Series of Tubes

2 Articles

3D Printing A Piano Action

November 13, 2025 by 14 Comments

Part of the reason there are always free pianos on your digital classifieds listing of choice is that, at least economically speaking, a piano is less of a musical instrument and more of a complicated machine that can and will wear out (not to mention the physical difficulty of actually moving one). Once a piano reaches that point, whether through age, use, or neglect, at that point it’s to intents and purposes worthless. But still, they’re essentially just machines. [Toast] figured that, since 3D printers not only can print all kinds of other machines and musical instruments alike, he would take a stab at combining these two and made his own 3D printed piano.

A piano’s action is the mechanical linkage between the keys and the strings of the piano themselves. Over many hundreds of years this has developed into a complicated series of levers which not only rapidly strike strings when a key is pressed, but also mute the strings while the key is not being pressed and strike the strings in a way that the hammer won’t be pressed into the strings if the player leaves their finger on a key. Rather than try to recreate all of this in meticulous detail, [Toast] has swapped out the strings for a series of tubes which, unlike strings, do not much change their musical behavior if the hammer remains on the tube after being struck. This greatly simplifies the action (and cost) of his miniature piano.

The piano works by positioning hammers above these tubes, which strike downwards when a musician depresses the keys. Rubber bands return the hammers to their upright positions after the key is lifted. The instrument went through a few stages of design as well where [Toast] refined the size and shape of the tubes as well as improved the way by which the hammers are attached to the keys.

Is it still a piano if it has pipes instead of strings? Perhaps, but at the very least we can all agree that he’s built a working keyboard action capable of producing music, if not an outright definitionally-accurate piano. It’s an interesting build that we hope to see more iterations of in the future, if not to build a more functionally accurate 3D printed piano action then to see what is possible from a 3D printer in the piano space. Despite their complexity and weight, pianos are a fundamental and popular instrument in the Western music tradition and we’ve seen many interesting builds around them like this modern player piano built with a series of solenoids. Continue reading “3D Printing A Piano Action”

This Week In Security: John Deere, ProxyLogin Detailed, And Pneumatic Tubes

August 13, 2021 by 14 Comments

We’ve covered the right-to-repair saga, and one of the companies that have become rather notorious is John Deere. The other side to the poorly managed interconnected mess is security issues. There’s a certain irony to how this story started: Somebody noticed that John Deere equipment didn’t have any CVEs at all. A normal person might think that this must mean their products are super secure, but a security researcher knows that something more interesting is afoot. Our old friends [Sick Codes], [John Jackson], and a host of others saw this as a sure sign that there were plenty of vulnerabilities to be found, and it seems they were correct.

Remote Access and Code from 2014…

Vulnerabilities included a handful of cross-site scripting attacks, an authentication bypass via request smuggling, misconfigured security, SQL injections, RCEs and more. Put together, these vulnerabilities allowed for full control of the John Deere system, including the ability to manipulate all the equipment connected to the system.

During the Defcon presentation, linked below, [Sick Codes] recalled the moment when they realized they were working on an important problem. Rather than complain about not getting paid for the vulnerabilities found, a contributor simply noted that he valued having food to eat. A coordinated attack on JD equipment could cause big problems for a bunch of farms across a country.

They ended up contacting CISA, due to a lack of serious response from the vendors. CISA took the threat seriously, and the problems starting getting fixed. This isn’t a problem limited to one company. Case had similar issues that have also been fixed, and it was implied that other vendors have similar problems that are still in the process of being addressed. Continue reading “This Week In Security: John Deere, ProxyLogin Detailed, And Pneumatic Tubes”