Llama.ttf Is AI, In A Font

June 26, 2024 by Elliot Williams 6 Comments

It’s a great joke, and like all great jokes it makes you think. [Søren Fuglede Jørgensen] managed to cram a 15 M parameter large language model into a completely valid TrueType font: llama.ttf. Being an LLM-in-a-font means that it’ll do its magic across applications – in your photo editor as well as in your text editor.

What magic, we hear you ask? Say you have some text, written in some non-AI-enabled font. Highlight that, and swap over to llama.ttf. The first thing it does is to change all “o” characters to “ø”s, just like [Søren]’s parents did with his name. But the real magic comes when you type a length of exclamation points. In any normal font, they’re just exclamation points, but llama.ttf replaces them with the output of the TinyStories LLM, run locally in the font. Switching back to another font reveals them to be exclamation points after all. Bønkers!

This is all made possible by the HarfBuzz font extensions library. In the name of making custom ligatures and other text shaping possible, HarfBuzz allows fonts to contain Web Assembly code and runs it in a virtual machine at rendering time. This gives font designers the flexibility to render various Unicode combinations as unique glyphs, which is useful for languages like Persian. But it can just as well turn all “o”s into “ø”s or run all exclamation points through an LLM.

Something screams mischief about running arbitrary WASM while you type, but we remind you that since PostScript, font rendering engines have been able to run code in order to help with the formatting problem. This ability was inherited by PDF, and has kept malicious PDFs in the top-10 infiltration vectors for the last fifteen years. [Citation needed.] So if you can model a CPU in PDF, why not an LLM in TTF? Or a Pokemon clone in an OpenType font?

We don’t think [Søren] was making a security point here, we think he was just having fun. You can see how much fun in his video demo embedded below.

Continue reading “Llama.ttf Is AI, In A Font” →

FLOSS Weekly Episode 789: You Can’t Eat The Boards

June 26, 2024 by Jonathan Bennett No comments

This week Jonathan Bennett and Doc Searls chat with Igor Pecovnik and Ricardo Pardini about Armbian, the Debian-based distro tailor made for single-board computers. There’s more than just Raspberry Pi to talk about, with the crew griping about ancient vendor kernels, the less-than-easy ARM boot process, and more!

Continue reading “FLOSS Weekly Episode 789: You Can’t Eat The Boards” →

Decoding Meshtastic With GNU Radio

June 26, 2024 by Al Williams 21 Comments

Meshtastic is a way to build mesh networks using LoRa that is independent of cell towers, hot spots or traditional repeaters. It stands to reason that with an SDR and GNU Radio, you could send and receive Meshtastic messages. That’s exactly what [Josh Conway] built, and you can see a video about the project, Meshtastic_SDR, below. The video is from [cemaxecuter], who puts the library through its paces.

For hardware, the video uses a Canary I as well as the WarDragon software-defined radio kit which is an Airspy R2 and a mini PC running Dragon OS — a Linux distribution aimed at SDR work — in a rugged case. GNU Radio, of course, uses flows which are really just Python modules strung together with a GUI.

Continue reading “Decoding Meshtastic With GNU Radio” →

As Cheap As Chips: The MiFare Ultra Light Gets A Closer Look

June 26, 2024 by Jenny List 8 Comments

If you take public transport in many of the world’s cities, your ticket will be an NFC card which you scan to gain access to the train or bus. These cards are disposable, so whatever technology they use must be astonishingly cheap. It’s one of these which [Ken Shirriff] has turned his microscope upon, a Montreal Métro ticket, and his examination of the MiFare Ultra Light it contains is well worth a read.

The cardboard surface can be stripped away from the card to reveal a plastic layer with a foil tuned circuit antenna. The chip itself is a barely-discernible dot in one corner. For those who like folksy measurements, smaller than a grain of salt. On it is an EEPROM to store its payload data, but perhaps the most interest lies in the support circuitry. As an NFC chip this has a lot of RF circuitry, as well as a charge pump to generate the extra voltages to charge the EEPROM. In both cases the use of switched capacitors plays a part in their construction, in the RF section to vary the load on the reader in order to transmit data.

He does a calculation on the cost of each chip, these are sold by the wafer with each wafer having around 100000 chips, and comes up with a cost-per-chip of about nine cents. Truly cheap as chips!

If NFC technology interests you, we’ve taken a deep dive into their antennas in the past.

Screenshot of the blog post, showing how you can optimize your battery level measurement resistor dividers, among many other things

Making Your Wireless Keyboard Truly Low-Power

June 26, 2024 by Arya Voronova 46 Comments

The basics of keyboard design are tried and true at this point, but there are still a few aspects yet unconquered. One of them is making your keyboards wireless. You might think it’s easy, but if you just slap a wireless-enabled microcontroller onto your board, you’ll soon be left with a dead battery. Rejoice – [Pete Johanson], creator of ZMK, tells all that you want to know about making your keyboard low-power.

