Haptic Glove Controls Robot Hand Wirelessly

October 25, 2019 by No comments

[Miller] wanted to practice a bit with some wireless modules and wound up creating a robotic hand he could teleoperate with the help of a haptic glove. It lookes highly reproducible, as you can see the video, below the break.

The glove uses an Arduino’s analog to digital converter to read some flex sensors. Commercial flex sensors are pretty expensive, so he experimented with some homemade sensors. The ones with tin foil and graphite didn’t work well, but using some bent can metal worked better despite not having good resolution.

Continue reading “Haptic Glove Controls Robot Hand Wirelessly”

Hackaday Podcast 041: The “How Not To” Episode Of Rebreathers, Chain Sprockets, Hovercraft, And Data Logging

October 25, 2019 by 4 Comments

Hackaday Editors Mike Szczys and Elliot Williams shed some light on a true week of hacks. It seems as though all kinds of projects are doing this the “wrong” way this week and its delightful to see what they learn along the way. Hovercraft can work using the Coandă effect which uses the blowers on the outside. You can dump your Linux logs to soldered-on eMMC memory, and chain sprockets can be cut from construction brackets. If you really want to build your own rebreather you can. All of these hacks work, and seeing how to do something differently is an inspiring tribute to the art of hardware hacking… you can learn a lot by asking yourself why these particular techniques are not the most commonly used.

Plus, Mike caught up with Alessandro Ranellucci at Maker Faire Rome last weekend. In addition to being the original author of slic3r, Alessandro has been Italy’s Open Source lead for the last several years. He talks about the legislation that was passed earlier this year mandating that software commissioned by the government must now be Open Source and released with an open license.

Take a look at the links below if you want to follow along, and as always tell us what you think about this episode in the comments!

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (60 MB or so.)

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 041: The “How Not To” Episode Of Rebreathers, Chain Sprockets, Hovercraft, And Data Logging”

This Week In Security: The Robots Are Watching, Insecure VPNs, Graboids, And Biometric Fails

October 25, 2019 by 10 Comments

A Japanese hotel chain uses robots for nearly everything. Check in, room access, and most importantly, bedside service. What could possibly go wrong with putting embedded Android devices, complete with mics and cameras, right in every hotel room? While I could imagine bedside robots ending badly in many ways, today we’re looking at the possibility that a previous guest installed an app that can spy on the room. The kiosk mode used on these devices left much to be desired. Each bot has an NFC reader, and all it takes is an URL read by that reader to break out of the kiosk jail. From there, a user has full access to the Android system underneath, and can install whatever software they wish.

[Lance Vick] discovered this potential problem way back in July, and after 90 days of inaction has released the vulnerability. More of these hotels are being rolled out for the 2020 Olympics, and this sort of vulnerability is sure to be present in other similar kiosk devices.

VPN Compromise

In March 2018, a server in a Finnish data center was compromised through a remote management system. This was probably a Baseboard Management Controller (BMC), which is as dangerous as it is useful. Most BMCs have their own Ethernet adapter, not controlled by the host computer, and allows a remote user to access the machine just as if they had a monitor and keyboard connected to it. This particularly server was one rented by NordVPN, who was apparently not notified of the data center breach.

So what was captured from this server? Apparently the OpenVPN credentials stored on that server, as well as a valid TLS key. (Document mirror via TechCrunch) It’s been noted that this key is now expired, which does mean that it’s not being actively exploited. There were, however, about 7 months between the server break-in and the certificate expiration, during which time it could have been used for man-in-the-middle attacks.

NordVPN has confirmed the breach, and tried to downplay the potential impact. This report doesn’t seem to entirely match the leaked credentials. An attacker with this data and root access to the server would have likely been able to decrypt VPN traffic on the fly.

Graboid

Named in honor of a certain sci-fi worm, Graboid is an unusual piece of malware aimed at Docker instances. It is a true worm, in that compromised hosts are used to launch attacks against other vulnerable machines. Graboid isn’t targeting a Docker vulnerability, but simply looking for an unsecured Docker daemon exposed to the internet. The malware downloads malicious docker images, one of which is used for crypto-currency mining, while another attempts to compromise other servers.

