Open-Source LAMP Instrument Aimed At Clinicians And Biohackers Alike

July 14, 2023 by 28 Comments

Over the last few years, we’ve all been given a valuable lesson in both the promise and limitations of advanced molecular biology methods for clinical diagnostics. Polymerase chain reaction (PCR) was held up as the “gold standard” of COVID-19 testing, but the cost, complexity, and need for advanced instrumentation and operators with specialized training made PCR difficult to scale to the levels demanded by a pandemic.

There are other diagnostic methods, of course, some of which don’t have all the baggage of PCR. RT-LAMP, or reverse transcriptase loop-mediated amplification, is one method with a lot of promise, especially when it can be done on a cheap open-source instrument like qLAMP. For about 50€, qLAMP makes amplification and detection of nucleic acids, like the RNA genome of the SARS-CoV-2 virus, a benchtop operation that can be performed by anyone. LAMP is an isothermal process; it can be done at one single temperature, meaning that no bulky thermal cycler is required. Detection is via the fluorescent dye SYTO 9, which layers into the base pairs inside the amplified DNA strands, using a 470-nm LED for excitation and a photodiode with a filter to detect the emission. Heating is provided by a PCB heater and a 3D-printed aluminum block that holds tubes for eight separate reactions. Everything lives in a 3D-printed case, including the ESP32 which takes care of all the housekeeping and data analysis duties.

With the proper test kits, which cost just a couple of bucks each, qLAMP would be useful for diagnosing a wide range of diseases, and under less-than-ideal conditions. It could also be a boon to biohackers, who could use it for their own citizen science efforts. We saw a LAMP setup at the height of the pandemic that used the Mark 1 eyeball as a detector; this one is far more quantitative.

Listening To Bats As They Search For Food

July 14, 2023 by 14 Comments

The range of human hearing goes up to about 20 kilohertz, which is fine for our purposes, but is pretty poor compared to plenty of other animal species. Dogs famously can hear up to about 60 kHz, and dolphins are known to distinguish sounds up to 100 kHz. But for extremely high frequencies we’ll want to take a step into the world of bats. Some use echolocation to locate each other and their food sources, and bats like the pipistrelle can listen in to sounds up to 350 kHz. To listen to them you’ll need a device like the π*pistrelle.

The original implementation of the bat detector was based on a Raspberry Pi Pico, from which it gets its name. But there have been several improvements on it in the years since it was first developed. The latest can detect bats when it hears their 350 kHz sonar calls thanks to an ultrasonic microphone and op amp. The device then records the bat sounds and then either heterodynes the sound down or time-expands it to human-audible range so the calls can actually be heard. There’s an LED display on the board as well as three input buttons, but an iOS companion app is available to interact with the device as well.

If you want to know for sure which species is flying around at night, you can use machine learning to help figure that out.

Ask Hackaday: Learn Assembly First, Last, Or Never?

July 14, 2023 by 154 Comments

A few days ago, I ran into an online post where someone pointed out the book “Learn to Program with Assembly” and asked if anyone had ever learned assembly language as a first programming language. I had to smile because, if you are a certain age, your first language may well have been assembly, even if it was assembly for machines that never existed.

Of course, that was a long time ago. It is more likely, these days, if you are over 40, you might have learned BASIC first. Go younger, and you start skewing towards Java, Javascript, or even C. It got me thinking, though: should people learn assembly, and if so, when?

Continue reading “Ask Hackaday: Learn Assembly First, Last, Or Never?”

Hackaday Podcast 227: Open Source Software, Decoupling Caps, DIY VR

July 14, 2023 by 1 Comment

Elliot Williams and Tom Nardi start this week’s episode by addressing the ongoing Red Hat drama and the trend towards “renting” software. The discussion then shifts to homebrew VR gear, a particularly impressive solar-powered speaker, and some promising developments in the world of low-cost thermal cameras. Stay tuned to hear about color-changing breadboards, an unofficial logo for repairable hardware, and five lines of Bash that aim to unseat the entrenched power of Slack. Finally, we’ll take the first steps in an epic deep-dive into the world of DisplayPort, and take a journey of the imagination aboard an experimental nuclear ocean liner.

Check out the complete show notes below, and as always, let us know what you think in the comments.

