Hackszine.com

Most recent posts: page 4 of 6 1 2 3 4 5 6
Browse the complete archive by category or month.

March 18, 2008

Paper cameras - old and new

In 1970's Communist Czechoslovakia, the state-run magazine ABCs for Young Technicians and Natural Scientists published a cut-out paper camera called the Dirkon. Looking very much like an old Nikon, the little camera is essentially a simple pin hole design, dressed up to look like its SLR cousin.

Fast forward to 2000's Capitalist USA and you'll find the ReadyMech Cameras which were recently released by adver-warehouse Corbis. Retaining much of the Dirkon cool factor, but looking nothing like a contemporary SLR or digital, there are a number of bizarrely awesome models to choose from.

Whether you dig the ReadyMechs or the classic Dirkon, making the cameras is as simple as printing out a PDF on heavy-weight paper, and following some simple instructions to cut, fold and tape the camera together. To use the camera, you assemble the package around a standard roll of ISO200 35MM film, wind between shots, and pull a little tab aside to expose the film for 10 seconds or so, depending on how bright the lighting is. Getting a clear photo is all about holding still (or setting the camera on a solid surface during exposure).

The Dirkon Paper Camera
ReadyMech Cameras

March 17, 2008

CryoPID: hibernation for Linux processes

We're all familiar with the hibernate/deep-sleep features that are typical on your standard laptop. In this mode, the entire contents of RAM are written to the disk and the machine is completely shut down. When it's next booted, the system is restored to the exact state it was at before sleep, with all of your programs running just like they were when you left them.

What if you could do this at the process level? You could kill whatever umpteen-gazillion applications you have running, reboot your computer, and then start your apps back up whenever you like and they would be exactly the way they were when you left them.

There's a Linux application called CryoPID which attempts to do just that.

CryoPID requires no special kernel modifications and operates in user mode, so you don't need to be root. All you do is run the freeze program on a process you own:

freeze /tmp/savestatefile 1234

This will archive the state of process 1234 into a self-executing, compressed file named /tmp/savestatefile. To start it back up, just run the save file:

/tmp/savestatefile

When this is executed, your application will be restored, relinked to any previously-loaded DLLs, and attached to the file descriptors it had open.

You'll run into some problems with network socket connections you had open, and support for X applications is still only experimental, so the useful scenario is a bit limited, but it's a promising concept and could come in quite handy in the command-line world.

CryoPID - A Process Freezer for Linux

March 16, 2008

Art Bots 2008

The fifth international ArtBots exhibit is being held on September 19-21 in Dublin Ireland. Whether you're interested in creating a robotic work of art, or a robot capable of producing its own works of art, you have till May 1st to submit an entry.

I've seen the output from this robot talent show / art fair for a few years now, and I'm really excited to see what happens this year. Are any of you folks planning on entering or attending?

Shown above: One of Bruce Shapiro's "Ribbon Dancer" robots. When activated, the robots are able to perform intricate dance routines by moving a ribbon through the air in choreographed patterns. It's the robot equivalent of an Olympic floor routine.

ArtBots 2008 Call for Works
Ribbon Dancer Robots

March 15, 2008

HOWTO: Fast SMT soldering

I've only had to solder a couple of SMT chips, and though my attempts have worked out for me, it's always been a combination of frustration and fear that I'm damaging the IC. John Gammell sent this video to me in response to one of my newbie attempts. In it, he shows how a pro approaches an SMT job using the "vertical drag" method.

It looks like he fixes the IC to the board, applies flux to all the pins, and then quickly drags a bead of solder back and forth over the pins. It's pretty unbelievable how quickly and precisely he is able to do the job. Impressive stuff.

Professional SMT Soldering

March 14, 2008

Wii homebrew now works from internal SD Card

It looks like the 0.1alpha3 release of the Wii Twilight Hack now works with the internal SD slot. No USBGecko or other additional hardware needed.

There are 5 versions of the chainloader for the different regions and releases of the Wii console. Follow the instructions to unzip the right one to the correct directory on your SD Card, and then it's as simple as copying your homebrew .elf file to the SD card's root directory and starting up Zelda.

Twilight Hack 0.1alpha3- [via] Link

March 13, 2008

Arduino Etch-A-Scetch clock

Check out Angela Yuan's Etch-A-Scetch Clock. An Arduino powers a few stepper motors that clear the screen once a minute and then draw the current time.

It looks like there is a laptop that is sending commands, presumably time updates, to the Arduino via processing. Her site is a little scant on details, but there are a few useful links that will give you a good start if you'd like to build your own.

