Review: NEJE DK-8-KZ Laser Engraver

March 1, 2018 by 100 Comments

When I got my first 3D printer I was excited, but now that I’m contemplating adding a forth to my collection, I have to come to the terms with the fact that these machines have all the novelty of a screwdriver at this point. Which is fine; getting the cost down and availability up is the key to turning a niche piece of technology into a mainstream tool, and the more people with 3D printers at home or in their workshop the better, as far as I’m concerned. But still, there’s a certain thrill in exploring the cutting edge, and I’ve been looking for something new to get excited about as of late.

NEJE DK-8-KZ

Lasers seem like an interesting next step in my quest towards complete in-house fabrication capability, so I started researching cheap setups to get my feet wet. In the course of looking up diode-powered laser cutters, I came across the NEJE DK-8-KZ. At only 1W, there’s no question this device isn’t going to be cutting a whole lot. In fact, it’s specifically sold as an engraver. But given the fact that you can get one of these little guys for around $70 USD shipped, it’s hard to complain.

Now I wasn’t 100% sure what I would do with a laser engraver, but I thought it would be a good way to test the waters before putting serious money (and time) into something more powerful. Plus, if I’m being totally honest, I wanted to start on something on the lower end of the power spectrum because I’m terrified of blinding myself.

So what kind of laser do you get for $70? Let’s find out… Continue reading “Review: NEJE DK-8-KZ Laser Engraver”

Memcached Servers Abused For DDoS Attacks

March 1, 2018 by 11 Comments

Cloudflare announced recently that they are seeing an increase in amplification attacks using memcached servers, and that this exploit has the potential to be a big problem because memcached is capable of amplifying an attack significantly. This takes DDoS attacks to a new level, but the good news is that the problem is confined to a few thousand misconfigured servers, and the solution is to put the servers behind a tighter firewall and to disable UDP. What’s interesting is how the fundamental workings of the Internet are exploited to create and direct a massive amount of traffic.

We start with a botnet. This is when a bunch of Internet-connected devices are compromised and controlled by a malicious user. This could be a set of specific brand of web camera or printer or computer with unsecured firmware. Once the device is compromised, the malicious user can control the botnet and have it execute code. This code could mine cryptocurrency, upload sensitive data, or create a lot of web traffic directed at a particular server, flooding it with requests and creating a distributed denial of service (DDoS) attack that takes down the server. Since the server can’t distinguish regular traffic from malicious traffic, it can’t filter it out and becomes unresponsive.

This DDoS attack is limited to the size of the botnet’s bandwidth, though. If all the web cameras in the botnet are pounding a server as fast as they can, the botnet has reached its max. The next trick is called an amplification attack, and it exploits UDP. UDP (as opposed to TCP) is like the early post office; you send mail and hope it gets there, and if it doesn’t then oh well. There’s no handshaking between communicating computers. When a device sends a UDP packet to a server, it includes the return address so that the server can send the response back. If the device sends a carefully crafted fake request with a different return address, then the server will send the response to that spoofed return address.

So if the web camera sends a request to Server A and the response is sent to Server B, then Server A is unintentionally attacking Server B. If the request is the same size as the response, then there’s no benefit to this attack. If the request is smaller than the response, and Server A sends Server B a bunch of unrequested data for every request from the camera, then you have a successful amplification attack. In the case of memcached, traffic can be amplified by more than 50,000 times, meaning that a small botnet can have a huge effect.

Memcached is a memory caching system whose primary use is to help large websites by caching data that would otherwise be stored in a database or API, so it really shouldn’t be publicly accessible anyway.  And the solution is to turn off public-facing memcached over UDP, but the larger solution is to think about what things you are making available to the Internet, and how they can be used maliciously.

Bye Bye, Maplin

March 1, 2018 by 97 Comments

Well, that was quick. Four days ago we mentioned that the British electronics retail chain Maplin was being offered for sale, and today it has been announced that no buyer has been found and the company is going into administration.

We dealt with all the nostalgia for what was roughly a British equivalent to Radio Shack in our previous post. Perhaps now it’s time to look beyond the jumpers-for-goalposts reminiscences about spaceships on the catalogues for a moment, and consider what this means for us in 2018.