Graboid has an unusual quirk — the quirk that earned it the name: It doesn’t constantly mine or attempt to spread, but waits over a minute between bursts of activity. This was likely an attempt to mask the presence of mining malware. It’s notable that until discovered, the malicious Docker images were hosted on the Docker Hub. Be careful what images you trust, and look for the “Docker Official Image” tag.

Iran and Misdirection

Remember a couple weeks ago, when we discussed the difficulty of attack attribution? It seems a healthy dose of such paranoia might be warranted. The American NSA and British NCSC revealed that they now suspect Russian actors compromised Iranian infrastructure and deployed malware developed by Iranian coders. The purpose of this seems to have been redirection — to compromise targets and put the blame on Iran. To date it’s not certain that this particular gambit fooled any onlookers, but this is likely not the only such effort.

Android Biometrics

New Android handsets have had a rough week. First, the Samsung Galaxy S10 had an issue with screen protectors interfering with the under-the-screen fingerprint reader. This particular problem seems to only affect fingerprints that are enrolled after a screen protector has been applied. With the protector still in place, anyone’s fingerprint is able to unlock the device. What’s happening here seems obvious. The ultrasonic fingerprint scanner isn’t able to penetrate the screen protector, so it’s recording an essentially blank fingerprint. A patch to recognize these blank prints has been rolled out to devices in Samsung’s home country of South Korea, with the rest of the world soon to follow.

The second new handset is the Google Pixel 4, which includes a new Face Unlock feature. While many have praised the feature, there is trouble in paradise. The Pixel’s Face Unlock works even when the user is asleep or otherwise unmoving. To their credit, Apple’s Face ID also checks for user alertness, trying to avoid unlocking unless the user is intentionally doing so.

The humorous scenario is a child or spouse unlocking your phone while you’re asleep, but a more sobering possibility is your face being used against you unwillingly, or even while unconscious or dead. Based on leaks, it’s likely that there was an “eyes open” mode planned but cut before launch. Hopefully the bugs can be worked out of that feature, and it can be re-added in a future update. Until then, it’s probably best not to use Google’s Face Unlock on Pixel 4 devices.

Robot Joints Go Modular With This Actuator Project

October 22, 2019 by 4 Comments

[John Lauer] has been hard at work re-thinking robot arms. His project to create modular, open source actuators that can be connected to one another to form an arm is inspiring, and boasts an impressively low parts cost as well. The actuators are each self-contained, with an ESP32 and a design that takes advantage of the form factors of inexpensive modules and parts from vendors like Aliexpress.

Flex spline in action, for reducing backlash

Each module has 3D printed gears (with an anti-backlash flex spline), an RGB LED for feedback, integrated homing, active cooling, a slip ring made from copper tape, and a touch sensor dial on the back for jogging and training input. The result is a low backlash, low cost actuator that keeps external wiring to an absolute minimum.

Originally inspired by a design named WE-R2.4, [John] has added his own twist in numerous ways, which are best summarized in the video embedded below. That video is number three in a series, and covers the most interesting developments and design changes while giving an excellent overview of the parts and operation (the video for part one is a basic overview and part two shows the prototyping process, during which [John] 3D printed the structural parts and gears and mills out a custom PCB.)

Continue reading “Robot Joints Go Modular With This Actuator Project”

Making A Robot Cleaner Even Smarter

October 20, 2019 by 9 Comments

Some electric cleaners are effective and some hardly even seem to make a difference. The ILIFE V7s may be a robot cleaner, but even with its cleaning modes and anti-collision system, it still requires IR signals to complete any tasks. Tired of having to be physically in the same place as his robot cleaner, [pimuzzo] decided to take matters into his own hands and build a RESTful remote control to send IR signals from afar.

The program uses the ESP8266WebServer and IRremoteESP8266 libraries for handling HTTP requests and sending and receiving infrared signals. The remote also respond to Actions on Google for controlling the robot over a Google Assistant.