Or download the episode directly in glorious DRM-free MP3.

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 227: Open Source Software, Decoupling Caps, DIY VR”

Students 3D Print Low Cost Braille Keypad

July 14, 2023 by 7 Comments

Numerical keypads are common entry devices for everything from home security systems to phones and more. Unfortunately, a great deal of them are difficult to use if you’re visually impaired. This high-contrast Braille keypad aims to solve those issues with simple design choices.

The keypad was developed as a school project by students [Nicholas Nguyen] and [Daniel Wang]. It uses a regular layout, with 1 at the top left and 9 at the bottom right. The keypad itself is 3D printed with large buttons for easier use. Each button has its numeral inlaid on the face which allows it to be easily filled in with paint for high-contrast readability.

The real neat feature, though, is that each individual button features its relevant number in Braille. The pips are directly 3D printed into the shape of each button. For those that familiar with the tactile writing system, this makes the keypad much easier to use. It obviates the need to guess at the keypad’s orientation, and we’re honestly surprised we don’t see this on more devices out in the wild.

We’ve featured a variety of neat Braille hacks over the years, including this neat tactile display.

Continue reading “Students 3D Print Low Cost Braille Keypad”

This Week In Security: Apple’s 0-day, Microsoft’s Mess, And More

July 14, 2023 by 4 Comments

First up, Apple issued an emergency patch, then yanked, and re-issued it. The problem was a Remote Code Execution (RCE) vulnerability in WebKit — the basis of Apple’s cross-platform web browser. The downside of a shared code base,is that bugs too are write-once, exploit-anywhere. And with Apple’s walled garden insisting that every browser on iOS actually run WebKit under the hood, there’s not much relief without a patch like this one.

The vulnerability in question, CVE-2023-37450, is a bit light on further details except to say that it’s known to be exploited in the wild. The first fix also bumped the browser’s user-agent string, adding an (a) to denote the minor update. This was apparently enough to break some brittle user-agent detection code on popular websites, resulting in an unhelpful “This web browser is no longer supported” message. The second patch gets rid of the notification.

Microsoft Loses It

Microsoft has announced that on May 15th, an attack from Storm-0558 managed to breach the email accounts of roughly 25 customers. This was pulled off via “an acquired Microsoft account (MSA) consumer signing key.” The big outstanding question is how Microsoft lost control of that particular key. According to an anonymous source speaking to The Washington Post, some of the targeted accounts were government employees, including a member of cabinet. Apparently the FBI is asking Microsoft this very same question.

Speaking of Microsoft, there’s also CVE-2023-36884, a vulnerability in Microsoft Office. This one appears to be related to the handling of HTML content embedded in Office documents, and results in code execution upon opening the document. This along with another vulnerability (CVE-2023-36874) was being used by storm- another unknown threat actor, Storm-0978 in an ongoing attack.

There’s an interesting note that this vulnerability can be mitigated by an Attack Surface Reduction (ASR) rule, that blocks Office from launching child processes. This might be a worthwhile mitigation step for this and future vulnerabilities in office. Continue reading “This Week In Security: Apple’s 0-day, Microsoft’s Mess, And More”

How Does Your McDonald’s Burger Get To You?

July 14, 2023 by 32 Comments

Table service and McDonalds sound as though they should be mutually exclusive as a fundamental of the giant chain’s fast food business model, but in many restaurants there’s the option of keying in the number from a plastic beacon when you order, placing the beacon on the table, and waiting for a staff member to bring your food. How does the system work? [Whiterose Infosec] scored one of the beacons, and subjected it to a teardown and some probing.

The beacon in question has the look of being an older model judging by the 2009 date codes on its radio module and the evident corrosion on its battery terminals. Its Bluetooth 4 SoC is end-of-life, so it’s possible that this represents a previous version of the system. It has a few other hardware features, including a magnet and a sensor designed to power the board down when it is stacked upon another beacon.

Probing its various interfaces revealed nothing, as did connecting to the device via Bluetooth. However some further research as well as asking some McD’s employees revealed some of its secret. It does little more than advertise its MAC address, and an array of Bluetooth base stations in the restaurant use that to triangulate its approximate position.

If you’ve ever pondered how these beacons work while munching on your McFood, you might also like to read about McVulnerabilities elsewhere in the system.