The Internet Of Jack-O’-Lanterns

November 1, 2017 by 2 Comments

As the candy rush fades, the Halloween hacks continue pouring in. [Jeremy S Cook] has taken a few fundamental concepts and dressed them up inside the smartest pumpkin on the block.

This pumpkin has a WEMOS D1 Mini ESP8266 brain, LED eyes in place of a candle for illumination, and a small USB power bank for power. The code [Cook] is using is a modified sketch by YouTuber [Innovative Tom], which creates a server on your network — don’t forget to insert your network credentials! — that enable control of the LEDs from your computer or smart phone.

[Cook] has wired the LEDs to the relevant pins on the D1 Mini, zip-tied the battery and board together and stuff them in a plastic bag to keep them dry. Stick that into the pumpkin, hot glue the LEDs in place, and test it out!

Continue reading “The Internet Of Jack-O’-Lanterns”

Pumpkin Piano Promises A Gourd Time

October 31, 2017 by 9 Comments

Fall – it’s that time of year that brings falling leaves, Hallowe’en, and a pumpkin version of everything that you hold dear. In this case, it’s not a latte – it’s [Robert Vorthman]’s Pumpkin Piano.

[Robert] took a straightforward approach to the build, pressing a Raspberry Pi into service as the backbone of the operation. This is combined with an Adafruit breakout board for the MPR121, which is a chip that provides 12 capacitive touch-sensitive inputs. These are connected to the bountiful produce which make up the piano keys in this fun holiday hack. [Robert] uses some Python code that talks to fluidsynth, a software synthesizer that uses Soundfont files to create different sounds. It’s all wrapped up with some Neopixels that flash when each vegetable is triggered.

The build would make a great party piece for just about any fall gathering, and [Robert] has done a great job of rolling up all the hardware and software required in the write-up. For another take on a vegetable-based orchestra, check out last year’s Harpsi-gourd.

Pull Passwords Out Of Silicon

October 30, 2017 by 15 Comments

[q3k] got tipped off to a very cool problem in the ongoing Pwn2Win capture-the-flag, and he blew it out of the water by decoding the metal interconnect layers that encode a password in a VLSI IC. And not one to rent someone else’s netlist extraction code, he did it by writing his own.

The problem in the Pwn2Win CTF came in the form of the design files for a hypothetical rocket launch code. The custom IC takes an ASCII string as input, and flips a pin high if it matches. Probably the simplest way to do this in logic is to implement a shift register that’s long enough for the code string’s bits, and then hard-wire some combinatorial logic that only reads true when all of the individual bits are correct.

(No, you don’t want to implement a password-checker this way — it means that you could simply brute-force the password far too easily — but such implementations have been seen in the wild.)

Anyway, back to our story. After reversing the netlist, [q3k] located 320 flip-flops in a chain, suggesting a 40-byte ASCII code string. Working backward in the circuit from the “unlocked” pin to the flip-flops, he found a network of NOR and NAND gates, which were converted into a logic notation and then tossed into Z3 to solve. Some cycles later, he had pulled the password straight out of the silicon!

This looks like a really fun challenge if you’re into logic design or hardware reverse engineering. You don’t have to write your own tools to do this, of course, but [q3k] would say that it was worth it.

Thanks [Victor] for the great tip!
Featured image by David Carron, via Wikipedia.

Hackaday Links Column Banner

Hackaday Links: ???? ???? Spooky Edition, 2017

October 29, 2017 by 23 Comments

A few links posts ago, we wrote something about a company selling huge LED panels on eBay, ten panels for $50. Those panels are gone now, but a few lucky hackers got their hands on some cool hardware. Now there’s a project to reverse engineer these Barco NX-4 LED panels. Who’s going to be the first to figure out how to drive these things? Doesn’t matter — it’s a group project and we’re all made richer by the contributions of others.

Prague is getting a new hackerspace.

A year and a half ago, a $79 3D printer popped up on Kickstarter. I said I would eat a hat if it shipped by next year. Seeing as how it’s basically November, and they’re not selling a $79 printer anymore — it’s $99 — this might go down as one of my rare defeats, with an asterisk, of course. I’m going to go source some very large fruit roll-ups and do this at Supercon. Thanks, [Larry].

Speaking of bets, this week Amazon introduced the most idiotic thing ever invented. It’s called Amazon Key. It’s an electronic lock (dumb), connected to the Internet (dumber), so you let strangers into your house to deliver packages (dumbest). CCC is in a few months, so I don’t know if Amazon Key will be hacked by then, but I’m pretty confident this will be broken by March.

The Lulzbot Taz is one of the best printers on the market, and it is exceptionally Open Source. The Taz is also a great printer for low-volume production. It was only a matter of time until someone built this. The Twoolhead is a parallel extruder for the Taz 6. Instead of one extruder and nozzle, it’s two, and instead of printing one object at a time, it prints two. Of course it limits the build volume of the printer, but if you need smaller parts faster, this is the way to go.

Hey, did you hear? Hackaday is having a conference the weekend after next. This year, we’re opening up the doors a day early and having a party at the Evil Overlord’s offices. Tickets are free for Supercon attendees, so register here.

