Superconference Interview: Carl Bugeja

November 5, 2019 by 1 Comment

It’s an exciting time of year for us, not because Christmas is on the horizon, instead for something far more exciting than that! The Hackaday Superconference is nearly upon us, our yearly gathering of the creme de la creme of the hardware hacking world for a fascinating program of lectures and other events. We can’t wait, and we hope you’re looking forward to it as much as we are.

A particularly stimulating part of the Supercon experience comes from the people you rub shoulders with as you attend, whether or not you will have seen their work on these pages they represent a huge and fascinating breadth of experience and skill. It’s the incidental conversations at events like this that are the most fertile, because from them comes inspiration that can feed all manner of things.

One of last year’s hits came from Carl Bugeja, when he gave a talk about his impressive work with using printed circuit boards to construct electric motors and magnetic actuators. We’ve seen the various iterations of his work evolving in these pages, and at last year’s event he also gave an interview to our own Elliot Williams, and we’re happy to bring you the resulting video after the break.

We’d love to be able to reveal a hidden stash of Supercon tickets, but sadly it’s all sold out. We can however direct you to the livestream of the event which begins at 10 am Pacific time on November 15th. Be sure to head on over to the Hackaday YouTube channel, and subscribe.

Meanwhile it’s worth pointing those lucky ticket holders to the Supercon ticketing page since we’ve added more tickets to the previously-sold-out workshops. Now, enjoy Carl’s interview, and we hope you’ll join us for Superconference whether you do so online or in person.

Continue reading “Superconference Interview: Carl Bugeja”

The 3D Printers, Scanners, And Art Robots Of Maker Faire Rome

November 2, 2019 by 7 Comments

How is it possible that a robot can sketch both better and worse than I can at the same time, and yet turn out an incredible work of art? Has 3D-scanning really come so far that a simple camera and motorized jig can have insane resolution? These are the kinds of questions that were running through my mind, and being answered by the creators of these brilliant machines, at Maker Faire Rome.

There was a high concentration of robots creating art and 3D printing on display and the Faire, so I saved the best examples just for this article. But you’ll also find hacks from a few groups of clever students, and hardware that made me realize industrial controllers can be anything but boring. Let’s take a look!

Continue reading “The 3D Printers, Scanners, And Art Robots Of Maker Faire Rome”

5G Is For Robots

October 30, 2019 by 45 Comments

Ecclesiastes 1:9 reads “What has been will be again, what has done will be done again; there is nothing new under the sun.” Or in other words, 5G is mostly marketing nonsense; like 4G, 3G, and 2G was before it. Let’s not forget LTE, 4G LTE, Advance 4G, and Edge.

Just a normal everyday antenna array in a Seattle parking garage.

Technically, 5G means that providers could, if they wanted to, install some EHF antennas; the same kind we’ve been using forever to do point to point microwave internet in cities. These frequencies are too lazy to pass through a wall, so we’d have to install these antennas in a grid at ground level. The promised result is that we’ll all get slightly lower latency tiered internet connections that won’t live up to the hype at all. From a customer perspective, about the only thing it will do is let us hit the 8Gb ceiling twice as faster on our “unlimited” plans before they throttle us. It might be nice on a laptop, but it would be a historically ridiculous assumption that Verizon is going to let us tether devices to their shiny new network without charging us a million Yen for the privilege.

So, what’s the deal? From a practical standpoint we’ve already maxed out what a phone needs. For example, here’s a dirty secret of the phone world: you can’t tell the difference between 1080p and 720p video on a tiny screen. I know of more than one company where the 1080p on their app really means 640 or 720 displayed on the device and 1080p is recorded on the cloud somewhere for download. Not a single user has noticed or complained. Oh, maybe if you’re looking hard you can feel that one picture is sharper than the other, but past that what are you doing? Likewise, what’s the point of 60fps 8k video on a phone? Or even a laptop for that matter?

