Making A Mega LED Desk

March 2, 2017 by James Hobson 37 Comments

Few things beat a sturdy, home-built desk — especially when it’s jam-packed with over 1200 WS2812 LEDs.

[nolobot] and his bother struggled with setting up and squaring-off the t-slotted, extruded aluminium frame which makes up the desk. He recommends practicing with a smaller frame for anyone else attempting a similar build. The surface of the desk has a few inches between the polycarbonate top and the 1/4″ plywood painted black serving as the substrate for the LEDs. Those LEDs come in strip form but still required several hundred solders, and wiring headaches in an attempt to make future upgrades manageable. Dozens of support bolts with adjustable feet support the desk surface throughout. These all had to be individually adjusted and can be made out if you look closely at the demo videos.

An Arduino Mega controls the LEDs with the help of the FastLED library. Custom code was necessary because one of the major issues [nolobot] faced was the power draw. 1200 LEDs at 5V draw quite a bit of current, so the LEDs were coded to peak at about 50% brightness. The matrix was split into different banks, while also limiting the 40A PSU to only 15A.

Continue reading “Making A Mega LED Desk” →

The Enchanting Power Of SDDSbot

March 1, 2017 by James Hobson 10 Comments

Who doesn’t love a good robot? If you don’t — how dare you! — then this charming little scamp might just bring the hint of a smile to your face.

SDDSbot — built out of an old Sony Dynamic Digital Sound system’s reel cover — can’t do much other than turn left, right, or walk forwards on four D/C motor-controlled legs, but it does so using the power of a Pixy camera and an Arduino. The Pixy reads colour combinations that denote stop and go commands from sheets of paper, attempting to keep it in the center of its field of view as it toddles along. Once the robot gets close enough to the ‘go’ colour code, the paper’s orientation directs the robot to steer itself left or right — the goal being the capacity to navigate a maze. While not quite there yet, it’s certainly a handful as it is.

Continue reading “The Enchanting Power Of SDDSbot” →

Homemade Subaru Head Unit Is Hidden Masterpiece

February 20, 2017 by Anool Mahidharia 30 Comments

The Subaru BRZ (also produced for Toyota as the GT86) is a snappy sportster but [megahercas6]’s old US version had many navigation and entertainment system features which weren’t useful or wouldn’t work in his native Lithuania. He could have swapped out the built in screen for a large 4G Android tablet/phone, but there’s limited adventure in that. Instead, he went ahead and built his own homemade Navigation system by designing and integrating a whole bunch of hardware modules resulting in one “hack” of an upgrade.

The system is built around a Lenovo 4G phone-tablet running android and supporting GPS, GLONASS as well as the Chinese BeiDou satellite navigation systems. He removed the original daughter board handling the USB OTG connection on the tablet, and replaced it with his version so he could connect it to his external USB board via a flat ribbon cable. The USB board contains a Cypress 4-port USB hub. One port is used as the USB HID device to allow external buttons for system control — Power, Volume Up/Down, Fwd/Rev, Play/Pause, and Phone Answer/Hangup. The second port is used as a regular USB input to allow connecting external devices such as flash drives. The third one goes to a reversing camera while the fourth port goes to a USB DAC.

The USB DAC is another hardware board by itself and also includes a Bluetooth module which integrates his phone’s audio and control functions with the on-board system. There’s also an audio mixer which allows him to use the phone audio without having to miss out on the navigation prompts from the tablet. Both boards also contain several peripheral circuits such as amplifiers and DC power supplies. Audio to the speakers is routed through six LM3886 based power amplifier boards. And the GPS module receives its own special low-noise amplifier board to ensure extremely strong reception at all times. That’s a total of ten boards custom built for this project. He’s also managed to source all the original harness connectors so his system is literally a snap in replacement. The final assembly looks pretty dashing.

For some strange reason, the Lenovo tablet uses 4.35V as the ‘fully charged” value for its LiPo instead of the more common 4.20V, so even with the whole system connected to a hefty 12V lead acid battery from which he’s deriving the 4.20V charging voltage for the tablet, it still complains about “low battery” — and he’s looking for advice on how he can resolve that issue short of blowing up the LiPo by using the higher charge voltage. Besides that, he’s (obviously a kickass) hardware designer and a little bit rusty on the software and programming side of things, for which he’s looking for inputs from the community. His introductory video is almost 30 minutes long, but the shorter demo video after the break shows the system after installation in his car. He’s posted all of his Altium hardware source files on the project page, but until he shares PDF versions, it would be difficult for most of us to look at his work.

Continue reading “Homemade Subaru Head Unit Is Hidden Masterpiece” →

Super Mario Run(s) — Away With Your Money

January 11, 2017 by Pedro Umbelino 37 Comments

If you are an Android user and a big fan of Super Mario beware: there is no Android version! There has been no official news on the Android version yet, let alone a version of the game. There is, however, a version circulating outside of Google Play market that will steal your bank account.

