Make It Compatible

March 12, 2022 by Elliot Williams 25 Comments

I’m probably as guilty as anyone of reinventing the wheel for a subpart of a project. Heck, sometimes I just feel like working on a wheel design. But if that’s the path you choose, you have to think about whether or not it’s important that others can replicate your project. The nice thing about a bog-standard wheel is that everyone has got one.

The case study I have in mind is a wall-plotter project that appeared on Hackaday this week. It’s a really sweet design, and in many ways would be an ideal starter project. I actually need a wall plotter (for reasons) and like a number of the choices made. For instance, having nearly everything, including the lightweight geared steppers on the gondola makes it easy to install and uninstall — you just pin up the timing belt from which it hangs and you’re done. Extra weight on the gondola helps with stability anyway. It’s open source and based on the Arduino libraries, so it should be easy enough to port to whatever microcontroller I have on hand.

But the image-generation toolchain is awkward, involving cutting and pasting into a spreadsheet, which generates a text file in a custom plotting micro-language. Presumably the designer doesn’t know about Gcode, which is essentially the lingua franca of moving machines, or just didn’t feel like implementing it. Where in Gcode, movement commands are like “G1 X100 Y50”, this device expects “draw_line(0,0,100,50)”. They’re essentially equivalent, but incompatible.

I totally understand that the author must have had a good time thinking up the movement commands and writing the spreadsheet that translates SVG files into them. I’ve been there and done that! But if the wall plotter spoke Gcode instead of its own dialect, it would slot instantly into any number of graphics processing workflows, which would make me, the potential user, happier.

When you are looking at reinventing the wheel, think about your audience. If you’re the only person likely to see the project, go ahead and scratch whatever itch you’ve got. You’ll learn more that way. But if you want to share the project with as many people as possible, adhering to the most widely used standards is a good choice for your users, even if it is less fun than dreaming up your own movement language.

The Metal 3D Printing Hack Chat Brings The Heat

March 11, 2022 by Tom Nardi 8 Comments

At this point, it’s safe to say the novelty of desktop 3D printing has worn off. The community has largely come to terms with the limitations of extruded plastics, and while we still vehemently believe that it’s a transformative technology, we’ll admit there aren’t too many applications where a $200 USD printer squirting out PLA is truly the best tool for the job.

But rather than looking at today’s consumer 3D printer market as the end of the line, what if it’s just the beginning? With the problems of slicing, motion control, and extrusion more or less solved when it comes to machines that print in plastic, is it finally time to turn our attention to the unique problems inherent in building affordable metal printers? Agustin Cruz certainly thinks so, which is why he took to the Hack Chat this week to talk about his personal vision for an open source 3D printer that can turn powdered metals into solid objects by way of a carefully controlled electron beam.

To be clear, Agustin isn’t suggesting you toss out your Creality anytime soon. Metal 3D printing will always be a niche within a niche, but for applications where even advanced engineering plastics like PEI and PEEK simply won’t do, he argues the community needs to have a cheap and accessible option. Especially for developing and low income countries where traditional manufacturing may be difficult. The machine he’s been working on wouldn’t be outside the capabilities of an individual to build and operate, but at least for right now the primary target is hospitals, colleges, and small companies.

The Chat was full of technical questions about Agustin’s design, and he wasn’t shy about tackling them. Some wondered why he decided to sinter the metal powder with an electron gun when solid-state lasers are cheap, easily available, and relatively straightforward to work with. But while the laser might seem like the easier solution on the surface, Agustin points out that using a magnetically focused electron beam gives his printer some unique capabilities.

For example, he can easily defocus the beam and pass it over the entire build plate to pre-heat the powder. The steerable beam doesn’t require mirrors either, which not only reduces the weight and complexity of the machine, but in theory should allow for faster print speeds. The beam can be moved in the X/Y dimensions with an accuracy of 0.01 mm, and while the beam diameter is currently a respectable 0.5 mm, Agustin says he’s working on bringing that down to 0.1 mm for high detail work. The temperature at the focal point of the beam is between 1,400 and 1,500 °C, which he notes is not only hot enough to melt the powdered metal, but can also weld stainless steel.

