Choosing The Right RTC For Your Project

September 30, 2020 by 26 Comments

When it comes to measuring time on microcontrollers, there’s plenty of ways to go about things. For most quick and dirty purposes, such as debounce delays or other wait states, merely counting away a few cycles of the main clock will serve the purpose.  Accurate to the tens of milliseconds, they get the average utility jobs done without too much fuss.

However, many projects are far more exacting in their requirements. When you’re building a clock, or a datalogger, or anything that relies on a stable sense of passing time for more than a few minutes, you’ll want a Real Time Clock. So called due to their nature of dealing with real time, as we humans tend to conceive it, these devices take it upon themselves to provide timekeeping services with a high degree of accuracy. We’ve compiled a guide to common parts and their potential applications so you can get things right the first time, every time.

Continue reading “Choosing The Right RTC For Your Project”

Fiber Optics, But… Wetter?

September 29, 2020 by 27 Comments

Fiber optics are a great way to transfer huge quantity of data at lightning speed. Thanks to the property of total internal reflection, which allows light to flow through a glass fiber like fluid through a pipe, they can be used for communications at long distances and form the backbone of modern communication networks. However, water is also able to pull off the total internal reflection party trick, and [Mike Kohn] decided to see if it could be used as a communication medium, too.

The experimental setup consists of an ATTiny85 that receives signals over its serial port, and outputs the received bits by flashing an LED. This LED is attached to a plastic tube filled with water. On the receiving end, another ATTiny85 reads the voltage level of a photodiode placed in the other end of the tube. When the ADC detects voltage over a certain level, it toggles a pin connected to the serial RX pin.

Hooking the setup to a pair of terminals, [Mike] was able to successfully transmit 9600 baud serial data through a tube full of water with just an LED and a small microcontroller. To verify the success, he ran the test again with an air-filled tube instead, which failed. In doing so, he proved that the water was doing the work.

We’ve seen other optical data hacks, too – like this awesome laser ethernet build. Video after the break.

Continue reading “Fiber Optics, But… Wetter?”

Old Polaroid Gets A Pi And A Printer

September 27, 2020 by 3 Comments

There’s nothing like a little diversion project to clear the cobwebs — something to carry one through the summer doldrums and charge you up for the rest of the hacking year. At least that’s what we think was up with [Sam Zeloof]’s printing Polaroid retro-conversion project.

Normally occupied with the business of learning how to make semiconductors in his garage, or more recently working on his undergraduate degree in electrical engineering, [Sam], like many of us, found himself with time to spare this summer. In search of a simple, fun project that wouldn’t glaze over the eyes of people when he showed it off, he settled on a printing party camera. The guts are pretty standard fare: a Raspberry Pi and Pi cam, coupled with a thermal receipt printer for instant hardcopy. The donor camera was a Polaroid Pronto from eBay, in good shape on the outside and mostly complete on the inside. A Dremel took care of the latter, freeing up space occupied by all the plastic bits that held the film cartridge and running gear of the film handling system.

The surgery made enough room to squeeze in the Pi Zero and a LiPo battery pack, along with a buck converter. Adding in the receipt printer and its drive board and mounting the Pi cam presented some challenges, but everything fit without breaking the original look and feel of the Polaroid. The camera now produces low-res hardcopy instantly using a dithering algorithm, and store high-resolution images on an SD card for later download. As a bonus, [Sam] included a simulated time and date stamp in the lower corner of the saved images, like those that used to show up on film.

[Sam]’s camera looks like a ton of fun. We’ve seen other Polaroid conversions, including a stunning SX-70 digital upgrade, but this one shines for its simplicity and instant hardcopy.

[via Tom’s Hardware]

This Week In Security: UTorrent Vulnerable, Crowd-Sourcing Your Fail2Ban, And Cryptographers At Casinos

September 25, 2020 by 22 Comments

The uTorrent client was recently updated to fix a null pointer dereference (CVE-2020-8437), discovered by [whtaguy]. Triggering the dereference simply crashes the client — so far an actual RCE hasn’t been found. Given the nature of the null pointer dereference, it’s possible this bug is limited to denial of service. That’s extremely good, because the flaw is extremely easy to target.

