Showing posts with label Hardware. Show all posts
Showing posts with label Hardware. Show all posts

Thursday, April 23, 2020

Taming an AnyCubic Kossell Pulley 3D Printer

Quick post to note how I got my Anycubic Kossel Pulley basically working.  It took me forever to find how to do some of this, and I know I will forget it if I do not write it down.

  • Use DaHai's configuration video for starters.
    • Upgrade the firmware to Marlin 1.1.9.  I ended up using 1.1.9.1 as of this writing.
    • Use DaHai's files and modify them to work with stock Steppers.  Use Arduino IDE to load the firware after replacing Configuration.h and Configuration_adv.h (which I did not make changes to).  Here are the changes I made to his Configuration.h:
      • Line 624-626: Change these from his upgraded TMC2130_STANDALONE to stock A4988
      • Line 705: I got crazy loud stuttering when first descending to the bed during a print.  Lower this to get rid of that.
      • Line 868: I and several people online have measured and gotten good resulting prints with the Type 2 Probe Offset at -15.88
      • Line 938 to 940: These need to be true for stock steppers.  DaHai's steppers did not need to be inverted.
      • Line 1358-1364: Define your temperature presets. I have used PETG to great success with a preheat of 70C for the bed and 230C for the hotend.  This rises to print at 80C and 245C respectively during the print.
    • When following the leveling instructions, the video shows a "Set Delta Height" option that is absent in the version of the firmware I loaded.  This caused me no end of headaches later when the method of subtracting the bed distance from both the Z-Height and Probe Offset produced weird math and never worked properly.  Instead, I ran auto-calibration, saved the settings, then:
      • Noted my Z after going to Prepare -> Auto Home
      • Brought the nozzle to the bed using Prepare -> Move Axis -> Move Z until a business card wouldn't move when squished between the axis and the bed.  I then noted the height
      • Changed my Z height only by this amount by subtracting the number from the Z height, and a negative Z Height is thus added.
      • Saved and Auto Homed
      • Set my Probe Offset to 15.88 per recommendations online.
      • Checked it again and only touched the Z Height when it was off.  Repeat the Z height move if this is still not right.
  • With the printer calibrated, it was time to print.  I just used Cura because I couldn not get Slic3r or Pronterface to work easily.  Cura does not have the Kossel in it by default, but it can be easily added.  JDHarris on Thingiverse even shared the configuration file they made which can be picked up by Cura after a restart.
  • I printed with PETG which has a high temp but no fumes.  I found hairspray for adhesion worked best thanks to several awesome tips by people connected with the PDX hacker community.  Thanks all!
After this, it just worked and keeps working.  It's magical what a little math and open source firmware will do.  That being said, it's my first printer.  It is bound to break in ways I can't even imagine now.  First order of business?  Print things that make the printer better, as is tradition.

Update: Not all is well in Whoville.  I've developed some Heat Creep with this PETG printing at 245C, and I haven't had the time to troubleshoot it.  Wish me luck!

Sunday, March 24, 2019

The Aviary: Huckleberry

The Aviary, Pg 404

One of the cocktails hailing from The Office, a speakeasy basement bar underneath The Aviary, this seemed simple to assemble with only one bit of complicated machinery: a sous vide.  Also, the presentation alone was intoxicating: a frothy head atop a mauve concoction? Sign me up!


I was able to obtain a chinois at a Goodwill.  The strainer and pestle separates juice from pulp and seeds.  However, the main ingredient is a clove tincture (fancy word for Everclear infused with clove). This required a sous vide as written.  As long as I've heard about them, I have never pulled the trigger on this low temperature wonder-machine (I don't have an instant pot either).  I figured it was time to lay that to rest.

There are plenty of DIY sous vide videos on the internet.  I settled on one that recommended a rice cooker combined with an industrial 110V AC temperature controller instead of a brewer's setup.  The most important part of this setup is the type of heated pot you use.  I couldn't use my crock pot, for example, because it had a digital control.  Every time the power cut off and then back on, it would not return to heating the pot.  My manual-switch rice cooker worked like a charm, however.  Then, for $20 in parts from the hardware store and $20 for the temperature controller on Amazon, I had a safe contraption through which to control my rice cooker and keep a pot of water within 2 degrees of a specific temperature for any length of time (perhaps "safe" is relative; use wire nuts and an electrical box when playing with mains, kids; the picture below shows iteration one with no cover).


The clove tincture was dead simple but extremely smelly.  $1 in bulk cloves and some Everclear got me a half dropper full of the cloviest drops the ever passed your nose. A word of warning: toasting the cloves is a horrendously smokey business.  Do this with a hood on full blast or outside.  We had to open all the windows and run for coffee.  I already had a vacuum sealer so I dumped the toasted cloves into a bag, poured on the alcohol, and dunked it into the rice cooker for an hour.  I decanted the result into an amber bottle with dropper and savored the aroma (which wasn't hard; it was everywhere).


