Five Year Old Bug Spawns Router Botnet Monster

November 23, 2018 by 38 Comments

In the news has been yet another router botnet. [Hui Wang] and [RootKiter] of 360Netlab announced their discovery of what they call the “BCMUPnP_Hunter” rootkit. They estimate this botnet to be running on over 100,000 routers worldwide.

There are two elements of this story that I found particularly baffling. First, this botnet infects routers using a vulnerability that was first reported by Defensecode over five years ago, in 2013! The second oddity is the wide range of devices that are vulnerable and are now part of the botnet. Dozens of brands and at least 116 models have been found to be infected.

One of the details of this story hasn’t been reported entirely accurately. The bug is not built into the Broadcom chipset. Unlike Spectre and Meltdown, it’s not actually a hardware fault. Broadcom distributes a Software Development Kit (SDK) that enables device manufacturers like D-Link, TP-Link, and Linksys to quickly develop firmware for routers using Broadcom chips. The vulnerability lies in this code, rather than part of the hardware itself.

Continue reading “Five Year Old Bug Spawns Router Botnet Monster”

Overlooked Minimalism In Assistive Technology

November 23, 2018 by 27 Comments

If your eyes are 20/20, you probably do not spend much time thinking about prescription eyeglasses. It is easy to overlook that sort of thing, and we will not blame you. When we found this creation, it was over two years old, but we had not seen anything quite like it. The essence of the Bear Paw Assistive Eating Aid is a swiveling magnet atop a suction cup base. Simple right? You may already be thinking about how you could build or model that up in a weekend, and it would not be a big deal. The question is, could you make something like this if you had not seen it first?

Over-engineered inventions with lots of flexibility and room for expansion have their allure. When you first learn Arduino, every problem looks like a solution for that inexpensive demo board and one day you find yourself wearing an ATMEGA wristwatch. Honestly, we love those just as much but for an entirely different reason. When all the bells and whistles are gone, when there is nothing left but a robust creation that, “just works,” you have created something beautiful. Judging by the YouTube comments of the video, which can be seen below the break, those folks have no trouble overlooking the charm of this device since the word “beard” appears 95 times and one misspelling for a “bread” count of one. Hackaday readers are a higher caliber and should be able to appreciate its elegance.

The current high-tech solution for self-feeding is a robot arm, not unlike this one which is where our minds went when we heard about an invention about eating without using hands, and we will always be happy to talk about robot arms.

Continue reading “Overlooked Minimalism In Assistive Technology”

The Metal That Never Forgets: Nitinol And Shape-Memory

November 23, 2018 by 13 Comments

You’ve likely heard of Nitinol wire before, but we suspect the common base knowledge doesn’t go much beyond repeating that it’s a shape-memory alloy. [Bill Hammack], the Engineer Guy, takes us on a quick journey of all the cool stuff there is to know about Nitinol and shape-memory alloys.

The name itself is like saying Kleenex when you mean tissue, or using the V-word when you mean hook and loop fasteners. The first few letters of Nickel Titanium Naval Ordnance Laboratories combine to form the name of what is essentially a nickel-titanium alloy developed in 1962: Nitinol. It’s called shape-memory because you can stretch or bend it at room temperature and it will return to the original shape when heated at around 75 C (167 F). This particular metal can do that because its bonds form a “twinned structure” of rhombus shapes — bending or stretching moves those rhombuses (or rhombi, take your pick) but doesn’t change which atoms are bonded to one another.

Has this material science excursion bored you to tears yet? That’s why we love [Bill’s] work. He has always done a fantastic job of demystifying common mysticism and this is no different. The video below does a much better job of illustrating what we’ve described above, but also pull out a Nitinol engine for added wow-factor. A straight piece of Nitinol is bent into a loop around two pulleys. The lower pulley is submerged in hot water, causing the Nitinol to want to straighten out, but it loops back to the top pulley, bending and cooling in the air and creating a lever effect that drives the engine. We saw a more complex version of this concept last year.

You know those eyeglass frames you can bend in any way and they’ll  pop back to the original shape? They’re taking advantage of the super-elasticity of Nitinol. [Bill] also recounts uses as stents for medical applications, and oddball engineering tricks in the automotive industry.

It’s great to see the Engineer Guy back. Favorites of ours have been the science behind disposable diapers and the aluminum beverage can. More recently he released Faraday’s lecture series, wrote a book on airships, appeared on Outlaw Tech on the Science Channel, and started a family. Thanks for fitting these illustrative videos in when you can [Bill]!

