Surgery On The Arduino IDE Makes Bigger Serial Buffers

July 13, 2020 by Al Williams 20 Comments

It is pretty well-known that I’m not a big fan of the Arduino infrastructure. Granted, these days you have more options with the pro IDE and Platform IO, for example. But the original IDE always gives me heartburn. I realized just how much heartburn the other day when I wanted to something very simple: increase the receive buffer on an ATmega32 serial port. The solution I arrived at might help you do some other things, so even if you don’t need that exact feature, you still might find it useful to see what I did.

Following this experience I am genuinely torn. On the one hand, I despise the lackluster editor for hiding too much detail from me and providing little in the way of useful tools. On the other hand, I was impressed with how extensible it was if you can dig out the details of how it works internally.

First, you might wonder why I use the IDE. The short answer is I don’t. But when you produce things for other people to use, you almost can’t ignore it. No matter how you craft your personal environment, the minute your code hits the Internet, someone will try to use it in the IDE. A while back I’d written about the $4 Z80 computer by [Just4Fun]. I rarely have time to build things I write about, but I really wanted to try this little computer. The parts sat partially assembled for a while and then a PCB came out for it. I got the PCB and — you guessed it — it sat some more, partially assembled. But I finally found time to finish it and had CP/M booted up.

The only problem was there were not many good options for transferring data back and forth to the PC. It looked like the best bet was to do Intel hex files and transfer them copy and paste across the terminal. I wanted better, and that sent me down a Saturday morning rabbit hole. What I ended up with is a way to make your own menus in the Arduino IDE to set compiler options based on the target hardware for the project. It’s a trick worth knowing as it will come in handy beyond this single problem.

Continue reading “Surgery On The Arduino IDE Makes Bigger Serial Buffers” →

Hackaday Links: July 12, 2020

July 12, 2020 by Dan Maloney 30 Comments

Based in the US as Hackaday is, it’s easy to overload the news with stories from home. That’s particularly true with dark tales of the expanding surveillance state, which seem to just get worse here on a daily basis. So we’re not exactly sure how we feel to share not one but two international stories of a dystopian bent; one the one hand, pleased that it’s not us for a change, but on the other, sad to see the trend toward less freedom and more monitoring spreading.

The first story comes from Mexico, where apparently everything our community does will soon be illegal. We couch that statement because the analysis is based on Google translations of reports from Mexico, possibly masking the linguistic nuances that undergird legislative prose. So we did some digging and it indeed appears that the Mexican Senate approved a package of reforms to existing federal copyright laws that will make it illegal to do things like installing a non-OEM operating system on a PC, or to use non-branded ink cartridges in a printer. Reverse engineering ROMs will be right out too, making any meaningful security research illegal. There appear to be exceptions to the law, but those are mostly to the benefit of the Mexican government for “national security purposes.” It’ll be a sad day indeed for Mexican hackers if this law is passed.

The other story comes from Germany, where a proposed law would grant sweeping surveillance powers to 19 state intelligence bodies. The law would require ISPs to install hardware in their data centers that would allow law enforcement to receive data and potentially modify it before sending it on to where it was supposed to go. So German Internet users can look forward to state-sponsored man-in-the-middle attacks and trojan injections if this thing passes.

OK, time for a palate cleanser: take an hour to watch a time-lapse of the last decade of activity of our star. NASA put the film together from data sent back by the Solar Dynamics Observatory, a satellite that has been keeping an eye on the Sun from geosynchronous orbit since 2010. Each frame of the film is one hour of solar activity, which may sound like it would be boring to watch, but it’s actually quite interesting and very relaxing. There are exciting moments, too, like enormous solar eruptions and the beautiful but somehow terrifying lunar transits. More terrifying still is a massive coronal mass ejection (CME) captured in June 2011. A more subtle but fascinating phenomenon is the gradual decrease in the number of sunspots over the decade as the Sun goes through its normal eleven-year cycle.

