Windows 7 and Vista crash via SMB exploit

[Laurent Gaffié] has discovered an exploit that affects Windows Vista, Windows 7, and possibly Windows Server 2008 (unconfirmed). This method attacks via the NEGOTIATE PROTOCOL REQUEST which is the first SMB query sent. The vulnerability is present only on Windows versions that include Server Message Block 2.0 and have the protocol enabled. A successful attack requires no local access to the machine and results in a Blue Screen of Death.

[Laurent] has a proof of concept available with his writeup in the form of a python script (please, white hat use only). There is no patch for this vulnerability but disabling the SMB protocol will protect your system until one is available.

Update: According to the Microsoft advisory this vulnerability could lead to code execution, making it a bit worse than we thought. On the bright side, they claim that the final version of Windows 7 is not open to this attack, only Windows Vista and Windows Server 2008.

Augmented Network Interfaces

Here’s an interesting bit of research to come out of Microsoft and UCSD. The Somniloquy project is a new type of network interface. It’s a USB device that allows a computer to continue network communications after being put to sleep. By offloading these tasks, machines that would normally stay awake for RDP and file transfers are only powered up when absolutely necessary. The device uses a Gumstix board like the one used in the Tor hardware adapter. The device pictured above has two USB interfaces, but the second is just for debugging and not needed for proper operation. The board runs BSD and creates a USBNet bridge to the Vista host. When the host daemon detects the computer going to sleep, it hands off active communication to the gumstix. They developed “stub” applications to handle the various types of communication. For downloads, they used wget to download only the portion of the data that was still left. For bittorrent, they customized the command line client ctorrent to manage the download. Both programs wake up the PC upon completion and transfer the file off of the SD card.

Guitar Hero macro board

Doesn’t look like the Guitar Hero hacks will be slowing up any time soon. In this recent installment, [Thunderhammer3000] built a board to record Guitar Hero “songs”. It is wired inline with with the fret buttons and strum bar and records each of the key presses. Songs can be recorded at slow speed in practice mode and replayed at full speed. The board is Arduino compatible and has two optoisolator chips for collecting the button presses plus a small EEPROM for storage. The board fits easily inside the guitar body.

HAL suit going into production

When we compiled our list of real life power suits last May, the HAL suit was being pitched as a $1000 a month rental. Cyberdyne has changed their tune for the better recently. Teports suggest that the first 400 unit run of powered exoskeletons will sell for $4200, less than a Segway. The suit can increase the wearer’s strength ten-fold and will run continuously for nearly three hours.

Rocketting fun

[Gabe] sent in this project summary from his rocketry club’s yearly project(pdf). The goal was to build a rocket that would go up to about 800 meters and eject a robot that would pilot itself to a destination on the ground for re use. There’s tons of great information from what hardware is in the robot to hardware design for the ejection mechanism. There are great pictures of the final build, not so many of the construction itself. The project seemed to go well until EMI problems caused everything to fail during flight. If you’re interested in seeing more from the club, check out their site (translated).

Parts: 32KB SPI SRAM memory (23K256)

Microchip’s new 23K256 is a serially interfaced 32 kilobyte SRAM memory chip, available in 8 pin DIP and 8 pin SO packages. SRAM, like EEPROM, is a data storage medium. Data stored in SRAM is lost without constant power, but it’s really fast and there’s no limits to the number of write cycles. EERPOM stores data even without power, but it’s slow and usually limited to around a million write cycles.

32K SRAM chips typically have 15 address lines and 8 data lines, like the IS61LV256AL we used on our CPLD development board. The 23K256 requires just four signal lines, but sacrifices the speed of a parallel memory interface. It’s a great way to add extra memory to a low-pin count microcontroller without routing 23 signal traces. We’ll show you how to interface this chip below.

STK500 as an Arduino

The AVR STK500 has been Atmel’s standard AVR development platform for many years. Recently though, hobbyists have embraced the Arduino. [Alessandro] has decided to bring the two together so that you can use the Arduino environment with the STK500. Unlike the Arduino, it comes with 8 LEDs, 8 switches, a variable power supply, and variable analog reference. It’s a great way to get hardware you might already have back into service.

