Casting Engagement Rings (Or Other Small Metal Parts!)

December 10, 2014 by James Hobson 12 Comments

[Paul Williams] wrote in to tell us about his most recent and dangerous endeavor. Marriage.

As a masters student in Mechanical Engineering, he wanted to give his wife (to be) to be a completely unique engagement ring — but as you can imagine, custom engagement rings aren’t cheap. So he decided to learn how to make it himself.

During the learning process he kept good notes and has produced a most excellent Instructable explaining the entire process — How to make the tools you’ll need, using different techniques and common problems you might have. He even describes in detail how to make your own mini-kiln (complete with PID control), a vacuum chamber, a wax injector and even the process of centrifugal casting. Continue reading “Casting Engagement Rings (Or Other Small Metal Parts!)” →

PeriUSBoost: A DIY USB Battery Pack

December 10, 2014 by Eric Evenchick 34 Comments

If you travel often, use your mobile devices a lot, or run questionable ROMs on your phone, you likely have an external USB battery pack. These handy devices let you give a phone, tablet, or USB powered air humidifier (yes, those exist) some extra juice.

[Pedro]’s PeriUSBoost is a DIY phone charging solution. It’s a switching regulator that can boost battery voltages up to the 5 volt USB standard. This is accomplished using the LTC3426, a DC/DC converter with a built in switching element. The IC is a tiny SOT-23 package, and requires a few external passives work.

One interesting detail of USB charging is the resistor configuration on the USB data lines. These tell the device how much current can be drawn from the charger. For this device, the resistors are chosen to set the charge current to 0.5 A.

While a 0.5 A charge current isn’t exactly fast, it does allow for charging off AA batteries. [Pedro]’s testing resulted in a fully charged phone off of two AA batteries, but they did get a bit toasty while powering the device. It might not be the best device to stick in your pocket, but it gets the job done.

Vintage Apple Keyboard Revived As Standalone Computer

December 10, 2014 by Matt Freund 23 Comments

Many of our readers are familiar with the gold standard of classic PC keyboards – the bunker with switches known as the IBM Model M. The Model M’s Apple contemporary is the Apple Extended Keyboard and they are just as highly sought-after by their respective enthusiasts. Though discontinued almost 25 years ago and incompatible with anything made in the last 15, the codenamed “Saratoga” is widely considered the best keyboard Apple ever made.

[Ezra] has made a hobby of modernizing these vintage heartthrobs and rescuing them from their premature obsolescence. In a superbly documented tutorial he not only shows how to convert them to USB (a popular and trivial hack), but teaches you how and where to smuggle a Raspberry Pi in as well.

After disassembly, the project requires only a little bit of chisel and Dremel work before the soldering iron comes out. [Ezra] was fairly meticulous in removing or redirecting the Pi’s connectors and hardwiring the internals. Only 3 pins need to be traced from the original keyboard and [Ezra]’s ADB–>USB Rosetta Stone of choice is the Hasu Converter running on a Atmega 32u4 clone. Balancing cost, range, and power draw from the Pi, he settled on the TP-LINK WN722N for his WiFi solution which is also tucked away inside the case. A single pullup resistor to finish it off and [Ezra] was delighted to discover it worked the first time he plugged it in.

Keyboards from this era use actual momentary switches that audibly click twice per keypress. In our world of screens-as-keys celebrating the lack of tactile constraints, using beasts like the Model M or the AEK to force transistors to do your bidding is like racking a shotgun during a game of lasertag – comically obtuse but delightfully mechanical.

If you are looking to expand on [Ezra]’s tinkering, he has already made a wishlist of additions: a toggle switch to lobotomize the Pi back into a plain USB keyboard, an internal USB hub, and a power switch.

Hear the video of an AEK in action after the break (or loop it to sound productive while you nap).

Continue reading “Vintage Apple Keyboard Revived As Standalone Computer” →

Yik Yak MITM Hack (Give The Dog A Bone)

December 10, 2014 by Rick Osgood 24 Comments

Yik Yak is growing in popularity lately. If you are unfamiliar with Yik Yak, here’s the run down. It’s kind of like Twitter, but your messages are only shared with people who are currently within a few miles of you. Also, your account is supposed to be totally anonymous. When you combine anonymity and location, you get some interesting results. The app seems to be most popular in schools. The anonymity allows users to post their honest thoughts without fear of scrutiny.

[Sanford Moskowitz] decided to do some digging into Yik Yak’s authentication system. He wanted to see just how secure this “anonymous” app really is. As it turns out, not as much as one would hope. The primary vulnerability is that Yik Yak authenticates users based solely on a user ID. There are no passwords. If you know the user’s ID number, it’s game over.

The first thing [Sanford] looked for was an encrypted connection to try to sniff out User ID’s. It turned out that Yik Yak does actually encrypt the connection to its own servers, at least for the iPhone app. Not to worry, mobile apps always connect to other services for things like ad networks, user tracking, etc. Yik Yak happens to make a call to an analytics tool called Flurry every time the app is fired. Flurry needs a way to track the users for Yik Yak, so of course the Yik Yak App tells Flurry the user’s ID. What other information would the anonymous app have to send?

Unfortunately, Flurry disables HTTPS by default, so this initial communication is in plain text. That means that even though Yik Yak’s own communications are protected, the User ID is still exposed and vulnerable. [Sanford] has published a shell script to make it easy to sniff out these user ID’s if you are on the same network as the user.

Once you have the user ID, you can take complete control over the account. [Sanford] has also published scripts to make this part simple. The scripts will allow you to print out every single message a user has posted. He also describes a method to alter the Yik Yak installation on a rooted iPhone so that the app runs under the victim’s user ID. This gives you full access as if you owned the account yourself.

