The Trouble With Intel’s Management Engine

January 22, 2016 by 93 Comments

Something is rotten in the state of Intel. Over the last decade or so, Intel has dedicated enormous efforts to the security of their microcontrollers. For Intel, this is the only logical thing to do; you really, really want to know if the firmware running on a device is the firmware you want to run on a device. Anything else, and the device is wide open to balaclava-wearing hackers.

Intel’s first efforts toward cryptographically signed firmware began in the early 2000s with embedded security subsystems using Trusted Platform Modules (TPM). These small crypto chips, along with the BIOS, form the root of trust for modern computers. If the TPM is secure, the rest of the computer can be secure, or so the theory goes.

The TPM model has been shown to be vulnerable to attack, though. Intel’s solution was to add another layer of security: the (Intel) Management Engine (ME). Extremely little is known about the ME, except for some of its capabilities. The ME has complete access to all of a computer’s memory, its network connections, and every peripheral connected to a computer. It runs when the computer is hibernating, and can intercept TCP/IP traffic. Own the ME and you own the computer.

There are no known vulnerabilities in the ME to exploit right now: we’re all locked out of the ME. But that is security through obscurity. Once the ME falls, everything with an Intel chip will fall. It is, by far, the scariest security threat today, and it’s one that’s made even worse by our own ignorance of how the ME works.

Continue reading “The Trouble With Intel’s Management Engine”

A Power Switch For The Chromecast

January 22, 2016 by 17 Comments

Chromecasts are fantastic little products, they’re basically little HDMI sticks you can plug into any monitor or TV, and then stream content using your phone or computer as the controller. They are powered by a micro USB port in the back, and if you’re lucky, your TV has a port you can suck the juice off. But what if you want to turn it off while you use a different input on your TV so that your monitor will auto-sleep? You might have to build a power switch.

Now in all honesty, the Chromecast gets hot but the amount of power it draws when not in use is still pretty negligible compared to the draw of your TV. Every watt counts, and [Ilias] took this as an opportunity to refine his skills and combine a system using an Arduino, Bluetooth, and Android to create a robust power switch solution for the Chromecast.

The setup is rather simple. An HC-05 Bluetooth module is connected to an Attiny85, with some transistors to control a 5V power output. The Arduino takes care of a bluetooth connection and uses a serial input to control the transistor output. Finally, this is all controlled by a Tasker plugin on the Android phone, which sends serial messages via Bluetooth.

All the information you’ll need to make one yourself is available at [Ilias’] GitHub repository. For more information on the Chromecast, why not check out our review from almost three years ago — it’s getting old!

Pack Your Plywood Cuts With Genetic Algortihms

January 22, 2016 by 42 Comments

Reading (or writing!) Hackaday, we find that people are often solving problems for us that we didn’t even know that we had. Take [Jack Qiao]’s SVGnest for instance. If you’ve ever used a laser cutter, for instance, you’ve probably thought for a second or two about how to best pack the objects into a sheet, given it your best shot, and then moved on. But if you had a lot of parts, and their shapes were irregular, and you wanted to minimize materials cost, you’d think up something better.

SVGnest, which runs in a browser, takes a bunch of SVG shapes and a bounding box as an input, and then tries to pack them all as well as possible. Actually optimizing the placement is a computationally expensive proposition, and that’s considering the placement order to be fixed and allowing only 90 degree rotations of each piece.

Once you consider all the possible orders in which you place the pieces, it becomes ridiculously computationally expensive, so SVGnest cheats and uses a genetic algorithm, which essentially swaps a few pieces and tests for an improvement many, many times over. Doing this randomly would be silly, so the routine packs the biggest pieces first, and then back-fills the small ones wherever they fit, possibly moving the big ones around to accommodate.

That’s a lot of computational work, but the end result is amazing. SVGnest packs shapes better than we could ever hope to, and as well as some commercial nesting software. Kudos. And now that the software is written, as soon as you stumble upon this problem yourself, you have a means to get to the solution. Thanks [Jack]!