The rest of the recipe was fairly simple.  Huckleberries don't come into season until August, so we went with blackberries from Mexico.  The syrup came together easy with a few gradually finer strainings.  6oz made 166g of juice.  Amaro Averna from Total Wine, Bombay Gin on sale, and Angostura bitters I already had on hand completed the boozy bits.  A quick trip through a shaker came out with a pink foamy pour that gradually separated into mauve and foam.  The bitters and pepper hit our nose, and the herbal hit of the drink completes it.  It's just sweet enough with off-season blackberries to be pleasant without being overpowering.  As we drank, we noticed the colors change and aromas deepen.  Very fun and dynamic drink.



A second round (can't waste syrup, after all) made with vodka toned down the herbal nature.  This will probably be the version I make for myself unless the guests are already gin drinkers.  Too close to 'too much' pine.  A friend suggested ditching the clove and replacing it by painting the glass with Chartreuse.  Either way, this seems to be a reliable cocktail to just have on hand.  Freezing berry syrup during their season in 2oz portions and the huge amount of clove tincture I have left over means it will be quick to assemble with a fun story to tell while we shake it up.

Wednesday, July 25, 2018

Wristband Teardown from Amazon's #FireTVSDCC Event at San Diego Comic Con

A friend returned from San Diego Comic Con 2018 with an RFID bracelet used to track users in the Amazon Fire TV experience (on Twitter, #FireTVSDCC).  This is a teardown of the bracelet after the event.  At this time, I was unable to read from the bracelet.



The bracelet is fairly simple with a cloth band and plastic/paper tab threaded through.  The closure is plastic and one-way.  It bites into and mangles the cloth band if you attempt to remove, but you could probably shim it with tools and practice.  Might be a fun thing for the Tamper Evident Village if it turned out events were trying to use this for access control like plastic self-destructing wristbands.


The back contains a serial number.  I would like to see if this serial number would match the data read off the tag.



Separating the badge by prying them apart, I  spot the prize: an adhesive RFID tag placed between the glossy plastic covers.  It appears to have a model number of "CXJ-040" in the center of the tag.  It uses a circular antenna.  CXJ is the initials of Shenzen manufacturer ChuangxinjiaTheir product pages show many similar wristbands in a few different frequencies.

The tag didn't respond to my Android phone, so it is not a Mifare or similar.  Hopefully I can find a reader at the local Hackerspace or DEF CON 26.

Tuesday, June 12, 2018

Quotes from Dan Kaminsky's Keynote at DEF CON China


Above is Dan Kaminsky's keynote at the inaugural DEF CON China.  It was nominally about Spectre and Meltdown, and I thought it was immediately applicable to testing at all levels.  Here are some moments that jumped out at me:

On Context:

"There's a problem where we talk about hacking in terms of only software...What does hacking look like when it has nothing to do with software." 1:55

"But let's keep digging." Throughout, but especially 5:40

"Actual physics encourages 60 frames per second. I did not expect to find anything close to this when I started digging into the number 60...This might be correct, this might not be. And that is a part of hacking too." 6:10

"Stay intellectually honest as go through these deep dives. Understand really you are operating from ignorance. That's actually your strong point. You don't know why the thing is doing what it is doing...Have some humility as you explore, but also explore." 7:40

"We really really do not like having microprocessor flaws...and so we make sure where the right bits come in, the right bits come out. Time has not been part of the equation...Security [re: Specter/Meltdown] has been made to depend on an undefined element. Context matters." 15:00

"Are two computers doing the same thing?...There is not a right answer to that. There is no one context. A huge amount of what we do in hacking...is we play contexts of one another." 17:50

[Re: Spectre and Meltdown] "These attackers changed time which in this context is not defined to exist...Fast and slow...means nothing to the chip but it means everything to the users, to the administrators, to the security models..." 21:00

"Look for things people think don't matter. Look for the flawed assumptions...between how people think the system works and how it actually does." 35:00

"People think bug finding is purely a technical task. It is not because you are playing with people's assumptions...Understand the source and you'll find the destination." 37:05

"Our hardest problems in Security require alignment between how we build systems, and how we verify them. And our best solutions in technology require understanding the past, how we got here." 59:50

On Faulty Assumptions:

"[Example of clocks running slow because power was not 60Hz] You could get cheap, and just use whatever is coming out of the wall, and assume it will never change. Just because you can doesn't mean you should...We'll just get it from the upstream." 4:15

"[Re: Spectre and Meltdown] We turned a stability boundary into a security boundary and hoped it would work. Spoiler alert: it did not work." 18:40

"We hope the design of our interesting architectures mean when we switch from one context to another, nothing is left over...[but] if you want two security domains, get two computers. You can do that. Computers are small now. [Extensive geeking out about tiny computers]" 23:10

"[RIM] made a really compelling argument that the iPhone was totally impossible, and their argument was incredibly compelling until the moment that Steve Jobs dropped an iPhone on the table..." 25:50

