Bluetooth Vulnerability Affects All Major OS

September 14, 2017 by Pedro Umbelino 52 Comments

Security researchers from Armis Labs recently published a whitepaper unveiling eight critical 0-day Bluetooth-related vulnerabilities, affecting Linux, Windows, Android and iOS operating systems. These vulnerabilities alone or combined can lead to privileged code execution on a target device. The only requirement is: Bluetooth turned on. No user interaction is necessary to successfully exploit the flaws, the attacker does not need to pair with a target device nor the target device must be paired with some other device.

The research paper, dubbed BlueBorne (what’s a vulnerability, or a bunch, without a cool name nowadays?), details each vulnerability and how it was exploited. BlueBorne is estimated to affect over five billion devices. Some vendors, like Microsoft, have already issued a patch while others, like Samsung, remain silent. Despite the patches, some devices will never receive a BlueBorne patch since they are outside of their support window. Armis estimates this accounts for around 40% of all Bluetooth enabled devices.

A self-replicating worm that would spread and hop from a device to other nearby devices with Bluetooth turned on was mentioned by the researchers as something that could be done with some more work. That immediately reminds us of the BroadPwn vulnerability, in which the researchers implemented what is most likely the first WiFi only worm. Although it is definitely a fun security exercise to code such worm, it’s really a bad, bad idea… Right?…

So who’s affected?

Continue reading “Bluetooth Vulnerability Affects All Major OS” →

Other Machine Co. Changes Name, Logo, Apparently Nothing Else

September 6, 2017 by Brian Benchoff 59 Comments

The name Other Machine Co. is now dead. In a post to the company blog, Other Machine Co. is now Bantam Tools. This news comes just months after the announcement that [Bre Pettis], one-third of the founders of MakerBot, investor in Glowforge, and undeservingly the most hated man in the 3D printer community, purchased Other Machine Co.

Over the past few years, the Othermill, Other Machine Co.’s main product, has gained a reputation for being a very, very nice CNC mill capable of producing PCBs with 6 mil trace and space. Additionally, the Othermill was excellent at very fine CNC work including wax carving jewelry, very neat inlay work on wood, and any other CNC task that doesn’t involve anything harder than aluminum and can fit inside the machine itself.

As of right now, the only change to the Othermill is the name — it’s now the Bantam Tools Desktop PCB Milling Machine. According to a Wired press release, this name change also comes with a change in focus. Bantam Tools will not focus on hobbyist makers, but instead to professionals that need PCBs and other small milling jobs done right now. For the record, I cannot recall the Othermill ever being advertised directly to ‘hobbyist makers’ — it has always seemed the target audience was professionals, or at least people who would make money from the stuff produced on their mill.

Other changes to the Othermill have been in the works for months. Since the time of the acquisition, Other Machine Co. / Bantam have introduced a PCB probing system, a desperately needed fine dust collection system, and automated material thickness probing. These new projects for Bantam mills are compatible with the old Othermill.

Bye Bye Solaris, It Seems.

September 5, 2017 by Jenny List 97 Comments

For readers of A Certain Age, this may bring a tear to the eye. Reports have been circulating of the decision by Oracle to lay off a significant portion of the staff behind its Solaris operating system and SPARC processors, and that move spells the inevitable impending demise of those products. They bore the signature of Sun Microsystems, the late lamented workstation and software company swallowed up by the database giant in 2009.

So why might we here at Hackaday be reaching for our hankies over a proprietary UNIX flavour and a high-end microprocessor, neither of which are likely to be found on many of the benches of our readers in 2017? To answer that it’s more appropriate to journey back to the late 1980s or early 1990s, when the most powerful and expensive home computers money could buy were still connected to a domestic TV set as a monitor.

If you received a technical education at a university level during that period the chances are that you would have fairly soon found yourself sitting in a lab full of workstations, desktop computers unbelievably powerful by the standards of the day. With very high resolution graphics, X-windows GUIs over UNIX, and mice that weren’t just used for a novelty paint package, these machines bore some resemblance to what we take for granted today, but at a time when an expensive PC still came with DOS. There were several major players in the workstation market, but Sun were the ones that seemed to have the university market cracked.

You never forget your first love, and therefore there will be a lot of people who will never quite shake that association with a Sun workstation being a very fast desktop computer indeed. Their mantra at the time was “The network is the computer”, and it is the memory of a significant part of a year’s EE students trolling each other by playing sound samples remotely on each other’s SPARCStations on that network that is replaying in the mind of your scribe as this is being written.

A Raspberry Pi with a Raspbian desktop probably outperforms one of those 1980s SPARCStations in every possible way, but that is hardly the point and serves only to demonstrate technological progress. It feels as though something important died today, even if it may be a little difficult to remember what it was when sat in front of a multi-core x86 powerhouse with a fully open-source 64-bit POSIX-compliant operating system running upon it.

Unsurprisingly we’ve featured no hardware hacks with such high-end computing. If you’d like to investigate some Sun Microsystems hardware though, take a look at the Centre for Computing History’s collection.