Etch-A-Sketch Clock - Link

March 12, 2008

CNC hologram

I posted earlier this week about abrasion holography, a hologram technique that uses a network of simple arc shaped scratches to encode a visible, 3D hologram into a chunk of plastic. Carl was the first to comment on exactly what was on a number of peoples minds:

This is just crying out for someone to generate complex pictures using CNC.

Like many great ideas, someone has already worked this one out! William Beaty was kind enough to write back with a link:

The scratches need to be be almost perfectly smooth with no jaggies at all. Normal CNC doesn't work, but a couple months ago Evan at homeshopmachinist.net found that "drag engraving" does reduce the jaggies enough.

The photo above is Evan's cube, engraved on blackened copper. The top image is what you see in normal diffuse lighting. The bottom is one perspective of the hologram when viewed head-on under a point-source light. Evan writes:

The way this type of hologram is generated is to start with a 2d representation of the subject (the cube in this case). Then an arc is drawn using a point on the visible vertices and edges of the shape. A set of closely spaced points along all visible edges is then used to provide the anchor points for the radii of the arcs. The reason the image isn't perfect appearing is because of slight inaccuracies in the placement of the arcs (my fault) and some waviness in the copper plate which is only 26 gauge material.

There are a lot of creative possibilities with this one. First person to engrave a HACKS hologram on a copper business card wins a standing ovation.

Synthetic Holograms With a CNC Mill - Link
DIY Hand-Drawn Holograms - Link

March 11, 2008

N64 emulation: better than the real thing

Racketboy has a great article showing off some of the capabilities of the modern N64 emulator. If your machine is fast enough, most of the available emulators will really give you a noticeable resolution boost and better looking anti-aliased models. Using the Rice Video plugin with the Project64 emulator, you can even swap out the textures for some games with user-created texture packs.

I still use the real hardware (is the N64 considered "retro" now?), so before seeing this, I hadn't even considered emulation for this platform. That all changed when I saw the Mario64 mod shown above. The selection of available emulators is impressive, and there are open source emulators available for just about every platform. I'm currently playing a game under Mupen64 on my iMac and it's pretty flawless. My only wish is that all computers came, by default, with a nice joystick like they did back in the 80s.

Enhance N64 Graphics With Emulation Plugins & Texture Packs - Link
Project64 Emulator - Link
Rice Video Plugin - Link
Mupen64 Emulator (cross-platform, open source) - Link

March 10, 2008

SketchUp has a Ruby API

I guess it's been available for a few months, but I just noticed that there's a Ruby API for Google SketchUp. Looks like a cool tool for extending the building interface, integrating SketchUp entities with external software, and building procedural stuff, like making terrain or stairs.

Here's a video of SketchUp developer Mark Limber talking about some of the possible ways to extend the software with the Ruby API.

Google SketchUp Ruby API - Link
SketchUp API Blog - Link

March 9, 2008

Command line Twitter

You can easily update your Twitter status from the command line using cURL. The Tech-Recipes blog posted this handy command line hack:

With cURL installed, you can post to Twitter from the terminal window by using the following syntax:

curl -u yourusername:yourpassword -d status="Your Message Here" http://twitter.com/statuses/update.xml

You will receive a response containing the XML coding for your post which acts as a confirmation that your post was submitted.

Consider this: instant messaging is the new talk (phone for my VMS peeps) and Twitter is the new finger. It's nice to see at least one of these handy communication tools make its way back to the command line.

Posting to Twitter from the Terminal Window - Link
cURL downloads - Link

March 8, 2008

DIY hand-drawn holograms

Typically the creation of a hologram involves lasers and various other expensive equipment and materials. William J. Beaty figured out a low-tech way to create your own holograms using a simple abrasion technique that requires only a compass and a chunk of plastic. He came across the idea while walking through a parking lot, noticing strange hand prints that seemed to float above or deep inside the surface of polished car hoods.

The images were naturally-occurring holograms. The owner of the car had obviously polished the hood with a dirty mit, and the millions of particles of grit in the mit traced out millions of nearly-parallel scratches in the black paint. The particular hand motion had created a geometry of abrasion patterns which turn out to be nearly identical to the interference patterns which make up those embossed-foil Benton whitelight [holograms].

So how do you make one? All you need is a spanner (compass with 2 needles) and a chunk of hard plastic such as Lexan. For simple flat shapes, you just draw the reference shape below where you want the hologram to appear. Set the diameter of the spanner to an inch or two, put one of the points on the shape and score a small arc across the plastic. You then repeat this process for a bunch of other points on the shape, leaving a number of small arc shaped scratches. When you observe the scratches in the light, you'll see a hologram of the shape that appears to float beneath the surface of the plastic.