You’ll recall that as a public service to our more gear-headed readers that we recently covered the recall of automotive jack stands sold at Harbor Freight, purveyor of discount tools in the USA. Parts for the jack stands in question had been cast with a degraded mold, making the pawls liable to kick out under load and drop the vehicle, with potentially catastrophic results for anyone working beneath. To their credit, Harbor Freight responded immediately and replaced tons of stands with a new version. But now, Harbor Freight is forced to recall the replacement stands as well, due to a welding error. It’s an embarrassment, to be sure, but to make it as right as possible, Harbor Freight is now accepting any of their brand jack stands for refund or store credit.

And finally, if you thought that the experience of buying a new car couldn’t be any more miserable, wait till you have to pay to use the windshield wipers. Exaggeration? Perhaps only slightly, now that BMW “is planning to move some features of its new cars to a subscription model.” Plans like that are common enough as cars get increasingly complex infotainment systems, or with vehicles like Teslas which can be upgraded remotely. But BMW is actually planning on making options such as heated seats and adaptive cruise control available only by subscription — try it out for a month and if you like it, pay to keep them on for a year. It would aggravate us to no end knowing that the hardware supporting these features had already been installed and were just being held ransom by software. Sounds like a perfect job for a hacker — just not one in Mexico.

Hackaday Made Me Buy It!

July 11, 2020 by Elliot Williams 44 Comments

Reading Hackaday is great! You get so many useful tips from watching other people work, it’s truly changed nearly everything about the way I hack, especially considering that I’ve been reading Hackaday for the past 15 years. Ideas, freely shared among peers, are the best of the free and open-source hardware community. But there’s a dark downside: I’m going CNC mill shopping.

It all started with [Robin]’s excellent video and website tutorial on his particular PCB DIY procedures. You see, I love making PCBs at home, because I’m unafraid of chemistry, practiced with a rolling pin and iron, and super-duper impatient. If I can get a board done today, I’m not waiting a week, even if that means an hour of work on my part.

Among other things, he’s got this great technique with a scriber pen and a cleverly designed registration base that make it easy for him to do nearly perfectly aligned two-sided boards with a resolution approaching etching. The ability to make easy double-sided boards, with holes drilled, makes milling attractive, but the low resolution of v-cutter milled boards has been the show-stopper for me. If that’s gone, maybe it’s time to take a serious look.

And heck, making PCBs is really just the tip of the iceberg for what I’d want to do with a CNC mill. Currently, I do dodgy metalworking with an x-y table and a drill press, some of which may someday land me in the hospital. But if I had a mill, I’d be doing all sorts of funny wood joinery and who knows what else. I lack experience with a mill, but coincidentally, we just had a Hack Chat on Linux for machine tools this week. You see? It’s all conspiring against me.

The only question left is what I should get. I’m looking at the ballscrew 3040 range of CNCs, and maybe upgrading the spindle. I’d like to mill up to aluminum, but don’t really need steel. What do you think?

Hackaday Podcast 075: 3D Printing Japanese Joinery, Android PHONK, One-Armed Time Bandit, And Whistling Bridges

July 10, 2020 by Mike Szczys No comments

Hackaday editors Mike Szczys and Elliot Williams scoop up a basket of great hacks from the past week. Be amazed by the use of traditional Japanese joinery in a 3D-printed design — you’re going to want to print one of these Shoji lamps. We behold the beautiful sound of a noise generator, and the freaky sound from the Golden Gate. There’s a hack for Android app development using Javascript on an IDE hosted from the phone as a webpage on your LAN. And you’ll like the KiCAD trick that makes enclosure design for existing boards a lot easier.

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (60 MB or so.)

