In Paris Buying A 3D Printer Is Cheaper Than Renting Machine Time

August 8, 2016 by 82 Comments

As many of the members of the Brian Benchoff hate/fan club know, the life of a Hackaday writer is nomadic and filled with exciting adventures. Jenny List is actually crime fighting cyborg (think Bond); it’s why she knows so much about electronics. James Hobson is Iron Man. The list goes on. There are lots of unnecessary details, but to summarize: Last month I was living in Washington State, this month I am in Paris, France. It’s really nice here, the buildings are beautiful, the cathedrals stunning, and the food significantly tastier. 

However, as a contracting engineer with a project involving a deadline; I found myself in dire need of a significant amount of quick turn-around 3D printing during my working vacation to France. Through a lot of trial and tribulation, I eventually discovered that the most cost-effective way to get the prints done… was to just buy a cheap 3D printer and run it into the ground.

Appropriately, LVL1 is also home to the world's largest 3D printed trashcan (full of failed 3D prints).
Appropriately, LVL1 is also home to the world’s largest 3D printed trashcan (full of failed 3D prints).

I was spoiled by my hackerspace in Louisville, KY. They had enough 3D printers to go around and the pricing was fixed at 10 cents a gram. For the amount of printing I needed, this would be a perfectly economical arrangement. So, I set out to find a hackerspace in Paris. Whereupon I reached my first and obvious problem; I speak very little French.

Most of the hackerspaces listed in Paris are, as far as I can tell, illegally squatting in a scary part of town, exclusive to a university, exclusive to a business, or closed down.

So, I googled a bit harder. Wow! Apparently a Techshop opened up in Paris. It’s about an hour away from where I live, but having toured a Techshop before, I knew they would have the nice version of the tool I need. So, one morning bright and early I got on the metro and headed over to get a tour of the place.

What I’ve discovered is this: If you need things like a water jet cutter, welding station, or a 50 grand CNC machine, Techshop is a really economical way to get access to and play with tools like that. However, if all you want is access to a laser cutter and a 3D printer, it will set you back five-hundred dollars and you’ll have to jump through some incredibly annoying hoops just to get access to them.

Only a small fee of 400 euros to used these badboys.
Only a small fee of 400 euros to used these bad boys.

See, most pieces of equipment at a Techshop need to be reserved. Only the 150 euro and 300 euro a month membership tiers can reserve equipment. The 150 tier can reserve something for two hours, the 300, four. If you’ve ever 3D printed you can immediately spot the problem with that. For small prints this could be workable, but if you have a lot of large prints four hours is just not enough. However, there is a work around. If you’re willing to take a metro ride late at night, arriving at the Techshop at 10:00pm, you can, of course, run a print overnight.

There were two more glitches in the Techshop plan. To be able to touch the printers required a two-hour course with a 100 euros fee. The filament also ran 65 euro per 500 g. My printing needs would easily cost me tens of hours in travel and had a starting fee of 400 euros to be workable.

The entrance to Usine.io is terrifying. It's this massive pitch black hallway. I had no idea if I was in the right place until I got to the desk.
The entrance to Usine.io is terrifying. It’s this massive pitch black hallway. I had no idea if I was in the right place until I got to the desk.

Now, I’m not saying Techshop isn’t absolutely wonderful when it comes to more advanced tools. It’s probably the only Hackerspace in the world where you’re entitled to expect that the CNC machine is in working order, properly trammed, and there are actually cutting bits for it. However, if all you need is a 3D printer, don’t bother.

Now, I asked around some more and found that there was a competing space in Paris called Usine.io. It had a flat fee of 180 euros a month and the training was free. I actually did end up getting a membership here for access to a CNC and basic tools, but for 3D printing it was a bust. They only had three printers serving a sizable membership base. This left the printers with a 48 hour line to get your print started and a maximum of 40 hours of printing a month. A die-hard user of 3D printing can easily use 40 hours in 3 days. Because I had to test many iterations for my project, my need the next month was easily triple that number.

However, the shop itself is really nicely outfitted.
However, the shop itself is really nicely outfitted.

The last avenue available to me aside from 3D printer ownership was contracting someone with a 3D printer to run my prints for me. However, after asking around I found the service to be quite expensive. Rent isn’t cheap in Paris after all. If I just needed a single small print it would be worth it, but if I needed lots of printing it would quickly add up to be more money than I had.

That left me with one option. Which, honestly, sounded absolutely insane for someone visiting a country for a few months. Buy a printer. It’s an indication of the state of 3D printing that the price has come down so far that buying a printer is more economical than having someone do it for you. Even a few years ago this was not possible. However, European Amazon Prime had a workable enough import printer to my doorstep faster than any commercially available service could even process my order. We’ve come a long way since the Darwin. That’s for sure.

