MIDI Harp Looks Pretty Sharp

[Julien] is one of those cool dads who shows his love with time invested rather than money spent. His daughter plays the harp, and you would not believe the price of concert harps. Even the cheap ones are several thousand USD. So naturally, he decided he would build her a MIDI concert harp from the ground up.

This plucky work in progress uses a strain gauge and an AD620 amplifier on every string to detect the tension when plucked. These amplifiers are connected to Arduinos, with an Arduino every nine strings. The Arduinos send MIDI events via USB to a Raspberry Pi, which is running the open synth platform Zynthian along with Pianoteq.

The harp is strung with guitar strings painted with silver, because he wanted capacitive touch support as well. But he scrapped that plan due to speed and reliability issues. Strain past the break to check out a brief demo video.

[Julien] used strings because he wanted to anchor the harpist in tactility. But you’re right; many if not most MIDI harps use lasers.

Posted in Arduino Hacks, harp, midi, MIDI harp, musical hacks, pianoteq, Raspberry Pi, strain gauge, zynthian | Leave a comment

A Custom Milled Jig for Smart Bulb Programming

Who would have thought that some day we’d need programming jigs for our light bulbs? But progress marches on, and as there’s currently a number of affordable Internet-controlled bulbs powered by the ESP8266 on the market, we’re at the point where a tool to help update the firmware on the light over your kitchen sink might be something nice to have. Which is why [cperiod] created this programming jig for AiLight smart bulbs.

Flashing the AiLight bulbs is easy enough, there’s a series of test points right on the face of the PCB that you can hook up to. But if you’re updating more than one of them, you don’t want to have to solder your programmer up to each bulb individually. That’s where the jig comes in. [cperiod] says there are already some 3D printed designs out there, but they proved to be a bit finicky.

The design that [cperiod] came up with and eventually milled out on a 1610 CNC router is quite simple. It’s effectively just a holder to keep the five pogo pins where they need to be, and a jumper that lets you toggle the chip’s programming mode (useful for debugging).

The neat trick here are the “alignment pins”, which are actually two pieces of 14 gauge copper wire that have had their ends rounded off. It turns out these will slip perfectly into holes on the AliLight PCB, ensuring that the pogo pins end up on target. It works well enough that you can hold the bulb and jig in one hand while programming, it just needs a little downwards pressure to make good contact.

We’ve previously seen how easily you can replace the firmware on some of these ESP8266 bulbs. While there’s certainly a downside to these bulbs being so simple to modify, it’s hard to deny their hackability makes them very appealing for anyone looking to roll their own network-controlled lighting system.

Posted in ESP8266, led hacks, milled pcb, Pogo pin, programming jig, Smart Bulb, tool hacks | Leave a comment

Perfecting a Bluetooth N64 Controller

Love it or hate it, the Nintendo 64 controller doesn’t seem to be going anywhere. Dedicated fans are still looking for ways to use the unique trilobed controller with modern systems, and they won’t be satisfied until they perfectly replicate the original experience. [Shyri Villar] has been working on perfecting a blend of original and modern hardware that looks very promising.

The project started when [Shyri] found that you could take the internals from a modern third party Bluetooth N64 controller made by 8BitDo and put them into the original controller’s case. This would give you the original buttons back, and overall a more authentic weight and feel. Unfortunately, this usually means dumping the original N64 joystick for the 8BitDo’s.

What [Shyri] wanted to do was install the 8BitDo PCB into an original N64 controller, but adapt Nintendo’s joystick to communicate with it. Unfortunately, since the original joystick used optical encoders and the 8BitDo version uses potentiometers, there’s something of a language gap.

To bridge the divide, both the X and Y dimensions of the joystick get their own PIC12F675 microcontroller and X9C103S digital potentiometer. The microcontrollers read the X and Y values from the original joystick’s encoders, and use the digital potentiometers to provide the 8BitDo with the expected analog input. Right now the electronics are held on two scraps of perfboard tucked into the side “wings” of the controller, but hopefully we’ll see a custom PCB in the future.

If you’re more interested in going back in time with your trusty N64 controller, then you might be interested in learning more about how one hacker managed to hook it up to the MSX.