The image above, from William's site, is actually a stereo photo of one of his holograms. You can cross your eyes to see the effect. The cube that reflects from the scratches appears different based on the angle you view it.

The depth of the hologram is related to the width of the spanner, so you can actually create three dimensional holograms using the same technique. William's FAQs have more details on doing this, as well as hints for creating opaque shapes that have other objects hidden behind them which are only viewable from certain angles.

Abrasion Holography - Link

March 7, 2008

Run Linux apps in Windows with andLinux

andLinux is a Ubuntu distribution that used the coLinux kernel, a Windows port of the Linux kernel which allows andLinux to run natively inside Windows without any virtualization software. After downloading, you basically just run the install Wizard. When your machine reboots, an extra taskbar icon will be waiting for you to launch and install pretty much any standard Linux application.

The coLinux kernel can be launched as a service and it runs in the background with a dedicated amount of RAM allotted to it. During the install, you create a folder to house the andLinux Ubuntu installation's root directory. If you need to access the full C drive from Linux applications, it's just a quick entry in the /etc/fstab.

When you've got everything running, the end result is really seamless. The Linux applications each run in a standard window, just like your Windows apps. There's no switching between operating system windows. Xterm, Konquerer, Amarok, whatever—It basically just works.

The installation is pretty simple, and there's also a nice tutorial at Tinkernut that runs you through the installer and shows you how to use Synaptec to easily install other Linux applications. If you're primarily a Windows user, but you miss all the great open source apps and command line tools that are available in Linux, this is worth the 700MB download.

andLinux - Link
Using andLinux (video) - Link

March 6, 2008

Microsoft Excel 3D engine

Peter Rakos wrote an article for Gamasutra today which demonstrates how to hack yourself a simple 3D engine by subverting an Excel worksheet. It's not going to win any FPS awards, but the fact that you can even get Excel to draw raw shapes blows my mind.

In his demo, the worksheet is used to calculate values for all the polygon vertices and a very small macro loop draws the resulting mesh to the screen.

After downloading the source XLS, run the demo by hitting alt-F8 (option-F8 in Mac Excel). You'll find the code under the "Tools->Macro->Macros" menu.

Microsoft Excel: Revolutionary 3D Game Engine - Link
Peter's Example 3D Excel files - Link

March 5, 2008

Neighborhood crime fighting robot

Someone in Atlanta created what appears to be a homemade Dalek to help deal with streetcorner criminal activity:

Rufus Terrill has had it with the drug dealers, petty thieves and vandals he says roam the streets outside his downtown Atlanta bar, O'Terrills. Instead of calling the police or hiring private security guards, Terrill built his own security robot.

Watching the video leaves me with a bit of an uncomfortable vigilante aftertaste, which is a little strange since I can sympathize with the difficulties living in an area like this. It's just not realistic to head down the street at night and ask people to leave.

All that aside, it's just an imposing looking tele-operated vehicle with a squirt gun and a speaker. The reality is that it's probably in more danger of being tipped over sideways than hurting anyone.

The real hack here is that (for better or worse) someone's invented a home-brew, tele-operated psychology counter-weapon. By removing the immediate threat of violence, the driver is able to communicate in a hostile environment. If you made the thing look like Ronald McDonald and had it sing the theme song to Barney instead of squirting water, the robot would probably be even more effective.

Robot keeps Midtown block safe - [via] Link, Video

March 4, 2008

Ram dump over Firewire

Unlike USB2, the Firewire spec allows devices to have full DMA access. By impersonating the appropriate device, a PC can essentially obtain full read/write access to another machine's RAM, just by connecting the two machines with a Firewire cable. Adding to the recent discussion about the insecurities of physical access and Princeton's cold-boot RAM dump demonstration, Adam Boileau released a Linux Firewire utility that will give you immediate Administrator to an XP machine:

It's two years later, and I think anyone who was going to get the message about Firewire has already got it, and anyone who was going to be upset about it has got over it. Besides, according to Microsoft's definition, it never was a Security Vulnerability anyway - screensavers and login prompts are - as Bruce says - about the Feeling of Security. Anyway, today's release day for Winlockpwn, the tool I demoed at Ruxcon for bypassing windows auth, or popping an admin shell at the login window.
...

