News

3617 Articles

Automating The Disinfection Of Large Spaces With Robots

June 30, 2020 by 31 Comments

What do you do when you have to disinfect an entire warehouse? You could send a group of people through the place with UV-C lamps, but that would take a long time as said humans cannot be in the same area as the UV-C radiation, as much as they may like the smell of BBQ chicken. Constantly repositioning the lamps or installing countless lamps would get in the way during normal operation. The answer is to strap UV-C lights to a robot according to MIT’s CSAIL, and have it ride around the space.

As can be seen in the video (also embedded after the break), a CSAIL group has been working with telepresence robotics company Ava Robotics and the Greater Boston Food Bank (GBFB). Their goal was to create a robotic system that could autonomously disinfect a GBFB warehouse using UV-C without exposing any humans to the harmful radiation. While the robotics can be controlled remotely, they can also map the space and navigate between waypoints.

While testing the system, the team used a UV-C dosimeter to confirm the effectiveness of this setup. With the robot driving along at a leisurely 0.22 miles per hour (~0.35 kilometer per hour), it was able to cover approximately 4,000 square feet (~372 square meter) in about half an hour. They estimated that about 90% of viruses like SARS-CoV-2 could be neutralized this way.

During trial runs, they discovered the need to have the robot adapt to the constantly changing layout of the warehouse, including which aisles require which UV-C depending on how full they are. Having multiple of these robots in the same space coordinate with each other would also be a useful feature addition.

Continue reading “Automating The Disinfection Of Large Spaces With Robots”

Your Own Open Source ASIC: SkyWater-PDK Plans First 130 Nm Wafer In 2020

June 30, 2020 by 51 Comments

You might have caught Maya Posch’s article about the first open-source ASIC tools from Google and SkyWater Technology. It envisions increased access to make custom chips — Application Specific Integrated Circuits — designed using open-source tools, and made real through existing chip fabrication facilities. My first thought? How much does it cost to tape out? That is, how do I take the design on my screen and get actual parts in my hands? I asked Google’s Tim Ansel to explain some more about the project’s goals and how I was going to get my parts.

The goals are pretty straightforward. Tim and his collaborators would like to see hardware open up in the same way software has. The model where teams of people build on each other’s work either in direct collaboration or indirectly has led to many very powerful pieces of software. Tim’s had some success getting people interested in FPGA development and helped produce open tools for doing so. Custom ASICs are the next logical step.

Continue reading “Your Own Open Source ASIC: SkyWater-PDK Plans First 130 Nm Wafer In 2020”

Updating The Language Of SPI Pin Labels To Remove Casual References To Slavery

June 29, 2020 by 287 Comments

This morning the Open Source Hardware Association (OSHWA) announced a resolution for changing the way SPI (Serial Peripheral Interface) pins are labelled on hardware and in datasheets. The protocol originally included MOSI/MISO references that stand for “Master Out, Slave In” and “Master In, Slave Out”. Some companies and individuals have stopped using these terms over the years, but an effort is being taken up to affect widespread change, lead by Nathan Seidle of Sparkfun.

The new language for SPI pin labeling recommends the use of SDO/SDI (Serial Data Out/In) for single-role hardware, and COPI/CIPO for “Controller Out, Peripheral In” and “Controller In, Peripheral Out” for devices that can be either the controller or the peripheral. The change also updates the “SS” (Slave Select) pin to use “CS” (Chip Select).

SPI is widely used in embedded system design and appears in a huge range of devices, with the pin labels published numerous times in everything from datasheets and application notes to written and video tutorials posted online. Changing the labels removes unnecessary references to slavery without affecting the technology itself. This move makes embedded engineering more inclusive, an ideal that’s easy to get behind.

[2022 Editor’s Note: The OSHWA changed its recommended naming to PICO/POCI for “Peripheral In, Controller Out” and “Peripheral Out, Controller In”. Fine by us! I’ve updated this throughout the rest of the article because it doesn’t change Mike’s original argument at all.]

Continue reading “Updating The Language Of SPI Pin Labels To Remove Casual References To Slavery”

Ask Hackaday: What Can Be Done With Your Bootlooping Blu-Ray?

June 26, 2020 by 159 Comments

Last Friday, thousands of owners of Samsung Blu Ray players found that their home entertainment devices would no longer boot up. While devices getting stuck in a power-cycling loop is not uncommon, this case stands out as it affected a huge range of devices all at the same time. Samsung’s support forum paints a bleak picture, with one thread on the issue stretching to 177 pages in just a week.

So what is going on, and what can be done to fix the problem? There’s a lot of conflicting information on that. Some people’s gear has started working again, others have not and there are reports of customers being told to seek in-person repair service. Let’s dive in with some wild speculation on the problem and circle back by commiserating about the woes of web-connected appliances.

