Build That Catan Board You Designed

July 30, 2021 by Rich Hawkes 5 Comments

A couple of months ago, we posted about the one day design [Sam March] did of an electronic Settlers of Catan board. Now he’s released a video with the second half. His first video was about the design of the game, specifically the electronic components. In this video, [Sam] takes us through the physical build of the board.

A couple of visits to his local maker space allows him to cut both the wooden parts of the board, as well as the acrylic hexes that go on top of each piece. Even with a CNC machine, there’s still some clean-up that needs to be done. After cleaning up the edges of the wood with a chisel and staining it, it’s time to put the circuit boards in, wire them up and program them. The build includes a dice roller – pushing a button shows the number rolled by lighting up the tiles in the form of the rolled number. The final touch is having some friends over to actually play the game.

Between the design process in the last article and the build process in this one, we get a good look at the way [Sam] designs things from beginning to finished product. Take a look at our previous article on [Sam]’s design as well as some other Catan articles.

Continue reading “Build That Catan Board You Designed” →

This Week In Security: Fail2RCE, TPM Sniffing, Fishy Leaks, And Decompiling

July 30, 2021 by Jonathan Bennett 10 Comments

Fail2ban is a great tool for dynamically blocking IP addresses that show bad behavior, like making repeated login attempts. It was just announced that a vulnerability could allow an attacker to take over a machine by being blocked by Fail2ban. The problem is in the mail-whois action, where an email is sent to the administrator containing the whois information. Whois information is potentially attacker controlled data, and Fail2ban doesn’t properly sterilize the input before piping it into the mail binary. Mailutils has a feature that uses the tilde key as an escape sequence, allowing commands to be run while composing a message. Fail2ban doesn’t sanitize those tilde commands, so malicious whois data can trivially run commands on the system. Whois is one of the old-school unix protocols that runs in the clear, so a MItM attack makes this particularly easy. If you use Fail2ban, make sure to update to 0.10.7 or 0.11.3, or purge any use of mail-whois from your active configs. Continue reading “This Week In Security: Fail2RCE, TPM Sniffing, Fishy Leaks, And Decompiling” →

Orbiter Is Now Open Source

July 29, 2021 by Al Williams 30 Comments

We always have it on our list to learn more about Orbiter. If you haven’t seen it, it is a hyperrealistic space simulator. Granted, you can put it in an easy mode, but its real strength is you can very accurately model spacecraft like the Space Shuttle and have very realistic controls. In order to spur development, the program is now open source.

We think this is interesting for two reasons. First, if you ever wanted to contribute into a project of this scope, here’s your chance. You might not want to write a full-blow space simulator but you might have something to add. However, open source also means you can see how the program works and either reuse it in your own open source projects or just simply learn from the techniques.

Continue reading “Orbiter Is Now Open Source” →

FTC Rules On Right To Repair

July 27, 2021 by Elliot Williams 59 Comments

A few days ago, the US Federal Trade Commission (FTC) came out with a 5-0 unanimous vote on its position on right to repair. (PDF) It’s great news, in that they basically agree with us all:

Restricting consumers and businesses from choosing how they repair products can substantially increase the total cost of repairs, generate harmful electronic waste, and unnecessarily increase wait times for repairs. In contrast, providing more choice in repairs can lead to lower costs, reduce e-waste by extending the useful lifespan of products, enable more timely repairs, and provide economic opportunities for entrepreneurs and local businesses.

The long version of the “Nixing the Fix” report goes on to list ways that the FTC found firms were impeding repair: ranging from poor initial design, through restrictive firmware and digital rights management (DRM), all the way down to “disparagement of non-OEM parts and independent repair services”.

While the FTC isn’t making any new laws here, they’re conveying a willingness to use the consumer-protection laws that are already on the books: the Magnuson-Moss Warranty Act and Section 5 of the FTC Act, which prohibits unfair competitive practices.

Only time will tell if this dog really has teeth, but it’s a good sign that it’s barking. And given that the European Union is heading in a similar direction, we’d be betting that repairability increases in the future.

