3G was developed, long ago now, spoofing cell towers was expensive and difficult enough that the phone’s International Mobile Subscriber Identity (IMSI) was transmitted unencrypted. For 5G, a more secure version based on a asymmetric encryption and a challenge-reponse protocol that uses sequential numbers (SQNs) to prevent replay attacks. This hack against the AKA protocol sidesteps the IMSI, which remains encrypted and secure under 5G, and tracks you using the SQN.

The vulnerability exploits the AKA’s use of XOR to learn something about the SQN by repeating a challenge. Since the SQNs increment by one each time you use the phone, the authors can assume that if they see an SQN higher than a previous one by a reasonable number when you re-attach to their rogue cell tower, that it’s the same phone again. Since the SQNs are 48-bit numbers, their guess is very likely to be correct. What’s more, the difference in the SQN will reveal something about your phone usage while you’re away from the evil cell.

A sign of the times, the authors propose that this exploit could be used by repressive governments to track journalists, or by advertisers to better target ads. Which of these two dystopian nightmares is worse is left as comment fodder. Either way, it looks like 5G networks aren’t going to provide the location privacy that they promise.

Via [The Register]

Header image: MOs810 [CC BY-SA 4.0].