Continue reading “Ask Hackaday: What Can Be Done With Your Bootlooping Blu-Ray?”

This Week In Security: Bitdefender, Ripple20, Starbucks, And Pwned Passwords

June 26, 2020 by 13 Comments

[Wladimir Palant] seems to be on a one man crusade against security problems in security software. The name may not be immediately recognizable, but among his other infamies is originating Adblock Plus, which we have a love-hate relationship with. (Look, surf the net with an adblocker, but disable it for sites you trust and want to support, like HaD).

This week, he announced a rather serious flaw in the Bitdefender. The disclosure starts off with high praise for the Bitdefender: “security-wise Bitdefender Antivirus is one of the best antivirus products I’ve seen so far….” Even with that said, the vulnerability he found is a serious one. A malicious website can trigger the execution of arbitrary applications. The problem was fixed in an update released on the 22nd.

Image by Wladimir Palant, CC BY-SA 4.0

The vulnerability is interesting. First, Bitdefender uses an API that was added to web browsers specifically to enable security software to work without performing man-in-the-middle decryption of HTTPS connections. When a problem is detected, Bitdefender replaces the potentially malicious page with it’s own error message.

Because of the way this is implemented, the browser sees this error message as being the legitimate contents of the requested site. Were this a static page, it wouldn’t be a problem. However, Bitdefender provides an option to load the requested page anyway, and does this by embedding tokens in that error page. When a user pushes the button to load the page, Bitdefender sees the matching tokens in the outgoing request, and allows the page. Continue reading “This Week In Security: Bitdefender, Ripple20, Starbucks, And Pwned Passwords”

iPhone pictured with a lock

Is Anything Really Private Anymore?

June 26, 2020 by 53 Comments

In the connected age, every day it appears privacy is becoming more and more of an idealistic fantasy as opposed to a basic human right. In our latest privacy debate per [TechCrunch], apparently the FBI is taking some shots at Apple.

You may recall the unfortunate events, leading the FBI to ask Apple to unlock an iPhone belonging to a person of interest. Apple did not capitulate to the FBI’s request on the basis of their fundamental commitment to privacy. The FBI wasn’t really thrilled with Apple’s stance given the circumstances leading to the request. Nevertheless, eventually, the FBI was able to unlock the phone without Apple’s help.

You may find it somewhat interesting that the author of the news piece appears to be more upset with the FBI for cracking the phone than at Apple (and by extension other tech companies) for making phones that are crackable to begin with.

Maybe we should take solace in knowing that Apple stood their ground for the sake of honoring their privacy commitment. But as we saw, it didn’t really matter in the end as the FBI was able to hire a third party to help them unlock the phones and were later able to repeat the process in-house. The article also noted that there are other private companies capable of doing exactly what the FBI did. We understand that no encryption is 100% safe. So it begs the question, “Is anything really private anymore?” Share your thoughts in the comments below.

Teardown Of The Singaporean COVID-19 TraceTogether Token

June 25, 2020 by 63 Comments

A large part of fighting against the SARS-CoV-2 pandemic is the practice of contact tracing, where the whereabouts of an infected person can be traced and anyone who has been in contact with that person over the past days tested for COVID-19. While smartphone apps have been a popular choice for this kind of tracing, they come with a range of limitations, which is what the TraceTogether hardware token seeks to circumvent. Now [Sean “Xobs” Cross] has taken a look at the hardware that will be inside the token once it launches.

The Simmel COVID-19 contact tracer.

Recently, [Sean] along with [Andrew “bunnie” Huang] and a few others were asked by GovTech Singapore to review their TraceTogether hardware token proposal. At its core it’s similar to the Simmel contact tracing solution – on which both are also working – with contacts stored locally in the device, Bluetooth communication, and a runtime of a few months or longer on the non-rechargeable batteries.

The tracing protocol used is BlueTrace, which is an open application protocol aimed at digital contact tracing. It was developed by the Singaporean government, initially for use with their TraceTogether mobile app.

This smartphone app showed a number of issues. First is that Apple does not allow for iOS apps to use Bluetooth in the background, requiring the app to be active in the foreground to be useful. Apple has its own tracing protocol, but it does not cover the requirements for building a full contact graph, as [Andrew] covers in more detail. Finally, the app in general is not useful to those who do not have a recent (compatible) smartphone, or who do not have a smartphone at all.

A lot of the challenges in developing these devices lie in making them low-power, while still having the Bluetooth transceiver active often enough to be useful, as well as having enough space to store interactions and the temporary tokens that are used in the tracing protocol. As Simmel and the TraceTogether tokens become available over the coming months, it will be interesting to see how well these predictions worked out.