It’s fairly obvious that a retail model for selling either electronic tat or components is no longer viable in an age of online ordering and availability of almost anything at knock-down prices for anyone prepared to wait for a packet from China. This applies on both sides of the Atlantic, but for British retailers, the killer combination of very high rents and local business taxes makes it particularly difficult. Maplin were extremely convenient when you needed a part immediately, but the universal reaction from Hackaday readers was that they were overpriced. It’s the same story that has cleared away numerous chains in other sectors, and the toxic view that retail property is still the goldmine it might have been in decades past is largely responsible.

Despite all that, there must still be some demand for electronic components at a retail level even if the economics no longer support a showroom model. Perhaps a trade counter operation might have better luck, it will be interesting to see whether suppliers such as RS Components or CPC expand their networks to try to capture that business. Whatever happens, we’ll keep you posted.

Cheap And Easy Helmet Lights For The Kids

February 28, 2018 by 31 Comments

Bikes are a great way to get around and get exercise at the same time, and are widely popular with human children due to the fact that they’re generally not allowed to drive. However, riding on or next to the road can be dangerous, particularly at night, when even adults on bikes are hard to see. It’s far worse for the youngest children, who can be incredibly small and difficult to spot. [Patrick]’s children enjoy riding, but it can get a little sketchy at night, so he developed a solution.

The project relies on cheap, commonly available LED strip lights. Rather than any fancy addressable strips, these are just simple strings of LEDs with current limiting resistors already fitted in a convenient, adhesive backed format. This makes the job as easy as peeling off the backing tape, sticking the strips to the helmet, and providing a power source. In clsasic entry-level hack style, everything’s running off a single 9V battery. Is it as versatile as a rechargable lithium pack with integrated controller? No, but it’s a swift way to get a project off the ground.

The trick here isn’t so much the hardware side of things – there’s nothing fancy about a battery and some LEDs. The key here is that [Patrick] identified that his children are small and difficult to see, thus it made sense to fit helmet lights rather then more typical bike lights to make them more visible to surrounding traffic.

For something at the other end of the spectrum, check out this amazingly professional LED bike light.

Continue reading “Cheap And Easy Helmet Lights For The Kids”

Microsoft Quantum Simulator Goes To Linux And Mac

February 28, 2018 by 13 Comments

Everyone seems to be gearing up for the race to be the king of quantum computers. The latest salvo is Microsoft’s, they have announced that their quantum simulator will now run on macOS and Linux, with associated libraries and examples that are now fully open source. They have produced a video about the new release, which you can see below.

Microsoft also claims that their simulator is much faster than before, especially on large simulations. Of course, really large simulations suffer from memory problems, not speed problems. You can run their simulator locally or on their Azure cloud.

Continue reading “Microsoft Quantum Simulator Goes To Linux And Mac”

Monitor Power Consumption Of Low-Power Devices

February 28, 2018 by 14 Comments

Perhaps the most important consideration to make when designing a battery-operated device of any kind is the power consumption. Keeping it running for longer between battery changes is often a key design point. To that end, if you need to know how small programming changes will impact the power consumption of your device then [Daniel] has a great tool that you might find helpful: an ESP8266-based live power meter.

The power meter itself is battery-powered via a 600 mAh battery and monitors an e-paper module, which also displays information about power consumption. It runs using a NodeMCU and measures voltage and current across a 100-ohm resistor to calculate the power use, although the resolution does start to get noisy when the device is in standby/sleep mode. One presumes this could be solved by changing the value of the resistor in order to get more accurate measurements at the expense of losing accuracy during moments of high power consumption.

While this power monitor was built specifically to monitor power consumption on this particular e-paper display project, it should be easily portable into other battery-based systems that need fine tuning in order to maximize battery life. As a bonus, the display is already included in the project. There are ways of getting even more information about your battery usage, although if power consumption is important than you may want to stick with a more straightforward tool like this one.

FPGA Calculator Uses Joystick

February 28, 2018 by 10 Comments

FPGAs are great fun, but sometimes you need a few starter projects under your belt. These projects might be something you could just as well do with a CPU, but you have to start somewhere. [LambdaPI] recently shared a 4-bit calculator created using an FPGA, and you can see it in the video below.

The calculator uses a Papilio FPGA board and a LogicStart accessory board for the display and switches. The Papilio normally uses schematic-based entry and Arduino code, but [LambdaPI] used VHDL. You enter the two 4-bit numbers on the 8 switches and then the joystick selects one of four operations (add, subtract, multiply, and divide).

Continue reading “FPGA Calculator Uses Joystick”