Right now attackers are taking advantage of the game’s popularity and Android users despair to spread malware posing as an Android version of Super Mario Run as they did in the past for Pokemon GO. The trojan is called Android Marcher and has been around since 2013, mostly targeting mobile users financial information. After installation, the application attempts to trick users with fake finance apps and a credit card page in an effort to capture banking details. The malware also locks out Google Play until the user supplies their credit card information.

In this new variant of Marcher, it can monitor the device and steal login data of regular apps, not just banking and payment apps, and send the stolen data back to command and control (C&C) servers. Facebook, WhatsApp, Skype, Gmail, the Google Play store are all vulnerable. Criminals can exploit these stolen accounts to carry out additional fraud.

Zscaler researchers advice is:

To avoid becoming a victim of such malware, it is a good practice to download apps only from trusted app stores such as Google Play. This practice can be enforced by unchecking the “Unknown Sources” option under the “Security” settings of your device.

We may add to turn on “App Verification”. Verify Apps regularly checks activity on your device and prevents or warns you about potential harm. Verify Apps is on by default, as is Unknown Sources turned off. Verify Apps also checks apps when you install them from sources other than Google Play. Of course, there is a privacy trade-off. Some information has to be sent about the apps you install back to Google.

The main advice is: use common sense. It’s common practice for companies to release official apps versions through Google Play and highly unlikely to do it via any other way.

FANCY BEAR Targets Ukrainian Howitzers

December 22, 2016 by Elliot Williams 74 Comments

Just in case you’re one of the people out there who still doesn’t believe in “the cyber” — it appears that the Russian military served malicious cell-phone apps to the Ukrainian army that allowed them to track a particular artillery cannon.

The legitimate version of the Android app helped its operator use the 1960’s-era former Soviet howitzer. The trojanized version of this application did just the same, except it also phoned home to Russian military intelligence with its location. In addition to giving the Russian army valuable information about troop movements in general, it also led to the destruction of 80% of the cannons in question over two years.

The cited article goes into depth about how certain it is that a hacking group, referred to as FANCY BEAR, are nearly certainly responsible for the attack. The exploit has fingerprints that are not widely known outside of the security research community, and the use of the exploit against the Ukrainian army pretty much ties FANCY BEAR to the Russian military.

This is also the same exploit that was used against the Democratic National Committee in the United States. Attribution is one of the hardest parts of white-hat hacking — attackers don’t want to be found and will leave misleading clues when they can — but the use of the same proprietary malware in these two attacks is pretty convincing evidence that Russian military intelligence has also hacked into US political parties and NGOs.

(Banner image by Vitaly Kuzmin, CC-BY-SA 3.0.)

Computers For The Masses, Not The Classes

December 13, 2016 by Brian Benchoff 65 Comments

Retro is new again, and everywhere you look you’ll find films, documentaries, and TV shows cashing in on the nostalgia of their target audience. There is one inaccuracy you’ll find with this these shows: Apple computers are everywhere. This isn’t a historical truth – Commodore was everywhere, the C64 was the computer the nerds actually used, and to this day, the Commodore 64 is still the best-selling computer in history.

Commodore is gone, replaced with a superfund site, but the people who made the best computers in history are still around. At the 2016 Hackaday SuperConference, Bil Herd gave a talk on the second act of Commodore’s three-act tragedy. Bil is a frequent contributor around these parts, and as always he illuminates the 1980s far better than Halt and Catch Fire ever could.

Continue reading “Computers For The Masses, Not The Classes” →

Pioneer AVIC Infotainment Units Hacked To Load Custom ROMs

December 13, 2016 by Lewin Day 23 Comments

Pioneer’s flagship AVIC line of in-car multimedia systems is compatible with both Android Auto and Apple Car Play, and offers all manner of multimedia features to the driver of today. What’s more, these in-dash wonders have spawned their own community, dedicated to hacking the units. The ultimate infotainment hack is to develop custom ROMs for these devices.

What this means is that owners of Pioneer AVIC units will eventually be able to flash a custom ROM onto their in-car device, allowing it to operate more like any other generic Android tablet on the market. The potential is there for installing custom applications, extra hardware (such as OBD II readers), or pretty much anything else you can do with an Android device.

The hack involves a whole lot of delicate steps, beginning with using a USB stick with a special image to boot the device into a test mode. This allows the internal SD card to be backed up, then overwritten with a new image itself.

Mostly, the hack has been used to allow map files to be updated on the internal SD card — inability to update maps has been a long festering thorn in the side of in-dash navigation systems. Users have been customizing this to suit their requirements, also adding speed camera locations and other features. But overall this hack is a great example of hacking something to get full control over the things you own. At the least, this will allow drivers to ditch the phones suction-cupped to the windshield and run common apps like Waze, Uber, and Lyft directly on the infotainment screen (assuming you can rig up an Internet connection).

Check out another great Android ROM hack — using a cheap old smartphone as a low-cost ARM platform.