Thanks [deshipu] for tipping us off on this one!

Seeing Inside A Gas Regulator

July 26, 2021 by Jonathan Bennett 9 Comments

We’re surrounded by interesting engineering, but some of it is sealed inside a housing, away from easy inspection. A case in point; the humble gas regulator. It’s in equipment all around us, from a propane grill to welding gear. It’s a sealed unit — have you ever seen the inside, to know how it really works? Well thanks to [FarmCraft101], we get to do just that, in the video after the break.

To let the cat out of the bag, it’s essentially a hydraulic lever. A large diaphragm is pressurized by the low pressure side of the regulator, and is held back by a spring. When the pressure compared to ambient atmosphere is high enough to overcome the spring tension, the lever is tilted, closing the high pressure valve. Hence, pressure is determined by spring strength. We also get a look at how the system can fail — in this case it seemed to be some grit interfering with the valve. We find hidden engineering to be supremely satisfying, particularly when we get to understand it so clearly as we do here. Enjoy!

Continue reading “Seeing Inside A Gas Regulator” →

Simple Tip Helps With Powder Coating Perfection On Difficult Parts

July 24, 2021 by Dan Maloney 8 Comments

To say that that the commercially available garden path lights commonly available at dollar stores are cheap is a vast overstatement of their true worthlessness. These solar-powered lights are so cheaply built that there’s almost no point in buying them, a fact that led [Mark Presling] down a fabrication rabbit hole that ends with some great tips on powder coating parts with difficult geometries.

Powder coating might seem a bit overkill for something as mundane as garden lights, but [Mark] has a point — if you buy something and it fails after a few weeks in the sun, you might as well build it right yourself. And a proper finish is a big part of not only getting the right look, but to making these totally un-Tardis-like light fixtures last in the weather. The video series below covers the entire design and build process, which ended up having an aluminum grille with some deep grooves. Such features prove hard to reach with powder coating, where the tiny particles of the coating are attracted to the workpiece thanks to a high potential difference between them. After coating, the part is heated to melt the particles and form a tough, beautiful finish.

But for grooves and other high-aspect-ratio features, the particles tend to avoid collecting in the nooks and crannies, leading to an uneven finish. [Mark]’s solution was to turn to “hot flocking”, where the part is heated before applying uncharged coating to the deep features. This gets the corners and grooves well coated before the rest of the coating is applied in the standard way, leading to a much better finish.

We love [Presser]’s attention to detail on this build, as well as the excellent fabrication tips and tricks sprinkled throughout the series. You might want to check out some of his other builds, like this professional-looking spot welder.

Continue reading “Simple Tip Helps With Powder Coating Perfection On Difficult Parts” →

Walk The First 3D-Printed Bridge And Be Counted

July 24, 2021 by Kristina Panos 22 Comments

Way back in 2018, we brought you news of a 3D-printed stainless steel pedestrian bridge being planned to span a Dutch canal in Amsterdam. Now it’s finally in place and open to the public — the Queen made it official and everything. MX3D printed it on their M1 Metal additive manufacturing machine that is essentially a group of robots welding layers of metal together using traditional welding wire and gas.

The partnership of companies involved originally planned to build this beautiful bridge in situ, but safety concerns and other issues prevented that and it was built in a factory instead. The bridge has been printed and ready since 2018, but a string of delays got in the way, including the fact that the canal’s walls had to be refurbished to accommodate it. Since it couldn’t be made on site, the bridge was taken there by boat and placed with a crane. After all this, the bridge is only permitted to be there for two years. Hopefully, they have the option to renew.

This feat of engineering spans 40 feet (12.2 meters) long and sits 20 feet (6.3 meters) wide. It’s equipped with sensors that measure structural stuff like strain, displacement, load, and rotation, and also has environmental sensors for air quality and temperature. All of this data is sent to the bridge’s digital twin, which is an exact replica in the form of a computer model. One of the goals is to teach the bridge how to count people. Be sure to check out our previous coverage for a couple of short videos about the bridge.