DIY Magsafe Charger Feeds Off 12 V Solar Battery

April 19, 2020 by 18 Comments

[Steve Chamberlin] has a spiffy solar-charged 12 V battery that he was eager to use to power his laptop, but ran into a glitch. His MacBook Pro uses Apple’s MagSafe 2 connector for power, but plugging the AC adapter into the battery via a 110 VAC inverter seemed awfully inefficient. It would be much better to plug it into the battery directly, but that also was a problem. While Apple has a number of DC power adapters intended for automotive use, none exist for the MagSafe 2 connector [Steve]’s mid-2014 MacBook Pro uses. His solution was to roll his own MagSafe charger with 12 VDC input.

Since MagSafe connectors are proprietary, his first duty was to salvage one from a broken wall charger. After cleaning up the wires and repairing any frayed bits, it was time to choose a DC-DC converter to go between the MagSafe connector and the battery. The battery is nominally 12 volts, so the input of the DC-DC converter was easy to choose, but the output was a bit uncertain. Figuring out what the MagSafe connector expects took a little educated guesswork.

The original AC adapter attached to the charger claimed an output of 20 volts, another Apple adapter claimed a 14.85 V output, and a third-party adapter said 16.5 volts. [Steve] figured that the MagSafe connectors seemed fine with anything in the 15 to 20 V range, so it would be acceptable to use a 12 V to 19 V DC-DC boost converter which he had available. The result worked just fine, and [Steve] took measurements to verify that it is in fact much more efficient than had he took the easy way out with the inverter.

MagSafe has been displaced by USB-C nowadays, but there are plenty of MagSafe devices still kicking around. In a pinch, keep in mind that a little bit of filing or grinding is all that’s needed to turn MagSafe 1 into MagSafe 2.

This Week In Security: Git, Patch Tuesday, Anti-Cheat, And Vulnerable Documentation

April 17, 2020 by 8 Comments

Git released an update on Tuesday, fixing an issue that could result in leaking credentials. The vulnerability was in how Git handles an HTTP URL containing a newline. Looking at the commits in 2.26.1, we can find an example of an attack:
url = "https://one.example.com?%0ahost=two.example.com/foo.git"

So doing a git pull against this repository will connect your git instance to an attacker’s server, but using the credentials from an arbitrary server. It seems like this could potentially be used to steal Github credentials, for instance. So go make sure you have an updated Git client.
Continue reading “This Week In Security: Git, Patch Tuesday, Anti-Cheat, And Vulnerable Documentation”

Altium Has Its 2kicad Moment

April 14, 2020 by 49 Comments

Around these parts we tend to be exponents of the KiCad lifestyle; what better way to design a PCBA than with free and open source tools that run anywhere? But there are still capabilities in commercial EDA packages that haven’t found their way into KiCad yet, so it may not always be the best tool for the job. Altium Designer is a popular non-libre option, but at up to tens of thousands of USD per seat it’s not always a good fit for users and businesses without a serious need.

It’s hard to find an exciting photo of a dialog box

What do you do as a KiCad user who encounters a design in Altium you’d like to work with? Well as of April 3rd 2020, [Thomas Pointhuber] has merged the beginnings of a native Altium importer into KiCad which looks to be slated for the 6.0 release. As [Thomas] himself points out in the patch submission, this is hardly the first time a 3rd party Altium importer has been published. His new work is a translation of the Perl plugin altium2kicad by [thesourcerer8]. And back in January another user left a comment with links to four other (non-KiCad) tools to handle Altium files.

If you’d like to try out this nifty new feature for yourself, CNX has a great walkthrough starting at building KiCad from source. As for documents to test against the classic BeagleBone Black sources seen above can be found at on GitHub. Head past the break to check out the very boring, but very exciting video of the importer at work, courtesy of [Thomas] himself. We can’t wait to give this a shot!

Thanks for the tip [Chris Gammell]!

Continue reading “Altium Has Its 2kicad Moment”

This Week In Security: Zoom (Really This Time), Fingerprints, And Bloatware

April 10, 2020 by 9 Comments

You were promised Zoom news last week, but due to a late night of writing, that story was delayed to this week. So what’s the deal with Zoom? Google, SpaceX, and even the government of Taiwan and the US Senate have banned Zoom. You may remember our coverage of Zoom from nearly a year ago, when Apple forcibly removed the Zoom service from countless machines. The realities of COVID-19 have brought about an explosion of popularity for Zoom, but also a renewed critical eye on the platform’s security.

“Zoombombing”, joining a Zoom meeting uninvited, made national headlines as a result of a few high profile incidents. The US DOJ even released a statement about it. Those incidents seem to have been a result of Zoom default settings: no meeting passwords, no “waiting room”, and meeting IDs that persist indefinitely. A troll could simply search google for Zoom links, and try connecting to them until finding an active meeting. Ars ran a great article on how to avoid getting zoombombed (thanks to Sheldon for pointing this out last week).