Continue reading “The Metal 3D Printing Hack Chat Brings The Heat” →

Hackaday Podcast 159: Zombie Killer Or Rug Maker, 3D Printed Rims, 1950s Drum Machines, And Batteries On Wheels

March 11, 2022 by Tom Nardi No comments

Join Hackaday Editor-in-Chief Elliot Williams and Managing Editor Tom Nardi as they look back on the best hacks and stories of the previous week. There’s plenty in the news to talk about, though between faulty altimeters and the ongoing conflict in Ukraine, it isn’t exactly of the positive variety. But things brighten up quickly as discussion moves on to 3D printed car wheels, a fantastically complex drum machine from 1958, a unique take on the seven-segment flip display, and a meticulously designed (and documented) coffee machine upgrade. Somewhere in there a guy also recreates a rare German anti-air rocket launcher from WWII, but it’s all in the name of history. We’ll also tackle two very different forms of electric propulsion, from the massive wheeled batteries popping up in garages and driveways all over the world to high-efficiency thrusters for deep space missions.

Direct Download (~60 MB)

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Continue reading “Hackaday Podcast 159: Zombie Killer Or Rug Maker, 3D Printed Rims, 1950s Drum Machines, And Batteries On Wheels” →

This Week In Security: DDoS Techniques, Dirty Pipe, And Lapsus$ Continued

March 11, 2022 by Jonathan Bennett 26 Comments

Denial-of-Service (DoS) amplification. Relatively early in the history of the Internet — it was only 14 years old at the time — the first DoS amplification attack was discovered. [TFreak] put together smurf.c, likely in 1997, though it’s difficult to nail the date down precisely.

The first real DoS attack had only happened a year before, in 1996. Smurf worked by crafting ICMP packets with spoofed source addresses, and sending those packets to a network’s broadcast address. A host that received the request would send the packet to the target, and if multiple hosts responded, you got a bigger DoS attack for free. Fast forward to 1999, and the first botnet pulled off a Distributed DoS, DDoS, attack. Ever since then, there’s been an ongoing escalation of DDoS traffic size and the capability of mitigations.

DNS and NTP quickly became the popular choice for amplification, with NTP requests managing an amplification factor of 556, meaning that for every byte an attacker sent, the amplifying intermediary would send 556 bytes on to the victim. You may notice that so far, none of the vulnerable services use TCP. The three-way handshake of TCP generally prevents the sort of misdirection needed for an amplified attack. Put simply, you can’t effectively spoof your source address with TCP.

There are a pair of new games in town, with the first being a clever use of “middleboxes”, devices like firewalls, Intrusion Prevention Systems, and content filters. These devices watch traffic and filter content or potential attacks. The key here is that many such devices aren’t actually tracking TCP handshakes, it would be prohibitively memory and CPU intensive. Instead, most such devices just inspect as many packets as they can. This has the unexpected effect of defeating the built-in anti-spoofing of TCP.

An attacker can send a spoofed TCP packet, no handshake required, and a vulnerable middlebox will miss the fact that it’s spoofed. While that’s interesting in itself, what’s really notable is what happens when the packet appears to be a request for a vulnerable or blocked resource. The appliance tries to interrupt the stream, and inject an error message back to the requester. Since the requestor can be spoofed, this allows using these devices as DDoS amplifiers. As some of these services respond to a single packet with what is essentially an entire web page to convey the error, the amplification factor is literally off the charts. This research was published August 2021, and late February of this year, researchers at Akamai have seen DDoS attacks actually using this technique in the wild.

The second new technique is even more alien. Certain Mitel PBXs have a stress-test capability, essentially a speed test on steroids. It’s intended to only be used on an internal network, not an external target, but until a recent firmware update that wasn’t enforced. For nearly 3,000 of these devices, an attacker could send a single packet, and trigger the test against an arbitrary host. This attack, too, has recently been seen in the wild, though in what appears to be test runs. The stress test can last up to 14 hours at worst, leading to a maximum amplification factor if over four billion, measured in packets. The biggest problem is that phone systems like these a generally never touched unless there’s a problem, and there’s a decent chance that no one on site has the login credentials. That is to say, expect these to be vulnerable for a long time to come. Continue reading “This Week In Security: DDoS Techniques, Dirty Pipe, And Lapsus$ Continued” →

Remoticon 2021 // Vaibhav Chhabra And The M19 Collective Make One Million Faceshields

March 10, 2022 by Arya Voronova 5 Comments

[Vaibhav Chhabra], the co-founder of Maker’s Asylum hackerspace in Mumbai, India, starts his Remoticon talk by telling a short story about how the hackerspace rose to its current status. Born out of frustration with a collapsed office ceiling, having gone through eight years of moving and reorganizations, it accumulated a loyal participant base – not unusual with hackerspaces that are managed well. This setting provided a perfect breeding ground for the M19 effort when COVID-19 reached India, mixing “what can we do” and “what should we do” inquiries into a perfect storm and starting the 49 day work session that swiftly outgrew the hackerspace, both physically and organizationally.