Are we really going to max out a mobile webpage? Since our device’s ability to present information exceeds our ability to process it, is there a theoretical maximum to the size of an app? Even if we had Gbit internet to every phone in the world, from a user standpoint it would be a marginal improvement at best. Unless you’re a professional mobile game player (is that a thing yet?) latency is meaningless to you. The buffer buffs the experience until it shines.

So why should we care about billion dollar corporations racing to have the best network for sending low resolution advertising gifs to our disctracto cubes? Because 5G is for robots.

Continue reading “5G Is For Robots”

Haptic Glove Controls Robot Hand Wirelessly

October 25, 2019 by No comments

[Miller] wanted to practice a bit with some wireless modules and wound up creating a robotic hand he could teleoperate with the help of a haptic glove. It lookes highly reproducible, as you can see the video, below the break.

The glove uses an Arduino’s analog to digital converter to read some flex sensors. Commercial flex sensors are pretty expensive, so he experimented with some homemade sensors. The ones with tin foil and graphite didn’t work well, but using some bent can metal worked better despite not having good resolution.

Continue reading “Haptic Glove Controls Robot Hand Wirelessly”

Hackaday Podcast 041: The “How Not To” Episode Of Rebreathers, Chain Sprockets, Hovercraft, And Data Logging

October 25, 2019 by 4 Comments

Hackaday Editors Mike Szczys and Elliot Williams shed some light on a true week of hacks. It seems as though all kinds of projects are doing this the “wrong” way this week and its delightful to see what they learn along the way. Hovercraft can work using the Coandă effect which uses the blowers on the outside. You can dump your Linux logs to soldered-on eMMC memory, and chain sprockets can be cut from construction brackets. If you really want to build your own rebreather you can. All of these hacks work, and seeing how to do something differently is an inspiring tribute to the art of hardware hacking… you can learn a lot by asking yourself why these particular techniques are not the most commonly used.

Plus, Mike caught up with Alessandro Ranellucci at Maker Faire Rome last weekend. In addition to being the original author of slic3r, Alessandro has been Italy’s Open Source lead for the last several years. He talks about the legislation that was passed earlier this year mandating that software commissioned by the government must now be Open Source and released with an open license.

Take a look at the links below if you want to follow along, and as always tell us what you think about this episode in the comments!

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (60 MB or so.)

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 041: The “How Not To” Episode Of Rebreathers, Chain Sprockets, Hovercraft, And Data Logging”

This Week In Security: The Robots Are Watching, Insecure VPNs, Graboids, And Biometric Fails

October 25, 2019 by 10 Comments

A Japanese hotel chain uses robots for nearly everything. Check in, room access, and most importantly, bedside service. What could possibly go wrong with putting embedded Android devices, complete with mics and cameras, right in every hotel room? While I could imagine bedside robots ending badly in many ways, today we’re looking at the possibility that a previous guest installed an app that can spy on the room. The kiosk mode used on these devices left much to be desired. Each bot has an NFC reader, and all it takes is an URL read by that reader to break out of the kiosk jail. From there, a user has full access to the Android system underneath, and can install whatever software they wish.

[Lance Vick] discovered this potential problem way back in July, and after 90 days of inaction has released the vulnerability. More of these hotels are being rolled out for the 2020 Olympics, and this sort of vulnerability is sure to be present in other similar kiosk devices.

VPN Compromise

In March 2018, a server in a Finnish data center was compromised through a remote management system. This was probably a Baseboard Management Controller (BMC), which is as dangerous as it is useful. Most BMCs have their own Ethernet adapter, not controlled by the host computer, and allows a remote user to access the machine just as if they had a monitor and keyboard connected to it. This particularly server was one rented by NordVPN, who was apparently not notified of the data center breach.

So what was captured from this server? Apparently the OpenVPN credentials stored on that server, as well as a valid TLS key. (Document mirror via TechCrunch) It’s been noted that this key is now expired, which does mean that it’s not being actively exploited. There were, however, about 7 months between the server break-in and the certificate expiration, during which time it could have been used for man-in-the-middle attacks.

