Known as Project CAVForth for the UK government’s Center for Connected and Autonomous Vehicles (CCAV) and the Forth bridge, over which the buses will travel, it is said to be the most complex test of autonomous on-road mass transit yet undertaken in Europe. The full-size single-deck motorcoaches, five in total, will ply a 22-km (14-mile) route into Edinburgh from Fife, crossing the famous Firth of Forth on the Forth Road suspension bridge. The buses will carry about 36 passengers each and run at SAE Level 4 autonomy, meaning that a safety driver is optional under good driving conditions. Continue reading “Automate The Freight: Autonomous Buses To Start Operation In UK”→
A couple of years ago, Hackaday published an article, “Electric Vehicles Continue the Same Wasteful Mistakes That Limit Longevity“, in which we took a look at the way the car industry, instead of taking the move to electric traction as an opportunity to simplify their products, was instead making their electric offerings far more complex. It touched a nerve and received a very large comment volume, such that now it is our 19th most commented story of all time.
It’s something brought back to the fore by seeing a The Drive piece bemoaning the evolution of the automobile as a software receptacle governed by end-user licenses rather than a machine under the control of its owner. In turn that’s posed the question: Just what do you really need for a car, and what is superfluous? Time to provide an answer to that question, so here it is: a minimal motoring manifesto. Continue reading “A Minimal Motoring Manifesto”→
Over many years now we’ve covered right-to-repair stories, and among them has been a constant bête noire. The American farm machinery manufacturer John Deere whose instantly recognisable green and yellow tractors have reliably tilled the soil for over a century, have become the poster child for inappropriate use of DRM. It’s enough to make any farmer see red, but there’s a story from CNN which shows another side to manufacturer control. A Deere dealership in Melitopol, Ukraine, was looted by invading Russian forces, who took away an estimated $5m worth of farm machinery. The perfect crime perhaps, save for the Deere computer system being used to remotely disable them leaving the crooks with combine harvesters they can’t even start.
For much of the last century, the ownership, loving care, and maintenance of an aged and decrepit automobile has been a rite of passage among the mechanically inclined. Sure, the battle against rust and worn-out parts may eventually be lost, but through that bond between hacker and machine are the formative experiences of motoring forged. In middle-age we wouldn’t think of setting off across the continent on a wing and a prayer in a decades-old vehicle, but somehow in our twenties we managed it. The Drive have a piece that explores how technological shifts in motor vehicle design are changing our relationship with cars such that what we’ve just described may become a thing of the past. Titled “The Era of ‘the Car You Own Forever’ Is Coming to an End“, it’s well worth a read.
At the crux of their argument is that carmakers are moving from a model in which they produce motor vehicles that are simply machines, into one where the vehicles are more like receptacles for their software. In much the same way as a smartphone is obsolete not necessarily through its hardware becoming useless but through its software becoming unmaintained, so will the cars of the future. Behind this is a commercial shift as the manufacturers chase profits and shareholder valuations, and a legal change in the relationship between customer and manufacturer that moves from ownership of a machine into being subject to the terms of a software license.
This last should be particularly concerning to all of us, after all if we’re expected to pay tens of thousands of dollars for a car it’s not unreasonable to expect that it will continue to serve us at our convenience rather than at that of its manufacturer.
For how common motorcycles are, the designs and parts used in them tend to vary much more wildly than in cars and trucks. Sometimes this is to the rider’s advantage, like Honda experimenting with airbags or automatic transmissions. Sometimes it’s a little more questionable, like certain American brands holding on to pushrod engine designs from the ’40s. And sometimes it’s just annoying, like the use of cheap voltage regulators that fail often and perform poorly. [fvfilippetti] was tired of dealing with this on his motorcycle, so he built a custom voltage regulator using MOSFETs instead.
