Hackaday Podcast Episode 252: X1Plus Hacks Bambu, Scotto Builds A Katana Keyboard, And Bass Puts Out Fire

January 12, 2024 by 4 Comments

This week, Editor-in-Chief Elliot Williams and Kristina Panos met up to discuss the best hacks of the previous week. It’s CES time once again in Las Vegas, and you know what that means — some wacky technologies like this AI pet door that rejects dead mice.

Then it’s on to What’s That Sound, which Kristina managed to nail for once. Can you get it? Can you figure it out? Can you guess what’s making that sound this week? If you can, and your number comes up, you get a special Hackaday Podcast t-shirt.

But then it’s on to the hacks, beginning with a new keyboard from [Joe Scotto] and an exploration of all you can do with an LED strip, like 1D fireworks and roller coasters without any moving parts. From there, we marvel at the ability of sound waves to extinguish flames, and the tech behind life as a quadriplegic. Finally, we examine not one, but two of Jenny List’s finely-crafted rants, one about web browsers, and the other about the responsible use of new technology.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Download and savor at your leisure.

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast Episode 252: X1Plus Hacks Bambu, Scotto Builds A Katana Keyboard, And Bass Puts Out Fire”

The Simple Tech Behind Hidden Camera Detectors

January 12, 2024 by 26 Comments

If you’ve ever been concerned about privacy in a rental space or hotel room, you might have considered trying one of the many “spy camera detectors” sold online. In the video after break [Big Clive], tears one down and gives us  an in-depth look at how these gadgets actually work, and their limitations.

Most detector follow the same basic design: a ring of LEDs through which the user inspects a room, looking for reflections indicating a potential hidden camera. Although this device can help spot a camera, it’s not entirely foolproof. The work best when you’re close to the center of a camera’s field of view, and some other objects, like large LEDs can produce similar reflections

The model examined in this video takes things one step further by adding a disc of dichroic glass. Coated with a metallization layer close to the wavelength of the LEDs, it effectively acts a bandpass filter, reducing reflections from other light sources. [Big Clive] also does his customary reverse-engineering of the circuit, which is just a simple flasher powered by USB-C.

[Big Clive]’s teardowns are always an educational experience, like we’ve seen in his videos on LED bulb circuits and a fake CO2 sensor.

Continue reading “The Simple Tech Behind Hidden Camera Detectors”

This Week In Security: AI Is Terrible, Ransomware Wrenches, And Airdrop

January 12, 2024 by 8 Comments

So first off, go take a look at this curl bug report. It’s a 8.6 severity security problem, a buffer overflow in websockets. Potentially a really bad one. But, it’s bogus. Yes, a strcpy call can be dangerous, if there aren’t proper length checks. This code has pretty robust length checks. There just doesn’t seem to be a vulnerability here.

OK, so let’s jump to the punch line. This is a bug report that was generated with one of the Large Language Models (LLMs) like Google Bard or ChatGPT. And it shouldn’t be a surprise. There are some big bug bounties that are paid out, so naturally people are trying to leverage AI to score those bounties. But as [Daniel Stenberg] point out, LLMs are not actually AI, and the I in LLM stands for intelligence.

There have always been vulnerability reports of dubious quality, sent by people that either don’t understand how vulnerability research works, or are willing to waste maintainer time by sending in raw vulnerability scanner output without putting in any real effort. What LLMs do is provide an illusion of competence that takes longer for a maintainer to wade through before realizing that the claim is bogus. [Daniel] is more charitable than I might be, suggesting that LLMs may help with communicating real issues through language barriers. But still, this suggests that the long term solution may be “simply” detecting LLM-generated reports, and marking them as spam. Continue reading “This Week In Security: AI Is Terrible, Ransomware Wrenches, And Airdrop”

Bambu Lab To Allow Installing Open Firmware After Signing Waiver

January 12, 2024 by 26 Comments

On January 10th Bambu Lab published a blog post in which they address the issue of installing custom firmware on your Bambu Lab X1 3D printer. This comes hot on the heels of a number of YouTube channels for the first time showing off the X1Plus firmware that a number of X1 users have been working on as an open source alternative to the closed, proprietary firmware. Per the Bambu Lab blog post, there is good and bad news for those wanting to use X1Plus and similar projects that may pop up in the future.

After Bambu Lab consulted with the people behind X1Plus it was decided that X1 users would be provided with the opportunity to install such firmware without complaints from Bambu Lab. They would however have to sign a waiver that declares that they agree to relinquish their rights to warranty and support with the printer. Although some details are left somewhat vague in the blog post, it appears that after signing this waiver, and with the target X1 printer known to Bambu Lab, it will have a special firmware update (‘Firmware R’) made available for it.

