A lot of computers can play chess. [Matthew Lui’s] Giraffe is a chess playing computer, but unlike other common chess programs, Giraffe taught itself to play. It apparently learned pretty well, too, since it is rated as an International Master on the FIDE scale (putting it in the top 2.2% of players. The top chess playing computers clock in at super grandmaster level but they are not self-taught).
“It’s only software!” A sentence that strikes terror in the heart of an embedded systems software developer. That sentence is often uttered when the software person finds a bug in the hardware and others assume it’s going to be easier for fix in software rather than spin a new hardware revision. No wonder software is always late.
[Clint Stevenson] is his own hardware and software guy, as are most of us. He wanted to use the less expensive HC-SR04 ultrasonic rangefinder in a prototype. Longer term he wanted to have the choice of either a Parallax PING or MaxBotix ultrasonic sensor for their better performance outdoors. His hardware hack of the SR04 made this a software problem which he also managed to solve!
[Clint] was working with the Arduino library, based on the Parallax PING, which uses a single pin for trigger and echo. The HC-SR04 uses separate pins. Originally he modified the Arduino library to accept the two pin approach. But with his long term goal in mind, he also modified the HC-SR04 sensor by removing the on-board pull-up resistor and adding a new one on the connector side to combine the signals. That gave him an SR04 that worked with the single-pin based library.
We’ve seen Parallax PING projects for sensing water depth and to generate music. These could be hacked to use the HC-SR04 using [Clint’s] techniques.
[Arduino and HC-SR04 photo from Blax Lab]
Considering all of the projects the Raspberry Pi is used for now, the fact that it was originally envisioned to be an educational tool is sometimes forgotten. One of the tools commonly available with it is Scratch, a programming language that is easy to learn and can be seen as a gateway into other computer science realms. Building on this principle, MIT has come up with a new block-based educational tool called BlocksCAD.
BlocksCAD is essentially Scratch combined with OpenSCAD and allows the user to use blocks (similar to Scratch) to build a 3D model. The interface is fairly intuitive, and with some practice even complex shapes can be created using the tools available. Also, everything runs in a browser like the 3D modeling tool we featured a few days ago, so there isn’t anything to download or install.
The key to this project (like the key to Scratch) is that the user isn’t bogged down by syntax, which is often one of the largest hurdles for anyone who is just starting to learn to program. Since it’s possible to avoid syntax but still develop 3D models, this new tool should help anyone interested in the field of 3D modeling or CAD get a start without getting scared away too easily. Of course, if you do end up deep in the field of computer science and want to learn more about this project, the developers have opened up the source code as well.
Thanks for the tip, [Matt]!
When you think about serial communications, Microsoft Excel isn’t typically the first program that springs to mind. But this spreadsheet has a rather powerful scripting language hidden away inside it, which can, with a little coding, be used to send and receive data over your serial port (Internet Archive Link, as of 2023). The scripting language is called Visual Basic for Applications (VBA), and it has been a part of Microsoft’s Office suite since 1993. Since then, it has evolved into a powerful (if sometimes frustrating) language that offers a subset of the features from Visual Basic.
It can be a useful tool. Imagine, for instance, that you are logging data from an instrument that has a serial port (or even an emulated one over USB). With a bit of VBA, you could create a spreadsheet that talks to the instrument directly, grabbing the data and processing it as required straight into the spreadsheet. It’s a handy trick that I have used myself several times, and [Maurizio] does a nice job of explaining how the code works, and how to integrate this code into Excel.
If you’re looking for other ways to leverage this Excel feature, consider watching movies at work or building a virtual machine inside of your sheets.
We’ve recently noticed two different fonts aimed at programmers, each with a different approach to editor customization. The first, Fira Code, transparently converts common programming digraphs into single characters. For example, <- becomes an arrow and != (or <>) becomes a proper not equal sign. The other font, Hack (can’t argue with the name), aims to make commonly confused characters distinct. For example, the zero glyph has a very distinct appearance from the letter O.
It is pretty easy to understand how Hack works, but Fira seems a mystery at first. Your C++ compiler expects <- not an arrow, right? Fonts support ligatures–sequences of two symbols that run together (like æ). Clever use of these ligatures means that the compiler still sees -> but the screen displays an arrow.
Dogs are remarkable creatures. Anybody who has lived with one will know that they are very vocal beasts, with barks that range from noting the presence of a squirrel in the yard to the warning whine that says “I am about to pee on your shoes if you don’t take me outside.” [Henry Conklin] decided to computerize the analysis of these noises, putting his dog [Oliver Twitch] on Twitter so he could hear what he was saying while he was at work. [Henry] that is: [Oliver] stays at home.
He did this using a Raspberry Pi, which is set to record sound above a certain volume. With the system sitting by [Oliver’s] favorite window, this records his barks. The recordings are then analyzed using PyAudioAnalysis, a library that analyzes sounds, compares them to reference ones and classifies them. The Raspberry Pi then posts the results onto twitter using Python-twitter.
![The setup used by [Oliver] to capture the barks: a USB microphone, Raspberry Pi and WiFi USB dongle.](https://hackaday.com/wp-content/uploads/2015/08/bark-details.jpg)
Everyone has at least a few games on their computer, and I would assume most of the Hackaday readership would be among the enlightened PC gamer bretheren. At this year’s DEF CON, [Tamas Szakaly] gave a talk about the data these games leak to the Internet, the data they accept from the Internet, and what you can do with that data.
[Tamas]’ talk was entirely about scripting games, like the many games that are scriptable in Lua, or Valve’s Squirrel. Developers have thought about this before and have implemented sandboxes and many anti-cheat mechanisms. However, because these sandboxes are poorly implemented, it’s easy to get outside the game and do some real damage.
[Tamas]’ first target was Crysis 2 and the CryEngine3. This game uses a Lua scripting engine and has no sandbox whatsoever. That means [Tamas] can call os.execute, and from there the entire game is over. Or it’s just begun. Either way you look at it, it’s pretty bad.
CryTek notwithstanding, [Tamas] can also use games with Lua scripting that have a real sandbox. DOTA2 has a leaky sandbox and can be used to call OS I/O routines and execute base 64 encoded executables right over the main executable.
The most impressive example of script abuse in various multiplayer games is from Garry’s Mod. This game has custom implementation of dangerous functions, restricted file IO, and a proper Lua sandbox. This was a wise decision from the developers, but the library is huge. If you create a map or mode used on a server, you can have a full HTTP proxy to the gamer’s home network. During the talk, [Tamas] used this exploit to display an image from a webcam on a Garry’s Mod server. It was on the podium right next him, but this could have been done on a server on the other side of the planet.
Continue reading “DEF CON: Abusing Scripts In Multiplayer Games”
