Lithophanes Ditch The Monochrome With A Color Layer

3D printed lithophanes are great, if a bit monochromatic. [Thomas Brooks] (with help from [Jason Preuss]) changed all that with a tool for creating color lithophanes but there’s a catch: you’ll need a printer capable of creating multi-color prints to do it.

A video (embedded below) begins with an intro but walks through the entire process starting around the 1:26 mark. The lithophane is printed as a single piece and looks like most other 3D printed lithophanes from the front, but the back is different. The back (which is the bottom printed layer) is made of up multiple STL files, one for each color, and together creates something that acts as a color filter. When lit from behind, light passes through everything and results in an image that pops with color in ways that lithophanes normally do not.

The demo print was created with a printer equipped with a Palette 2, an aftermarket device that splices together filament from different spools to create multicolored prints, but we think a Prusa printer with an MMU (multi material upgrade) should also do the trick.

[Thomas] already has a lot of ideas on how to improve the process, but these early results are promising. Need a gift? Lithophanes plus LED strips make great lamps, and adding a cheap clock movement adds that little extra something.

Continue reading “Lithophanes Ditch The Monochrome With A Color Layer”

Cheap Multimeter Leads Come With Extra Ohms, Free!

[Nop head] discovered that cheap multimeter leads costing only a few bucks can come with more than one may have bargained for. The first set had a large amount of useful-looking attachments, but the wires used for the leads were steel with a resistance of about one ohm each. With two leads in use, that means any resistance measurement gets two ohms added for free. More seriously, when measuring current, the wires can heat up rapidly. Voltage measurements would be affected the least, but the attachments and lead design expose a large amount of bare metal, which invites accidental shorts and can be a safety hazard with higher voltages.

Are all cheap multimeter leads similarly useless? Not necessarily. [nop head] also purchased the set pictured here. It has no attachments, but was a much better design and had a resistance of only 64 milliohms. Not great, but certainly serviceable and clearly a much better value than the other set.

It’s usually not possible to identify garbage before it’s purchased, but [nop head] reminds us that if you do end up with trash in hand, poor quality counterfeits can be good for a refund. That goes for electronic components, too.

Plastic Model Emulates The First Untethered Spacewalk

Here’s something really wonderful. [Dave Akerman] wrote up the results of his attempt to use a high-altitude balloon to try to re-create a famous image of NASA’s Bruce McCandless floating freely in space with the Earth in the background. [Dave] did this in celebration of the 34th anniversary of the first untethered spacewalk, even going so far as to launch on the same day as the original event in 1984. He had excellent results, with plenty of video and images recorded by his payload.

80’s “Astronaut with MMU” model kit.

Adhering to the actual day of the spacewalk wasn’t the only hurdle [Dave] jumped to make this happen. He tracked down an old and rare “Astronaut with MMU” (Mobile Maneuvering Unit) plastic model kit made by Revell USA and proceeded to build it and arrange for it to remain in view of the cameras. Raspberry Pi Zero Ws with cameras, LoRA hardware, action cameras, and a UBlox GPS unit all make an appearance in the balloon’s payload.

Sadly, [Bruce McCandless] passed away in late 2017, but this project is a wonderful reminder of that first untethered spacewalk. Details on the build and the payload, as well as the tracking system, are covered here on [Dave]’s blog. Videos of the launch and the inevitable balloon burst are embedded below, but more is available in the summary write-up.

Continue reading “Plastic Model Emulates The First Untethered Spacewalk”

Spectre And Meltdown: How Cache Works

The year so far has been filled with news of Spectre and Meltdown. These exploits take advantage of features like speculative execution, and memory access timing. What they have in common is the fact that all modern processors use cache to access memory faster. We’ve all heard of cache, but what exactly is it, and how does it allow our computers to run faster?

In the simplest terms, cache is a fast memory. Computers have two storage systems: primary storage (RAM) and secondary storage (Hard Disk, SSD). From the processor’s point of view, loading data or instructions from RAM is slow — the CPU has to wait and do nothing for 100 cycles or more while the data is loaded. Loading from disk is even slower; millions of cycles are wasted. Cache is a small amount of very fast memory which is used to hold commonly accessed data and instructions. This means the processor only has to wait for the cache to be loaded once. After that, the data is accessible with no waiting.

A common (though aging) analogy for cache uses books to represent data: If you needed a specific book to look up an important piece of information, you would first check the books on your desk (cache memory). If your book isn’t there, you’d then go to the books on your shelves (RAM). If that search turned up empty, you’d head over to the local library (Hard Drive) and check out the book. Once back home, you would keep the book on your desk for quick reference — not immediately return it to the library shelves. This is how cache reading works.

Continue reading “Spectre And Meltdown: How Cache Works”

ASLR^CACHE Attack Defeats Address Space Layout Randomization

Researchers from VUSec found a way to break ASLR via an MMU sidechannel attack that even works in JavaScript. Does this matter? Yes, it matters. A lot. The discovery of this security flaw along with the practical implementation is really important mainly because of two factors: what it means for ASLR to be broken and how the MMU sidechannel attack works inside the processor.

Address Space Layout Randomization or ASLR is an important defense mechanism that can mitigate known and, most importantly, unknown security flaws. ASLR makes it harder for a malicious program to compromise a system by, as the name implies, randomizing the process addresses when the main program is launched. This means that it is unlikely to reliably jump to a particular exploited function in memory or some piece of shellcode planted by an attacker.

Breaking ASLR is a huge step towards simplifying an exploit and making it more reliable. Being able to do it from within JavaScript means that an exploit using this technique can defeat web browser ASLR protection running JavaScript, the most common configuration for Internet users.

ASLR have been broken before in some particular scenarios but this new attack highlights a more profound problem. Since it exploits the way that the memory management unit (MMU) of modern processors uses the cache hierarchy of the processor in order to improve the performance of page table walks, this means that the flaw is in the hardware itself, not the software that is running. There are some steps that the software vendors can take to try to mitigate this issue but a full and proper fix will mean replacing or upgrading hardware itself.

In their paper, researchers reached a dramatic conclusion:

Continue reading “ASLR^CACHE Attack Defeats Address Space Layout Randomization”