Yes, you can read and write main memory over firewire on windows.
Yes, this means you can completely own any box who's firewire port you can plug into in seconds.
Yes, it requires physical access. People with physical access win in lots of ways. Sure, this is fast and easy, but it's just one of many.
Yes, it's a FEATURE, not a bug. It's the Fire in Firewire. Yes, I know this, Microsoft know this. The OHCI-1394 spec knows this. People with firewire ports generally dont.

Adam's tools include a few Python apps that can copy and impersonate Firewire device signatures, dump RAM on a remote machine, bypass Windows authentication, and extract BIOS passwords. It's not exactly comforting, but I've got a new appreciation for Firewire now. This is the sort of access that used to only be possible by creating hardware that physically connects to the PCI bus. Now all you need is a cable and a laptop.

Firewire, DMA & Windows - direct memory access over Firewire - [via] Link

March 3, 2008

View YouTube in high-res

YouTube has been testing higher bitrate encodings of it videos, which you can see if you add a &fmt=8 or &fmt=16 to the video url. Historically, all videos have been delivered to the lowest common denominator: sorenson encoded 320x240. By adding &fmt=6 to the URL, the video is served up in 448x336 resolution and I'm guessing it's using the VP6 codec (can anyone confirm?). &fmt=18 gives you the iPhone-style MP4 stream.

What videos will actually look better in the higher res format is completely dependent on the material that was uploaded to YouTube, obeying the rules of garbage in garbage out. I've looked at a number of videos where you can't really tell the difference between the low and high-res versions, presumably because the uploaded video was already heavily compressed or pre-scaled to 320x240. There are a few, however, that are strikingly better, such as the skateboarding dog above.

A greasemonkey script is available which will cause Firefox to automatically load the fmt=18 version, if available. A quick install and you can be wasting time at twice the bitrate.

Watch High-Resolution YouTube Videos - [via] Link
YouTube HD Greasmonkey Script - Link

March 2, 2008

Point polygon intersection in SQL

update: As readers noted, it's not the 0 degrees longitude that's the problem, it's at 180 degrees where you could encounter issues. I've also escaped the gt and lt symbols. Sorry about that.

I spent the weekend participating in the F1 Website Challenge, a coding marathon in which competing teams each produce a mythical man-month's worth of web site for a worthy non-profit organization—all in the space of 24 hours.

One of the challenges my team faced during development was finding an efficient way for detecting a particular service region for a given address. Our client, Metro Meals on Wheels, has a number of different regions in which they deliver meals, with each region being served by a particular Meals on Wheels organization. These regions are defined by non-overlapping complex polygons. It's not as simple as a normal vendor search, where you return the nearest location to the requested address. Instead you need to search a database of polygons to find the particular one which intersects the address location.

One of my teammates, Mark Seemann, ended up providing a fairly elegant solution to the problem, and was able to implement it in a simple SQL query. To find out if a point intersects a polygon, it's as simple as drawing a vector from the point and seeing how many line segments of the polygon it crosses. If the number is even, it's outside the polygon. If it's odd, you have an intersection.

So let's say you have a polygon database which has a row for each line segment of a polygon. You can quickly pull all segments that intersect a vector pointing directly east of your geocoded location like this:

SELECT poly_id, segment_id
    FROM segments
    WHERE ( lnga > thelng OR lngb > thelng )
          AND ( (lata > thelat AND latb < thelat )
              OR (latb > thelat AND lata < thelat ) )

That will return you a list of all line segments that you would cross if you walked directly east from the location at [thelat,thelng] (yes, this assumes you don't cross 180 degrees longitude). To determine the polygon (or polygons) that intersect our address, it's as simple as grouping by poly and returning all rows that have an odd number of matches:

SELECT poly_id, COUNT(segment_id) AS segment_count
    FROM segments
    WHERE ( lnga > thelng OR lngb > thelng )
          AND ( (lata > thelat AND latb < thelat )
              OR (latb > thelat AND lata < thelat ) )
          AND segment_count%2 = 1
    GROUP BY poly_id

Of course, the world isn't flat, though I've treated it this way for simplicity. If you wanted this to work for all cases, you'd need to limit your search to a particular distance and translate the coordinates so that the search didn't cross 180 degrees longitude.

March 1, 2008

Recover data from RAM after a crash

After Princeton's cold-boot encryption key recovery hack, I got to thinking about what other useful things might be lying around in memory. It's old news that passwords of logged-in users are hanging out in there, but what about something more useful to the everyday user? What about that file you were editing before accidentally closing its window without saving?

In Linux and on PPC Macs, the root user can access the machine's ram through the /dev/mem device. I'm not sure why this is unavailable on newer Intel Macs—it's a bummer.

