Weightless IoT Hardware Virtually Unavailable

December 28, 2015 by 36 Comments

It has been over 2 years since we last mentioned the Weightless SIG and their claims of an IoT open standard chip with a 10 year battery life and 10km wireless range, all at a jaw dropping price of $2 per chip. There was a planned production run of the 3rd gen chips which I would suspect went to beta testers or didn’t make it into production since we didn’t hear anything else, for years.

Recently, a company called nwave began producing dev-kits using the Weightless Technology which you can see in the banner image up top. Although the hardware exists it is a very small run and only available to members of the development team. If you happen to have been on the Weightless mailing list when the Weightless-N SDK was announced there was an offer to get a “free” development board to the first 100 development members. I use bunny ears on free because in order to become a member of the developer team you have to pay a yearly fee of £900. Don’t abrasively “pffffft” just yet, if you happened to be one first 100 there was an offer for developers that came up with a product and submitted it back for certification to get their £900 refunded to them. It’s not the best deal going, but the incentive to follow through with a product is an interesting take.

Continue reading “Weightless IoT Hardware Virtually Unavailable”

What Can Happen When You Do Try This At Home

December 28, 2015 by 25 Comments

In somewhat of a countdown format, [John McMaster] looked back over the last few years of projects and documented the incidents he’s suffered (and their causes) in the course of doing cool stuff.

[John] starts us off easy — mis-wiring and consequently blowing up a 400V power supply. He concludes “double-check wiring, especially with high power systems”. Other tips and hazards involve situations in which we seldom find ourselves: “always check CCTV” before entering the experiment chamber of a cyclotron to prevent getting irradiated. Sounds like good advice.

hotplate[John] also does a lot of IC decapping, which can involve both heat and nasty acids. His advice includes being ready for large spills with lots of baking soda on hand, and he points out the need to be much more careful with large batches of acid than with the usual smaller ones. Don’t store acid in unfamiliar bottles — all plastics aren’t created equal — and don’t store any of it in your bedroom.

The incidents are listed from least to most horrible, and second place goes to what was probably a dilute Hydrofluoric acid splash. Keyword: necrosis. First place is a DIY Hydrochloric acid fabrication that involves, naturally, combining pure hydrogen and chlorine gas. What could possibly go wrong?

Anyway, if you’re going to do “this” at home, and we know a bunch of you are: be careful, be protected, and be prepared.

Thanks [J. Peterson] for the tip!

V8 Javascript Fixes (Horrible!) Random Number Generator

December 28, 2015 by 59 Comments

According to this post on the official V8 Javascript blog, the pseudo-random number generator (PRNG) that V8 Javascript uses in Math.random() is horribly flawed and getting replaced with something a lot better. V8 is Google’s fast Javascript engine that they developed for Chrome, and it’s used in Node.js and basically everywhere. The fact that nobody has noticed something like this for the last six years is a little bit worrisome, but it’s been caught and fixed and it’s all going to be better soon.

In this article, I’ll take you on a trip through the math of randomness, through to pseudo-randomness, and then loop back around and cover the history of the bad PRNG and its replacements. If you’ve been waiting for an excuse to get into PRNGs, you can use this bizarre fail and its fix as your excuse.

But first, some words of wisdom:

Any one who considers arithmetical methods of producing random digits is, of course, in a state of sin. For, as has been pointed out several times, there is no such thing as a random number — there are only methods to produce random numbers, and a strict arithmetic procedure of course is not such a method.
John von Neumann

John von Neumann was a very smart man — that goes without saying. But in two sentences, he conveys something tremendously deep and tremendously important about random variables and their mathematical definition. Indeed, when you really understand these two sentences, you’ll understand more about randomness than most everyone you’ll meet.

Continue reading “V8 Javascript Fixes (Horrible!) Random Number Generator”

Is Robot Butter Better Butter?

December 28, 2015 by 27 Comments

Humans have been making butter for thousands of years. If you have a cooperative cow or sheep and a means to agitate her milk, butter is not far behind. So why would you employ a $15,000 industrial robot to make butter? Because – robot butter!

Actually, Robutter is a design experiment by [Stephan], [Philipp], and [Jonas] to explore where craft ends and industrial processes begin, and to see how automation adds or removes values from traditional products. It’s a fair question, given that butter can be churned with everything from animal skins to massive continuous churns. So the team programmed [DIRK], a Fanuc LR Mate 200ic which is normally more at home on an assembly line, to carefully agitate a container of cream. After a bit of fiddling they found the optimal position and movements to produce a delicate butter that looks pretty tasty. The video after the break shows the process and the results, but sadly there’s no taste test of the Robutter against grocery store butter.