Continue reading “The Metal That Never Forgets: Nitinol And Shape-Memory”

Bar Code Adds A Third Dimension

November 22, 2018 by 40 Comments

We never really thought about it before, but a traditional barcode or QR code is pretty two dimensional. A 3D barcode sounds like marketing hype but the JAB (Just Another Barcode) system adds a third dimension in the form of color.

Traditional barcodes assume you have a pretty crude sensor, but a color camera now days is no big deal, so why not take advantage? The JAB system specifies two types of symbols: a master symbol and a slave symbol. A master symbol has four finder patterns at the corner. Slave symbols dock to a master or another docked slave.

If you want to create some JABs, there’s a web interface. If you check advanced, you can change the number of colors used, the size of each “module” (colored box), and the width and height of the master symbol. You can also arrange for error correction. The grid that shows the master and slave symbols will allow you to click on any dockable slave location to create more symbols with different attributes.

You can then save the JAB image and use the scan menu item (at the top) to read the code back. It will also read from a camera.

If you are using a color camera and a computer or phone to read barcodes, this probably is something to check out. After all, you are acquiring color data, why not use it?

You might think of the barcode as something modern, but it has a long strange history going back to the 1930s. Early barcodes looked like bullseyes and were actually inspired by Morse code. We wonder how one of these would look on someone’s arm in ink?

This Bitcoin Price Tracking Traffic Light Isn’t Just A Red LED

November 22, 2018 by 10 Comments

Quick, what’s the price of Bitcoin? Is it lower today than yesterday? Are you overdrafting your Lamborghini account? What if you had an easy way to tell at a glance how much you could have made if you sold in December of last year? That’s what this Bitcoin price tracking traffic light is all about, and it’s a great use of existing electronics.

The hardware for this build is a traffic light table lamp available on Amazon for twenty bucks. Inside this traffic light, you get a PCB with three LEDs and a small microcontroller to control the LEDs. The microcontroller isn’t used in this case, instead the microcontroller is removed and a few wires are soldered up to the base of the transistors used to drive the LEDs. The other ends of these wires are attached to a trio of pins on a Raspberry Pi Zero W, giving this traffic light table lamp Linux and a connection to the Internet.

On the software side of things, we’re looking at a Docker container running a Python script that fetches the latest Bitcoin price from Coindesk and calculates the change from the previous fetch of the price of Bitcoin. This data is shuffled off to another Python script that actually changes the LEDs on the lamp.

Sure, these days a ‘bitcoin price tracking traffic light’ is as simple as connecting a red LED to a battery, and if you’re feeling extra fancy you can add a 220 Ω resistor. But this is a project that’s so well executed that we’ve got to give it a tip ‘o our hat.

Disco Ain’t Dead: Blinky Ball Makes You Solder Inside A Dome

November 22, 2018 by 10 Comments

Disco balls take a zillion mirrors glued to a sphere and shine a spotlight on them. But what if the ball itself was the light source? Here’s a modern version that uses addressable LEDs in a 3D-printed sphere that also hides the electronics inside the ball itself.

Check out the video below to see the fantastic results. It’s a Teensy 3.6 driving a whopping 130 WS2812 LEDs to make this happen. (Even though the sphere has the lowest surface area to volume ratio.) There’s even a microphone and an accelerometer to make the orb interactive. Hidden inside is a 4400 mAh battery pack that handles recharging and feeds 5 V to the project.

For us, it’s the fabrication that really makes this even more impressive. The sphere itself is 3D printed as four rings that combine to form a sphere. This makes perfect spacing for the LEDs a snap, but you’re going to spend some time soldering the voltage, ground, and data connections from pixel to pixel. In this case that’s greatly simplified because the LEDs were sourced from AliExpress already hosted on a little circle of PCB so you’re not trying to solder on the component itself. Still, that’s something like 390 wires requiring 780 solder joints!

We love seeing an LED ball you can hold in your hand. But if you do want something bigger, try this 540 LED sphere built from triangular PCBs.

Continue reading “Disco Ain’t Dead: Blinky Ball Makes You Solder Inside A Dome”

PLA Foils Homemade Tachometer

November 22, 2018 by 19 Comments

[Integza] built a Tesla turbine and wanted to know how fast it was spinning. However, he didn’t have a tachometer, and didn’t want to buy one. After a false start of trying to analyze the audio to measure the speed, he decided to use a tried-and-true method. Let the wheel break an infrared (IR) optointerruptor and count the spokes of the wheel as they go by. If you know the spacing between the spokes, you can compute the speed. There was only one problem: it didn’t work.

Turns out, PLA is at least somewhat transparent to IR. Knowing that it was a simple matter to fix some tape to the wheel that would block IR and that made things work much better. If you missed the video where he built the turbine, you might want to watch it first.

Continue reading “PLA Foils Homemade Tachometer”