Continue reading “Hackaday Podcast 075: 3D Printing Japanese Joinery, Android PHONK, One-Armed Time Bandit, And Whistling Bridges” →

This Week In Security: F5, Novel Ransomware, Freta, And Database Woes

July 10, 2020 by Jonathan Bennett 5 Comments

The big story of the last week is a problem in F5’s BIG-IP devices. A rather trivial path traversal vulnerability allows an unauthenticated user to call endpoints that are intended to be restricted to authenticated. That attack can apparently be as simple as:

'https://[F5 Host]/tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=list+auth+user+admin'

A full exploit has been added to the metasploit framework. The timeline on this bug is frighteningly quick, as it’s apparently being actively exploited in the wild. F5 devices are used all over the world, and this vulnerability requires no special configuration, just access to the opened management port. Thankfully F5 devices don’t expose the vulnerable interface to the internet by default, but there are still plenty of ways this can be a problem.

Freta

Microsoft has made a new tool publicly available, Freta. This tool searches for rootkits in uploaded memory snapshots from a Linux VM. The name, appropriately, is taken from the street where Marie Curie was born.

The project’s namesake, Warsaw’s Freta Street, was the birthplace of Marie Curie, a pioneer of battlefield imaging.

The impetus behind the project is the realization that once a malicious actor has compromised a machine, it’s possible to compromise any security software running on that machine. If, instead, one could perform a security x-ray of sorts, then a more reliable conclusion could be reached. Freta takes advantage of the VM model, and the snapshot capability built into modern hypervisors.

Continue reading “This Week In Security: F5, Novel Ransomware, Freta, And Database Woes” →

Video: Bil Herds Looks At Mitosis

July 9, 2020 by Bil Herd 27 Comments

I loved my science courses when I was in Junior High School; we leaned to make batteries, how molecules combine to form the world we see around us, and basically I got a picture of where we stood in the scheme of things, though Quarks had yet to be discovered at the time.

In talking with my son I found out that there wasn’t much budget for Science learning materials in his school system like we had back in my day, he had done very little practical hands-on experiments that I remember so fondly. One of those experiments was to look and draw the stages of mitosis as seen under a Microscope. This was amazing to me back in the day, and cemented the wonder of seeing cell division into my memory to this day, much like when I saw the shadow of one of Jupiter’s moons with my own eyes!

Now I have to stop and tell you that I am not normal, or at least was not considered to be a typical young’un growing up near a river in rural Indiana in the 60’s. I had my own microscope; it quite simply was my pride and joy. I had gotten it while I was in the first or second grade as a present and I loved the thing. It was just horrible to use in its later years as lens displaced, the focus rack became looser if that was possible, and dirt accumulated on the internal lens; and yet I loved it and still have it to this day! As I write this, I realize that it’s the oldest thing that I own. (that and the book that came with it).

Today we have better tools and they’re pretty easy to come by. I want to encourage you to do some science with them. (Don’t just look at your solder joints!) Check out the video about seeing mitosis of onion cells through the microscope, then join me below for more on the topic!

Continue reading “Video: Bil Herds Looks At Mitosis” →

3D Printering: Selling Prints, And Solving The Pickup Problem

July 8, 2020 by Donald Papp 23 Comments

After getting a 3D printer up and running, it’s not uncommon for an enterprising hacker to dabble in 3D printing to make a little money on the side. Offering local pickup of orders is a common startup choice since it’s simple and avoids shipping entirely. It’s virtually tailor-made to make a great bootstrapping experiment, but anyone who tries it sooner or later bumps up against a critical but simple-seeming problem: how to get finished prints into a customer’s hands in a sustainable way that is not a hassle for either the provider, or the customer?

It’s very easy to accept a 3D file and get paid online, but the part about actually getting the print into the customer’s hands does not have a one-size-fits-all solution. This is what I call The Pickup Problem, and left unsolved, it can become unsustainable. Let’s look at why local pickup doesn’t always measure up, then examine possible solutions.

The Problems with Local Pickup

Local pickup for delivery of print jobs is great because there is no mucking about with shipping supplies or carriers. Also, many 3D prints when starting out will be relatively low-value jobs that no one is interested in stacking shipping fees onto, anyway.

“Your order is complete. Come to this address to pick up your order.” It is straightforward and hits all the bases, so what’s the problem?

Continue reading “3D Printering: Selling Prints, And Solving The Pickup Problem” →