There is another wrinkle to the Zoom story. Zoom is technically an American company, but its Chinese roots put it in a precarious situation. Recently it’s been reported that encryption keying is routed through infrastructure in China, even though the calling parties are elsewhere. In some cases, call data itself goes through Chinese infrastructure, though that was labeled as a temporary bug. Zoom was also advertising its meetings as having end-to-end encryption. That claim was investigated, and discovered to be false. All meetings get decrypted at Zoom servers, and could theoretically be viewed by Zoom staff. Continue reading “This Week In Security: Zoom (Really This Time), Fingerprints, And Bloatware”

Phantom Express: The Spaceplane That Never Was

March 27, 2020 by 12 Comments

Even for those of us who follow space news closely, there’s a lot to keep track of these days. Private companies are competing to develop new human-rated spacecraft and assembling satellite mega-constellations, while NASA is working towards a return the Moon and the first flight of the SLS. Between new announcements, updates to existing missions, and literal rocket launches, things are happening on a nearly daily basis. It’s fair to say we haven’t seen this level of activity since the Space Race of the 1960s.

With so much going on, it’s no surprise that not many people have heard of the XS-1 Phantom Express. A project by the United States Defense Advanced Research Projects Agency (DARPA), the XS-1 was designed to be a reusable launch system that could put small payloads into orbit on short notice. Once its mission was complete, the vehicle was to return to the launch site and be ready for re-flight in as a little as 24 hours.

Alternately referred to as the “DARPA Experimental Spaceplane”, the vehicle was envisioned as being roughly the size of a business jet and capable of carrying a payload of up to 2,300 kilograms (5,000 pounds). It would take off vertically under rocket power and then glide back to Earth at the end of the mission to make a conventional runway landing. At $5 million per flight, its operating costs would be comparable with even the most aggressively priced commercial launch providers; but with the added bonus of not having to involve a third party in military and reconnaissance missions which would almost certainly be classified in nature.

Or at least, that was the idea. Flight tests were originally scheduled to begin this year, but earlier this year prime contractor Boeing abruptly dropped out of the program. Despite six years in development and over $140 million in funding awarded by DARPA, it’s now all but certain that the XS-1 Phantom Express will never get off the ground. Which is a shame, as even in a market full of innovative launch vehicles, this unique spacecraft offered some compelling advantages.

Continue reading “Phantom Express: The Spaceplane That Never Was”

Pop A Wheelie With Your Electric Skateboard, The Hacker Way

March 20, 2020 by 9 Comments

Using a bit of tech to make up for a lack of skill is a time-honoured tradition, otherwise known as cheating among those who acquired the skill the hard way. Learning to wheelie manual a skateboard is usually paid for in bruises, but [blezalex] got around that by letting his electric skateboard handle the balancing act.

At first glance the board looks and rides like an average DIY electric skateboard, with an off-the-shelf  a dual hub motor truck, VESC speed controllers and a wireless throttle. The party trick appears when the front wheel is popped off the ground, which activates the secret self-balancing mode. At this point a STM32F401 dev board and MPU-6050 IMU take over control of the motors, which is in turn controlled by leaning forward or backwards, like a hoverboard. The remote throttle turns into a dead man switch, which cuts power to the motors when released.

[blezalex] says he has had less that an hour of skateboard time in his life before getting on this one, which is a good testament of just how well it works. The biggest challenge was in getting the board to turn while on two wheels, which was solved by sensing side-to-side tilt of the board with the IMU and applying proportional differential torque to the wheels. With a bit of practice it’s also possible to smoothly shift between riding modes while moving.

We think this is a really elegant cheat, now we need to build one of our own. Fortunately the STM32 firmware and instructions are all up on GitHub. Building your own electric skateboard has become really simple with the availability of off-the-shelf components. We’ve also seen a bicycle with a wheelie cheat device to prevent you falling on your back

Civilian RC Car Uses Lego NXT And Ada

March 14, 2020 by 4 Comments

Back in the last century, the US Department of Defense declared that Ada was going to be used everywhere and for everything. Books were published, schools build curriculum. Working programmers, however, filled out waivers to continue working in their languages of choice. As a result, only a little bit of safety-critical software really used Ada. However, we’ve noticed a bit of a resurgence lately. Case in point: an RC car using Ada for the brains. You can watch it tool around in the video below.

This isn’t the first time we’ve heard about Ada in the past few months. Partially, this could be because of the availability of the GNU compiler, although that’s been around since 1995, so maybe there’s another explanation. Ada’s strong typing does tend to plug holes that hackers exploit, so while we would hate to say it is hack proof, it certainly is hack resistant compared to many popular languages.

Continue reading “Civilian RC Car Uses Lego NXT And Ada”