If you thought CADing designs for 3D printing was hard enough, wait until you hear about this
[Angus] of Maker’s Muse recently demoed a method for creating hidden geometries in
.stl files that are only revealed during the slicing process before a 3D print. (Video, embedded below.) The process involves creating geometries with a thickness smaller than the size of the 3D printer’s nozzle that still appear to be solid in a
.stl editor, but will not be rendered by a FDM slicer.
Most 3D printers have 0.4 mm thickness nozzle, so creating geometries with a wall thinner than this value will result in the effect that you’re looking for. Some possible uses for this trick are to create easter eggs or even to mess with other 3D printing enthusiasts. Of course, [Angus] recommends not to use this “deception for criminal or malicious intent” and I’d have to agree.
There’s a few other tricks that he reveals as well, including a way to create a body that’s actually a thin shell but appears to be solid: great for making unprintable letters that reveal hidden messages.
Nevertheless, it’s a cool trick and maybe one of those “features not bugs” in the slicer software.
Continue reading “There’s More To The 3D Print Than The Eye Can See”
Mike Ossmann and Dominic Spill have been at the forefront of the recent wave of software-defined radio (SDR) hacking. Mike is the hardware guy, and his radio designs helped bring Bluetooth and ISM-band to the masses. Dominic is the software guy who makes sure that all this gear is actually usable. The HackRF SDR is still one of the best cheap choices if you need an SDR that can transmit and receive.
So what are these two doing on stage giving a talk about IR communication? Can you really turn traffic lights green by blinking lights? And can you spoof a TV remote with a cardboard cutout, a bicycle wheel, and a sparkler? What does IR have to do with pirates, and why are these two dressed up as buccaneers? Watch our video interview and find out, or watch the full talk for all of the juicy details.
Continue reading “Mike Ossmann And Dominic Spill: IR, Pirates!”
[Emilio Ficara] [built himself an Internet-connected MQTT multimeter](http://ficara.altervista.org/) (translated from Italian by robots). Or maybe we should say that [Emilio Ficara] undertook a long string of cool hacks that ended up in a WiFi-enabled multimeter, because the destination isn’t nearly as interesting as the voyage.
The multimeter, a DT-4000ZC, has a serial output but instead of transferring the data directly, it sends which cells on the LCD screen need to be activated. For testing along the way, [Emilio] used his own USB-serial-to-ESP01 dongle, which sounds like a useful tool to have around if you’re debugging an AT command session. He made a cute AVR SPI-port debugging aid with a reset button and diagnostic LEDs that we’re going to copy right now. Other home-made tools, like a 3.7V Li-ion battery manager and a serial data snooper make this project worth a look.
Continue reading “Voltmeter Speaks MQTT Without Libraries”
On September 21, “Premium” 0day startup Zerodium put out a call for a chain of exploits, starting with a browser, that enables the phone to be remotely jailbroken and arbitrary applications to be installed with root / administrator permissions. In short, a complete remote takeover of the phone. And they offered $1 million. A little over a month later, it looks like they’ve got their first claim. The hack has yet to be verified and the payout is actually made.
But we have little doubt that the hack, if it’s actually been done, is worth the money. The NSA alone has a $25 million annual budget for buying 0days and usually spends that money on much smaller bits and bobs. This hack, if it works, is huge. And the NSA isn’t the only agency that’s interested in spying on folks with iPhones.
Indeed, by bringing something like this out into the open, Zerodium is creating a bidding war among (presumably) adversarial parties. We’re not sure about the ethics of all this (OK, it’s downright shady) but it’s not currently illegal and by pitting various spy agencies (presumably) against each other, they’re almost sure to get their $1 million back with some cream on top.
We’ve seen a lot of bug bounty programs out there. Tossing “firmname bug bounty” into a search engine of your choice will probably come up with a hit for most
firmnames. A notable exception in Silicon Valley? Apple. They let you do their debugging work for free. How long this will last is anyone’s guess, but if this Zerodium deal ends up being for real, it looks like they’re severely underpaying.
And if you’re working on your own iPhone remote exploits, don’t be discouraged. Zerodium still claims to have money for two more $1 million payouts. (And with that your humble author shrugs his shoulders and turns the soldering iron back on.)
Thereifixedit.com is a site filled with dubious innovations. Some of them are cool, some of them are clever, and most of them are terrifying. Anyone who has ever stood in front of a broken household appliance with a roll of duct tape, one screw driver with a bit chipped off the flat part, and determination will laugh themselves silly browsing through this site. Maybe some of the ghetto hacks we covered before should be in this list.
[Thanks for the link Dad]
Less than a week after American Airlines introduced in-flight internet, hackers have already figured out how to use the system to make VoIP calls in a few easy steps with Phweet, a Twitter application. While the network blocks most VoIP services, Phweet can connect two people using a Flash app. Aircell, the company responsible for the system, is aware of the oversight, but it remains to be seen whether this little loophole will be fixed in a timely manner. Meanwhile, we encourage those of you who do fly on American Airlines to avoid making those phone calls; your neighbor would probably appreciate it.