Developed On Hackaday: First Feedback From Users

December 9, 2013 by 54 Comments

2013-12_Developed_on_Hackaday

Holy cr*p guys… we were amazed by the quantity of positive feedback that was left in the comments section of our last article. We have been featured by Slashdot ! We got plenty of project name suggestions, therefore we organized a poll located at the end of this post to let you decide which one is best. I also received many emails from people eager to start contributing to this offline password keeper project. If you missed the call and want to get involved, it’s still not too late. You can get in touch with me @ mathieu[at]hackaday[dot]com. So far, we have many beta testers, several software developers, one security assessor and a few firmware developers. Next step is to create a mailing list and a Hackaday forum category once the project’s name has been chosen.

Obviously, the very first post of our “Developed On Hackaday” series was to gauge your initial reactions to this ‘new’ project. Notice here the double quotes, as when someone has a new idea there usually are only two possibilities that may explain why it doesn’t exist in the market yet: either it is completely stupid or people are already working on it. In our case, it seems we are in the second category as many readers mentioned they wanted to work/were working/had worked on a similar product. As we’re selfish, we offered them to contribute to this new device.

To ensure that all of our readers are on the same page as to how the device will work we embedded a simple block diagram after the break, as well as a list of all new functionalities that we want to implement given the feedback we received. So keep reading to see what the future holds, as well as to vote on this new project’s name…

Continue reading “Developed On Hackaday: First Feedback From Users”

Google Security Certificates Forged

December 9, 2013 by 23 Comments

Recently, Google discovered that a certificate authority (CA) issued forged certificates for Google domains. This compromises the trust provided by Transport Layer Security (TLS) and Secure HTTP (HTTPS), allowing the holder of the forged certificates to perform a man-in-the-middle attack.

To validate that the website you’re visiting is actually who they claim to be, your browser ensures that the certificate presented by the server you’re accessing was signed by a trusted CA. When someone requests a certificate from a CA, they should verify the identity of the person making the request. Your browser, and operating system, have a set of ultimately trusted CAs (called root CAs). If the certificate was issued by one of them, or a intermediate CA that they trust, you will trust the connection. This whole structure of trust is called a Chain of Trust.

With a forged certificate, you can convince a client that your server is actually http://www.google.com. You can use this to sit between a client’s connection and the actual Google server, eavesdropping their session.

In this case, an intermediate CA did just that. This is scary, because it undermines the security that we all rely on daily for all secure transactions on the internet. Certificate pinning is one tool that can be used to resist this type of attack. It works by associating a host with a specific certificate. If it changes, the connection will not be trusted.

The centralized nature of TLS doesn’t work if you can’t trust the authorities. Unfortunately, we can’t.

Behind the C128 Home Computer

Guest Post: The Real Story Of Hacking Together The Commodore C128

December 9, 2013 by 148 Comments

The most popular computer ever sold to-date, the Commodore C-64, sold 27 Million units total back in the 1980’s.  Little is left to show of those times, the 8-bit “retro” years when a young long-haired self-taught engineer could, through sheer chance and a fair amount of determination, sit down and design a computer from scratch using a mechanical pencil, a pile of data books, and a lot of paper.

Before Apple there was Commodore
Behind the C-128 from a 1985 Ad

My name is Bil Herd and I was that long-haired, self-educated kid who lived and dreamed electronics and, with the passion of youth, found himself designing the Commodore C-128, the last of the 8-bit computers which somehow was able to include many firsts for home computing. The team I worked with had an opportunity to slam out one last 8 bit computer, providing we accepted the fact that whatever we did had to be completed in 5 months… in time for the 1985 Consumer Electronics Show (CES) in Las Vegas.

We (Commodore) could do what no other computer company of the day could easily do; we made our own Integrated Circuits (ICs) and we owned the two powerhouse ICs of the day; the 6502 microprocessor and the VIC Video Display IC.  This strength would result in a powerful computer but at a cost; the custom IC’s for the C-128 would not be ready for at least 3 of the 5 months, and in the case of one IC, it would actually be tricked into working in spite of itself.

Continue reading “Guest Post: The Real Story Of Hacking Together The Commodore C128”

Fubarino Contest: Morse Code Transmitter

December 9, 2013 by 3 Comments

fubarino-contest-morse-code-keyer

The Fubarino Contest entries are slowing streaming in. Here’s the first one that we’re featuring, sent in by [Nathanael Wilson]. He dusted off a project from some time ago, which is just fine with us. It’s a Morse Code transmitter which he designed for use during a fox hunt (locating a hidden transmitter using radio direction finding).

