USB + μC = Peril?

You hear about people finding USB drives and popping them into a computer to see what’s on them, only to end up loading some sort of malware onto their computer. It got me to thinking, given this notorious vulnerability, is it really a great idea to make electronics projects that plug into a computer’s USB port? Should I really contribute to the capitulation-by-ubiquity that USB has become?

A of couple years ago I was working on an innocuous project, a LED status light running off of USB. It ran off USB because I had more complicated hopes for it–some vague notion about some kind of notification thing and also it was cool to have access to 5 V right from the ‘puter. This was about the time that those little RGB LEDs connected to USB were all the rage, like blink(1), which raised $130,000 on Kickstarter. I just wanted to make a status light of some sort and had the parts, so I made it.

My version was a small rectangular PCB from OSHPark packing a Tiny85, with a 10 mm RGB LED providing pretty much all of the functionality — no spare pins broken out. Honestly, for the amount of code on it, even the Tiny85 was overpowered. I recall thinking at the time, could my creation be misused for evil? Could some wicked programmer include malware alongside my LED-lighting Arduino sketch?

It’s absurd, of course. My meager engineering skills ought not interest anyone. On the other hand, couldn’t some heartless poltroon, the hardware equivalent of a script kiddie, make my creation into a malware-spewing Typhoid Mary of a project? It has always been the realistic consequence of building anything–that it could be misused. I’d be thrilled to the point of giddiness if someone remade one of my projects into something cool, but I’d really hate for a USB light I designed to turn into some vector into someone’s computer. But how much of that is my responsibility?

If you think I’m the only one who thinks this, go to SparkFun or Adafruit and count all of the boards with microcontrollers and USB A male plugs. Even the tiny boards like the Huzzah and Gemma use USB cables, rather than plugging directly into the computer. Granted, they are microcontrollers that realistically would be connected to a project and it might not be possible to physically move them into position and plug them in. Also requiring a charging cable does not in any way make a microcontroller board work any differently than one plugged right into the computer. I’m left wondering if I’m spazzing out over nothing, and there’s nothing we can do about our tendency to treat any electronic gizmo with a shiny case as being safe to plug into the same computer we use to pay bills.

If there is no data transfer taking place, and I’m just getting power, wouldn’t it be enough to disable (or not connect) the data pins of the USB on the circuit board? Or maybe we really have no business connecting a data connection to a microcontroller if we’re not reflashing the chip with fresh code–think I’m paranoid? Maybe you should just get power from a wall wart and leave the USB cord in the drawer. It’s one thing to urge our friends and family to steer clear of mystery plugs, but as engineers and tinkerers, do we not owe the community the benefit of our knowledge?

Of course, Hackaday contains numerous examples of USB projects, including canary for USB ports, tips on protecting your ports with two microcontrollers, a guide to stopping rubber ducky attacks, and removing security issues from untrusted USB connections. Also, has anyone used the USB condom?

Friends, let me know your thoughts on the subject. Am I a freak to steer clear of USB-powered project like my dumb LED? Leave your comments and weigh in with your opinions.

Lethal LED Lantern Leaks Lotsa ‘Leccy

When you take an item with you on a camping trip and it fails, you are not normally in a position to replace it immediately, thus you have the choice of fixing it there and then, or doing without it. When his LED camping lantern failed, [Mark Smith] was in the lucky position of camping at a friend’s compound equipped with all the tools, so of course he set about fixing it. What he found shocked him metaphorically, but anyone who handles it while it is charging can expect the more literal variation.

The lamp was an LED lantern with built-in mains and solar chargers for its Ni-Cd battery pack, and a USB charger circuit that provided a 5 volt output for charging phones and the like. The problem [Mark] discovered was that the mains charger circuit did not have any mains isolation, being a simple capacitive voltage dropper feeding a rectifier. These circuits are very common because they are extremely cheap, and are perfectly safe when concealed within insulated mains-powered products with no external connections. In the case of [Mark]’s lantern though the USB charging socket provided that external connection, and thus access to a potential 120 VAC shock for anyone touching it while charging.

Plainly this lamp doesn’t conform to any of the required safety standards for mains-powered equipment, and we’re guessing that its design might have come about by an existing safe lamp being manufactured with an upgrade in the form of the USB charger. The write-up gives it a full examination, and includes a modification to safely charge it from a wall-wart or similar safe power supply. Definitely one to watch out for!

If you were wondering what the fault was with Mark’s lamp, it was those cheap NiCd batteries failing. He replaced them, but there are plenty of techniques to rejuvenate old NiCds, both backyard, and refined.

Sort Out Chemical Storage For Your Shop

There is one constant in the world of hardware hacker’s workshops, be they a private workshop in your garage or a public hackspace, and it goes something like this:

Everybody’s a safety expert in whatever it is they are working with, right up until the accident.

In other words, it is very tempting to harbour a cavalier attitude to something that either you are familiar with or the hazards of which you do not understand, and this breeds an environment in which mishaps become a distinct possibility.

