Code So Sneaky You Have To Explain It

June 15, 2015 by 47 Comments

Your mission, should you choose to accept it, is to code a program that leaks information to the user but does so in a way that can’t be discovered in a code audit. This was the challenge for the 2014 Underhanded C contest; the seventh time they’ve held the event. [Richard Mitton] took part and wrote a very entertaining entry. He didn’t win, but he did just share the details of his super-sneaky code.

The challenge set out for the Citizen-Four-like coders set up a scenario where they were writing a program for a shady company (or sketchy government entity) which makes completely secret decisions based on publicly posted social media. The twist is they were tasked with getting code past an audit that leaked the decisions made by this program to the users being secretly observed.

Above is the core trick which [Richard] used after taking inspiration from Heartbleed. The struct assignment has an off-by-one error in it which is shown corrected in the lower code block. This, used in conjunction with malloc and free, allows memory to be used under the guise of storage during the encryption process. Secretly, this same bit of memory is accessed later and leaked to the user being targeted.

Have your own Underhanded C that you’re dying to share? We want to hear about it so send us a tip!

A Revolutionary Input Device, 30 Years Too Late

June 15, 2015 by 29 Comments

Way before you kids had touch screens and mice, we had to walk uphill both ways to tell a computer where we were pointing at on the screen. I speak, of course, of light pens. When these photodiodes in a pen were pointed at a CRT, the display driver would tell the computer where the pen was pointing. It’s a pretty incredible video hack today, and these things were around in the 1970s. You could, of course, use a light pen with most of the old 8-bit home computers, including the Commodore 64.

[Jan] has a soft spot for the light pen on the C64. So much so he made a new input device using this tech. It’s great, and if this existed in 1985, all the cool kids would have known about it.

The build is called the LightHammer. It’s a light pen, inside the head of a plastic hammer, with a few springs, nuts, and washers to tell the computer to read the light pen input. The light pen itself is just a photodiode with a few transistors; it was a simple circuit in the 80s, and it’s a simple circuit today.

A new input device isn’t worth anything without an app to show off the tech, and [Jan] is about three steps ahead of us here. He wrote a game for this LightHammer – a digital version of Whac-A-Mole and Simon. They’re exactly what you think they are: the classic ‘repeat the computer’ and ‘murder rodents’ games.

If that’s not enough, [Jan] also built an arcade cabinet for his C64 setup, with the monitor, joysticks, a 1541, and a TV mounted in a cabinet that would look great in a bar. You can check out a video of that and the games using the LightHammer below.

Continue reading “A Revolutionary Input Device, 30 Years Too Late”

Hackaday Prize Entry: An Open Source Industrial Camera

June 14, 2015 by 36 Comments

Over the last few years, connecting a camera to the Internet has gotten cheaper and cheaper. The advances that made this possible did not come through security cameras, but instead tiny cell phone camera modules, ARM boards, and embedded computing. Right now, if you want a livestream of your back yard, you’d probably get a Raspberry Pi and camera module. This will work for 90% of cases, but what if you want to livestream a slightly harsher environment? What if you want image processing right on the camera? What if you want this camera to have a rating for environmental protection?

[Apodiant]’s entry for the 2015 Hackaday Prize is solving the latter problem. It’s an Open Source Industrial Smart Camera with Ethernet, USB, and serial outputs, an ARM CPU for image processing, all tucked away in a sturdy aluminum enclosure.

The preliminary BOM for this camera is an iMX6 – a very capable microcontroller that can run Linux and OpenCV. The image sensor is a 1.2 megapixel unit [Apodiant] already has experience with, and the enclosure is an off the shelf deal for anyone who wants to build their own.

 

If this sort of setup sounds familiar, you’re right: there have been a few projects that have taken camera modules, added a powerful microcontroller, and run image processing on them. The latest in a long line of these projects is the OpenMV. That had a successful Kickstarter, and since [Apodiant] is going for the Hackaday Prize Best Product competition, it looks like a good fit.

The 2015 Hackaday Prize is sponsored by:

The Live Still Life

June 14, 2015 by 15 Comments

Here’s a project that brings together artist [Justus Bruns] and engineers [Rishi Bhatnagar] and [Michel Jansen] to collaborate on an interactive work of Art. The Live Still Life is a classic still life, streamed live from India to anywhere in the world. It is the first step towards the creation of an art factory, where hundreds of these works will be made, preserved and streamed.

The Live Still Life is a physical composition of fresh fruit and vegetables displayed on a table with flatware, cutlery and other still objects. This is located in a wooden box in Bangalore. Every minute a photo is taken and the image is streamed, live, accessible instantly from anywhere in the world. Les Oiseaux de Merde’s Indian curator is on call to replace the fruit the minute it starts to rot so as to maintain the integrity of the image. In this way, while the image remains the same, the fight against decay is always present. The live stream can be viewed at this link.

