The BluePill board used for this hack, wired to the DYMO RFID reader, after all the wires for this hack have been soldered onto the BluePill board.

#FreeDMO Gets Rid Of DYMO Label Printer DRM

March 30, 2022 by Arya Voronova 49 Comments

DYMO 550 series printer marketing blurb says “The DYMO® LabelWriter® 550 Turbo label printer comes with unique Automatic Label Recognition™”, which, once translated from marketing-ese, means “this printer has DRM in its goshdarn thermal stickers”. Yes, DRM in the stickers that you typically buy in generic rolls. [FREEPDK] didn’t like that, either, and documents a #FreeDMO device to rid us of yet another consumer freedom limitation, the true hacker way.

The generic BluePill board and two resistors are all you need, and a few extra cables make the install clean and reversible – you could definitely solder to the DYMO printer’s PCBs if you needed, too. Essentially, you intercept the RFID reader connections, where the BluePill acts as an I2C peripheral and a controller at the same time, forwarding the data from an RFID reader and modifying it – but it can also absolutely emulate a predetermined label and skip the reader altogether. If you can benefit from this project’s discoveries, you should also take a bit of your time and, with help of your Android NFC-enabled phone, share your cartridge data in a separate repository to make thwarting future DRM improvements easier for all of us. Continue reading “#FreeDMO Gets Rid Of DYMO Label Printer DRM” →

Against The Cloud

February 19, 2022 by Elliot Williams 58 Comments

One of our writers is working on an article about hosting your own (project) website on your own iron, instead of doing it the modern, cloudy-servicey way. Already, this has caused quite a bit of hubbub in the Hackaday Headquarters. Who would run their own server in 2022, and why?

The arguments against DIY are all strong. If you just want to spin up a static website, you can do it for free in a bazillion different places. GitHub’s Pages is super convenient, and your content is version controlled as a side benefit. If you want an IoT-type data-logging and presentation service, there are tons of those as well — I don’t have a favorite. If you want e-mail, well, I don’t have to tell you that a large American search monopoly offers free accounts, for the low price of slurping up all of your behavioral data. Whatever your need, chances are very good that there’s a service for you out there somewhere in the cloud.

And that’s awesome if you only want the service provided. But what if you want to play around? Or learn how it all works under the hood? This is Hackaday!

For instance, you could run your own mail server just for your friends and family. The aforementioned search monopolist will probably flag all of your e-mail as spam, partly because they don’t trust small e-mail providers, and partly because that’s the “m” in monopoly. But if you can get folks to whitelist the addresses, you’ll be in business. And then you open up a world of fun and foolery. You can write hooks to automatically handle mail, or you can create an infinite number of mail accounts, even on the fly as per Spamgourmet, the most awesome anti-spam tool of the last 30 years. Or you can invent your own. Run a mailing list for your relatives. Or do something stupid.

I used to run a service where, when a particular account received an e-mail, the attached photo was pushed up to a website with the subject line as the caption. Instant photo-blog, of the strangest and least secure sort. Getting it running was a few lines of Bash scripting, and an afternoon of fun. Is there a service that does this, already existing in the cloud? Probably. One that allows you a little privacy and doesn’t track your every move? Maybe. But even if there is, would I have learned about sendmail by using this service? Nope!

I hear you saying “security” under your breath, and you’re right. This system was secured by lock made of purest obscurity. But still, in seven years of running the service, nobody guessed the magic e-mail address, not once. Knowledge of the e-mail address was essentially a password, but if I needed extra security I probably could have implemented it in a few lines of Bash anyway. The webpage itself was static HTML, so good luck with that, Hackerman! (The site’s been down for a while now, so you missed your chance.)

If you just want a service, you can be served. But if you want to be a server, a first-class Internet citizen, with your own cloud in the sky, nothing’s stopping you either. And in contrast to using someone else’s computers, running your own is an invitation to play. It’s a big, Internet-connected sandbox. There are an infinity of funny ideas out there that you can implement on your own box, and a lot to learn. If you hack on someone else’s box, it’s a crime. If you hack on your own, it’s a pleasure.

I know it’s anachronistic, but give it a try. (PDF, obscenity, uncorrected typos.) Be your own cloud.

The Year Of Owning It

January 8, 2022 by Elliot Williams 41 Comments

Talking over the year in review on the Podcast, Tom Nardi and I were brainstorming what we thought was the single overarching trend in 2021, and we came up with many different topics: victories in the right to repair, increasingly dystopian service contracts, a flourishing of cyberdecks, and even greater prevalence of reverse engineering style hacks. And then we realized: they are all different faces of the same beast — people just want to own the devices that they own.