Posted in bluetooth, controller, digital potentiometer, n64, nintendo 64, nintendo hacks, peripherals hacks, PIC12F675, retrogaming | Leave a comment

Cruising GitHub For Slack Webhook Tokens

GitHub is an incredibly powerful tool for sharing source code, and its value to the modern hacker can’t be overstated. But there’s at least one downside to effortlessly sharing your source: it’s now much easier for the whole world to find out when you screw up. Back in the day, if you accidentally left a username or password in a tarball hosted on your site, you could pull it down before anyone noticed. But push something like that up to GitHub, and you’ve got a problem on your hands.

For an example, look no farther than this tool that crawls GitHub for Slack webhooks written by [Michele Gruppioni]. Exploiting the fact that Slack webhook links have a predictable format, the tool searches repositories to find code that erroneously includes the authentication token. With the token in hand, an attacker now has the ability to send unsolicited messages into that channel.

But [Michele] restrained himself and didn’t Rickroll the over 6,500 Slack channels he had access to after searching GitHub with his tool. Instead, he sent them all a friendly message explaining their webhook tokens were available on GitHub, and gave them a link to where they could get more information about his project.

Most of the people who contacted him after the fact appreciated that he sent a gentle warning and not something unsavory. Still, we’d recommend caution to anyone looking to expose a vulnerability in this manner. While [Michele] had honorable intentions, it’s certainly not unheard of for an embarrassed administrator to blame the messenger.

When used properly, webhooks can be a very handy way of pushing data into your chat platform of choice. We’ve previously looked at a practical example of a weather station that pushes current conditions into a Discord channel. Just try not to accidentally commit your authentication token to the world’s largest database of open source projects, or you might receive more than you bargained for.

Posted in credentials, github, security hacks, slack, Software Development, token, webhook | Leave a comment

An (Almost) Free Apollo-Era Rocket

According to recent news reports, NASA’s Marshall Space Flight Center in Huntsville Alabama wants to give away a piece of history — an engineering test article of a Saturn I Block I booster. The catch? You’ll need to pay to haul it off, which will cost about $250,000. According to C|Net, the offer appears to be for museums and schools, but it’s likely that price tag would probably scare most private buyers off anyway.

On the other hand, if you are a museum, library, school, or university, you can score cheap or free NASA stuff using their GSAXcess portal. In general, you do have to pay shipping. For example, a flexible thermal blanket from the shuttle costs $37.28. A heat tile runs about $25.

The picture, by the way, is a 1965 shot of a test article at MSFC, so it is possible it is the very one that is up for grabs. You wouldn’t think there would be too many test articles still laying around from that era, so this is something of a rarity.

If you really want to buy old NASA gear — or possibly useful gear from other agencies — the GSA has several methods to take your money. A quick search on GSA Auctions found some sort of NASA control panel that was already up to about $1,300. On the other hand, a lot of two oscilloscopes (a Fluke and a Tektronix 425) was only up to $25. You can even buy a lighthouse, if you really want one.

Even though we’ve reported on the death of surplus, it is still around if you know where to look. While you might not find obsolete Russian tunnel diodes in a US gov’t auction, you might just find what you need. If what you need is a rocket engine.

Thanks for the tip [Allen M.]

Posted in nasa, news, rocket, Saturn, space, surplus | Leave a comment

This Week in Security: Black Hat, DEF CON, and Patch Tuesday

Blackhat and DEF CON both just wrapped, and Patch Tuesday was this week. We have a bunch of stories to cover today.

First some light-hearted shenanigans. Obviously inspired by Little Bobby Tables, Droogie applied for the vanity plate “NULL”. A year went by without any problems, but soon enough it was time to renew his registration. The online registration form refused to acknowledge “NULL” as a valid license plate. The hilarity didn’t really start until he got a parking ticket, and received a bill for $12,000. It seems that the California parking ticket collection system can’t properly differentiate between “NULL” and a null value, and so every ticket without a license plate is now unintentionally linked to his plate.

In the comments on the Ars Technica article, it was suggested that “NULL” simply be added to the list of disallowed vanity plates. A savvy reader pointed out that the system that tracks disallowed plates would probably similarly choke on a “NULL” value.

Hacking an F-15

In a surprising move, Air Force officials brought samples of the Trusted Aircraft Information Download Station (TADS) from an F-15 to DEF CON. Researchers were apparently able to compromise those devices in a myriad of ways. This is a radical departure from the security-through-obscurity approach that has characterized the U.S. military for years.

Next year’s DEF CON involvement promises to be even better as the Air Force plans to bring researchers out to an actual aircraft, inviting them to compromise it in every way imaginable.