For the project he revised his old code, adding in a Morse look-up table so that the Arduino Mega 2560 can convert plain text into dots and dashes. It uses the tone library to output signals to the radio seem above. The easter egg is unlocked when shorting pin 10 at power-up. It then broadcasts a slightly altered message as interpreted above.

One of the reasons we chose to feature [Nathanael’s] entry first is that he presented it very well. Watch his video after the break to see for yourself. Then go back and check out the contest rules to get your own project submission in. After all, you can win a free Fubarino board from Microchip if you’re in the top twenty!

Continue reading “Fubarino Contest: Morse Code Transmitter”

Meet The Teensy 3.1

December 9, 2013 by 50 Comments

[Paul Stoffregen] just released an updated version of his Teensy 3.0, meet the oddly named Teensy 3.1. For our readers that don’t recall, the Teensy 3.0 is a 32 bit ARM Cortex-M4 based development platform supported by the Arduino IDE (using the Teensyduino add-on). The newest version has the same size, shape & pinout, is compatible with code written for the Teensy 3.0 and provides several new features as well.

The Flash has doubled, the RAM has quadrupled (from 16K to 64K) allowing much more advanced applications. The Cortex-M4 core frequency is 72MHz (48MHz on the Teensy 3.0) and the digital inputs are 5V volts compatible. Pins 3 and 4 gained CAN bus functions. The new microcontroller used even has a 12 bits Digital to Analog Converter (DAC) so you could create a simple signal generator like the one shown in the picture above. Programming is done through the USB port, which can later behave as host or slave once your application is launched. Finally, the price tag ($19.80) is in our opinion very reasonable.

Embedded below is an interview with its creator [Paul Stroffregen].

Continue reading “Meet The Teensy 3.1”

$40 Lens Hack Gives Your FLIR Higher Clarity

December 9, 2013 by 26 Comments

[Josh Oster-Morris’s] FLIR camera can see a bit more clearly now that he’s hacked it to have its own makeshift “macro” mode. You may remember [Josh] from his power distribution Motobrain project. He’s still improving the Motobrain, and he wanted to better understand the thermal characteristics of the high current draws (upwards of 100amps!)

After reading that the FLIR 4  could be hacked into a better version, [Josh] immediately purchased his own. The FLIR is, however, limited at close-range imaging, because the resolution of the FLIR’s microbolometer is relatively low.  He had fortunately decided to stay tuned in to [Mike’s] YouTube channel and saw his follow-up video a few days later on refocusing the FLIR camera with an external lens. [Josh] hit up Amazon for a Gallium Arsenide lens normally used for CO2 lasers, and found one for around $40. He then mounted this lens into a simple paper frame held together by tape and staples, and fitted it onto the FLIR.

After you’ve checked out [Josh’s] blog for more examples of how astoundingly clear the images become, check out [Mike’s] video detailing the hack below.

Continue reading “$40 Lens Hack Gives Your FLIR Higher Clarity”

Boil Off Some White Gas In The Back Yard

December 9, 2013 by 56 Comments

Gas-still

[S Heath] is a Coleman lantern collector. Coleman lanterns can run from a variety of fuels, however they seem to run best with white gas, or Coleman fuel. Store bought Coleman fuel can cost upwards of $10USD/gallon. To keep the prices down, [S Heath] has created a still in his back yard to purify pump gas. We just want to take a second to say that this is not only one of those hacks that we wouldn’t want you to try at home, it’s also one that we wouldn’t try at home ourselves. Heating gasoline up past 120 degrees Celsius in a (mostly) closed container sounds like a recipe for disaster. [S Heath] has pulled it off though.

The still is a relatively standard setup. An electric hot plate is used to heat a metal tank. A column filled with broken glass (increased surface area for reflux) rises out of the tank. The vaporized liquid that does make it to the top of the column travels through a condenser – a pipe cooled with a water jacket. The purified gas then drips out for collection. The heart the system is a PID controller. A K-type thermocouple enters the still at the top of the reflux column. This thermocouple gives feedback to a PID controller at the Still’s control panel. The controller keeps the system at a set temperature, ensuring consistent operation. From 4000 mL of ethanol free pump gas, [S Heath] was able to generate 3100 mL of purified gas, and 500 mL of useless “dregs”. The missing 400 mL is mostly butane dissolved in the pump gas, which is expelled as fumes during the distillation process.

Continue reading “Boil Off Some White Gas In The Back Yard”