Slider

4965 Articles

IoT Security Is Hard: Here’s What You Need To Know

April 21, 2017 by 69 Comments

Security for anything you connect to the internet is important. Think of these devices as doorways. They either allow access to services or provides services for someone else. Doorways need to be secure — you wouldn’t leave your door unlocked if you lived in the bad part of a busy city, would you? Every internet connection is the bad part of a busy city. The thing is, building hardware that is connected to the internet is the new hotness these days. So let’s walk through the basics you need to know to start thinking security with your projects.

If you have ever run a server and checked your logs you have probably noticed that there is a lot of automated traffic trying to gain access to your server on a nearly constant basis. An insecure device on a network doesn’t just compromise itself, it presents a risk to all other networked devices too.

The easiest way to secure a device is to turn it off, but lets presume you want it on. There are many things you can do to protect your IoT device. It may seem daunting to begin with but as you start becoming more security conscious things begin to click together a bit like a jigsaw and it becomes a lot easier.

Continue reading “IoT Security Is Hard: Here’s What You Need To Know”

New Part Day: Very Cheap LIDAR

April 20, 2017 by 69 Comments

Self-driving cars are, apparently, the next big thing. This thought is predicated on advancements in machine vision and cheaper, better sensors. For the machine vision part of the equation, Nvidia, Intel, and Google are putting out some interesting bits of hardware. The sensors, though? We’re going to need LIDAR, better distance sensors, more capable CAN bus dongles, and the equipment to tie it all together.

This is the cheapest LIDAR we’ve ever seen. The RPLIDAR is a new product from Seeed Studios, and it’s an affordable LIDAR for everyone. $400 USD gets you one module, and bizarrely $358 USD gets you two modules. Don’t ask questions — this price point was unheard of a mere five years ago.

Basically, this LIDAR unit is a spinning module connected to a motor via a belt. A laser range finder is hidden in the spinny bits and connected to a UART and USB interface through a slip ring. Mount this LIDAR unit on a robot, apply power, and the spinny bit does its thing at about 400-500 RPM. The tata that comes out includes distance (in millimeters), bearing (in units of degrees), quality of the measurement, and a start flag once every time the head makes a revolution. If you’ve never converted polar to cartesian coordinates, this is a great place to start.

Although self-driving cars and selfie drones are the future, this part is probably unsuitable for any project with sufficient mass or velocity. The scanning range of this LIDAR is only about 6 meters and insufficient for retrofitting a Toyota Camry with artificial intelligence. That said, this is a cheap LIDAR that opens the door to a lot of experimentation ranging from small robots to recreating that one Radiohead video.

Automate The Freight: Drones Across The Sea

April 20, 2017 by 105 Comments

When you think about which of the many technological advances of the 20th century had the most impact on the global economy, which one would you rank as the most important? Would it be the space program, which gave rise to advances in everything from communications satellites to advanced composite materials? Or would it be the related aerospace industry, which stitched the world together so tightly that you can be almost anywhere on the planet within 24 hours? Or perhaps it’s the Internet, the global platform for buying almost anything from almost anyone.

Those are all important, but for the most economically impactful technology of the 20th century, I’d posit that the lowly shipping container and the containerized cargo industry that grew around it win, hands down.

Continue reading “Automate The Freight: Drones Across The Sea”

E-ink Display Driven DIY

April 20, 2017 by 44 Comments

E-ink displays are awesome. Humans spent centuries reading non-backlit devices, and frankly it’s a lot easier on the eyes. But have you looked into driving one of these critters yourself? It’s a nightmare. So chapeau! to [Julien] for his FPGA-based implementation that not only uses our favorite open-source FPGA toolchain, and serves as an open reference implementation for anyone else who’s interested.

Getting just black and white on an E-ink display is relatively easy — just hit the ink pixels with the same signal over and over until they give up. Greyscale is made by applying much more nuanced voltages because the pixels are somewhat state-dependent. If the desired endpoint is a 50% grey, for instance, you’d hit it with a different pulse train if the pixel were now white versus if it were now black. (Ever notice that your e-book screen periodically does a white-black flash? It’s resetting all the pixels to a known state.) And that’s not even taking into account the hassles with the various crazy voltages that E-ink displays require, which [Julien] wisely handed off to a dedicated chip.

In the end, the device has to make 20-50 passes through the screen for one user-visible refresh. [Julien] found that the usual microcontrollers just weren’t capable of the speed that he wanted, hence the FPGA and custom waveform tables. We’ve seen E-ink hacks before, and [Julien] is standing on the shoulders of giants, most notably those of [Petteri Aimonen] and [Sprite_tm]. [Julien]’s hack has the fastest updates we’ve ever seen.

We still can’t wait for the day that there is a general-purpose E-ink driver chip out there for pennies, because nearly every project we make with a backlit display would look better, and chew through the batteries slower, with E-ink. In the meantime, [Julien]’s FPGA implementation is pretty close, and it’s fully open.

Continue reading “E-ink Display Driven DIY”

You Think You Can’t Be Phished?

April 19, 2017 by 84 Comments

Well, think again. At least if you are using Chrome or Firefox. Don’t believe us? Well, check out Apple new website then, at https://www.apple.com . Notice anything? If you are not using an affected browser you are just seeing a strange URL after opening the webpage, otherwise it’s pretty legit. This is a page to demonstrate a type of Unicode vulnerability in how the browser interprets and show the URL to the user. Notice the valid HTTPS. Of course the domain is not from Apple, it is actually the domain: “https://www.xn--80ak6aa92e.com/“. If you open the page, you can see the actual URL by right-clicking and select view-source.

So what’s going on? This type of phishing attack, known as IDN homograph attacks, relies on the fact that the browser, in this case Chrome or Firefox, interprets the “xn--” prefix in a URL as an ASCII compatible encoding prefix. It is called Punycode and it’s a way to represent Unicode using only the ASCII characters used in Internet host names. Imagine a sort of Base64 for domains. This allows for domains with international characters to be registered, for example, the domain “xn--s7y.co” is equivalent to “短.co”, as [Xudong Zheng] explains in his blog.

Different alphabets have different glyphs that work in this kinds of attacks. Take the Cyrillic alphabet, it contains 11 lowercase glyphs that are identical or nearly identical to Latin counterparts. These class of attacks, where an attacker replaces one letter for its counterpart is widely known and are usually mitigated by the browser:

Continue reading “You Think You Can’t Be Phished?”

Networking: Pin The Tail On The Headless Raspberry Pi

April 18, 2017 by 69 Comments

Eager to get deeper into robotics after dipping my toe in the water with my BB-8 droid, I purchased a Raspberry Pi 3 Model B. The first step was to connect to it. But while it has built-in 802.11n wireless, I at first didn’t have a wireless access point, though I eventually did get one. That meant I went through different ways of finding it and connecting to it with my desktop computer. Surely there are others seeking to do the same so let’s take a look at the secret incantations used to connect a Pi to a computer directly, and indirectly.

Continue reading “Networking: Pin The Tail On The Headless Raspberry Pi”

The Surface Area To Volume Ratio Or Why Elephants Have Big Ears

April 18, 2017 by 48 Comments

There are very few things that are so far reaching across many different disciplines, ranging from biology to engineering, as is the relation of the surface area to the volume of a body. This is not a law, as Newton’s second one, or a theory as Darwin’s evolution theory. But it has consequences in a diverse set of situations. It explains why cells are the size they are, why some animals have a strange morphology, why flour explodes while wheat grains don’t and many other phenomena that we will explore in this article.

Continue reading “The Surface Area To Volume Ratio Or Why Elephants Have Big Ears”