Cheap WiFi Devices Are Hardware Hacker Gold

January 27, 2016 by 51 Comments

Cheap consumer WiFi devices are great for at least three reasons. First, they almost all run an embedded Linux distribution. Second, they’re cheap. If you’re going to break a couple devices in the process of breaking into the things, it’s nice to be able to do so without financial fears. And third, they’re often produced on such low margins that security is an expense that the manufacturers just can’t stomach — meaning they’re often trivially easy to get into.

Case in point: [q3k] sent in this hack of a tiny WiFi-enabled SD card reader device that he and his compatriots [emeryth] and [informatic] worked out with the help of some early work by [Benjamin Henrion]. The device in question is USB bus-powered, and sports an SD card reader and an AR9331 WiFi SOC inside. It’s intended to supply wireless SD card support to a cell phone that doesn’t have enough on-board storage.

The hack begins with [Benajmin] finding a telnet prompt on port 11880 and simply logging in as root, with the same password that’s used across all Zsun devices: zsun1188. It’s like they want to you get in. (If you speak Chinese, you’ll recognize the numbers as being a sound-alike for “want to get rich”. So we’ve got the company name and a cliché pun. This is basically the Chinese equivalent of “password1234”.) Along the way, [Benjamin] also notes that the device executes arbitrary code typed into its web interface. Configure it to use the ESSID “reboot”, for instance, and the device reboots. Oh my!

zsun_gpio_bootstrap_annotFrom here [q3k] and co. took over and ported OpenWRT to the device and documented where its serial port and GPIOs are broken out on the physical board. But that’s not all. They’ve also documented how and where to attach a wired Ethernet adapter, should you want to put this thing on a non-wireless network, or use it as a bridge, or whatever. In short, it’s a tiny WiFi router and Linux box in a package that’s about the size of a (Euro coin | US quarter) and costs less than a good dinner out. Just add USB power and you’re good to go.

Nice hack!

TP-LINK’s WiFi Defaults To Worst Unique Passwords Ever

January 27, 2016 by 82 Comments

This “security” is so outrageous we had to look for hidden cameras to make sure we’re not being pranked. We don’t want to ruin the face-palming realization for you, so before clicking past the break look closely at the image above and see if you can spot the exploit. It’s plain as day but might take a second to dawn on you.

The exploit was published on [Mark C.’s] Twitter feed after waiting a couple of weeks to hear back from TP-LINK about the discovery. They didn’t respond so he went public with the info.

Continue reading “TP-LINK’s WiFi Defaults To Worst Unique Passwords Ever”

3D Printer Tool: Set Your Extruder Steps With Ease

January 27, 2016 by 25 Comments
My printer has other issues that i'm still tuning out, but the warping in PLA and excessive surface roughness has all the signs of over extrusion.
My printer has other issues that I’m still tuning out, but the warping in PLA and excessive surface roughness has all the signs of over extrusion.

I have an old Prusa i2 that, like an old car, has been getting some major part replacements lately after many many hours of service. Recently both the extruder and the extruder motor died. The extruder died of brass fill filament sintering to the inside of the nozzle (always flush your extruder of exotic filaments). The motor died at the wires of constant flexing. Regardless, I replaced the motors and found myself with an issue; the new motor and hotend (junk motor from the junk bin, and an E3D v6, which is fantastic) worked way better and was pushing out too much filament.

The hotend, driver gear, extruder mechanics, back pressure, motor, and plastic type all work together to set how much plastic you can push through the nozzle at once. Even the speed at which the plastic is going through the nozzle can change how much friction that plastic experiences. Most of these effects are somewhat negligible. The printer does, however, have a sort of baseline steps per mm of plastic you can set.

The goal is to have a steps per mm that is exactly matched to how much plastic the printer pushes out. If you say 10mm, 10mm of filament should be eaten by the extruder. This setting is the “steps per mm” in the firmware configuration. This number should be close to perfect. Once it is, you can tune it by setting the “extrusion multiplier” setting in most slicers when you switch materials, or have environmental differences to compensate for.

This little guy lets you tune the steps per mm exactly.
This little guy lets you tune the steps per mm exactly.

The problem comes in measuring the filament that is extruded. Filament comes off a spool and is pulled through an imprecisely held nozzle in an imprecisely made extruder assembly. On top of all that, the filament twists and curves. This makes it difficult to hold against a ruler or caliper and get a trustworthy measurement.

I have come up with a little measuring device you can make with some brass tubing, sandpaper, a saw (or pipe cutter), a pencil torch, solder, and some calipers. To start with, find two pieces of tubing. The first’s ID must fit closely with the filament size you use. The second tube must allow the inside tubing to slide inside of it closely. A close fit is essential.