"If you don't care if your work affects the [other people working on the system], you're going to crash." 37:30

"What happens when you define your constraints incorrectly?... Vulnerabilities. ...At best, you get the wrong answer. Most commonly, you get undefined behavior which in the presence of hacking becomes redefinable behavior." 41:35

"It's important to realize that we are loosening the assumption that the developer knows what the system is supposed to do...Everyone who touches the computer is a little bit ignorant." 45:20

On Heuristics

"When you say the same thing, but you say it in a different time, sometimes you're not saying the same thing." 9:10

"Hackers are actually pretty well-behaved. When hackers crash code...it does really controlled things...changing smaller things from the computer's perspective that are bigger things from a human's perspective." 20:25

"Bugs aren't random because their sources aren't random." 35:25

"Hackers aren't modeling code...hackers are modeling the developers and thinking, 'What did [they] screw up?' [I would ask a team to] tell me how you think your system works...I would listen to what they didn't talk about. That was always where my first bugs came from." 35:45

On Bug Advocacy

"In twenty years...I have never seen stupid moralization fix anything...We're engineers. Sometimes things are going to fail." 10:30

"We have patched everything in case there's a security boundary. That doesn't actually mean there's a security boundary." 28:10

"Build your boundaries to what the actual security model is...Security that doesn't care about the rest of IT, is security that grows increasingly irrelevant." 33:20

"We're not, as hackers, able to break things. We're able to redefine them so they can't be broken in the first place." 59:25

On Automation

"The theorem provers didn't fail when they showed no leakage of information between contexts because the right bits went to the right places They just weren't being asked to prove these particular elements." 18:25

"All of our tools are incomplete. All of our tools are blind" 46:20

"Having kind of a fakey root environment seems weird, but it's kind of what we're doing with VMs, it's what we're doing with containers." 53:20

On Testing in the SDLC

"We do have cultural elements that block the integration of forward and reverse [engineering], and the primary thing we seem to do wrong is that we have aggressively separated development and testing, and it's biting us." 38:20

"[Re Penetration Testing]: Testing is the important part of that phrase. We are a specific branch of testers that gets on cooler stages...Testing shouldn't be split off, but it kinda has been." 38:50

Ctd. "Testing shouldn't be split off, but it kinda has to have been because people, when they write code, tend to see that code for what it's supposed to be. And as a tester, you're trying to see it for what it really is. These are two different things." 39:05

"[D]evelopers, who already have a problem psychologically of only seeing what their code is supposed do, are also isolated from all the software that would tell them [otherwise]. Anything that's too testy goes to the test people." 39:30

"[Re: PyAnnotate by @Dropbox] 'This is the thing you don't do. Only the developer is allowed to touch the code.' That is an unnecessary constraint." 43:25

"If I'm using an open source platform, why can't I see the source every time something crashes? ...show me the source code that's crashing...It's lovely." 47:20

"We should not be separating Development and Testing... Computers are capable of magic, and we're just trying to make them our magic..." 59:35

Misc

"Branch Prediction: because we didn't have the words Machine Learning yet. Prediction and learning, of course they're linked. Kind of obvious in retrospect." 27:55

"Usually when you give people who are just learning computing root access, the first thing they do is totally destroy their computer." 53:40 #DontHaveKids

"You can have a talent bar for users (N.B.: sliding scale of computer capability) or you can make it really easy to fix stuff." 55:10 #HelpDesk
"[Re: Ransomware] Why is it possible to have all our data deleted all at once? Who is this a feature for?!... We have too many people able to break stuff." 58:25

Saturday, June 2, 2018

Fixing Ford AC Head Controller Vacuum Problem

The AC on my land yacht (2009 Mercury Grand Marquis) has been in the fritz for a while. Last winter, it gradually stopped switching from max AC/recirculate (a necessary in Vegas), then got stuck on norm AC until it rested on Defrost/Floor. I was able to fix it with some basic troubleshooting, YouTube sleuthing, and two bucks in o-rings.

This shaky yet informative video by Ian Smith helped me diagnose it as a problem with vacuum only. The AC itself was fine. It blows cool air all day long. It just did so at the windshield. It couldn't be the blend-door actuator.

The same video showed me how to diagnose the vacuum problems. The black hose providing vacuum from the engine seemed fine: I was getting 20 inches of vacuum with the car turned on when I hooked up a bleed pump with a gauge (mine came from Harbor Freight, shown in the video). To test the actuators, all I had to do was hook a 'jumper' pipe from black to the other pipes. Each one seemed to hold air, and the actuators sprang to life once again. For the first time in a year, I had cold air blowing from the vents. The problem couldn't be in the lines. I pulled the controller head for a closer look.

The head itself is a bunch of electronics, a control panel, and one removable plate with four solenoids. The vacuum hoses come into this through a manifold, and the head controls trigger the solenoids to route vacuum from the black hose to the others. This triggers different actuators under the dash. Something was amiss in the manifold.