The IR signals are a bit funky – as one user highlighted, finding the IR protocol is a nontrivial task that can be accomplished by recording the IR signals from the original remote with a IR receiver and matching the marks, spaces, and carrier frequency with those of known protocol codes. [Oitzu] was able to match the timing to the NEC 32 bit protocol and find the exact codes on an oscilloscope, which simplified the translation of the codes for the remote.

Sometimes when life gives you a robot cleaner, it’s your job to make it smarter.

Humanoid Robot Has Joints That Inspire

October 20, 2019 by 8 Comments

One of the challenges with humanoid robots, besides keeping them upright, is finding compact combinations of actuators and joint mechanisms that allow for good range of smooth motion while still having good strength. To achieve that researchers from the IRIM Lab at Korea University of Technology and Education developed the LIMS2-AMBIDEX robotic humanoid upper body that uses a combination of brushless motors, pulleys and some very interesting joint mechanisms. (Video, embedded below.)

The wrist mechanism. Anyone willing to tackle a 3D printed version?

From shoulder to fingers, each arm has seven degrees of freedom which allows the robot to achieve some spectacularly smooth and realistic upper body motion. Except for the wrist rotation actuator, all the actuators are housed in the shoulders, and motion is transferred to the required joint through an array of cables and pulleys. This keeps the arm light and its inertia low, allowing the arms to move rapidly without breaking anything or toppling the entire robot.

The wrist and elbow mechanisms are especially interesting. The wrist emulates rolling contact between two spheres with only revolute joints. It also allows a drive shaft to pass down the centre of the mechanism and transfer rotating motion from one end to the other. The elbow is a rolling double jointed affair that allows true 180 degrees of rotation.

We have no idea why this took two years to end up in our YouTube feed, but we’re sure glad it finally did. Check out some of the demo videos after the break. Continue reading “Humanoid Robot Has Joints That Inspire”

Robot Allows Remote Colleagues To Enjoy Office Shenanigans

October 17, 2019 by 3 Comments

[Esther Rietmann] and colleagues built a Telepresence Robot to allow work at home teammates to have a virtual, but physical presence in the office. A telepresence robot is like a tablet mounted on a Roomba, providing motion capability in addition to an audio/video connection. Built during a 48 hour hackathon, it is a bit crude under the hood and misses out on some features, such as a bidirectional video feed. But overall, it pretty much does what is expected from such a device.

The main structure is build from cheap aluminium profiles and sheets. A Raspberry Pi is at the heart of the electronics hardware, with a servo mounted Pi-camera and speaker-microphone pair taking care of video and audio. The two DC motors are driven by H-bridges controlled from the Pi and an idle swivel caster is attached as the third wheel. The whole thing is powered by a power bank. The one important thing missing is an HDMI display which can show a video feed from the remote laptop camera. That may have been due to time constraints, but this feature should not be too difficult to add as a future upgrade. It’s important for both sides to be able to see each other.

The software is built around WebRTC protocol, with the WebRTC Extension from UV4L doing most of the heavy lifting. The UV4L Streaming Server not only provides its own built-in set of web applications and services, but also embeds a general-purpose web server on another port, allowing the user to run and deploy their own custom web apps. This allowed [Esther Rietmann]’s team to build a basic but functional front-end to transmit data from the remote interface for controlling the robot. The remote computer runs a Python control script, running as a system service, to control the drive motors and camera servo.

The team also played with adding basic object, gesture and action recognition features. This was done using PoseNet – a machine learning model, which allows for real-time human pose estimation in the browser using TensorFlowJS – allowing them to demonstrate some pose detection capability. This could be useful as a “follow me” feature for the robot.

Another missing feature, which most other commercial telepresence robots have, is a sensor suite for collusion avoidance, object detection and awareness such as micro switches, IR / ultrasonic detectors, time of flight cameras or LiDAR’s. It would be relatively easy to add one or several sensors to the robot.

If you’d like to build one for yourself, check out their code repository on Github and the videos below.

Continue reading “Robot Allows Remote Colleagues To Enjoy Office Shenanigans”