Patch Tuesday

Microsoft’s monthly dump of Windows security fixes landed this week, and it was a doozy. First up are a pair of remotely exploitable Remote Desktop vulnerabilities, CVE-2019-1222 and CVE-2019-1226. It’s been theorized that these bugs were found as part of an RDP code review launched in response to the BlueKeep vulnerability from earlier this year. The important difference here is that these bugs affect multiple versions of Windows, up to and including Windows 10.

What the CTF

Remember Tavis Ormandy and his Notepad attack? We finally have the rest of the story! Go read the whole thing, it’s a great tale of finding something strange, and then pulling it apart looking for vulnerabilities.

Microsoft Windows has a module, MSCTF, that is part of the Text Services Framework. What does the CTF acronym even stand for? That’s not clear. It seems that CTF is responsible for handling keyboard layouts, and translating keystrokes based on what keyboard type is selected. What is also clear is that every time an application builds a window, that application also connects to a CTF process. CTF has been a part of Microsoft’s code base since at least 2001, with relatively few code changes since then.

CTF doesn’t do any validation, so an attacker can connect to the CTF service and claim to be any process. Tavis discovered he could effectively attempt to call arbitrary function pointers of any program talking to the same CTF service. Due to some additional security measures built into modern Windows, the path to an actual compromise is rather convoluted, but by the end of the day, any CFT client can be compromised, including notepad.

The most interesting CFT client Tavis found was the login screen. The exploit he demos as part of the write-up is to lock the computer, and then compromise the login in order to spawn a process with system privileges.

The presence of this unknown service running on every Windows machine is just another reminder that operating systems should be open source.

Biostar 2

Biostar 2 is a centralized biometric access control system in use by thousands of organizations and many countries around the globe. A pair of Israeli security researchers discovered that the central database that controls the entire system was unencrypted and unsecured. 23 Gigabytes of security data was available, including over a million fingerprints. This data was stored in the clear, rather than properly hashed, so passwords and fingerprints were directly leaked as a result. This data seems to have been made available through an Elasticsearch instance that was directly exposed to the internet, and was found through port scanning.

If you have any exposure to Biostar 2 systems, you need to assume your data has been compromised. While passwords can be changed, fingerprints are forever. As biometric authentication becomes more widespread, this is an unexplored side effect.

Posted in blackhat, computer hacks, DEF CON, Hackaday Columns, news, security hacks, This Week in Security | Leave a comment

Electric Vehicles on Ice

This winter, a group of electric vehicle enthusiasts, including [Dane Kouttron], raced their homemade electric go-karts on the semi-frozen tundra nearby as part of their annual winter tradition. These vehicles are appropriately named Atomic Thing and Doom Sled, and need perfect weather conditions to really put them to the test. You want a glass-like race track but snowfall on ice freezes into an ice-mush intermediate that ends up being too viscous for high-speed ice vehicles. The trick is to watch for temperatures that remain well below zero without snow-like precipitation.

The group is from the community makerspace out of MIT known as MITERS and already have EV hacking experience. They retrofitted their VW Things vehicle (originally built for a high speed electric vehicle competition) to squeeze even more speed out of the design. Starting out with an 8-speed Shimano gearbox and a 7kW motor, they assembled a massive 24S 10P battery out of cylindrical A123 cells salvaged from a Prius A123 Hymotion program. This monster operates at 84V with a 22AH capacity, plenty for power for the team to fully utilize the motor’s potential.

The battery is ratchet strapped to the back of the Atomic Thing to provide more traction on the ice. It must feel just like riding on top of a different kind of rocket.

They tried using ice skates in the front of the Atomic Thing, but the steering was difficult to control over rough ice. Studded solid tires perform quite well, resulting in less jarring movement for the driver. Doom Sled is a contraption built from a frame of welded steel tube and a mountainboard truck with ice skate blades for steering. The motor — a Motenegy DC brush [ME909] — was salvaged from a lab cleanout, transferring power to the wheels through a chain and keyed shaft. The shaft-to-wheel torque was duly translated over two keyed hub adapters.

Doom Sled with seat strapped on

The crew fitted a seat from a longscooter and made a chain guard from aluminum u-channel to keep the flying chain away from the driver’s fingers. The final user interface includes a right-hand throttle and a left-hand “electric brake” (using resistors to remove the stored energy quickly to combat the enormous inertia produced by the vehicle).