I returned to YouTube looking for rebuild instructions. I found this extremely helpful video from a Chicago mechanic. The solenoids contain an o-ring that dries out, wears out, and loses the ability to hold vacuum. I obtained close to the recommended o-rings from Lowes (#36, 5/16 OD, 3/16 ID, 1/16 thickness) as I was not willing to wait for Amazon. A little Oatey silicone lubricant made the tight squeeze work a little better. I found I had to seat the solenoid heads at least once before total reassembly. It was too difficult to do so at the end and fight with the other small parts at the same time. 45 minutes later, I had full control of my AC restored.

I can't believe it was this simple to fix the controller. I think I was intimidated by the AC (having spent $1500 last year to have the dealer redo the whole system from seals to refrigerant). I didn't want to break anything. A few targeted troubleshooting steps helped assuage any fears of irreparable harm, and now I have a comfortable cabin once again.

Wednesday, November 5, 2014

R00tz Asylum 2014


I took Ethan to the event run in parallel with DEF CON, R00tz Asylum.  I think he had a blast as they covered a lot of traditional hacker topics at multiple levels of complexity.  The highlights are below.

Structure

The event was held in the Crown Theater at the Rio.  It was about a 10 minute walk from DEF CON proper.  The separation was nice as it made for a more quiet and contained experience.  The stage was occupied by a speaker almost all the time.  Spread around the perimeter (mezzanine?) were tables with activities that changed every day.  Kids could choose to listen, play or work on challenges.  Most activities stayed the entire day, though some were more transient.

This setup was advantageous for my son.  He has little ability to focus on any one thing for an extended period of time, so the variety of activities was nice.  Much like its parent conference, R00tz Asylum did well when it focused on hands-on learning.  Toool, Google and Wickr held contests and learning opportunities that pushed attendees and their parents to participate together.  In particular, Ethan loved the puzzles, and I finally got him to solder something.  He did a bang-up job.

Speakers

The speaker experience was less than optimal with a few notable exceptions.  The stand-outs were Gene Bransfield's hilarious "Weaponizing your Pets" and Meredith Patterson's engaging activity "The Telephone Game" about Man-in-the-Middle attacks.  Special mention goes to @muffenboy and Esau Kang for being kid attendees and speakers.  For the rest, it would be good to learn that speaking to children is not the same as speaking to hackers, and most talks were too technical, lacked a hands-on component, and thus ended up being torture for the little ones.  From speaking with the organizers, I can tell this is something they are trying to focus on next year.

The Gift

R00tz Asylum is the opposite of DEF CON in one respect: it relies on sponsors to add pizzazz and to make ends meet.  One of those traditions that may or may not hold in coming years is the gift of a hackable piece of technology to attendees.  This year brought ASUS Chromebooks care of Google.  My son was enthralled, and I spent most of the conference convincing him to get off the Chromebook and out to the activities.  By the end of the conference, we had Linux in addition to Chrome, and we were running Wireshark thanks to perseverance by Joe and Chris, a father/son team.  This effort won Chris a trophy, even.  My son begged me to put Minecraft on there, but then quickly forgot how to get back to it and reformatted his Chromebook undoing all our hard work.  Hats off to Google, and congrats to Chris on the win.

Embedded image permalink

Hardware Hacking

By far, my favorite part of the conference was the Hardware Hacking table.  Not only did the goodie bag include a HakTeam Throwing Star LAN Tap, but a table full of old equipment was available from which attendees could rip apart and salvage components.  The LAN Taps were used in an activity that taught wireshark and packet sniffing.  The hardware component salvage table was exploited for speakers, LEDs, gears and motors for all sorts of toys.  I am definitely bringing projects for Ethan next year.  I already recommended the salvage table to the official DEF CON Hardware Hacking Village.  Las Vegas thrift shops may see a run on their printers, VCRs and routers before next year's conference.

Lock picking

The one talk and table I was surprised that Ethan was interested in was from Toool.  Their interactive 101 talk caught his attention, and we worked on a lock at their companion activity table.  Though he ended up losing interest before successfully opening a lock, it gave me a clue of the type of activity he could do on his own between conferences.

Going Forward

I would definitely recommend any hacker parent to bring their child to R00tz Asylum.  Its expanding and evolving to be a great summer camp weekend that dovetails with the DEF CON experience.  As the organizers ger more experienced, I expect the content to grow and change to fit the kids and their interests.  We all started somewhere, and I hope R00tz is that start for the next generation.  I started a subreddit for R00tz, though it hasn't taken off.

As for Ethan and I, we are preparing a talk on how to hack Skylanders figures.  We hope it will be a fun combination of encryption, hardware hacking and games that will draw the attention of attendees and inspire them to really dig in and explore the technology that is used around them every day.

