This Week In Security: ID Breaches, Code Smell, And Poetic Flows

Discord had a data breach back on September 20th, via an outsourced support contractor. It seems it was a Zendesk instance that was accessed for 58 hours through a compromised contractor user account. There have been numbers thrown around from groups claiming to be behind the breach, like 1.6 Terabytes of data downloaded, 5.5 million user affected, and 2.1 million photos of IDs.

Discord has pushed back on those numbers, stating that it’s about 70,000 IDs that were leaked, with no comments on the other claims. To their credit, Discord has steadfastly refused to pay any ransom. There’s an interesting question here: why were Discord users’ government issued IDs on record with their accounts?

The answer is fairly simple: legal compliance. Governments around the world are beginning to require age verification from users. This often takes the form of a scan of valid ID, or even taking a picture of the user while holding the ID. There are many arguments about whether this is a good or bad development for the web, but it looks like ID age verification is going to be around for a while, and it’ll make data breaches more serious.

In similar news, Salesforce has announced that they won’t be paying any ransoms to the group behind the compromise of 39 different Salesforce customers. This campaign was performed by calling companies that use the Salesforce platform, and convincing the target to install a malicious app inside their Saleforce instance. Continue reading “This Week In Security: ID Breaches, Code Smell, And Poetic Flows”

BenchVolt PD

BenchVolt PD: USB PD Meets Benchtop Precision

USB power has become ubiquitous — everything from phones to laptops all use it  — so why not your lab bench? This is what [EEEngineer4Ever] set out to do with the BenchVolt PD USB adjustable bench power supply. This is more than just a simple breakout for standard USB PD voltages, mind you; with adjustable voltages, SCPI support, and much more.

The case is made of laser-cut acrylic, mounted to an aluminum base, not only providing a weighted base but also helping with dissipating heat when pulling the 100 W this is capable of supplying. Inside the clear exterior, not only do you get to peek at all the circuitry but there is also a bright 1.9-inch TFT screen showing the voltage, current, and wattage of the various outputs. There is a knob that can adjust the variable voltage output and navigate through the menu. Control isn’t limited to the knob, mind you; there also is a Python desktop application to make it easy changing the settings and to open up the possibility to integrate its control alongside other automated test equipment.

There are five voltage outputs in this supply: three fixed ones—1.8 V, 2.5 V, and 3.3 V—and two adjustable ones: 0.5-5 V and 2.5-32 V. All five of these outputs are capable of up to 3 A. There are also a variety of waveforms that can be output, blurring the lines between power supply and function generator. While the BenchVolt PD will be open-sourced, [EEEngineer4Ever] will soon be releasing it over on CrowdSupply for those interested in one without building one themselves. We are big fans of USB PD gear, so be sure to check out some other USB PD projects we’ve featured.

Continue reading “BenchVolt PD: USB PD Meets Benchtop Precision”

Inside A Germanium Transistor

The first transistors were point contact devices, not far from the cats-whiskers of early radio receivers. They were fragile and expensive, and their performance was not very high. The transistor which brought the devices to a mass audience through the 1950s and 1960s was the one which followed, the alloy diffusion type. [Play With Junk] has a failed OC71 PNP alloy diffusion transistor, first introduced in 1957, and has cracked it open for a closer look.

Inside the glass tube is a small wafer of germanium crystal, surrounded by silicone grease. It forms the N-type base of the device, with the collector and emitter being small indium beads fused into the germanium. The junctions were formed by the resulting region of germanium/indium alloy. The outside of the tube is pained black because the device is light-sensitive, indeed a version of this transistor without the paint was sold as the OCP71 phototransistor.

These devices were leaky and noisy, with a low maximum frequency and low gain. But they were reliable and eventually affordable, so some of us even cut our electronic teeth on them.

Continue reading “Inside A Germanium Transistor”

Piers holding a USB One ROM.

One ROM Gets A USB Stack

Our hacker [Piers Finlayson] is at it again, and this time he has added USB support to One ROM.

With this new connectivity you can attach your One ROM to your computer with a USB cable and then in a matter of seconds upload new firmware from your Chrome (or Chromium) web browser. This new connectivity will supplement but not replace the existing serial wire connectivity because the serial wire connectivity enables certain advanced use cases not supported by the USB stack, such as reprogramming a ROM in-place as it’s being served. The new USB interface will probably suit most users who just want to use One ROM to manage the ROMs for their old kit and who don’t need the extra functionality.

Addressing the question as to why he didn’t have USB connectivity from the start [Piers] claimed it was because he didn’t like soldering the USB sockets! But given this is a service he can get from his board house that is no longer his problem! [Piers] said he picked Micro USB over USB-C because the former demands less circuit board real estate than the latter. Squeezing everything on to the board remains a challenge!