Screen Printing Electroluminescent T-Shirts From Tron

January 21, 2016 by 14 Comments

Travel around to enough security conferences, faires, and festivals, and you’ll see some crazy wearable electronics. Most of them blink, and most of them use LEDs. Electroluminescent panels are used for wearables, but that’s a niche – the panels are a little expensive, and you have to deal with high frequency AC instead of the much simpler, ‘plug in a LiPo here’ circuit LED-based wearables have to contend with.

Still, electroluminescent panels are cool, and thanks to how EL panels are made, you can screen print EL displays. That’s what some of the guys at AMBRO Manufacturing did recently: screen printing electroluminescent lights directly onto garments. It’s t-shirts from Tron made real.

EL panels and EL wire are really only three separate parts: a conductor of some sort, a phosphor, and another conductor. Pass a high-frequency AC current through the conductors, and the phosphor lights up. With EL wire, it’s a thick copper wire clad in phosphor and wrapped in a very fine copper wire. EL displays are made with conductive ITO-coated glass or plastic. It’s a relatively simple construction, and one that is perfectly suited for screen printing. In fact, one of the first EL displays – the DSKY, the user interface for the Apollo Guidance Computer – used screen printed seven-segment EL displays.

The folks at AMBRO only have a proof of concept right now, but it is a completely screen printed electroluminescent design on fabric. To light it up, the t-shirt will need an inverter, but this is the beginnings of t-shirts from Tron.

Video below.

Continue reading “Screen Printing Electroluminescent T-Shirts From Tron”

Test Drive Your New Programming Font

January 21, 2016 by 43 Comments

After hour and hours spent in front of a terminal or IDE, a user begins to build a list of infuriating little things. That one pop-up box that happens every time you press that button by mistake. The noise the software makes when the compile fails. Or the horrible reality that your code just crashed because there wasn’t enough difference between uppercase ‘O’ and a zero. In comes the programming font.

The typical way to find a programming font is to troll forums for a user with a similar problem and see if they have a workable solution. [Koen Lageveen] went out and found nearly all of the free programming fonts out there and compiled a list. He then took one more step and wrote a web app that lets you test them out. Hopefully this will help those in the very real struggle for the perfect programming font. You can try out the tool for yourself, and if you really like it [Koen] has all the code up for it on his GitHub.

[via Hacker News]

Fail Of The Week : Watt A Loss

January 21, 2016 by 27 Comments

This one is a bit dated, but the lessons are still relevant. [Zach Hoeken] posted about the challenges he faced building a CNC stepper driver. He was experimenting with Toshiba motor drivers back in 2012.

The modular motor driver boards he built were based on the THB6064AH – capable of 1/64th step, and 4.5 Amps at up to 50V. [Zach] built a test jig to run the boards through their paces. A couple of messed tracks was the least of his problems – easily fixed by cutting traces and using jumper wires to correct the errors. But the header footprints for the motor drive boards got reversed. The only way out was to solder the headers on the back side.

LESSON : Always check footprint orientation and pin numbering before sending boards to fab.

The surprising part was when someone as experienced as [Zach] messed up on Ohms Law. Based on the current he wanted the motors to run at, his sense resistors needed to be 3.2W, but he’d used SMD footprints (0805 likely) instead. Those tiny resistors couldn’t be used at all, and the 5W resistors plonked on looked like an ugly hack.

Continue reading “Fail Of The Week : Watt A Loss”

Digital Clock + IPhone Dock

January 21, 2016 by 7 Comments

[Pinky_chi] was looking for a project to make for his girlfriend, and settled on a rather fantastic piece of woodworking — a digital clock, with an iPhone dock for her phone.

LED ClockHe built the enclosure completely out of walnut, which gives it a very refined and polished look; we’re quite impressed with his woodworking skills. The cool thing about this digital clock is that he used individual LEDs to create both the digital 7-segment displays, and a ring of LEDs around it to denote the hour.

On the back are three buttons. One to change the hour, the minute, and a temperature button. By holding down the temperature button, the display will display the current room temperature — he added this because the RTC device (a DS3231) has a built-in thermometer — so why not?

Choosing a favorite LED clock on Hackaday is like picking a favorite child — we love them all — but this Star Gate themed clock from a few years ago is great — check it out!

[via r/DIY]