Cellphone operated robot

If you can get through the cell phone text speak, you’ll probably enjoy this cool tutorial on how to build a cell phone controlled robot. This bot decodes the key tones, similar to the automated phone systems we’ve all experienced. It uses a chip called a MT8870 DTMF decoder to translate the signal for the Atmega 16 controller. The circuit diagram is pretty hard to read, maybe we missed a downloadable one somewhere. The source code is available.

It would be nice to get some feedback from the robot, so you aren’t driving it completely blind. This is similar to the Lego cell phone rover that we showed you before. Next, he should make it recognize voice commands.

Hackit: Hackable Bluetooth bracelet

We spotted this odd piece of geek couture on DVICE today. It’s a bracelet that displays incoming calls via Bluetooth and also vibrates. The intended use is kinda interesting, but we wonder what else could be done with it. Could you update it with any text you want by creating fake caller ID messages? You could have your laptop in your backpack and have the bracelet update when it finds an open access point or any other sort of notification. The display shows the word “Connecting” in pictures, but apparently only displays numbers for incoming calls. It also includes a button to reject calls.

Do you have a project that needs a wireless display? Are there other options like this? At $25, this might be worth a try.

Automated DVD dispenser

[Andrew] made this DVD dispenser for his senior project in high school. It is using an ATmega8515 for the brains, and a custom coded driver for the LCD. As you can see in the video, after the break, you can select a DVD by various identifiers such as genre or title. It then pushes that DVD out of the rack so you can grab it. Right now, all the DVDs have to be placed in predetermined positions, but it’s not a bad start at all. Thanks for sending this in [Andrew].

DIY TomTom docking station

TomToms have been getting pretty cheap. We like ‘em because they’re nice and hackable. This diy docking station was made from some etched PCBs, a bunch of male pin headers and a bit of hot glue.

Location aware task tracking

With the iPhone finally getting legitimate GPS we’re bound to see more widespread use of location based apps. Services like Dodgeball, Brightkite, and a few Twitter clients have been around, but failed to tightly integrate with the hosting phone. Now we’re seeing applications that reach beyond just “finding your friends”. [Merlin Mann] directed us to the version of OmniFocus for the iPhone. OmniFocus is a task management system that’s now location aware thanks to the iPhone. This means it knows to show you your grocery list while you’re at the store and work tasks while you’re at work. Passive interaction could really make similar systems a lot more enjoyable to use.

We think this is just the tip of the iceberg. Imagine alternate reality gaming that gives you a virtual map while you navigate the real world. Geocaching, road rallies, and scavenger hunts could have a running narrative displayed as you progressed. Using technologies like GeoRSS will let us pull data back into the real world making that rare trip outside a lot less painful.

Nano GPS logger

This is a nice, compact gps logger that’s built around a PIC16F872 and some eeprom chips. It was designed for a particular GPS receiver, but should be easily adaptable to others since the unit ouputs standard sentences at 4800 baud. Full schematics and board layout are available on the project page.

GPS logging Arduino shield

ladyada continues to produce more and more interesting Arduino shields. This new GPS logger plugs into a standard Arduino board and has support for four different GPS receiver modules. On the backside of the board is an SD card slot where it stores the coordinates in a text file. The total runtime can vary from five hours to twenty depending on how you choose to power the device and how you use the device. How often you read the device and whether you maintain the GPS lock will affect the power consumption. Like all of ladyada’s projects, you’ll find a great construction guide and example code on her site.

Ardupilot: arduino based UAV autopilot

A short while back, [Chris Anderson] released an Arduino based autopilot. It rings in fairly cheap and being open source, you can tweak away. To add more functionality, he’s releasing a dual core version. Thanks to the second processor, it no longer requires an external hardware co-pilot. It uses an on-board GPS and features an ATtiny based fail safe. It’s still under development, but he’s made the design files available.