Continue reading “One ROM Gets A USB Stack”

The Fascinating Waveguide Technology Inside Meta’s Ray-Ban Display Glasses

The geometric waveguide glass of the Meta Ray-Ban Display glasses. (Credit iFixit)
The geometric waveguide glass of the Meta Ray-Ban Display glasses. (Credit iFixit)

Recently the avid teardown folk over at iFixit got their paws on Meta’s Ray-Ban Display glasses, for a literal in-depth look at these smart glasses. Along the way they came across the fascinating geometric waveguide technology that makes the floating display feature work so well. There’s also an accompanying video of the entire teardown, for those who enjoy watching a metal box cutter get jammed into plastic.

Overall, these smart glasses can be considered to be somewhat repairable, as you can pry the arms open with a bit of heat. Inside you’ll find the 960 mWh battery and a handful of PCBs, but finding spare parts for anything beyond perhaps the battery will be a challenge. The front part of the glasses contain the antennae and the special lens on the right side that works with the liquid crystal on silicon (LCoS) projector to reflect the image back to your eye.

While LCoS has been used for many years already, including Google Glass, it’s the glass that provides the biggest technological advancement. Instead of the typical diffractive waveguide it uses a geometric reflective waveguide made by Schott, with the technology developed by Lumus for use in augmented reality (AR) applications. This is supposed to offer better optical efficiency, as well as less light leakage into or out of the waveguide.

Although definitely impressive technology, the overall repairability score of these smart glasses is pretty low, and you have to contest with both looking incredibly dorky and some people considering you to be a bit of a glasshole.

Continue reading “The Fascinating Waveguide Technology Inside Meta’s Ray-Ban Display Glasses”

Motors Make The Best Knobs With SimpleFOC

The worst thing about a volume knob is that, having connected it to a computer, it might be wrong: if you’ve manually altered the volume settings somewhere else, the knob’s reading won’t be correct. [I Got Distracted] has a quick tutorial on YouTube showing how to use a BLDC, a hall effect sensor, Pi Pico and the SimpleFOC library to make a knob with active haptic feedback and positioning.

We covered the SimpleFOC library a few years ago, but in case you missed it, it’s, well, a simple library for FOC on all of our favorite microcontrollers, from Arduino to ESP to Pico. FOC stands for field-oriented control, which is a particular way of providing smooth, precise control to BLDCs. (That’s a BrushLess DC motor, if the slightly-odd acronym is new to you.) [I Got Distracted] explains exactly how that works, and shows us just how simple the SimpleFOC project is to use in this video.  Why, they even produce their own motor controllers, for a fully-integrated experience. (You aren’t restricted to that hardware, but it certainly does make things easy.)

The haptic feedback and self-dialing knob make for an easy introductory project, but seeing how quick it hacks together, you can doubtless think of other possibilities. The SimpleFOC controller used in this video is limited to relatively small motors, but if you want to drive hundreds of kilowatts through open source hardware, we’ve covered that, too.  

Arguably, using a motor as a knob isn’t within the design spec, and so could almost qualify for our ongoing Component Abuse Challenge, had [I Got Distracted] thought to enter.

Continue reading “Motors Make The Best Knobs With SimpleFOC”

2025 Component Abuse Challenge: The Sweet Sound Of A Choking Transformer

The Component Abuse Challenge is dragging all sorts of old, half-forgotten hacks out of the woodwork, but this has got to be the most vintage: [KenS] started using a transformer as a variable choke on his speakers 55 years ago.

The hack is pretty bone-dead simple. A choke is an inductor in an audio (or any other) circuit designed to, well, choke off higher-than-desired frequencies. We featured a deep dive a few years back if you’re interested. An inductor is a coil of wire, usually (but not necessarily) wound around a core of iron or ferrite. A transformer? Well, that’s also a coil of wire around a core… plus an extra coil of wire. So when [KenS], back in his salad days, had a tweeter that a was a little too tweety, and no proper choke, he grabbed a transformer instead.

This is where inspiration hit: sure, if you leave the second winding open, the transformer acts like a standard choke. What happens if you short that second winding? Well, you dampen the response of the first winding, and it stops choking, to the point that it acts more like a straight wire. What happens if you don’t short the second winding, but don’t leave it wide open? [KenS] stuck a potentiometer on there, and found it made a handy-dandy variable choke with which to perfectly tune the tone response of his speakers. Changing the resistance changes the rate at which high frequencies are choked off, allowing [KenS] to get the perfect frequency response with which to rock out to Simon & Garfunkel, The Carpenters and The Guess Who. (According to the Billboard Top 100 for 1970, those are who you’d be listening to if you had conventional tastes.)

While we can’t say the transformer is really being tortured in this unusual mode, it’s certainly not how it was designed, so would qualify for the “Junk Box Substitutions” category of the Component Abuse Challenge. If you’ve made similar substitutions you’d like to share, don’t wait another 55 years to write them up– the contest closes November 11th.

Transformer image: Hannes Grobe, CC BY-SA 4.0.