Featured Photo From Famous Paris buildings by LeFabShop

The Terrible Security Of Bluetooth Locks

August 8, 2016 by 53 Comments

Bluetooth devices are everywhere these days, and nothing compromises your opsec more than a bevy of smartphones, smart watches, fitbits, strange electronic conference badges, and other electronic ephemera we adorn ourselves with to make us better people, happier, and more productive members of society.

Bluetooth isn’t limited to wearables, either; deadbolts, garage door openers, and security systems are shipping with Bluetooth modules. Manufacturers of physical security paraphernalia are wont to add the Internet of Things label to their packaging, it seems. Although these devices should be designed with security in mind, most aren’t, making the state of Bluetooth smart locks one of the most inexplicable trends in recent memory.

At this year’s DEF CON, [Anthony Rose] have given a talk on compromising BTLE locks from a quarter-mile away. Actually, that ‘quarter mile’ qualifier is a bit of a misnomer – some of these Bluetooth locks are terrible locks, period. The Kwikset Kevo Doorlock – a $200 deadbolt – can be opened with a flathead screwdriver. Other Bluetooth ‘smart locks’ are made of plastic.

The tools [Anthony] used for these wireless lockpicking investigations included the Ubertooth One, a Bluetooth device for receive-only promiscuous sniffing, a cantenna, a Bluetooth USB dongle, and a Raspberry Pi. This entire setup can be powered by a single battery, making it very stealthy.

The attacks on these Bluetooth locks varied, from sniffing the password sent in plain text to the lock (!), replay attacks, to more advanced techniques such as decompiling the APK used to unlock these smart locks. When all else fails, brute forcing locks works surprisingly well, with quite a few models of smart lock using eight digit pins. Even locks with ‘patented security’ (read: custom crypto, bad) were terrible; this patented security was just an XOR with a hardcoded key.

What was the takeaway from this talk? Secure Bluetooth locks can be made. These locks use proper AES encryption, a truly random nonce, two factor authentication, no hard-coded keys, allow the use of long passwords, and cannot be opened with a screwdriver. These locks are rare. Twelve of the sixteen locks tested could be easily broken. The majority of Bluetooth smart locks are not built with security in mind, which, by the way, is the entire point of a lock.

[Anthony]’s work going forward will concentrate expanding his library of scripts to exploit these locks, and evaluate the Bluetooth locks on ATMs. Yes, ATMs also use Bluetooth locks. The mind reels.

Electroshock Timer Will Speed Up Every Game Of Settlers Of Catan

August 8, 2016 by 6 Comments

The fun of playing Settlers of Catan is only matched by the desire to punch your friend when their turn drags on with endless deliberating. [Alpha Phoenix] has solved that quandary of inefficient play by building the Settlers of Catan: Electroshock Therapy Expansion.

[Alpha Phoenix] is holding back on the details of the device to forestall someone trying this at home and injuring themselves or others, but there’s plenty to glean from his breakdown of how the device works. An Adafruit Trinket microcontroller connects to a single pole 12 throw switch — modified from a double pole six throw rotary switch — to select up to six different players (with the other six positions alternated in as pause spaces) and the shocks are delivered through a simple electrode made from a wire hot glued to HDPE plastic from a milk jug. The power supply is capable of delivering up to 1100V, but the actual output is much less than that, thanks to its built-in impedance of about 2.5M Ohms, as well as added resistance by [Alpha Phoenix].

To define what constitutes a ‘long turn,’ the Trinket calculates the mean of up to the first 100 turn lengths (instead of a static timer to accommodate for the relative skills of the players in each game) and zaps any offending player — and then repeatedly at a set time afterwards — to remind them that they need to pick up the pace.

Continue reading “Electroshock Timer Will Speed Up Every Game Of Settlers Of Catan”

Hackaday Prize Entry: A WiFi Swiss Army Knife

August 7, 2016 by 18 Comments

WiFi is all around us, but if you want to work with this ubiquitous networking protocol, you’ll need to pull out a laptop or smartphone like a caveman. [Daniel] has a better idea. It’ s a simple, compact tool for cracking WiFi passwords or sending deauth packets to everyone at the local Starbucks. It’s an ESP Swiss Army Knife, and a great entry for the Hackaday Prize.

As you would expect, this WiFI Swiss Army Knife is powered by the ESP8266 and features a tiny OLED display and a bunch of buttons for the UI. With this, [Daniel] is able to perform a deauth attack on a network, kicking anyone off the network, provided this device already has the MAC address of the victim.