MioPocket 2.0 Release 27

GpsPasSion forum member [Ospray] has released a new version of MioPocket. For those of you that don’t know, MioPocket is a great unlock kit for GPS units. It basically unlocks the hidden potential of your GPS so you can access the built-in functionality of a PDA as well as retaining the GPS software. This means you can play music, watch video, play games, read and write office documents, and many other things with the once single-purpose device.

Originally written for Mio brand devices, it has been successfully used on a couple other brands. We’ve seen it on a Navigon 2100 using a modified install. This software can run directly off the SD card, so it can easily be updated or removed.

The fun part is fiddling with the scripts to get the newest releases to work on the Navigon and Magellan devices.

High altitude photographic balloon

[Earl Foster] recently completed his 4th high altitude photographic balloon (HAPB-4) launch. This launch reached a peak altitude of 106,384 feet, and lasted about 3 hours. The final weight of the capsule was 5lb 3-3/8 oz, with all the electronics, GPS, digital camera, and HD video camera. His balloons operate under the exempt rules of FAA Part 101 subpart a governing unmanned balloon flight. This program has been setup to encouraging interest in science, mathematics, and engineering through unmanned ballooning. HAPB-4 uses a Parallax SPIN Stamp microcontroller, this multicore chip offers eight 32-bit processors (cogs) sharing 32kB RAM and ROM. Having eight separate COG’s allows him to log GPS data, control the camera, log and monitor sensors, and control LCD functions simultaneously with minimal hardware. During this flight he did have some equipment failures, but he was still able to capture some nice pictures.

GPS alarm clock

We spotted an interesting app in Gizmodo’s iPhone roundup for the week. iNap is designed for commuters that don’t want to miss their train stop. Just pick any location you can find on Google Maps, set the distance for the alert radius and the alarm tone, and it’s ready. It’s a great app and only costs $1.

The app actually reminds us of the first time we heard about Bug Labs. The modular gadget building system was described to us as a way to build unconventional consumer electronics. They specifically talked about one person that built an alarm clock with GPS because he kept falling the asleep on the train. Thanks to convergence we’re seeing a lot of devices expand from their initial intentions, whether it’s an iPhone GPS alarm clock or an N95 being used auto upload your bike ride to Flickr.

ArduPilot Pro autonomous drone

We wrote about [Chris Anderson] before when he released the Arduino based autopilot. He has since crashed his first Predator UAV, due to an underpowered motor and poor control of the v-tail only steering. He has since released a pro version of the autopilot controller, and is modifying this UAV Predator drone kit to work with it. One ATMega168 processor handles flying and the other handles GPS navigation, but because they work together, it results in a fully autonomous drone. He also has a BlimpDuino version we have covered before.

Install GPS in your Dell Mini 9

[acabtp] has already started hacking on his Dell Mini 9. He wanted to add GPS functionality, but didn’t want a dongle or anything external. After ordering the smallest GPS unit he could find, he found a place to wire it in internally. The end result had no bearing on the external looks of the computer. I wonder if he used the modification guide dell released?

Marketed as direct competition for the EEEPC, we’ll probably start seeing a lot more hacks for these. We’ve already seen the EEEPC taken hacked more than we ever expected.

Geode, Mozilla Labs’ location-based browser plug-in

Mozilla Labs has launched yet another new project, this one a location based plugin for Firefox. Geode will let users to take advantage of location data embedded within a web page. Like [MG Siegler] at VentureBeat, we wondered what the point of a location-based desktop browser was, since most cell phones are now GPS-enabled. TechCrunch and CNET’s Webware, cite the example of a user who is looking for a place to eat while out of town. Using Geode, his favorite restaurant review site would know automatically to display eating establishments in the locale he is visiting. As semantic information permeates more and more of the web, we’re certain that we’ll see many more uses for a tools like Geode. Geode’s uses Skyhook’s Loki technology, which determines position base on what WiFi access points it sees just like the Eye-Fi.