Unlike a modern car alternator, which can generate usable voltage even at idle, smaller or older motorcycle alternators often can’t. Instead they rely on a simpler but less reliable regulator that is typically no more than a series of diodes, but which can only deliver energy to the electrical system while the motor is running at higher speeds. Hoping to improve on this design, [fvfilippetti] designed a switched regulator from scratch out of MOSFETs with some interesting design considerations. It is capable of taking an input voltage between 20V and 250V, and improves the ability of the motorcycle to use modern, higher-power lights and to charge devices like phones as well.
In the video below, an LED was added in the circuit to give a visual indication that the regulator is operating properly. It’s certainly a welcome build for anyone who has ever dealt with rectifier- or diode-style regulators on older bikes before. Vehicle alternators are interesting beasts in their own right, too, and they can be used for much more than running your motorcycle’s electrical system.
[ITman496] is one of us hackers working his way around health problems, in his case, a back injury. He is eager to solve various difficulties he has to deal with, and in case of the video he made, it was about moving a large trashcan through ice-covered roads on his property. Not willing to risk his health any further and dissatisfied with the flimsy solutions for sale requiring him to do the heavy lifting, still, he designed and built a winch-powered trashcan lifter mechanism – not entirely unlike a forklift. He mounted it to his ATV, tested it, improved upon it, filming his progress along the way – and then made a video detailing the entire build for us!
Having sketched the concept on his phone, he modeled and tested it in SketchUp, then cut and welded the parts, describing a welding alignment trick along the way – using 3D-printed joints to hold the two parts-to-be-welded together for tack welds, ensuring nigh-perfect alignment. Initial testing was a success! From there, he describes a good few surprising but in retrospect expected ease-of-use improvements that didn’t crop up during simulations, like adding chamfers to the scoop, so that he doesn’t have to angle his ATV super precisely to pick the trashcan up. In the end, having used it for about a month now, he tells us it’s been working extremely well for his purposes!
[Daljeet Nandha] from [RoboCoffee] writes to us, sharing his research on cryptographic signature-based firmware authenticity checks recently added to the Xiaomi Mi scooter firmware. Those scooters use an OTA firmware update mechanism over BLE, so you can update your scooter using nothing but a smartphone app – great because you can easily get all the good new features, but suboptimal because you can easily get all the bad new features. As an owner of a Mi 1S scooter but a hacker first and foremost, [Daljeet] set up a HTTPS proxy and captured the firmware files that the app downloaded from Xiaomi servers, dug into them, and summarized what he found.
Confirming this update will indefinitely lock you out of any third-party OTA updates
Unlike many of the security measures we’ve seen lacking-by-design, this one secures the OTA firmware updates with what we would consider the industry standard – SHA256 hash with elliptic cryptography-backed signing. As soon as the first firmware version implementing signature checks is flashed into your scooter, it won’t accept anything except further firmware binaries that come with Xiaomi’s digital signature. Unless a flaw is found in the signature checking implementation, the “flash a custom firmware with a smartphone app” route no longer seems to be a viable pathway for modding your scooter in ways Xiaomi doesn’t approve of.
Having disassembled the code currently available, [Daljeet] tells us about all of this – and more. In his extensive writeup, he shares scripts he used on his exploration journey, so that any sufficiently motivated hacker can follow in his footsteps, and we highly recommend you take a look at everything he’s shared. He also gives further insights, explaining some constraints of the OTA update process and pointing out a few security-related assumptions made by Xiaomi, worth checking for bypassing the security implemented. Then, he points out the firmware filenames hinting that, in the future, the ESC (Electronic Speed Control, responsible for driving the motors) board firmware might be encrypted with the same kind of elliptic curve cryptography, and finds a few update hooks in the decompiled code that could enable exactly that in future firmware releases.
One could argue that these scooters are typically modified to remove speed limits, installed there because of legal limitations in a variety of countries. However, the legal speed limits are more nuanced than a hard upper boundary, and if the hardware is capable of doing 35km/h, you shouldn’t be at mercy of Xiaomi to be able to use your scooter to its full extent where considerate. It would be fair to assert, however, that Xiaomi did this because they don’t want to have their reputation be anywhere near “maker of scooters that people can modify to break laws with”, and therefore we can’t expect them to be forthcoming.
