2018 is almost over, and we have another year in the dataset: an improbable number of celebrities died in 2016. The stock market is down, and everyone thinks a crash is coming. Journalists are being killed around the world. Fidget spinners aren’t cool anymore. Fortnite. Trade wars.
But not everything is terrible: Makerbot released a new printer and oddly no one complained. It was just accepted that it was an overpriced pile of suck. Elon Musk is having a great year, press and Joe Rogan notwithstanding, by launching a record number of rockets and shipping a record number of cars, and he built a subway that we’re not calling a subway. FPGA development is getting easier with new platforms and new boards. There is a vast untapped resource in 18650 cells just sitting on sidewalks in the form of scooters, and I’m going to keep mentioning this until someone actually builds a power wall out of scooters.
Whether or not you chose to believe our claim that we planned it this way, the holidays happen to fall right smack in the middle of our ongoing Circuit Sculpture Contest, which challenges hackers to build circuits that double as bona fide works of art. It’s become almost too easy to spin up your own PCB, so why not try your hand at building in three dimensions and without a net? The holidays are a perfect time for it as it’s not only a reprieve from the work, school, or forced labor camp that usually ties up our waking hours, but can also be a source of inspiration.
Case in point, this festive LED Christmas tree entry that comes our way courtesy of [Vincent Mkes]. This one really has it all: a recognizable theme, fantastic wire work, copious amounts of LEDs, and in a touch that is sure to delight even the electronics Scrooges amongst our readership, he does it all with the venerable 555 timer. It’s really what the Circuit Sculpture Contest is all about: taking a circuit that might otherwise be pretty ordinary and turning it into something truly unique.
The astute Hackaday reader (as if there was any other type) will likely notice there are actually two NE555 timers under the tree, each blinking their respective bank of LEDs at a different frequency. This makes the final result a bit more vibrant, and through some last-minute revisions, [Vincent] was able to hook them both up to a single power supply to really capture the minimalist spirit of the Contest.
As an early Christmas gift to us all, [Vincent] has done an excellent job documenting this build so anyone who wishes to infuse their end of year party with a little diode-driven holiday cheer can follow along. He’s included build instructions as well as diagrams of the circuit, though we encourage anyone looking to make one of their own to experiment a bit and put their own spin on it. After all, this is supposed to be art.
There’s still plenty of time to get your own entry into the Circuit Sculpture Contest, Yule-related or otherwise. Just document your build on Hackaday.io and submit it before the January 8th, 2019 deadline. Remember that entries can’t just look cool, they still need to be functional. Words to live by in general, but doubly important when they’re the rules of a contest.
Despite the fact that the United States and China are currently in the middle of a 90-day “cease fire” in their ongoing trade war, with new tariffs on hold until March 2019 while the two countries try to reach agreement, not everyone is waiting around to see who comes out on top. In a recent press release, action camera manufacturer GoPro has announced their intention to move some production out of China in the face of potential tariff expansions; which many analysts fear will be the result of the current stalemate. That’s right, only some of their production is moving.
“We’re proactively addressing tariff concerns by moving most of our US-bound camera production out of China,” says GoPro CFO Brian McGee. “We believe this diversified approach to production can benefit our business regardless of tariff implications.” Reading his words carefully, the key phrase here is “diversified approach”. GoPro doesn’t intend to move their entire production capability out of China, but only the production of the cameras which are designated for importation into the United States. GoPro models which are to be sold to other parts of the world will still be made in China.
This might seem an extravagant move just to avoid US tariffs, but with better than 40% of GoPro’s revenue for the third quarter of 2018 coming from the Americas, the company stands to be hit hard by the proposed 25% tax. Combined with the fact they shuttered their drone division last year citing “an extremely competitive aerial market”, and the proliferation of “GoPro clones” available for pennies on the dollar, it seems pretty clear that belt-tightening is the name of the game for the company that was once synonymous with action cameras.
The greatest hardware hacks of all time were simply the result of finding software keys in memory. The AACS encryption debacle — the 09 F9 key that allowed us to decrypt HD DVDs — was the result of encryption keys just sitting in main memory, where it could be read by any other program. DeCSS, the hack that gave us all access to DVDs was again the result of encryption keys sitting out in the open.
Because encryption doesn’t work if your keys are just sitting out in the open, system designers have come up with ingenious solutions to prevent evil hackers form accessing these keys. One of the best solutions is the hardware enclave, a tiny bit of silicon that protects keys and other bits of information. Apple has an entire line of chips, Intel has hardware extensions, and all of these are black box solutions. They do work, but we have no idea if there are any vulnerabilities. If you can’t study it, it’s just an article of faith that these hardware enclaves will keep working.
Now, there might be another option. RISC-V researchers are busy creating an Open Source hardware enclave. This is an Open Source project to build secure hardware enclaves to store cryptographic keys and other secret information, and they’re doing it in a way that can be accessed and studied. Trust but verify, yes, and that’s why this is the most innovative hardware development in the last decade.
The story goes that Atari was developing a premium model of their popular home video game console, the Atari 2600, for the 1981 fiscal year. Internally known as the Stella RC, this model revision promised touch sensitive game selection toggles, LED indicators, and onboard storage for the controllers. The focus of the project, however, was the “RC” in Stella RC which stood for remote control. Atari engineers wanted to free players from the constraints of the wires that fettered them to their televisions.