Overall, ice racing was a success! You can see the racing conditions were just about perfect, with minimal ice mush on the lake. Any rough patches were definitely buffered smooth by the end of the day.

Posted in classic hacks, electric vehicles, ice, ice skating, massachusetts, MITERS, racing, transportation hacks | Leave a comment

Turning A Sony into a Leica Through Extreme Camera Modding

The quality of a photograph is a subjective measure depending upon a multitude of factors of which the calibre of the camera is only one. Yet a high quality camera remains an object of desire for many photographers as it says something about you and not just about the photos you take. [Neutral Gray] didn’t have a Leica handheld camera, but did have a Sony. What’s a hacker to do, save up to buy the more expensive brand? Instead he chose to remodel the Sony into a very passable imitation.

This is a Chinese language page but well worth reading. We can’t get a Google Translate link to work, but in Chrome browser, right clicking and selecting “translate” works. If you have a workaround for mobile and other browsers please leave a comment below.

The Sony A7R is hardly a cheap camera in the first place, well into the four-figure range, so it’s a brave person who embarks on its conversion to match the Leica’s flat-top aesthetic. The Sony was first completely dismantled and it was found that the electronic viewfinder could be removed without compromising the camera. In a bold move, its alloy housing was ground away, and replaced with a polished plate bearing a fake Leica branding.

Extensive remodelling of the hand grip with a custom carbon fibre part followed, with significantly intricate work to achieve an exceptionally high quality result. Careful choice of paint finish results in a camera that a non-expert would have difficulty knowing was anything but a genuine Leica, given that it is fitted with a retro-styled lens system.

We’re not so sure we’d like to brace Leica’s lawyers on this side of the world, but we can’t help admiring this camera. If you’re after a digital Leica though, you can of course have a go at the real thing.

Thanks [fvollmer] for the tip.

Posted in classic hacks, digital camera, digital cameras hacks, fake, leica, sony | Leave a comment

Fire Breathing N64 Puts Blast Processing In The Shade

Consoles over the years have innovated, bringing new features and experiences with each subsequent generation. Rumble, motion controls and more recently VR have all come to the fore as companies vie for supremacy in the marketplace. Nobody’s really had the guts to tackle fire, though. Until now.

The case and spinning logo alone would have made the front page; the fire is simply next level. Our parents were always telling us to sit further from the TV… and now we know why.

The build is based on the Nintendo 64. The motherboard is removed from the original case, and fitted to a sheet metal enclosure of impressive craftsmanship. This allows the fitment of the machine’s party piece — twin jets of flame, triggered by an extra button on the controller. There’s also a spinning N64 logo built into the front of the case, backlit in a foreboding red — hinting to the player that this is no regular console.

The console is capable of shooting flames up to 4 feet long, and if you have to ask why, you’re likely on the wrong website. We’d love to see the jets triggered by rumble, ideally on a per player basis — making bouts of Mario Kart and Smash Brothers more perilous than ever.

As it turns out, fire’s also a great way to visualise sound waves. Video after the break.

[Thanks to marcelvarallo for the tip!]

Posted in nintendo hacks | Leave a comment

LED Driver Board Could Be Your Ticket To FPGA Development

Microcontrollers are a great way to learn about developing for embedded systems. However, once you outgrow their capabilities, FPGAs bring muscle that’s hard for even the fastest-clocked micros to match. If you’re doing anything with high-speed signals, loads of RAM, or something that requires lots of parallel calculation, you can’t go past FPGAs. Dev boards can be expensive, but there are alternatives. There’s a nifty project on Github trying to repurpose commodity hardware into a useful FPGA development platform.

Chubby75 is a project to reverse engineer the RV901T LED “Receiver Card”. This device is used to receive signals over Ethernet, and clock data out to large LED displays. This sort of work is highly processor intensive for microcontrollers, but a cinch for FPGAs to manage. The board packs a user-reprogrammable Spartan 6 FPGA, along with twin Gigabit Ethernet ports and 64MB of SDRAM. Thanks to the fact that its firmware is not locked down, it has the potential to be repurposed into all manner of other projects. The boards are available for under $30 USD, making them a prime target for thrifty hackers.

Thus far, the team have begun poring through the hardware documentation and are looking to develop a toolchain to allow the boards to be easily reprogrammed. With the right tools, these boards could be the next thing in cheap FPGAs, taking over when the Pano Logic thin clients become thin on the ground.

[Thanks to KAN for the tip!]

Posted in fpga, led, LED display | Leave a comment