In a lengthy blog post, he goes through everything that a typical keyboard consists of, and points out factor after factor that you never knew could cause a spike in power consumption. Are you using muxes or config options that will force your MCU to always stay alert? Is your voltage regulator’s quiescent current low enough, and can the same be said about other parts you’re using? Does your MCU have to work extra hard transmitting bytes because you’ve put a copper fill under its antenna? Most importantly, is the firmware you’re using designed to optimize power consumption at its core?

If you’ve ever thought about designing low-power keyboards, hell, any low-power device, you seriously should read this post – it will set you at ease by giving you a checklist of things to do, and it also links to quite a few other useful resources, like the ZMK power profiler. Perhaps, if you’re building a wireless keyboard or just creating battery-powered device, you should consider ZMK, as it sure seems to be written with energy efficiency in mind.

Want to learn more about what it takes to build a low-power device? Our 2023 Low-Power Contest attracted a wide range of entrants, and they’ve shared a flurry of methods and tricks you can use to build any sort of battery-juice-sipping gadget.

3D Printering: Adaptive Bed Leveling

June 26, 2024 by Al Williams 23 Comments

Have you ever read about something and thought, “Gee whiz! Why did I never think about that?” That was my reaction to reading about a feature commonly associated with Klipper called adaptive bed leveling or adaptive mesh leveling. Too bad I don’t typically use Klipper, but it all worked out, and I’ll show you how it might work for you.

What Is It?

Once a luxury, most 3D printers now come with some kind of bed level sensor. The idea is that the printer can probe the bed to determine the shape of the build plate and then adjust the build plate accordingly. So if a particular spot on the bed is 0.5 mm too high, the nozzle can rise 0.5 mm when it is in that area. There are several techniques Marlin firmware uses, including what I usually use: UBL. Some people scan the bed once and hope it won’t change much. Others will do a time-consuming scan before each print.

However, adaptive bed leveling is a bit different. The idea is that the printer only probes the area where the part is going to print. If your print bed is 235 mm x 235 mm but your part is 50 mm square, you could just probe the points under the 50 mm square.

This does several things. For a given number of points, there is less motion, so it should be faster. Also, for the same number of points, you will have a much denser mesh and, thus, a better idea of what the bed is at any given point. You could even reduce the number of points based on the size of the part you are printing.

When you think about it, it is a dead simple idea. What’s not to love? For most print jobs, you’ll have less work for the printer, faster prints, and a denser mesh. But how do you do it?

Continue reading “3D Printering: Adaptive Bed Leveling” →

Bats Can No Longer Haunt Apple VR Headsets Via Web Exploit

June 26, 2024 by Donald Papp 33 Comments

Bug reporting doesn’t usually have a lot of visuals. Not so with the visionOS bug [Ryan Pickren] found, which fills a user’s area with screeching bats after visiting a malicious website. Even better, closing the browser doesn’t get rid of them! Better still? Doesn’t need to be bats, it could be spiders. Fun!

The bug has been fixed, but here’s how it worked: the Safari browser build for visionOS allowed a malicious website to fill the user’s 3D space with animated objects without interaction or permission. The code to trigger this is remarkably succinct, and is actually a new twist on an old feature: Apple AR Quick Look, an HTML-based feature for rendering 3D augmented reality content in Safari.

Leveraging this old feature is what lets an untrusted website launch an arbitrary number of animated 3D objects — complete with sound — into a user’s virtual space without any interaction from the user whatsoever. The icing on the cake is that Quick Look is a separate process, so closing Safari doesn’t get rid of the pests.

Providing immersive 3D via a web browser is a valuable way to deliver interactive content on both desktops and VR headsets; a good example is the fantastic virtual BBC Micro which uses WebXR. But on the Apple Vision Pro the user is always involved and there are privacy boundaries that corral such content. Things being launched into a user’s space in an interaction-free way is certainly not intended behavior.

The final interesting bit about this bug (or loophole) was that in a way, it defied easy classification and highlights a new sort of issue. While it seems obvious from a user experience and interface perspective that a random website spawning screeching crawlies into one’s personal space is not ideal, is this a denial-of-service issue? A privilege escalation that technically isn’t? It’s certainly unexpected behavior, but that doesn’t really capture the potential psychological impact such bugs can have. Perhaps the invasion of personal space and user boundaries will become a quantifiable aspect of bugs in these new platforms. What fun.