Problem with the prototypes was that the RF transmitters in the controllers were powerful enough to send a signal over a 1000 ft. radius, and they interfered with a number of the remote garage door openers on the market. Not to mention that if there were another Stella RC console on the same channel in an apartment building, or simply across the street, you could be playing somebody else’s Pitfall run. The mounting tower of challenges to making a product that the FCC would stamp their approval on were too great. So Atari decided to abandon the pioneering Stella RC project. Physical proof of the first wireless game controllers would have been eliminated at that point if it were created by any other company… but prototypes mysteriously left the office in some peculiar ways.
“Atari had abandoned the project at the time…[an Atari engineer] thought it would be a great idea to give his girlfriend’s son a videogame system to play with…I can’t [comment] about the relationship itself or what happened after 1981, but that’s how this system left Atari…and why it still exists today.”
– Joe Cody, Atari2600.com
Atari did eventually get around to releasing some wireless RF 2600 joysticks that the FCC would approve. A couple years after abandoning the Stella RC project they released the Atari 2600 Remote Control Joysticks at a $69.95 MSRP (roughly $180 adjusted for inflation). The gigantic price tag mixed with the video game market “dropping off the cliff” in 1983 saw few ever getting to know the bliss of wire-free video game action. It was obvious that RF game controllers were simply ahead of their time, but there had to be cheaper alternatives on the horizon.
Out of Sight, Out of Control with IR Schemes
Nintendo AVS console deck and IR controller on display.
Video games were a dirty word in America in 1985. While games themselves were still happening on the microcomputer platforms, the home console business was virtually non-existent. Over in Japan, Nintendo was raking in money hand over fist selling video games on their Famicom console. They sought to replicate that success in North America by introducing a revised model of the Famicom, but it had to impress the tech journos that would be attending its reveal at the Consumer Electronics Show (CES).
The prototype system was called the Nintendo Advanced Video System (AVS). It would feature a keyboard, a cassette tape drive, and most importantly two wireless controllers. The controllers used infrared (IR) communication and the receiver was built-into the console deck itself. Each controller featured a square metallic directional pad and four action buttons that gave the impression of brushed aluminum. The advancement in video game controller technology was too good to be true though, because the entire system received a makeover before releasing as the Nintendo Entertainment System (NES) that Christmas. The NES lacked the keyboard, the tape drive, and the IR controllers and its change in materials hardly captured the high-end flash of the AVS. The removal of IR meant the device was cheaper to manufacture. A decision that ultimately helped the NES to become a breakout success that in turn brought back dedicated video game consoles single-handedly.
Many readers will be familiar with [Naomi Wu], the prolific hardware hacker who has shown us so much of the epicentre of Chinese tech in her native Shenzhen through a lens that most outsiders would struggle to achieve. We’ve seen her touring factories and electronics marts, building a load of interesting projects, and achieving the first open source hardware certifications in China.
We’ve seen a lot of [Naomi] speaking to us in English as an audience outside her country, so it is extremely interesting to see her latest video posting in which she makes her case for open source hardware in Chinese to a Chinese audience (Chinese audio with English subtitles). She’s speaking at the recent China open source conference, and her description starts with “**THIS IS VERY BORING UNLESS YOU ARE INTO OPEN SOURCE**”, which we think is a little unfair as it should appeal to anyone with an interest in the Chinese tech business.
In the talk she takes us through the potential benefits of open source to Chinese business by using her projects as case studies. In particular she concentrates on how the arguments for open source in a commercial arena have to be made differently for a Chinese business to those used in the rest of the world. Using the analogy of a college dorm hotpot party, she outlines the importance of a community in open-source development, then we get a blow-by blow account of her work with Elecrow and Creality on the Sino:bit (a single-board computer targeting education in China) and the 3D printers.
The software support for the Sino:bit in particular demonstrates the added value of open source to a business, with significant tutorial and curriculum material coming from Adafruit Industries, Hindi language and character set support from developers in India, and a Chinese developer painstakingly transcribing all the Chinese character set for the device. That last step alone would have cost a non open-source developer a significant sum.
During her talk we are shown the commercial benefits to all three devices, for example one of the Creality 3D printers rapidly becoming Amazon’s top seller despite an array of knock-off machines appearing. We’ve embedded the video below the break, and we think it should be required viewing for anyone with an interest in open source or the Chinese tech industry.
There are two elements of this story that I found particularly baffling. First, this botnet infects routers using a vulnerability that was first reported by Defensecode over five years ago, in 2013! The second oddity is the wide range of devices that are vulnerable and are now part of the botnet. Dozens of brands and at least 116 models have been found to be infected.
One of the details of this story hasn’t been reported entirely accurately. The bug is not built into the Broadcom chipset. Unlike Spectre and Meltdown, it’s not actually a hardware fault. Broadcom distributes a Software Development Kit (SDK) that enables device manufacturers like D-Link, TP-Link, and Linksys to quickly develop firmware for routers using Broadcom chips. The vulnerability lies in this code, rather than part of the hardware itself.
In the talk she takes us through the potential benefits of open source to Chinese business by using her projects as case studies. In particular she concentrates on how the arguments for open source in a commercial arena have to be made differently for a Chinese business to those used in the rest of the world. Using the analogy of a college dorm hotpot party, she outlines the importance of a community in open-source development, then we get a blow-by blow account of her work with Elecrow and Creality on the 
