This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.
Unbinare is a small Belgian company at the forefront of hacking e-waste into something useful, collaborating with recycling and refurbishing companies. Reverse-engineering is a novel way to approach recycling, but it’s arguably one of the most promising ways that we are not trying at scale yet. At Hackaday Remoticon 2021, Maurits Fennis talked about Unbinare’s efforts in the field and presented us with a toolkit he has recently released as a part of his work, as well as described how his background as an artist has given him insights used to formulate foundational principles of Unbinare.
Unbinare’s tools are designed to work in harmony with each other, a requirement for any productive reverse-engineering effort. OI!STER is a general-purpose salvaged MCU research board, with sockets to adapt to different TQFP chip sizes. This board is Maurits’s experience in reverse-engineering condensed into a universal tool, including a myriad of connectors for different programming/debugging interfaces. We don’t know the board’s full scope, but the pictures show an STM32 chip inside the TQFP socket, abundant everywhere except your online retailer of choice. Apart from all the ways to break out the pins, OI!STER has sockets for power and clock glitching, letting you target these two omnipresent Achilles’ heels with a tool like ChipWhisperer.
In an ideal world, your FDM 3D printer’s bed would be perfectly parallel with the print head’s plane of movement. We usually say that means the bed is “level”, but really it doesn’t matter if it is level in the traditional sense, as long as the head and the bed are the same distance apart at every point. Of course, in practice nothing is perfect.
The second best situation is when the bed is perfectly flat, but tilted relative to the print head. Even though this isn’t ideal, software can move the print head up and down in a linear fashion to compensate for the tilt. Things are significantly worse if the bed isn’t itself flat, and has irregular bumps up and down all over.
To combat that, some printer firmware supports probing the bed to determine its shape, and adjusts the print head up and down as it travels across the map. Of course, you can’t probe the bed at every possible point, so the printer will have to interpolate between the measured reference points. Marlin’s bilinear bed leveling is an example.
But if you have enough flash space and you use Marlin, you may want to try unified bed leveling (UBL). This is like bilinear leveling on steroids. Unfortunately, the documentation for this mode is not as plain as you might like. Everything is out there, but it is hard to get started and information is scattered around a few pages and videos. Let’s fix that.
I’ve been sewing off and on since I was a kid, and I really started to get into it about ten years ago. Even though I technically outgrew my little 3/4 size domestic machine pretty quickly, I kept using it because it always did whatever I asked it to. I even made my first backpack on it before deciding it was time for something bigger. Don’t ask me how I managed to not kill that machine, because I have no idea.
Left: a 3/4 size Janome 11706. Right: a full-size Singer Heavy Duty 4452.
Last year, I got a so-called heavy duty Singer that claims to have 50% more power than a standard domestic machine. This bad boy will make purses and backpacks with ease, I thought. And it does. Well, most of the time.
I found its limits when I tried to make a bag out of thick upholstery material. And honestly, when it comes down to finishing most bags — sewing the thickest and most difficult seams — the machine often lifts up from the table on the end opposite the needle.
What I really need is an industrial sewing machine. Not to replace the Singer at all, but to complement it. I can totally justify this purchase. Let me tell you why.
I was rebuilding one of my 3D printers — again — and decided I needed a display upgrade. A color screen is nice, but there are some limitations. I also found there are ways around these limitations, so I wanted to share my thoughts on a dual-mode color touch screen LCD controller for your 3D printer. The screen in question is a TFT35 from BigTree Tech. It is similar to an MKS screen, but it can operate in two different modes, as you will see.
A few years ago, I picked up an Anet A8 which was very inexpensive, especially on sale. Not the best printer, though, because it has that cheap acrylic frame. No problem. A box full of aluminum extrusion later, the printer was reborn. Over time, I’ve completely reworked the extrusion system and the Y-axis, leaving only the motors, bearings, and the controller/display as the original.
That last part was what bothered me. The Anet board is actually pretty capable for a small cheap board. But it is just what the printer needs and nothing more. If you wanted to hack the printer there was very little memory left and only one spare pin for I/O. So it was time to replace the board and why not the controller, too?
That sound you may have heard in the wee hours of Christmas morning had nothing to do with Santa; rather, it was the sound of a million astronomers collectively letting out their breath around the world as the James Webb Space Telescope survived its fiery ride to space. And not only did it survive, but the ESA launch team did such a good job putting the Ariane rocket on course that NASA predicts the observatory now has enough fuel to more than double its planned ten-year mission. Everything about the deployment process seems to be going well, too, with all the operations — including the critical unfurling of the massive and delicate sunshield — coming off without a hitch. Next up: tensioning of the multiple layers of the sunshield. If you want to play along at home, NASA has a nice site set up to track where JWST is and what its current status is, including temperatures at various points on the telescope.