Oh, there’s another problem too. The Android app is programmed to ignore bad SSL certificates. This means that any script kiddie can perform a simple man in the middle attack with a fake SSL certificate and the app will still function. It doesn’t even throw a warning to the user. This just allows for another method to steal a user ID.

So now you have control over some poor user’s account but at least they are still anonymous, right? That depends. The Yik Yak app itself appears to keep anonymity, but by analyzing the traffic coming from the client IP address can make it trivial to identify a person. First of all, [Sanford] mentions that a host name can be a dead giveaway. A host named “Joe’s iPhone” might be a pretty big clue. Other than that, looking out for user names and information from other unencrypted sites is easy enough, and that would likely give you everything you need to identify someone. Keep this in mind the next time you post something “anonymously” to the Internet.

[via Reddit]

Reverse Engineering The Proto X Quadcopter Radio

December 10, 2014 by Adam Fabio 10 Comments

Just a few years ago, palm sized radio controlled toys were nothing more than a dream. Today, you can find them at every mall, toy store, and hobby shop. [Alvaro] couldn’t resist the tiny Estes Proto X quadcopter. While he enjoyed flying the Proto X, he found that the tiny controller left quite a bit to be desired. Not a problem for [Alvaro], as he embarked on a project to reverse engineer the little quad.

Inside the quadcopter and its lilliputian radio, [Alvaro] found a STM8 based processor and an Amiccom A7105 2.4G FSK/GFSK Transceiver radio. The A7105 is well documented, with datasheets easily obtained on the internet. The interface between the processor and the radio chip was the perfect place to start a reverse engineering effort.

With the help of his Saleae logic analyzer, [Alvaro] was able to capture SPI data from both the quadcopter and the transmitter as the two negotiated a connection. The resulting hex files weren’t very useful, so [Alvaro] wrote a couple of Python scripts to decode the data. By operating each control during his captures, [Alvaro] was able to reverse engineer the Proto X’s control protocol. He tested this by removing the microcontroller from the remote control unit and wiring the A7105 to a STM32F4 dev board. Connecting the STM32 to his computer via USB, [Alvaro] was able to command the quad to take off. It wasn’t a very graceful flight, but it did prove that his grafted control system worked. With basic controls covered, [Alvaro] knocked up a quick user interface on his computer. He’s now able to fly the quadcopter around using keyboard and mouse. Not only did this prove the control system worked, it also showed how hard it is to fly a real aircraft (even a tiny model) with FPS controls.

The Estes Proto X is actually manufactured by Hubsan, a China based manufacturer best known for the x4 series of mini quadcopters. Since the Proto X and the x4 share the same communication protocol, [Alvaro’s] work can be applied to both. With fully computer controlled quads available for under $30 USD, we’re only a few cameras (and a heck of a lot of coding) away from cooperative drone swarms akin to those found in the University of Pennsylvania GRASP Lab.

Continue reading “Reverse Engineering The Proto X Quadcopter Radio” →

The Epoch Christmas Tree

December 10, 2014 by Brian Benchoff 8 Comments

It’s that time of the year again, and the halls are being decked with trees, the trees covered in lights, and everyone working in retail is slowly going insane from Christmas songs piped over the PA. [Dan] has a tree and a bunch of programmable LEDs, but merely pumping jollity down that strip of LEDs wouldn’t be enough. The Nerd Quotient must be raised even higher with a tree that displays a Unix timestamp.

This build was inspired by an earlier, non-tree-based build that displays Unix time on a 32 LED array. That build used an ATMega328p for toggling LEDs on and off. This time around, [Dan] is using a dedicated LED controller – the AllPixel – that just wrapped up a very successful Kickstarter campaign. The AllPixel is, in turn, controlled by a Raspberry Pi running the BiblioPixel library,

The tree displays the current time stamp in binary across 32 spaces, with green representing a ‘one’ and a red representing ‘zero’. The top of the tree is the least significant bit, but in case [Dan] gets tired of the bottom of the tree staying completely still for the rest of this holiday season, he can switch the order making the base of the tree the LSB.

Video below.

Continue reading “The Epoch Christmas Tree” →

Trinket Everyday Carry Contest Drawing #2 Results

December 9, 2014 by Adam Fabio 6 Comments

We’ve held our second drawing for the Trinket Everyday Carry Contest. This week we used a Pro Trinket to pick the random winner. The winner is [mikeneiderhauser] with his project WorkoutAid!

[Mike] loves hitting the gym, but hates pulling out his phone or fumbling with his headphones to change songs during his routine. WorkoutAid is designed to fix this problem. It’s essentially a Bluetooth media display and remote. Track metadata will be displayed on a 128×64 OLED. 6 buttons will allow the user to change tracks, volume, or perform other functions. The whole device will communicate with a custom Android application through an RN42X Bluetooth radio.

We hope [Mike] enjoys his new Cordwood Puzzle from The Hackaday Store. No jigsaws here, cordwood is a puzzle that involves solder! It’s built using the cordwood assembly technique which was popular in the 1950’s and 1960s. We’re not kidding about it being a puzzle either – there are no instructions for this kit! [Mike] will know he’s got it right when all 3 LEDs light up.

If you didn’t win this week, don’t worry, there are still three more chances to win a random drawing! Our next drawing will be on 12/16/2014 at 9pm EST. The prize will be the ever handy Bus Pirate V3.6. To be eligible you need to submit your project as an official entry and publish at least one project log during the week.

The deadline for the big contest is January 2, 2014! More than 60 projects are entered so far, but only the top 50 will receive custom t-shirts. The top three projects will win some seriously awesome prizes, including a Rigol DS1054Z Oscilloscope, a Fluke 179 meter, and a Hakko/Panavise soldering bundle.

So what are you waiting for? Get off the couch and get hacking!