At CES this year, we caught wind of one of the coolest advances in backyard astronomy in decades. The eVscope is ‘astrophotography in the eyepiece’, and it’s basically a CCD, a ton of magic image processing, and a small display, all mounted inside a telescope. Point the scope at a nebula, and instead of seeing a blurry smudge, you’ll see tendrils and filaments of interstellar gas in almost real-time. Now the eVscope is on Kickstarter. It’s a 4.5 inch almost-Newtonian (the eyepiece is decoupled from the light path, so I don’t even know how telescope nomenclature works in this case), an OLED display, and a 10-hour battery life.

Is the fidget spinner fad over? Oh, we hope not. A technology is only perfected after it has been made obsolete. Case in point? We can play phonographs with lasers. The internal combustion engine will be obsolete in automobiles in twenty years, but track times will continue going down for forty. Fidget spinners may be dead, but now you can program them with JavaScript. What a time to be alive!

Audio tomphoolery even an idiot tech blogger can see through! I received a press kit for a USB DAC this week that included the line, “…low drop out voltage regulators running at 3.3 V, meaning the 5 V USB limit is well preserved.” Yes, because you’re running your system at 3.3 V, you won’t draw too much current from a USB port. That’s how it works, right?

[Peter Sripol] is building an ultralight in his basement. The last few weeks of his YouTube channel have been the must-watch videos of the season. He’s glassed the wings, installed all the hardware (correctly), and now he has the motors and props mounted. This is an electric ultralight, so he’s using a pair of ‘150 cc’ motors from HobbyKing. No, that’s not displacement, it’s just a replacement for a 150 cc gas engine. On a few YouTube Live streams, [Peter] did what was effectively a high-speed taxi test that got out of hand. It flew. Doing that at night was probably not the best idea, but we’re looking forward to the videos of the flight tests.

Pop Goes The Haunted Jack-in-the-Box

October 21, 2017 by 10 Comments

Is Halloween sneaking up on you, too?  It’s less than two weeks away, but there is still plenty of time to build something that will scare the pants off trick-or-treaters and party guests alike. This year, Hackaday regular [Sean Hodgins] hacked his favorite holiday by taking something that ships with a base level of scariness and making it autonomous. What could be more frightening than a haunted toy?

The (decades-old) jack-in-the-box mechanism is simple. Turning the crank operates a mechanical music box that plays the traditional “Pop Goes the Weasel”. When the music box hits the high note, a jutting piece of plastic on the barrel of music box disturbs the other end of the latch, which frees the scary clown inside. [Sean] used a 100:1 DC motor to turn the crank from the inside, and a Pi camera to detect victims in the vicinity. Once the camera locks on to a face, the box cranks itself and eventually ejects the jester. Since most of the space inside is already taken up by the spring, [Sean] housed the electronics in a custom 3D-printed base with a hole cut out for the camera’s eye.

Many modifications are possible with a project like this. [Sean] is now in complete control of the latch operation, so he could make the clown pop appear instantly, or randomly, or sometimes not at all. Check out [Sean]’s entertaining build video after the break.

Want to make your own fright machine from scratch? We’ve got all the inspiration you need, from tabletop to trash can-sized monsters. Continue reading “Pop Goes The Haunted Jack-in-the-Box”

Supercon Badge Hacking Quick-Start

October 20, 2017 by 8 Comments

The hardware badge Mike Harrison designed for this year’s Hackaday Superconference is begging to be hacked. Today, I wanted to help get you up and running quickly.

The Hacker Village atmosphere of Supercon is starting up a day early this year. On Friday, November 10th badge pick-up starts at noon and badge hacking continues throughout the afternoon, followed by a party at Supplyframe HQ that evening. Plan to get to town on Friday and join in the fun. Of course, you need to grab a Supercon ticket if you haven’t already.

Check out the 2017 Superconference Badge project page for full documentation that Mike has put together during his development process.

Continue reading “Supercon Badge Hacking Quick-Start”

Practical Public Key Cryptography

October 18, 2017 by 25 Comments

Encryption is one of the pillars of modern-day communications. You have devices that use encryption all the time, even if you are not aware of it. There are so many applications and systems using it that it’s hard to begin enumerating them. Ranging from satellite television to your mobile phone, from smart power meters to your car keys, from your wireless router to your browser, and from your Visa to your Bitcoins — the list is endless.

One of the great breakthroughs in the history of encryption was the invention of public key cryptography or asymmetrical cryptography in the 70’s. For centuries traditional cryptography methods were used, where some secret key or scheme had to be agreed and shared between the sender and the receiver of an encrypted message.

Asymmetric cryptography changed that. Today you can send an encrypted message to anyone. This is accomplished by the use of a pair of keys: one public key and one private key. The key properties are such that when something is encrypted with the public key, only the private key can decrypt it and vice-versa. In practice, this is usually implemented based on mathematical problems that admit no efficient solution like certain integer factorization, discrete logarithm and elliptic curve relationships.

But the game changer is that the public key doesn’t have to be kept secret. This allows cryptography to be used for authentication — proving who someone is — as well as for encryption, without requiring you to have previously exchanged secrets. In this article, I’ll get into the details of how to set yourself up so that anyone in the world is able to send you an e-mail that only you can read.
Continue reading “Practical Public Key Cryptography”