NordVPN has confirmed the breach, and tried to downplay the potential impact. This report doesn’t seem to entirely match the leaked credentials. An attacker with this data and root access to the server would have likely been able to decrypt VPN traffic on the fly.

Graboid

Named in honor of a certain sci-fi worm, Graboid is an unusual piece of malware aimed at Docker instances. It is a true worm, in that compromised hosts are used to launch attacks against other vulnerable machines. Graboid isn’t targeting a Docker vulnerability, but simply looking for an unsecured Docker daemon exposed to the internet. The malware downloads malicious docker images, one of which is used for crypto-currency mining, while another attempts to compromise other servers.

Graboid has an unusual quirk — the quirk that earned it the name: It doesn’t constantly mine or attempt to spread, but waits over a minute between bursts of activity. This was likely an attempt to mask the presence of mining malware. It’s notable that until discovered, the malicious Docker images were hosted on the Docker Hub. Be careful what images you trust, and look for the “Docker Official Image” tag.

Iran and Misdirection

Remember a couple weeks ago, when we discussed the difficulty of attack attribution? It seems a healthy dose of such paranoia might be warranted. The American NSA and British NCSC revealed that they now suspect Russian actors compromised Iranian infrastructure and deployed malware developed by Iranian coders. The purpose of this seems to have been redirection — to compromise targets and put the blame on Iran. To date it’s not certain that this particular gambit fooled any onlookers, but this is likely not the only such effort.

Android Biometrics

New Android handsets have had a rough week. First, the Samsung Galaxy S10 had an issue with screen protectors interfering with the under-the-screen fingerprint reader. This particular problem seems to only affect fingerprints that are enrolled after a screen protector has been applied. With the protector still in place, anyone’s fingerprint is able to unlock the device. What’s happening here seems obvious. The ultrasonic fingerprint scanner isn’t able to penetrate the screen protector, so it’s recording an essentially blank fingerprint. A patch to recognize these blank prints has been rolled out to devices in Samsung’s home country of South Korea, with the rest of the world soon to follow.

The second new handset is the Google Pixel 4, which includes a new Face Unlock feature. While many have praised the feature, there is trouble in paradise. The Pixel’s Face Unlock works even when the user is asleep or otherwise unmoving. To their credit, Apple’s Face ID also checks for user alertness, trying to avoid unlocking unless the user is intentionally doing so.

The humorous scenario is a child or spouse unlocking your phone while you’re asleep, but a more sobering possibility is your face being used against you unwillingly, or even while unconscious or dead. Based on leaks, it’s likely that there was an “eyes open” mode planned but cut before launch. Hopefully the bugs can be worked out of that feature, and it can be re-added in a future update. Until then, it’s probably best not to use Google’s Face Unlock on Pixel 4 devices.

Robot Joints Go Modular With This Actuator Project

October 22, 2019 by 4 Comments

[John Lauer] has been hard at work re-thinking robot arms. His project to create modular, open source actuators that can be connected to one another to form an arm is inspiring, and boasts an impressively low parts cost as well. The actuators are each self-contained, with an ESP32 and a design that takes advantage of the form factors of inexpensive modules and parts from vendors like Aliexpress.

Flex spline in action, for reducing backlash

Each module has 3D printed gears (with an anti-backlash flex spline), an RGB LED for feedback, integrated homing, active cooling, a slip ring made from copper tape, and a touch sensor dial on the back for jogging and training input. The result is a low backlash, low cost actuator that keeps external wiring to an absolute minimum.

Originally inspired by a design named WE-R2.4, [John] has added his own twist in numerous ways, which are best summarized in the video embedded below. That video is number three in a series, and covers the most interesting developments and design changes while giving an excellent overview of the parts and operation (the video for part one is a basic overview and part two shows the prototyping process, during which [John] 3D printed the structural parts and gears and mills out a custom PCB.)

Continue reading “Robot Joints Go Modular With This Actuator Project”