Monday, August 18, 2014

RadioShack LED Strip Driver

I modified the Pololu RGB LED Strip drivers from version 1.2.0 to support Radio Shack's behind the times model that is 30 LEDs controlled in 3-diode sections.  I had to swap the colors around to match this pinout, and I changed the struct to a class (because why not).

The fix was to physically reorder the declaration of red/gree/blue variables in the struct declaration.  This way, when the information is written to the strip, it is sent in a different (and now correct) order.  You can make the fix yourself by changing the file PololuLedStrip.h:
typedef struct rgb_color  {    
   unsigned char red, green, blue;  
} rgb_color;
becomes:
typedef struct rgb_color  {    
   unsigned char green, blue, red;  
} rgb_color;

And here it is on GitHub: https://github.com/RangerDan/RadioShackTricolorLEDStrip


I should probably talk to Pololu on licensing concerns here.  I found the license from the original driver and copied it into my repo.  I couldn't figure out how to fork this properly, so I just re-uploaded it until I understand git a bit better.

Friday, August 15, 2014

C3BO: Proof of Concept using Timbermanbot Schematic

This post is part of a series about building electro-mechnical PIN-cracking robots, R2B2 and C3BO.



This is a proof of concept for @JustinEngler's C3BO (https://github.com/justinengler/C3BO) using transistor controlled relays. It was prototyped by modifying Blink from the Arduino sample project.

The schematic was obtained from Timbermanbot (https://github.com/vheun/ArduinoPlays...) as seen on Hackaday (http://hackaday.com/2014/07/26/pwning...).

In the video, You'll notice I've replaced the touchpad for your finger with a wire to the headphone jack's ground as the circuit ground. The two pieces of copper tape were no longer sticky enough to stay by themselves, so I am holding them down. They press two and 5 with about 8 key presses per second.

Monday, August 4, 2014

OFBC: Putting it All Together

Note: This is part of the Project Write-up for OFBC: One Fluorescent Beer Coaster

After months of effort, we had a circuit, PCB and shell design to accomplish our goal.  Putting it all together meant solving some unique challenges in the home stretch.  By far the most communal part of the project was finishing the circuit.  Parts were bought by three different people.  It took hours of trial runs and four different nights in my shop to finally get the circuit assembled and ready.  In all, the project taught us to keep moving in spite of obstacles.

Internals

The main obstacle was PCB manufacture.  As detailed in that post, uncooperative copper and etchant lead to abominations not fit for solder.  Drill bits broke in PCBs, holes were misaligned, and traces were torn up as we worked and reworked the boards.  The major blunder was the reversed PCBs, but it was tempered by the lack of polar components.  Only the transistor and MOSFET needed to be adjusted when we realized our mistakes.  The quality checks and encouragement as we worked as a definite plus.  There were several times I wanted to just give up and abandon the project.  Truly, I get by with a little help fro my friends.





After the PCBs were in our hands, the task of soldering all the components was a team effort.  One person ran continuity tests on newly etched boards.  Another bridged scratches and pasted down traces.  Buttons (functional and fake) were inserted and crimped at one station while a fourth person began to solder on components.



That moment of truth when the LED lit up was breathtaking all nine times it happened.  When it, more often than not, didn't work on the first try, the scramble to troubleshoot was a team effort as well.  A loose connection, bad trace or through hole in need of a reflow was rooted out in minutes. I can't describe the feelings from closing the box with nine functional copies of the idea sketched out on a picnic table the year before.

Externals

Shell manufacture forced choices between what we wanted versus what we needed.  The mechanical ideas at the outset gave way to manufacturing considerations.  Features were pared back to match timelines, work schedules and summer vacation.  Anyone reading this who has worked in an Agile Development environment will recognize similar decisions they make every Sprint.  To borrow a cliché, "Perfect is the enemy of good enough."  With this in mind, we have an eleventh hour compromise ready: should the 3D printer prove a roadblock, we have arranged for a Wednesday night Hail Mary meeting to turn Ziploc Containers into eternal glory.

The Ziploc idea produced 4 "just in case" models.  We stabilized them with glass beads and hot glue.  The containers became the shell and mount for the PCB.  The beverage lid was provided by another ziploc container hot-glued onto the buttons.  Hot glue for grip and stabilization of the platform finished the job.  See the result in the pic below next to the finished shells.


Luckily, the 3D Printer roadblock was cleared just two days before the BBQ.  Poor quality filament lead to clogged extruders.  After a good cleaning, we were back in business.  5 shells total were produced with various upgrades.  We got a top that nested well with the shell, and the mouse-hole in the shell was added to allow the USB to be passed out of the body.  We did not get impressions in the top to get the lid closer to the lens of the LED.  We also did not get any part of the body held together by magnets.

Final assembly took place at Toxic BBQ itself.  The lights stayed on this year, but we started conversations and passed out some business cards with links here.  We placed a few on the tables farther out that didn't have light, and we presented two to the organizer in a Utilikilt.  Furthermore, it went on display in r00tz and the HHV for most of the convention.