As hardware people, we are familiar with basic tool safety or electrical safety. The chances are that we’ve had it drummed into us at some time in our growing up, by a lab supervisor, a workshop teacher, or a parent. That you as readers and I as writer have survived this long is testament enough to the success of that education. But what about those areas in which we may not have received such an education, those things which we either encounter rarely or seem harmless enough that their safety needn’t be our concern? Chemicals, for example: everything from glue through solvents and soldering consumables to PCB chemicals and even paint. It all seems safe enough, what could possibly go wrong? The answer to that question is probably something most of us would prefer never to find out, so it’s worth looking in to how a well-run workshop can manage its chemicals in as safe a manner as possible.

Continue reading “Sort Out Chemical Storage For Your Shop”

Adding a Riving Knife for Table Saw Safety

What in the world is a riving knife? Just the one thing that might save you from a very bad day in the shop. But if your table saw doesn’t come with one, fret not — with a little wherewithal you can add a riving knife to almost any table saw.

For those who have never experienced kickback on a table saw, we can assure you that at a minimum it will set your heart pounding. At the worst, it will suck your hand into the spinning blade and send your fingers flying, or perhaps embed a piece of wood in your chest or forehead. Riving knives mitigate such catastrophes by preventing the stock from touching the blade as it rotates up out of the table. Contractor table saws like [Craft Andu]’s little Makita are often stripped of such niceties, so he set about adding one. The essential features of a proper riving knife are being the same width as the blade, wrapping closely around it, raising and lowering with the blade, and not extending past the top of the blade. [Craft Andu] hit all those points with his DIY knife, and the result is extra safety with no inconvenience.

It only takes a few milliseconds to suffer a life-altering injury, so be safe out there. Even if you’re building your own table saw, you owe it to yourself.

Continue reading “Adding a Riving Knife for Table Saw Safety”

Ask Hackaday: SawStop — Bastion of Safety or Patent Troll

At first glance, SawStop seems like a hacker’s dream. A garage tinkerer comes up with a great idea, builds a product around it, and the world becomes a better place. As time has gone on, other companies have introduced similar products. Recently, SawStop successfully stopped Bosch from importing saws equipped with their Reaxx safety system into the USA. This not only impacts sales of new saws, but parts for existing equipment. Who gets screwed here? Unfortunately, it’s the owners of the Bosch saws, who now have a safety feature they might not be able to use in the future. This has earned some bad press for SawStop in forums and on websites like Reddit, where users have gone as far as to call SawStop a patent troll. Is that true or just Internet puffery? Read on and decide for yourself.

Continue reading “Ask Hackaday: SawStop — Bastion of Safety or Patent Troll”

Hackaday Prize Entry: Safety Glasses Are Also Hands-Free Multimeter

It seems like the multimeter is never easy to see during a project. Whether it’s troubleshooting a vehicle’s electrical system and awkwardly balancing the meter on some vacuum lines and the intake manifold, or installing a new solar panel and hoping the meter doesn’t fall on the ground while the leads are in both hands, it seems like there’s never a good way to see the meter while actually using it. Some meters have a small magnet and strap that can be used to hang them temporarily, but this will only get you so far.

[Alain Mauer]’s entry into the Hackaday Prize looks to solve this glaring problem. Using a heads-up Bluetooth display mounted to a pair of safety glasses, a multimeter can be connected to the device in order to display its information directly to its user. Based on his original idea which used a normal pair of prescription glasses as its foundation, [Alain]’s goal is to reduce safety hazards that might arise when using a multimeter in an awkward or dangerous manner that might not otherwise be possible.

The device uses an Arduino Pro Micro to connect to the multimeter and drive the display. [Alain] notes that the real challenge is with the optical system, however. Either way though, this would be a welcome addition to any lab, workspace, or electrician’s toolbox. Be sure to check out the video of it in action after the break.

Continue reading “Hackaday Prize Entry: Safety Glasses Are Also Hands-Free Multimeter”

Exoskeleton Aims to Prevent Falls for Seniors

When we think of exoskeletons, we tend to think along comic book lines: mechanical suits bestowing superhero strength upon the villain. But perhaps more practical uses for exoskeletons exists: restoring the ability to walk, for instance, or as in the case of these exoskeleton shorts, preventing hip fractures by detecting and correcting falls before they happen.

Falls and the debilitating injuries that can result are a cruel fact of life for the elderly, and anything that can potentially mitigate them could be a huge boon to public health. Falls often boil down to loss of balance from slipping, whether it be a loose rug, a patch of ice, or even the proverbial banana peel. The “Active Pelvic Orthosis” developed by [Vito Monaco] and colleagues seeks to sense slips and correct them by applying the correct torque to the hip joints. Looking a little bulky in their prototype form and still tethered to an external computer, the shorts have motors with harmonic drives and angle sensors for each hip, plus accelerometers to detect the kinematic signature of a slip. The researchers discovered that forcing the leg that slipped forward while driving the stable leg back helped reduce the possibility of a fall. The video below shows the shorts in action preventing falls on a slip-inducing treadmill.

At the Hackaday Unconference in Pasadena, we heard from [Raul Ocampo] on his idea for autonomous robots to catch falling seniors. Perhaps wearing the robot will end up being a better idea.

Continue reading “Exoskeleton Aims to Prevent Falls for Seniors”