BitTorrent is a clever protocol. It’s still used to distribute large files, like Linux ISOs. The concept is simple: Split a large file into small chunks. Send the chunks to a client one at a time. As each chunk is received, the client sends a copy of that chunk to the next client. As a result of this peer-to-peer (p2p) arrangement, the bandwidth available to the server is greatly multiplied. As with all other p2p arrangements, the sticking point is how to make those connections between peers, particularly when most of the world’s desktops are behind NAT routers. In practice, for two peers to share data, at least one of them has to have a port opened or forwarded to the client. This is often accomplished through Universal Plug-n-Play (UPnP) or the NAT Port Mapping Protocol (NAT-PMP). The idea of both protocols are the same; a client on an internal device can request a temporary port forward without manual intervention. Whether it’s a good idea to allow automatic port forwards is another issue for another day. Continue reading “This Week In Security: UTorrent Vulnerable, Crowd-Sourcing Your Fail2Ban, And Cryptographers At Casinos”

TI And Cadence Make PSpice Free

September 20, 2020 by 29 Comments

We like simulation software. Texas Instruments long offered TINA, but recently they’ve joined with Cadence to make OrCAD PSpice available for free with some restrictions. You’ve probably heard of PSpice — it’s widely used in academia and industry, but is usually quite costly. You can see a promotional overview video below.

The program requires registration and an approval step to get a license key. The downloaded program has TI models along with other standard models. There seem to be few limits as long as you stick to the supplied library. According to the datasheet, there are no size or simulation complexity limitations in that case. If you want to use other models, you can, but that’s where the limitations hit you:

There is no limitation of how many 3rd party models can be imported into the design. However, if 3rd party models are imported, a user will be able to plot a maximum of 3 signals at a time of their choice when any 3rd party model is imported from web.

We aren’t completely sure what “from web” means there, but presumably they just mean from other sources. In any event, you still get AC, DC, and transient analysis with plenty of options like worst-case timing analysis. Mixed signal designs are supported and there is a wealth of data plotting options, as you would expect.

This is a great opportunity to drive some serious software that is widely used in the industry. The only thing that bummed us out? It runs under Windows. We couldn’t get it to work under Wine, but a Windows 10 VM handled it fine, although we really hate running a VM if we don’t have to.

Still, the price is right and it is a great piece of software. We also liked the recent Micro-Cap 12 release, but we don’t expect any updates for that. Of course, LTSpice is quite capable, too.

Continue reading “TI And Cadence Make PSpice Free”

Roll Your Own Heelys

September 17, 2020 by 17 Comments

Remember Heelys, the shoes with wheels in the heels? Just lift up your toes, and away you go. We were at least ten or fifteen years older than the target demographic, but got a pair anyway just to please our inner child and have some fun. Young kids would wear them everywhere and zip around inside stores to the annoyance of everyone but other young kids. We imagine some shopkeepers got to the point where they could spot the things as they walked in the door and nipped the skating party in the bud.

[DevNerd] has conceived of the ultimate plan: if you make your own Heelys, no one necessarily has to know unless you start rolling around. [DevNerd] started by cutting some large, 20mm-deep holes in the bottoms of a pair of Air Jordans and printed a sturdy wheel and a box frame for support.

Each wheel has a bearing on both ends that spin on a threaded rod. We’re not sure why [DevNerd] went with threaded rod, because it seems like that would prematurely wear out the frame box.

Don’t want to cut up your shoes, but want some sweet roller kicks for the daily commute down the hall? You could always make them out of pallet wood.

Security This Week: Racoons In My TLS, Bypassing Frontends, And Obscurity

September 11, 2020 by 7 Comments

Raccoon is the next flashy security flaw with a name, cute logo, and a website (and a PDF). Raccoon is a flaw in TLS version prior to 1.3, and seems to be a clever bit of work, albeit one with limited real-world application. The central problem is that these older versions of TLS, when using Diffie Hellman (DH), drop leading all-zero bytes in the resulting pre-master key. As that key is part of the input for calculating the master session key, a shortened pre-master key results in a slightly faster calculation of the master key. If an attacker can make fine-grained timing measurements, he can determine when the pre-master key is trimmed.

Let’s review Diffie Hellman, briefly. The client and server agree on two numeric values, a base g and modulus p, and each party generates a secret key, a and b. Each party calculates a public key by raising the shared base to their own private key, mod the shared modulus: A = g^a mod p. These public keys are exchanged, and each party raises the received key to their own secret key: A^b. Exponents have a non-obvious quirk, the power rule. A value raised to a power raised to a power is the same as the value raised to the power of the exponents multiplied together. g^a^b is equal to g^(a*b). By going through this mathematical dance, the server and client have arrived at a shared value that only they know, while preserving the secrecy of their private keys. Continue reading “Security This Week: Racoons In My TLS, Bypassing Frontends, And Obscurity”