Final Word

I left DEF CON for two years running with a profound sense of my own shortcomings.  I saw people around me doing amazing things, but I couldn't point to similar achievements for myself.  Though not terribly complex (most ideas came from Instructables, after all), the process and coordination required to pull off this simple idea has been eye opening.  It all started by pivoting from planning to doing.  It finished with an 80's-montage-worthy string of late nights and high fives.


Already, these efforts are fertile ground from which numerous other ideas have sprung.  Facing another DEF CON, I'm looking for the next big project instead of lamenting my noob credentials.  Only time will tell how many of these work their way to reality.

Monday, July 21, 2014

Touchscreen on Raspberry Pi

A friend has a few Elo Touchscreens from a past venture, and I have racked my brain trying to figure out a use for them. After giving up on Android PCs, I took a stab with a Raspberry Pi Model B running the Raspbian image from Noobs.  Two obstacles presented themselves:

  1. The Raspberry Pi only outputs HDMI.  For now, I'm going to try an HDMI to VGA converter. Better to get this thing off the ground than hem and haw about a 'better' solution.
  2. The touchscreen is inverted.  For this, I installed the xinput-calibrator tool per the instructions on the Raspberry Pi forums given by msmithy12 and a helpful config guide:
sudo apt-get install libx11-dev
sudo apt-get install libxext-dev
sudo apt-get install libxi-dev
sudo apt-get install x11proto-input-dev
download http://github.com/downloads/tias/xinput_calibrator/xinput_calibrator-0.7.5.tar.gz 
tar xvzf (downloaded file)
cd (downloaded file)
./configure
make
sudo make install
Then, from the menu: Preferences/Calibrate Touchscreen
  1.  Do not immediately follow the instructions given when you run calibration (place the calibration in a /etc/Xll/...).  Doing so borked my Raspbian install.  Instead, create the file specified in /usr/share/X11/xorg.conf.d/.  I ran "sudo leafpad 99-calibration.conf" to create and edit the file.  After dropping in the calibration indicated, I restarted and found out it stuck.  Woo hoo!
 I will update this space with my progress.  Currently, the setup is:
  • Raspberry Pi Model B ($35)
  • Elo Touchscreen ET1939L (Pre-owned)
  • BYTECC HM-VGA005 HDMI-A to VGA Female Adapter/Converter ($20)
  • 1 x WiFi Dongle (Ralink RT5370 chipset) ($10)

Lessons Learned


  • Single User Mode could have beenused to save my Raspbian install.  It can be entered by adding init=/bin/sh to cmdline.txt.  I was using Noobs, so holding Shift while the PI boots got me into the editor.
  • I like Linux more and more each project.

Friday, July 18, 2014

OFBC: Inspiration and Research

Note: This is part of the Project Write-up for OFBC: One Fluorescent Beer Coaster

The Idea

As night descended at Toxic Barbecue at DEF CON 21, everyone was working through the meat and alcohol they'd consumed much too fast and in much too large a quantity.  Rather than move the party somewhere else (Las Vegas' Sunset Park is safe at night, right?), we began to experiment with cell phone screens, then their flashes.  The lights were bright, but they were also extremely narrow in focus.  

The Liter of Light project gave us an idea to use a liquid to diffuse the light.  As there was still copious amounts of alcohol left behind, we started experimenting.  This 'research' lead us to decide that Smirnoff Ice was the best diffuser.  Filtered beers were awful due to both the dark bottles absorbing light as well as the liquid having no solids to scatter any that was left. Smirnoff had the clear bottle and label as well as a ton of solids from the included fruit juice.  As this was a hacker party and not for frat boys, we had plenty left. The misogynists among us named them 'Bitch Lights' after the colloquial term for Smirnoff Ice: Bitch Drinks.  We had our product; now we needed to separate it from the phones.


Research

DEF CON 22 planning made us realize that we needed to make good on our promises made while too intoxicated to realize we knew nothing about how LEDs actually work.  First stop?  The local Hackerspace, of course.  SYN Shop is in downtown Las Vegas.  Multiple forum members are lighting and electronics techs on The Strip.  They pointed me towards specific packages, drivers and batteries.  I took this foundation and boiled it down to specifics.  I wanted the light to be composed of the following elements:
  1. Super Bright LED (1W, 100 lumens)
  2. LED driving circuit
  3. Battery (3-4 hours of time)
  4. Charging circuit (USB)
  5. Switch to turn it on
  6. 3D Printed Body
Armed with search terms from the forum, I found a wealth of helpful links.  I found LED packages that fit the "Super Bright" definition all over the web.  I learned a ton about batteries and chargers (did you know Sears still exists and has an online store?).  The most helpful site was Instructables.  There, I found several LED driver circuits that I actually understood.  After a trip to Frys left me bewildered with options, I learned to better read datasheets.  Finally, I had a working circuit design.

Friday, June 27, 2014

R2B2

I built a copy of Justin Engler's Delta Bot R2B2.  Here's how I did it with a revised parts list.