The hardware is quite minimal. An internet connected Raspberry Pi model B,  Raspberry Pi camera module, a desk lamp for illumination and a wooden enclosure to house it all including the artwork. Getting the camera to work was just a few lines of code in Python. Live streaming the camera pictures took quite a bit more work than they expected. The server was written using a module called Exprestify written on top of Express JS to facilitate easier RESTful functions. For something that looks straightforward, the team had to overcome several coding challenges, so if you’d like to dig in to the code, some of it is hosted on Github or you can ask [Rishi] since he still needs to clean it up quite a bit.

Hackaday Links Column Banner

Hackaday Links: June 14, 2015

June 14, 2015 by 8 Comments

You know we’re running this gigantic contest to build hardware and send someone to space, right? We’re doing community voting right now. If you’re on Hackaday.io, head over there and pick the best project. We’re giving away t-shirts and $1000 gift cards to people who vote. The drawing for this round is next Friday.

MicroPython is a pretty interesting development in the area of interpreted languages running on microcontrollers. It’s Python, the BASIC of the modern era, and now it’s being funded by the ESA. Great news, there’s going to be a port to SPARC, and it looks like MicroPython is going to be in a few satellites.

[EloquentlyMawkishBunny]’s calculator stopped working on the morning of his AP Physics test. It was the ribbon cable for the display. What did he do? He grabbed some magnet wire and made it work. If I’m reading this right, he did this the day of his AP test. Wow.

[Will] has made a name for himself by building roller coasters in his backyard. He’s also worked on the ProtoPalette, and now he’s building a hackerspace in Concord, California.

[Josh] needed to drill some very large holes with his mill. He decided a hole saw was the easiest way to do this, but his hole saw has a hex shank. He ended up chopping the shank of a hole saw extension, basically turning it into a hex to round adapter.

Did you know the Arduino IDE on Raspbian is stuck at version 1.0.5? The newest version is 1.6.4, and there’s useful stuff like autosave in the IDE now. Amazing. [CRImier] got the latest Arduino IDE working on the Raspberry Pi 2. Yes, there’s an issue up but if for some reason you’re programming Arduinos on the Pi, you should probably do this yourself.

Oooohhhh, case modding. The Intel NUC is a pretty interesting platform for case modding; it’s small, and I shouldn’t have to remind anyone of all the cool case mods that were created when the Mini-ITX format gained popularity in the early ‘aughts. [Femke] got herself an Intel NUC, made a case, and the results are amazing. How’d she get that metal bowl? Metal spinning. Very cool.

Hacking A Wireless AC Power Outlet

June 14, 2015 by 10 Comments

It’s always nice to see hackers pick up stuff headed for the landfill and put it back in action with a quick repair and upgrade. [Septillion] found a wireless remote controlled AC outlet in the junk bin and decided to do just that. A nice spin-off of such hacks is that we end up learning a lot about how things work.

His initial tests showed that the AC outlet and its remote could be revived, so he set about exploring its guts. These remote AC outlets consist of an encoder chip on the remote and a corresponding decoder chip on the outlet, working at 433MHz.  Since the various brands in use have a slightly different logic, it needed some rework to make them compatible. The transmit remote was a quick fix – changing the DIP switch selected address bits from being pulled low to high and swapping the On and Off buttons to make it compatible with the other outlets.

Working on the AC outlet requires far more care and safety. The 230V AC is dropped down using a series capacitor, so the circuit is “hot” to touch. Working on it when it is powered up requires extreme caution. A quick fix would have been to make the changes to the address bits and the On/Off buttons to reflect the changes already made in the remote transmitter. Instead, he breadboarded a small circuit around the PIC12F629 microcontroller to take care of the data and address control. Besides, he wanted to be able to manually switch the AC outlet. The relay control from the decoder was routed via the microcontroller. This allowed either the decoder or the local manual switch from controlling the relay. Adding the PIC also allowed him to program in a few additional modes of operation, including one which doubled the number of outlets he could switch with one remote.

3D Miniature Chess Pieces Made With A Laser Cutter

June 14, 2015 by 6 Comments

When you think of laser cutters, you generally don’t think of 3d parts. Well, at least not without using something like glue, nuts and bolts, or tabs and slots to hold multiple parts together. [Steve Kranz] shows you how to make these very tiny 3D chess pieces by making 2 passes at right angles to thick acrylic. The first pass cuts one side’s profile, then the part is rotated 90 degrees and a second pass is cut, giving the part more of a “real” 3D look, rather than something cut out of a flat sheet. If you’re having a hard time imagining how it works, his pictures do a great job of explaining the process. He even added some engraving to give the chess pieces for a selective frosted look. We think it’s a cool idea, and well executed too!

But that got us to thinking (always dangerous) that we’ve seen rotary attachments for laser cutters, but they are mainly for etching cylindrical objects like champagne flutes and beer bottle. What if you added a rotating “3rd” axis to a laser cutter that could hold a block of material and rotate it while being cut? (Much like a traditional 4th Axis on a CNC machine). Would the material also need to be raised and lowered to keep the laser focused? Surely software that is aimed at 3D CNC would be needed, something like Mach3 perhaps. A quick Google search show that there are some industrial machines that more-or-less do 3D laser cutting, but if you, or someone you know of, has attached a 3rd axis to a desktop laser, let us know in the comments, we would love to see it.

(via Adafruit)