A BluePill For Arduino Dependence

September 2, 2017 by Michael Uttmark 48 Comments

Arduinos are helpful but some applications require more than what Arduinos can provide. However, it’s not always easy to make the switch from a developed ecosystem into the abyss that is hardware engineering. [Vadim] noticed this, which prompted him to write a guide to shepherd people on their quest for an Arduino-free environment, one BluePill at a time.

With an extended metaphor comparing Arduino use and physical addiction, [Vadim’s] writing is a joy to read. He chose to focus on the BluePill (aka the next Arduino Killer™) which is a $1.75 ARM board with the form factor of an Arduino Nano. After describing where to get the board and it’s an accompanying programmer, [Vadim] introduces PlatformIO, an alternative to the Arduino IDE. But wait! Before the Arduino die-hards leave, take note that PlatformIO can use all of the “Arduino Language,” so your digitalWrites and analogReads are safe (for now). Like any getting started guide, [Vadim] includes the obligatory blinking an LED program. And, in the end, [Vadim] sets his readers up to be comfortable in the middle ground between Arduino Land and the Wild West.

The debate for/against Arduino has been simmering for quite some time, but most agree that Arduino is a good place to start: it’s simpler and easier than jumping head first. However, at some point, many want to remove their “crippling Arduino dependency” (in the words of [Vadim]) and move on to bigger and better things. If you’re at this point, or still cling to your Uno, swing on over and give Vadim’s post a read. If you’re already in the trenches, head on over and read our posts about the BluePill and PlatformIO which are great complements for [Vadim’s].

XYZ Printing Unveils Inkjet-Based Filament Printer

August 31, 2017 by Brian Benchoff 21 Comments

XYZ Printing, makers of the popular da Vinci line of 3D printers, have just released one of the holy grails of desktop 3D printing. The da Vinci Color is a full-color, filament based printer. How does this work? A special filament (Color PLA, although this filament is white in color) is extruded through a nozzle like any other 3D printer. Color is then added layer by layer by a system of inkjets in the head of the printer. Yes, it’s a full-color 3D printer, and yes, people have been suggesting this type of setup for years. This is the first time it’s been made real.

The specs for this printer are about what you would expect from any other filament-based printer in 2017. The build volume is 200 x 200 x 150mmm, the print bed has auto-leveling (although strangely doesn’t have a heated bed), and the user interface is a 5-inch color LCD. The da Vinci Color is available for preorder right now for $2,999.

You can check out a few pics of samples printed on the da Vinci Color below:

Continue reading “XYZ Printing Unveils Inkjet-Based Filament Printer” →

Upverter Joins Altium

August 28, 2017 by Brian Benchoff 28 Comments

In a post on the Upverter blog today, [Zak Homuth], founder of the online EDA suite Upverter has announced they have been acquired by Altium.

The largest change in the announcement is the removal of Upverter’s paid professional tier of service. Now, the entirety of Upverter is free. Previously, this paid professional tier included CAM export, 3D preview, BOM management, and unlimited private projects for $1200 per seat per year.

Hackaday has taken a look at Upverter before in an book-length series of posts describing how to build a PCB in every software tool. While Upverter is a web-based PCB design tool that doesn’t respond to a right mouse click, the experience was pleasant overall. There are some interesting features in Upverter that make PCB design work fun — snap-to alignment of pads, a phenomenal number of ways to export your data — and it’s more than capable enough for the electronics hobbyist.

With the Altium announcement, [Zak] says Upverter will continue on its mission to create a system to design a complete product, from schematic to enclosure to firmware to BOM management.

Driverless Lorries To Be Tested On UK Roads By End Of 2018

August 25, 2017 by Jack Laidlaw 43 Comments

The [BBC] is reporting that driverless semi-trailer trucks or as we call them in the UK driverless Lorries are to be tested on UK roads. A contract has been awarded to the Transport Research Laboratory (TRL) for the trials. Initially the technology will be tested on closed tracks, but these trials are expected to move to major roads by the end of 2018.

All of these Lorries will be manned and driven in formation of up to three lorries in single file. The lead vehicle will connect to the others wirelessly and control their braking and acceleration. Human drivers will still be present to steer the following lorries in the convoy.

This automation will allow the trucks to drive very close together, reducing drag for the following vehicles to improve fuel efficiency.”Platooning” as they call these convoys has been tested in a number of countries around the world, including the US, Germany, and Japan.

Are these actually autonomous vehicles? This question is folly when looking toward the future of “self-driving”. The transition to robot vehicles will not happen in the blink of an eye, even if the technological barriers were all suddenly solved. That’s because it’s untenable for human drivers to suddenly be on the road with vehicles that don’t have a human brain behind the wheel. These changes will happen incrementally. The lorry tests are akin to networked cruise control. But we can see a path that will add in lane drift warnings, steering correction, and more incremental automation until only the lead vehicle has a person behind the wheel.

There is a lot of interest in the self driving industry right now from the self driving potato to autonomous delivery. We’d love to hear your vision of how automated delivery will sneak its way into our everyday lives. Tell us what you think in the comments below.