Inspiration

Justin Engler and his iSEC Partners team presented his PIN punching robot at DEF CON 21.  Even though it was, by his own admission, a last resort in cracking phone PINs, it received coverage in Forbes and other outlets. 


Build

The 3D prints from my brother's Replicator came out well.  The dimensions were correct overall, but I had to do some filing to get the mounting bracket to slot together.  The servos I used required me to file out the slots a bit as well.  The spokes from my servo mount were a little large, so I filed those down too.  Overall, it wasn't too tough to fit everything together.  When I build another one, I need to see if my problems were caused by the STL files, how the G-Code was generated or the calibration of the printer itself.

The local RC shop called Hobby People had most of the small and moving parts.  Servos, ball joints and such came in at under $30.  Lowe's had the right sized all-thread to finish the job.  One thing about the construction was that I originally bought 10mm hex cap screws to join the ball joints to the biceps.  The way the bicep is built, though, the joint tends to hit the side of the bicep and limit the range of the effector.  To solve this, I moved the ball joints outward with small washers.  This made the 10mm hex caps too short, so I went with 15's instead.  Redesigning the bicep to free up movement might resolve this problem.  I slipped a metal stylus pen through a rubber grommet and effector.  The stylus was grounded with an alligator clip onto the breadboard.

The rest of the robot (as you can see in the pic) are an Arduino Uno, a small breadboard and a four-legged stand I put together from a 1x2 and some angle braces.  The robot is held to the frame by a fender washer through the central hole of the mounting bracket.  The sketch had to be modified with the correct measurements on the actual robot.  Most everything matched, so that built my confidence.  Once I uploaded the sketch, I played around with the machine code and made it dance.  This is when I found out the ball joints were binding against the bicep.  I also dropped the robot, and the short hex caps made it go eveywhere.  D'oh!

I forked and cloned Justin's github to prep for writing some code and tidying up the notes.  Rather than cracking phone PINs, I plan to use this to punch card PINs on PIN Pads used in credit card processing.  I don't think I'll need the OpenCV code, so I'll have a blind version of R2B2 up in my own repository once I learn enough Python to be dangerous.

Finally, Marginally Clever has a new version of the delta bot that uses laser cut parts.  The R2B2 that Justin demoed at SXSW seems to have been made from this version out of acrylic.  Snazzy!  This comes with its own platen and looks mighty sturdy.  I might have to grab one and give it a spin.

New parts list

Count Cost Each Name Description
2 $1.94 Du-Bro 2123 3.0 mm x 10mm Socket Head Cap Screw (4-Pack) P/N 2123 Screws to connect effector to ball joints
2 $1.94 Du-Bro 2124 3.0 mm x 15mm Socket Head Cap Screw (4-Pack) P/N 2124 Screws to connect bicep to ball joints
2 $1.98 Traxxas 5347 Rod Ends with Hollow Balls Large Revo (12) Ball joints to form the arms from threaded rod
6 $1.04 The Hillman Group 44817 8-32 x 6-Inch Threaded Rod, 10-Pack Threaded rod for ball joints to connect bicep to effector.
3 $7.99 The Hillman Group 44817 8-32 x 6-Inch Threaded Rod, 10-Pack Servos that connect to bice. Most will work, but Hobby People has adequate ones for cheap
As needed Varies Washers,Flat,3mm DUB2109 and The Hillman Group 36-Count #6 x 3/8-in Zinc Plated Standard (SAE) Flat Washer Washers to separate arm from bicep and effector. Used to give arms maximum freedom.
1 $2.00 Like Hillman Rubber Grommet (5/16x5/8x5/8x7/16) Rubber grommet for effector to hold stylus
1 $4.00 Like Stylus pen Stylus for effector
1 $1.13 1 x 2 x 8 Spruce-Pine Furring Strip Body for robot
1 $1.13 1-in Zinc Corner Braces Braces to hold shape of robot
X $2 Bolt, fender washers and wingnut Bolt to hold robot to body

Wednesday, May 7, 2014

Arduino and Other Electronics Projects

Miscellaneous electronics and microcontroller projects:

Make and RadioShack's Drawdio:
Initial test of this 20x4 character screen.  Notice the Haiku
Small Screen Blues
Screens 20 by 4
Focus encoded messag
As haiku does

 First fully custom project.  Writing a 'guessing' game that uses a RadioShack RGB LED Strip, the screen, LEDs, and 6 buttons.  Already maxed out the memory of the little chip on the Uno R3.
 Moving my dev environment to Raspberry Pi.  The borrowed laptop I was using is going to be repurposed and will live in an inaccessible place.  Here is the Pi running the Arduino IDE.
 Used Google, and knowledge from a class at SYN Shop, the local Hackerspace, to remove and troubleshoot this module.  It is a Blower Motor Speed Controller from my car's AC.  I found out the transistor in it is bad, but replacing it would take more effort than it is worth.