In theory, if you're processing some words, spreading sheets, or posting a blog entry and your program crashes, it's likely that the data you were editing will still be in RAM, unharmed, waiting to be allocated to another process. If you immediately dump the entire contents of RAM to disk before starting another large process, chances are good you can find your data again. It's tricky though—writing that RAM to disk requires you start up at least one process, such as dd. It's possible that this new process, or a another process that's currently running, could allocate memory and obliterate your file. You don't really have other options, though, so you might try something like this:

dd if=/dev/mem of=/tmp/ramdump strings /tmp/ramdump | grep "some text in your file"

I found a post by David Keech where he describes exactly this process. He was able to use it to successfully recover the text from a killed vi session:

I tested this by starting vi and typing in "thisisanabsolutelyuniqueteststring", killing the vi process without saving the file and running the command above immediately with a small modification. Instead of piping the output to a file, I piped it to grep thisisanabsolutelyuniquetest. The grep command found itself, as it always does, but it also found the original string, identified by the rest of the unique string that I didn't include in the grep command. You have to be careful when search through running memory. I now remember having this problem with the Mac all those years ago. Whenever I searched for parts of my brother's letter, I would just end up finding the part of memory that contained the search string.

He also mentions scanning the swap partition, which is also a likely place for your data to be found. It's the same process, but you replace /dev/mem with /dev/hda2 or whatever your swap partition is.

Here's the fun part. Based on what we now know about DRAM holding data even a few seconds of being unpowered, you might even be able to use the method to recover program data after a full system crash and reboot. The swap data will for sure be there, but if you reboot into single user mode without starting up X or any large applications, the possibility exists that unallocated areas of /dev/mem will still contain data from before the reboot.

How to recover your data after a crash - Link
Extracting encryption keys after a cold boot - Link

February 29, 2008

Single character commenting

It's a pretty common practice to comment and uncomment big chunks of code during the development and testing of software. Here's an odd little hack from the ajaxian blog that can make this a little easier for blocks that you're constantly flipping on and off during development.

For C style comments, the following will be commented out:

/* if ( foo == bar ) { dosomething(); return(); } // */

And the addition of a single '/' will uncomment the block:

//* if ( foo == bar ) { dosomething(); return(); } // */

In languages that don't have the single line comment, such as CSS, you can do the same thing with only the block level comments.
Commented:

/*/ min-height:100px; /**/

Uncommented:

/**/ min-height:100px; /**/

You are probably talking to your screen right now, saying, "hey Jason, that commenting trick is marginally useful at best." I can only respond by reminding you that every keystroke is a beautiful and unique snowflake that must be cherished and never wasted.

A neat commenting trick - Link

February 28, 2008

Detecting forged photos algorithmically

John Graham-Cumming posted an automated tool for detecting "Clone Tool" Photoshop forgeries. Photojournalism ethics issues (LInk, Link) aside, John had some ulterior motives:

I was motivated to work on this program by greed (or at least my never-ending love of having a little flutter on things). Best of the Best runs spot-the-ball competitions in airports to win very expensive cars. But they also run the same competition online. That meant I could get my hands on the actual image used... could I process it to discover where the ball had been removed? (In reality, this isn't the right way to win because the actual ball position is not governed by where it actually was, but where a judge thinks it was).
Would it be cheating if I could? Apparently not, the competition rules say I should use my skill and judgment in determining the ball position. Surely, skill covers my programming ability.

So, I went looking for tampering algorithms and eventually came across Detection of Copy-Move Forgery in Digital Images written by Jessica Fridrich at SUNY Binghamton. The paper describes an algorithm for detecting just the sort of changes I thought I was looking for.

Essentially the algorithm cuts the image into a bunch of 16x16 chunks and runs each chunk through a discrete cosine transform. The DCTed chunks are compressed and sorted, and the algorithm looks for multiple matching chunks that were shifted the same direction and distance, highlighting the source image if a large number of matches are found.

Another blogger, jjwiseman, released a speed optimization for John's code, which he successfully used on the infamous Adnan Hajj Reuters images. While the algorithm is able to detect this style of manipulation, it's noted that it has a habit of returning false positives in images with a blurry background.

That said, it'd be pretty interesting to run this through a big database of news photos and see what turns up.

Detection of Copy-Move Forgery in Digital Images - Link (PDF)
John Graham-Cumming's Clone Tool Detector - Link
Protecting Journalistic Integrity Algorithmically (jjwiseman's update) - Link