Continue reading “3D Printer Tool: Set Your Extruder Steps With Ease”

Augmented Reality Becomes Useful, Real

January 27, 2016 by 38 Comments

The state of augmented reality is terrible. Despite everyone having handheld, portable computers with high-resolution cameras, no one has yet built ‘Minecraft with digital blocks in real life’, and the most exciting upcoming use for augmented reality is 3D Dungeons and Dragons. There are plenty of interesting things that can be done with augmented reality, the problem is someone needs to figure out what those things are. Lucky for us, the MIT Media Lab knocked it out of the park with the ability to program anything through augmented reality.

The Reality Editor is a simple idea, but one that is extraordinarily interesting. Objects all around you are marked with a design that can be easily read by a smartphone running a computer vision application. In augmented reality, these objects have buttons and dials that can be used to turn on a lamp, open a car’s window, or any other function that can be controlled over the Internet. It’s augmented reality buttons for everything.

This basic idea is simple, but by combining it by another oft-forgotten technology from the 90s, we get something really, really cool. The buttons on each of the objects can be connected together with a sort of graphical programming language. Scan a button, connect the button to a lamp, and you’re able to program the lamp with augmented reality.

The Reality Editor is already available on the Apple app store, and there are a number of examples available for people to start tinkering with this weird yet interesting means of interacting with the world. If you’ve ever wondered how we’re going to interact with the Internet of Things, there you have it. Video below.

Continue reading “Augmented Reality Becomes Useful, Real”

A Tale Of Two (Sub $100) Oscilloscopes

January 27, 2016 by 44 Comments

Hi, I’m Al, and I’m an oscilloscope-holic. Just looking around my office, I can count six oscilloscope or oscilloscope-like devices. There are more in my garage. If you count the number of scopes I’ve owned (starting with an old RCA scope with a round tube and a single vertical scale), it would be embarrassing.

On the other hand, if you are trying to corral electrons into doing useful things, a scope is a necessity. You can’t visualize what’s happening in a circuit any better than using an oscilloscope. Historically, the devices were expensive and bulky. I’ve had many Tektronix and HP scopes that stayed in one place, and you brought what you were working on to them (sometimes called a “boat anchor”). It wasn’t that long ago that one of my vintage Tek scopes had its own dedicated cart so I could wheel it to where it was needed.

These days, scopes are relatively cheap, depending on what you have in mind for performance. They are also highly portable, which is nice. In fact, it is an indication of how spoiled I’ve become that my main bench scope–a Rigol DS1104Z–weighs seven pounds, yet I still look for something smaller for quick jobs.

That’s how I came into possession of two cheap scopes I wanted to talk about. They are similar in ways but different in others. Neither are going to replace a real bench scope, but if you want something portable, or you are budget-limited, they might be worth a look.

Continue reading “A Tale Of Two (Sub $100) Oscilloscopes”

I Built Myself A 16×20-Inch Camera In 10 Hours

January 27, 2016 by 53 Comments

[Giles Clement] was avoiding work in a bar, nursing a pint, and doodling a sketch for a camera. He looked at his sketch, thought, “gee, that looks better than answering emails,” and called his friend. An hour later they were at home depot buying supplies, and ten hours of furious work later, they had a camera. Nothing gets a project done like avoiding work! (See it all happen before your eyes in the video below the break.)

The camera is built around a 500mm f/4.5 Goerz Dogmar lens from around 1918 and was apparently used for aerial recon out of blimps. The frame of the camera is pine and plywood. [Giles] had heard that building the bellows for these cameras had taken other hobbyists months and thousands of dollars. Rather than elaborately folded fabric, he supported his 6 mil plastic bellows on telescoping rigid rods. To view the image while he’s focusing it, he sanded a plate of glass with 100 grit sandpaper to serve as a view screen.

Once the camera was completed, they prepared the plates and exposed photos. The first step, from what we could tell, was to disregard all chemical safety practices. The second step was pouring a substance called collodion on an unsanded glass plate and tilting the plate back and forth until the whole plate had an even coat on it. Then it was put in a bath of silver nitrate to sensitize. Once sensitized the plate was placed in the frame of the focused camera and an astonishing amount of strobe light emitted. After that it’s back to the chemical baths for more safety hazards. The whole process has to be done under fifteen minutes or the plate cures before it can be used. The photos that come out are seriously cool. It’s no wonder these old styles of photography have seen a comeback.

Continue reading “I Built Myself A 16×20-Inch Camera In 10 Hours”

Robot Solves Rubik’s Cube In Just One Second

January 27, 2016 by 55 Comments

Some of the fastest Rubik’s cube solvers in the world have gotten down to a five second solve — which is quite an incredible feat for a human — but how about one second? Well, [Jay Flatland] and [Paul Rose] just built a robot that can do exactly that.

The robot uses four USB webcams, six stepper motors, and a 3D printed frame. The only modification to the Rubik’s cube are some holes drilled in the center pieces to allow the stepper motors to grip onto them with 3D printed attachments.

The software is running off a Linux machine which feeds the data into a Rubik’s cube algorithm for solving. In approximately one second — the cube is solved.

Continue reading “Robot Solves Rubik’s Cube In Just One Second”