This special firmware then allows for third-party firmware to be installed, with the ability to revert to OEM firmware later on. The original exploit in pre-v1.7.1 firmware will also no longer be used by X1Plus. Hopefully Bambu Lab will soon clarify the remaining questions, as reading the Reddit discussion on the blog post makes it clear that many statements can be interpreted in a variety of ways, including whether or not this ‘Firmware R’ is a one-time offer only, or will remain available forever.

It’s not the first time we’ve seen a 3D printer manufacturer give users this sort of firmware ultimatum. Back in 2019 Prusa added a physical “appendix” to their new 32-bit control board that the user would have to snap off before they could install an unsigned firmware, which the company said signified the user was willing to waive their warranty for the privilege.

Thanks to [Aaron] for the tip.

Decoding A ROM From A Picture Of The Chip

January 12, 2024 by 14 Comments

Before there were home computers, among the hottest pieces of consumer technology to own was a pocket calculator. In the early 1970s a series of exciting new chips appeared which allowed the impossible to become the affordable, and suddenly anyone with a bit of cash could have one.

Perhaps one of the more common series of chips came from Texas instruments, and it’s one of these from which [Veniamin Ilmer] has retrieved the ROM contents. In a way there’s nothing new here as the code is well known, it’s the way it was done which is of interest. A photo of the die was analysed, and with a bit of detective work the code could be deduced merely from the picture.

These chips were dedicated calculators, but under the hood they were simple pre-programmed microcontrollers. Identifying the ROM area of the chip was thus relatively straightforward, but some more detective work lay in getting to the bottom of how it could be decoded before the code could be verified. So yes, it’s possible to read code from an early 1970s chip by looking at a photograph.

A very similar chip to this one was famously reprogrammed with scientific functions to form the heart of the inexpensive Sinclair Cambridge Scientific.

E-Ink Photo Frame Is A Simple, Pleasing Design

January 11, 2024 by 3 Comments

Regular photo frames are good, but they tend to only display a single photo unless you pull them to bits and swap out what’s inside. [Ben] decided to make a digital photo frame using an e-ink display to change things up, and unlike some commercial versions we’ve seen, it’s actually pretty tasteful!

The build is based on a Nook Simple Touch Reader, which can be had pretty cheaply on the used market. It was chosen for the fact it runs Android, which makes it comparatively easy to hack and customize compared to some other e-readers on the market. Once it’s running a custom Android brew, it can be set to run an app called Electric Sign which simply shows a given website fullscreen and updates it at regular intervals. That turns the Nook into a remotely updateable photo frame in one fell swoop. From there, it just took a little trickery to access an iCloud album to update the frame with fresh pics. Then [Ben] just had to customize a nice photo frame to neatly mount the e-reader with room for the cable to subtly snake out the back.

It’s a simple build that relies on some existing tools already laying around the Internet. That’s nice, because it makes it easy for anyone to replicate themselves at home given the same materials. We’ve seen some other great digital photo frames before, too. If you’ve built your own neat and creative way to display your pics, don’t hesitate to drop us a line!

Weird Trashcan Is Actually Advanced 1990s Robot

January 11, 2024 by 8 Comments

[Clay Builds] found a bit of a gem at a recent auction, picking up a Nomadic Technologies N150 robot for just $100. It actually looks like something out of science fiction, with its cylindrical design, red bumpers, and many sensors. He decided to try and restore the research-grade robot to functionality with the aid of modern hardware.

Right away, it’s clear this was an expensive and serious bit of kit. It’s full of hardcore gears and motors for driving three rubber-tired wheels, each of which has a pivoting mount for steering the thing. Through his research, [Clay] was able to find some ancient websites documenting university work using the robots. His understanding is that the platform was designed for researchers experimenting with simultaneous localization and mapping (SLAM) algorithms, and other robotic navigation tasks.

[Clay] doesn’t just settle for a teardown, though. He’s been able to get the platform running again in one sense, using an Arduino to manually run the robot’s drive controls under the command of a gamepad. Without official software or resources, it’s perhaps unlikely he’ll be able to get the stock hardware to do much without completely rebraining it, so this method makes sense. In future he hopes to get the bumper sensors and sonar modules working too.

It’s a fair effort given [Clay] was working with no documentation and no supporting software. We’ve seen similar efforts for robotic arms before, too. Video after the break.

Continue reading “Weird Trashcan Is Actually Advanced 1990s Robot”