When the very first two weeks of the Infinite Two Week Quarantine Of 2020 were announced in India, a group of people decided to wait it out at the hackerspace instead of confining themselves to their homes. As various aspects of our society started crashing after the direct impact of COVID-19, news came through – that of a personal protective equipment shortage, especially important for frontline workers. Countries generally were not prepared when it came to PPE, and India was no different. Thus, folks in Maker’s Asylum stepped up, finding themselves in a perfect position to manufacture protective equipment when nobody else was prepared to help.

Continue reading “Remoticon 2021 // Vaibhav Chhabra And The M19 Collective Make One Million Faceshields” →

Announcing: The 2022 Hackaday.io Sci-Fi Contest

March 10, 2022 by Elliot Williams 6 Comments

Ladies and Gentlemen, Sentient robots, Travellers from the distant future, or Aliens from the outer rim, it’s time to enter the 2022 Hackaday.io Sci-Fi Contest!

We last ran the Sci-Fi contest in the far, far past — before the Voigt-Kampff machine was detecting replicants on the gritty streets of 2019’s LA. Back then, we had some out-of-this-world entries. It’s time for the sequel.

Thanks to Digi-Key, the contest’s sponsor, your best blaster, your coolest costume, or your most righteous robot could win you one of three $150 shopping sprees in their parts warehouse. Create a Hackaday.io project, enter it in the contest, and you’re set. You might as well do that right now, but the contest closes on April 25th.

Sci-Fi is all about the looks, so if it’s purely decorative, be sure to blind us with science (fiction). If your project actually functions, so much the better! Of course we’d like to know how it works and how you made it, so documentation of the project is the other big scoring category. Whatever it is, it’s got to be sci-fi, and it’s got to have some electronics in it.

If you’re looking for inspiration, you could do a lot worse than to check out [Jerome Kelty]’s Animatronic Stargate Helmet, that not coincidentally took the grand prize last time around. It’s an artistic and engineering masterpiece all rolled into one, and the description of how it’s made is just as extensive. [Jochen Alt]’s “Paul” robot isn’t out of any particular sci-fi franchise that we know, but of rolling on one ball and reciting robot poetry, it absolutely should be.

Honorable Mentions

In addition to the overall prizes, we’ll be recognizing the best projects in the following honorable mention categories:

Star Star: Whether you’re “beam me up” or “use the force”, fans of either of the “Star” franchises are eligible for this honorable mention.
ExoSuit: This category recognizes sci-fi creations that you can wear. Costumes and armor fit in here.
Stolen off the Set: If your blaster looks exactly like Han Solo’s, you’re a winner here. This is the category for your best prop replica.
Living in the Future: If your sci-fi device was purely fantasy when imagined, but now it’s realizable, you’re living in the future. A working tricorder or a functioning robot companion would fit in fine here.
The Most Important Device: Has no function, but it certainly looks like it does. Just blinking lights that blink back and forth, yet the government spent millions of dollars on it.

You don’t have to tell us where your project fits in. We’ve got you covered.

Engage!

Get started now by creating a project page on Hackaday.io. In the left sidebar of your project page, use the “Submit Project To” button to enter in the 2022 Sci-Fi Contest.

You have from now until April 25, 2022 to get it finished. Of course, if your time machine actually works, you can finish it whenever. Check out the Hackaday.io contest page for all the fine print.

Cranes made by Origami (Orizuru). The height is 35mm.

Bringing The Art Of Origami And Kirigami To Robotics And Medical Technology

March 9, 2022 by Maya Posch 5 Comments

Traditionally, when it comes to high-tech self-assembling microscopic structures for use in medicine delivery, and refined, delicate grippers for robotics, there’s been a dearth of effective, economical options. While some options exist, they are rarely as effective as desired, with microscopic medicine delivery mechanisms, for example, not having the optimal porosity. Similarly, in so-called soft robotics, many compromises had to be made.

A promising technology here involves the manipulation of flat structures in a way that enables them to either auto-assemble into 3D structures, or to non-destructively transform into 3D structures with specific features such as grippers that might be useful in both micro- and macroscopic applications, including robotics.

Perhaps the most interesting part is how much of these technologies borrow from the Japanese art of origami, and the related kirigami.

Continue reading “Bringing The Art Of Origami And Kirigami To Robotics And Medical Technology” →