We got a tip from Mark about some dodgy jumper wires that we thought we should share. Low-quality jumpers aren’t really a new problem, but they can really put a damper on the fun of prototyping. The ones that Mark found could be downright dangerous. He got them with a recent dev board purchase; outwardly, they appear fine, at least at first. Upon closer inspection, though, the conductors have turned to powder inside the insulation. Even the insulation is awful, since it discolors when even slightly flexed. He suspects conductors are actually copper-plated aluminum; check out his pictures below and maybe look through your collection for similarly afflicted jumpers.
Speaking of dodgy hardware, if you love the smell of melting MOSFETs in the morning, then have we got a deal for you. It seems that a non-zero number of Asus Z690 Hero PC motherboards have suffered a fiery demise lately, stirring complaints and discontent. This led some curious types to look for the root cause, which led to the theory that an electrolytic cap had been installed with the wrong polarity on the dead boards. Asus confirmed the diagnosis, and is doing the right thing as they are “working with the relevant government agencies on a replacement program.” So if you’ve got one of these motherboards, you might want to watch the video below and see how the caps were installed.
If you’re in the mood for some engineering eye-candy, check out the latest video from Asianometry. They’ve got a finger on the pulse of the semiconductor industry, with particular attention paid to the engineering involved in making the chips we all have come to depend on. The video below goes into detail on the extreme ultraviolet (EUV) light source that fabrication machine maker ASML is developing for the next generation of chip making. The goal is to produce light with a mind-bending wavelength of only 13.5 nanometers. We won’t spoil the details, but suffice it to say that hitting microscopic droplets of tin with not one but two lasers is a bit of a challenge.
And finally, bad luck for 38 people in Tokyo who were part of a data breach by the city’s Metropolitan Police Department. Or rather, good luck since the data breach was caused by the loss of two floppy disks containing their information. The police say that there haven’t been any reports of misuse of the data yet, which is really not surprising since PCs with floppy drives are a little thin on the ground these days. You’d think that this would mean the floppies were left over from the 90s or early 2000s, but no — the police say they received the disks in December of 2019 and February of 2021. We’d love to know why they’re still using floppies for something like this, although it probably boils down to yet another case of “if it ain’t broke, don’t fix it.”
In the past two weeks, Log4j has continued to drive security news, with more vulnerable platforms being found, and additional CVEs coming out. First up is work done by TrendMicro, looking at electric vehicles and chargers. They found a log4j attack in one of the published charger frameworks, and also managed to observe evidence of vulnerability in the Tesla In-Vehicle Infotainment system. It isn’t a stretch to imagine a piece of malware that could run on both a charger, and an EV. And since those systems talk to each other, they could spread the virus through cars moving from charger to charger.
Log4j is now up to 2.17.1, as there is yet another RCE to fix, CVE-2021-44832. This one is only scored a 6.6 on the CVSS scale, as opposed to the original, which weighed in at a 10. 44832 requires the attacker to first exert control over the Log4j configuration, making exploitation much more difficult. This string of follow-on vulnerabilities demonstrates a well-known pattern, where a high profile vulnerability attracts the attention of researchers, who find other problems in the same code.
There are now reports of Log4j being used in Conti ransomware campaigns. Additionally, a Marai-based worm has been observed. This self-propagating attack seems to be targeting Tomcat servers, among others.
You know how when you’re working on a project, other side quests pop up left and right? You can choose to handle them briefly and summarily, or you can dive into them as projects in their own right. Well, Uri Shaked is the author of Wokwi, an online Arduino simulator that allows you to test our your code on emulated hardware. (It’s very, very cool.) Back in the day, Arduino meant AVR, and he put in some awesome effort on reverse engineering that chip in order to emulate it successfully. But then “Arduino” means so much more than just AVR these days, so Uri had to tackle the STM32 ARM chips and even the recent RP2040.
Arduino runs on the ESP32, too, so Uri put on his reverse engineering hat (literally) and took aim at that chip as well. But the ESP32 is a ton more complicated than any of these other microcontrollers, being based not only on the slightly niche Xtensa chip, but also having onboard WiFi and its associated binary firmware. Reverse engineering the ESP32’s WiFi is the side-quest that Uri embarks on, totally crushes, and documents for us in this standout Remoticon 2021 talk. Continue reading “Remoticon 2021: Uri Shaked Reverses The ESP32 WiFi”→
Unbinare’s tools are designed to work in harmony with each other, a requirement for any productive reverse-engineering effort. OI!STER is a general-purpose salvaged MCU research board, with sockets to adapt to different TQFP chip sizes. This board is Maurits’s experience in reverse-engineering condensed into a universal tool, including a myriad of connectors for different programming/debugging interfaces. We don’t know the board’s full scope, but the pictures show an STM32 chip inside the TQFP socket, abundant everywhere except your online retailer of choice. Apart from all the ways to break out the pins, OI!STER has sockets for power and clock glitching, letting you target these two omnipresent Achilles’ heels with a tool like ChipWhisperer.