It may come as a surprise that Hackaday appears never to have featured a butter making project before. Sure, we’ve got a lot of food hacks, most of which seem to involve beer or coffee. But we did run across a recent article on a buttermilk pancake-making robot that you might like to check out.

Continue reading “Is Robot Butter Better Butter?”

32C3: Towards Trustworthy X86 Laptops

December 28, 2015 by 38 Comments

Security assumes there is something we can trust; a computer encrypting something is assumed to be trustworthy, and the computer doing the decrypting is assumed to be trustworthy. This is the only logical mindset for anyone concerned about security – you don’t have to worry about all the routers handling your data on the Internet, eavesdroppers, or really anything else. Security breaks down when you can’t trust the computer doing the encryption. Such is the case today. We can’t trust our computers.

In a talk at this year’s Chaos Computer Congress, [Joanna Rutkowska] covered the last few decades of security on computers – Tor, OpenVPN, SSH, and the like. These are, by definition, meaningless if you cannot trust the operating system. Over the last few years, [Joanna] has been working on a solution to this in the Qubes OS project, but everything is built on silicon, and if you can’t trust the hardware, you can’t trust anything.

And so we come to an oft-forgotten aspect of computer security: the BIOS, UEFI, Intel’s Management Engine, VT-d, Boot Guard, and the mess of overly complex firmware found in a modern x86 system. This is what starts the chain of trust for the entire computer, and if a computer’s firmware is compromised it is safe to assume the entire computer is compromised. Firmware is also devilishly hard to secure: attacks against write protecting a tiny Flash chip have been demonstrated. A Trusted Platform Module could compare the contents of a firmware, and unlock it if it is found to be secure. This has also been shown to be vulnerable to attack. Another method of securing a computer’s firmware is the Core Root of Trust for Measurement, which compares firmware to an immutable ROM-like memory. The specification for the CRTM doesn’t say where this memory is, though, and until recently it has been implemented in a tiny Flash chip soldered to the motherboard. We’re right back to where we started, then, with an attacker simply changing out the CRTM chip along with the chip containing the firmware.

But Intel has an answer to everything, and to the house of cards for firmware security, Intel introduced their Management Engine. This is a small microcontroller running on every Intel CPU all the time that has access to RAM, WiFi, and everything else in a computer. It is security through obscurity, though. Although the ME can elevate privileges of components in the computer, nobody knows how it works. No one has the source code for the operating system running on the Intel ME, and the ME is an ideal target for a rootkit.

trustedstickIs there hope for a truly secure laptop? According to [Joanna], there is hope in simply not trusting the BIOS and other firmware. Trust therefore comes from a ‘trusted stick’ – a small memory stick that contains a Flash chip that verifies the firmware of a computer independently of the hardware in a computer.

This, with open source firmwares like coreboot are the beginnings of a computer that can be trusted. While the technology for a device like this could exist, it will be a while until something like this will be found in the wild. There’s still a lot of work to do, but at least one thing is certain: secure hardware doesn’t exist, but it can be built. Whether secure hardware comes to pass is another thing entirely.

You can watch [Joanna]’s talk on the 32C3 streaming site.

An Actual Working Hoverboard

December 27, 2015 by 79 Comments

What with 2015 being the apparent “year of the hoverboard”, we have a final contender before the year ends. It’s called the ArcaBoard from ArcaSpace, A private space company. And it doesn’t use magnets, or superconductors, or any smoke and mirrors — just a whole lot of ducted fans.

Thirty-six of them to be precise. The ArcaBoard uses 36 electric motors with an apparent 7.55HP each, powered by a massive bank of lithium ion batteries. Together, they produce 430 pounds of thrust, which allows most riders to float around quite easily. Even with that huge power drain, it apparently lasts for a whole 20 minutes, which is pretty impressive considering its size.

Continue reading “An Actual Working Hoverboard”

Pewter Casting With PLA

December 27, 2015 by 12 Comments

Over on Hackaday.io, [bms.had] is showing his technique for 3D printing molds that he uses to cast (lead-free) pewter objects. The process looks simple enough, and if you have a 3D printer, you only need some lead-free pewter, a cheap toaster oven, and PLA filament. He’s made two videos (below) that do an excellent job of showing the steps required.

Even though the pewter is hot enough to melt the PLA, it doesn’t appear to be a major problem if you quench the piece fast enough. According to [bms.had], a slower quench will melt some PLA although that creates a smoother surface. You can see the 0.31 mm layer lines in the cast, though, although you can use any layer height you like to control that. Creating the mold is simple (the videos use Tinkercad, although anything suitable for creating 3D models would work). You essentially attach a funnel to your part and make the entire part a hole inside an enveloping shape.

Continue reading “Pewter Casting With PLA”