Tuesday, January 28, 2014

DEFCONbots - Genetic Al-Gore-isms v.01 Test



Video of the laser+servosx2 test rig.  Not enough granularity for the contest, but it's a start.

Tuesday, January 7, 2014

Finalized: January InfoSec Links

Security

Researcher gets hacked and details how he investigated, mitigated, and responded to it.  Enjoyable 'mea culpa.'
https://securosis.com/blog/my-500-cloud-security-screwup

Sigh...It's not just Target that was a target over the holidays:
http://krebsonsecurity.com/2014/01/hackers-steal-card-data-from-neiman-marcus/

Krebs gets the details on how Target was compromised.  Malware on each POS relaying data back to the attackers:
http://krebsonsecurity.com/2014/01/a-first-look-at-the-target-intrusion-malware/

Cryptography

Interesting perspective on RSA and NSA kerfuffle.  Emgage the community around RSAC to counter the actions of the company, RSA.
http://www.mckeay.net/2014/01/06/still-going-to-rsa/


CryptoLocker's new Sibling PowerLocker.  Back...up...everything:
https://www.schneier.com/blog/archives/2014/01/powerlocker_use.html

Privacy

Essay on Twitter's block/unfollow implementation. Serious insight into how public services chose to protect user privacy:

Well reasoned counter-arguments to the surveillance state excuses:
http://addxorrol.blogspot.de/2014/01/why-intelligence-reform-is-necessary.html

Internet governing bodies meet to discuss how to fight pervasive monitoring (seen as an attack on the internet):
https://www.w3.org/2014/strint/

Privacy concerns from Angry Birds?  Why aren't customer usage statsencrypted?  Anyone could read this information...
http://www.theregister.co.uk/2014/01/27/leaking_smartphone_apps_nsa_gchq/

Training

Matasano teams up with Square (the Credit Card Merchant Aggregators) for an exploit CTF through a web browser:
http://www.matasano.com/matasano-square-microcontroller-ctf/

Wednesday, December 18, 2013

December InfoSec Links

NSA and Government
Shame on Feinstein: There is a cost to surveillance.
http://www.siliconvalleywatcher.com/mt/archives/2013/12/shame_on_feinstein_co.php?utm_source=buffer&utm_campaign=Buffer&utm_content=buffer54e85&utm_medium=twitter
RSA took $10mil to backdoor their crypto libraries.
http://www.reuters.com/article/2013/12/20/us-usa-security-rsa-idUSBRE9BJ1C220131220
EFF reviews how the CFAA ruined lives and slowed innovation out of fear:
https://www.eff.org/deeplinks/2013/12/2013-review-tragedy-brings-cfaa-spotlight
Getting the ungettable: The NSA's Tailored Access Operations Unit
http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969-2.html
Backdoors R Us: NSA's backdoor catalog
http://www.spiegel.de/international/world/catalog-reveals-nsa-has-back-doors-for-numerous-devices-a-940994.html
Practical Tamper-evident Techniques
http://www.wired.com/threatlevel/2013/12/better-data-security-nail-polish/


Security and Cool Exploits
Via Chavaukin: 10 things Security should stop doing in 2014
http://blog.anitian.com/2014-stop-doing/
Acoustic cracking of PGP keys.  Fantasy attack made real:
http://www.cs.tau.ac.il/~tromer/acoustic/
SD Card Hacking
http://www.bunniestudios.com/blog/?p=3554

Target Breach Madness
International cards and those associated with a zip code fetch a premium:
http://krebsonsecurity.com/2013/12/non-us-cards-used-at-target-fetch-premium/
Putting a face on the Target breach:
http://krebsonsecurity.com/2013/12/whos-selling-credit-cards-from-target/
Target's faster checkout system explained:
http://www.quora.com/What-is-the-new-instantaneous-payment-system-being-used-at-Target
All PINs in the world leaked! (Tongue in Cheek)
http://pastebin.com/2qbRKh3R

Also hilarious: What happens when the common folk get a glimpse at the code behind:
https://twitter.com/neave/status/415533230579019777/photo/1

Monday, December 16, 2013

Bench Power Supply Complete!

Thanks to SYN Shop, the Las Vegas Hackerspace, I completed a bench top power supply.  I took a class that helped me build one from a kit.  The kit itself produced a 5v out and a configurable out that I ended up making 8.5 for Arduino.

One of the challenges of the class was to take that kit and enhance it.  I removed the resistor on the configurable channel and replaced it with a 10K Ohm potentiometer from Radio Shack.  This allows me to configure it for between 2 and 14.5 volts!



Some time later, I got tired of the alligator clips I used to connect to the two rails.  I replaced them with a barrel connector and switch.  My initial schematic was woefully flawed, however.  If I had completed it, I would have shorted the rails to ground through the switch, blown the fuse, and possibly smoked the voltage regulators.  Yeesh.

Thanks again to SYN Shop and Javid, the teacher who's kit made this possible.