Like Dr. Jekyll and Mr. Hyde, our modern Internet-connected-everythings have two sides. On one side, we get so much additional functionality from having everything on the net. But on the other, if your car is always connected, it gives Toyota a means to make you pay a monthly fee to use a car fob, and if you have to use Cricut’s free online service to upload designs to the cutter, they can suddenly decide to start charging you. It allows Samsung to not only spy on whatever you’re currently watching on your smart TV, but to also brick it if they want to. More and more, we don’t actually own (in the sense of control) the devices that we own (in the sense of having purchased).

We don’t have to take it lying down. On the one hand, consumer protest made Cricut walk back their plans, and may do the same with Toyota. We can achieve a lot, collectively, by just talking about our grievances, and letting the firms in question know how we feel — naturally also with our wallets. But as hackers and all-around techie types, we can do even more. When something is broken because of a bad service, we can often fix it with firmware or by standing up our own version of the service. We can pwn them.

But there’s even more to the cyberdeck and the extreme DIY movements of the last few years than just the defense against lock-in or the liberating of hardware. There’s also the pride of truly owning something because you made it. Not just owning it because you bought it, or owning it because you control it, but owning it because you understand it and because you gave birth to it.

Whichever way you’re into owning your own, I think that’s the single overarching trend of 2021 — both on the positive and proactive side and the negative and reactive. Talking about it, reverse engineering it, or building it yourself, 2021 was the year of owning it.

Hackaday Links: December 19, 2021

December 19, 2021 by Dan Maloney 26 Comments

Key fobs as a service? Have we really gotten to that point? It would seem so, at least for Toyota, which is now requiring a subscription to use the company’s Remote Connect function. To be fair to Toyota, the Remote Connect system seems to do a bit more than the average key fob, with things like remote start and smartphone or smartwatch integration. It doesn’t appear that using the key fob for more mundane uses, like opening the doors, will be nerfed by this change. But if you want to warm up your car on a cold winter’s morn while you’re still in your jammies, then be prepared to cough up $8 a month or $80 a year on select 2018 and above models. Whether Toyota and other manufacturers get away with this nickel-and-dime stuff is up to the buyers, of course; if enough people opt out, maybe they’ll think of some other way to pad their bottom line. But since we’ve already seen heated seats as a service (last item), we suspect this is the shape of things to come, and that it will spread well beyond the car industry.

Speaking of cars, if you thought the chip shortage was over just because car dealer lots are filling back up, think again. Steve over at Big Mess o’ Wires reports that he’s having trouble sourcing chips for his vintage computer accessories. He includes a screenshot from Digi-Key showing zero stock on ATmega1284s. He also reports that the Lattice FPGA he uses for his Yellowstone universal disc controller is now unobtainium, where it had previously been easily sourced for about $5. He also has a pointed warning about some suppliers making it look like they have stock, only to send a “whoopsie” email after charging your credit card, or worse, telling you the price has increased over 400%. We suppose this was inevitable; there’s only so much fab capacity in the world, so eventually the fabs will switch over to producing whatever they can get paid the most for. And since car manufacturers have a lot more clout with suppliers than just about anyone else, it’s only natural for the shortages to shift down-market like this.

Do we finally have a “go” on James Webb? Maybe. The launch of the space telescope was originally scheduled for December 18 — well, OK, originally it was supposed to be in space in 2007, but let’s not go there — but a problem with a clamp caused unexpected vibrations in the $10 billion space observatory, resulting in inspections that pushed the launch back to the 22nd. That lasted for about a week, until the fueled and packaged spacecraft stopped sending data to launch controllers. The problem ended up being entirely relatable — a bad data cable — but resulted in the loss of two more days. JWST is now set to launch on Christmas Eve at 7:20 AM Eastern Standard Time, pending a readiness review on Tuesday morning. Fingers crossed that the long-awaited observatory has a safe 30-day trip to Lagrange point L2.

And finally, breathless tech journalists couldn’t wait to report this week that the world’s first warp bubble had been created. The paper was published by Dr. Harold “Sonny” White et al from the Limitless Space Institute, and claims to have discovered a “micro/nano-scale structure” that “predicts negative energy density distribution that closely matches requirements for the Alcubierre metric.” That last bit, the one about the Alcubierre metric, refers to the Alcubierre drive, which proposed a way to warp space-time and drive a ship at arbitrarily high speeds. But did this team actually create a warp bubble? It doesn’t seem so, at least according to one article we read. There’s also the problem of Dr. White’s previous claims of breaking the laws of physics with a reactionless EM drive. Scientific quibbling aside, there’s a sure-fire way of telling that no warp bubble was created — if there had been one, this would have happened.