This tiny wireless tool also has an SD card, making it possible to collect authentication frames for later decryption on a device that actually has the power to crack a network. With a LiPo charge controller and a sufficiently large battery, this tiny device could be left in the corner of an office collecting authentication packets for days until it’s later retrieved, opening up the network to anyone with a sufficiently fast computer. It’s a great build and very useful, making this a great entry for The Hackaday Prize.

The HackadayPrize2016 is Sponsored by:

Two Pins For The Price Of One

August 7, 2016 by 22 Comments
One of the most common problems in the world of microcontrollers is running out of resources. Sometimes it’s memory, where the code must be pared down to fit into the flash on the microcontroller. Other times, as [Fabien] found out when he ran out of pins, the limitations are entirely physical. Not one to give up, he managed to solve the problem by using one pin for two tasks. (Google Translate from French)
During a recent project, [Fabien] realized he had forgotten to add a piezo buzzer to his project. All of the other pins were in use, though, so his goal was to use one of the input pins to handle button presses but to occasionally switch to output mode when the piezo buzzer was needed. After all, the button is only used at certain times, and the microcontroller pin sits unused otherwise. After a few trials, he has a working solution that manages to neither burn out itself nor the components in the circuit, and none of the components interfere with the other’s normal operation.
While it isn’t the most technically advanced thing we’ve ever seen here, it is a great example of using the tools at your disposal to elegantly solve a problem. More than that, though, it’s a thorough look into the details of pull-up and pull-down resistors, how microcontrollers see voltage as logic levels, and how other pieces of hardware interact with microcontrollers of all different types. This is definitely worth a read, especially if you are a beginner in this world.

Hackaday Links: August 7, 2016

August 7, 2016 by 12 Comments

The Starship Enterprise (no bloody A, B, C, or D) recently got a makeover. It was donated to the Smithsonian, and the workers at the Air and Space Museum took it apart and put it back together. Why? It’s the 50th anniversary of TOS. Hopefully the new show will be using some practical effects.

After years of trying, we’ve finally attained max buzzword. Here’s a pentesting hacker quadcopter drone, “a hacker’s laptop that can fly.” Why would anyone do this? Because, “You need to be close to the wireless signal to be able to read it. [Danger Drone] removes that barrier of physical access.” For just $500, you can do the same thing a coat hanger yagi can do. Amazing.

Q2 reports for 3D printer companies! Lulzbot is going gangbusters yet again. We’re looking at the greatest success of Open Source Hardware here. Stratasys, on the other hand, lost less money in Q2 2016. That’s their good news.

About a year ago, we heard about an LCD that was one inch high and ten inches long. That’s bizarre, but great for rackmount gear. The company behind this weird LCD is updating this weird and wonderful LCD and giving it touchscreen capability.

On this week’s edition of, ‘you’re going to cut your arm off with that thing’, here’s an angle grinder converted into a chainsaw.

A few weeks ago, we posted a link to this video, demonstrating an absurdly clever method for creating a mold for a fiberglass dome. You can just use a pendulum and a pile of dirt. Now, the mold for this fiberglass dome is complete. [J Mantzel] has already pulled 1/8th of his gigantic fiberglass sphere out of his mold, and there are only seven more to go. After that, he’ll find out if these sphere sections actually line up.

UK peeps! Hackaday and Tindie are doing a London Meetup! Details to come, but follow the event page on Hackaday.io.

I arrived in Vegas a day (or two) early for DEF CON. Instead of contemplating the banality of existence on the strip, I decided on a meetup at the grave of James T. Kirk. The meetup was a huge success. Walking two miles in 115° heat was not a great idea, but I didn’t die.

DNS Tunneling: Getting The Data Out Over Other Peoples’ WiFi

August 7, 2016 by 65 Comments

[KC Budd] wanted to make a car-tracking GPS unit, and he wanted it to be able to phone home. Adding in a GSM phone with a data plan would be too easy (and more expensive), so he opted for the hacker’s way: tunneling the data over DNS queries every time the device found an open WiFi hotspot. The result is a device that sends very little data, and sends it sporadically, but gets the messages out.

This system isn’t going to be reliable — you’re at the mercy of the open WiFi spots that are in the area. This certainly falls into an ethical grey zone, but there’s very little harm done. He’s sending a 16-byte payload, plus the DNS call overhead. It’s not like he’s downloading animated GIFs of cats playing keyboards or something. We’d be stoked to provide this service to even hundreds of devices per hour, for instance.

If you’re new here, the idea of tunneling data over DNS requests is as old as the hills, or older, and we’ve even covered this hack before in different clothes. But what [KC] adds to the mix is a one-stop code shop on his GitHub and a GPS application.

Why don’t we see this being applied more in your projects? Or are you all tunneling data over DNS and just won’t admit it in public? You can post anonymously in the comments!