Kritik sah

As machine learning and artificial intelligence becomes more widespread, so do the number of platforms available for anyone looking to experiment with the technology. Much like the single board computer revolution of the last ten years, we’re currently seeing a similar revolution with the number of platforms available for machine learning. One of those is Google Coral, a set of hardware specifically designed to take advantage of this new technology. It’s missing support to work with certain hardware though, so [Ricardo] set out to get one working with a Raspberry Pi Zero with this smart camera build based around Google Coral . The project uses a Google Coral Edge TPU with a USB accelerator as the basis for the machine learning. A complete image for the Pi Zero is available which sets most of the system up right away including headless operation and includes a host of machine learning software such as OpenCV and pytesseract . By pairing a camera to the Edge TPU and the Raspberry Pi,

There are only so many ways to make noise on standard instruments such as acoustic pianos. Their rigidity and inputs just don’t allow for a super-wide range of expression. On the other hand, if you knit your interface together, the possibilities are nearly endless. MIT’s new and improved knitted keyboard is an instrument like none other — it responds to touch, pressure, and continuous proximity, meaning that you can play it like a keyboard, a theremin, and something that is somewhere in between the two. Because it’s a MIDI interface, it can ultimately sound like any instrument you’ve got available in software. The silver keys of this five-octave interface are made of conductive yarn, and the blue background is regular polyester yarn. Underneath that is a conductive knit layer to complete the key circuits, and a piezo-resistive knit layer that responds to pressure and stretch. It runs on a Teensy 4.0 and uses five MPR121 proximity/touch controllers, one per octave. The really exciti

A common example of the sheer amount of computing power available to almost anyone today is comparing a smartphone to the Apollo guidance computer. This classic computer was the first to use integrated circuits so it’s fairly obvious that most modern technology would be orders of magnitude more powerful, but we don’t need to go back to the 1960s to see this disparity. Simply going back to 1989 and getting a Compaq laptop from that era running again, while using a Raspberry Pi Zero to help it along , illustrates this point well enough. [befinitiv] was able to get a Raspberry Pi installed inside of the original computer case, and didn’t simply connect the original keyboard and display and then call it a completed build. The original 286 processor is connected to the Pi with a serial link, so both devices can communicate with each other. Booting up the computer into DOS and running a small piece of software allows the computer into a Linux terminal emulator hosted on the Raspberry Pi. T

We’ll state right up front that it’s a really, really bad idea to let a robotic archer shoot an apple off of your head . You absolutely should not repeat what you’ll see in the video below, and if you do, the results are all on you. That said, [Kamal Carter]’s build is pretty darn cool. He wisely chose to use just about the weakest bows you can get, the kind with strings that are basically big, floppy elastic bands that shoot arrows with suction-cup tips and are so harmless that they’re intended for children to play with and you just know they’re going to shoot each other the minute you turn your back no matter what you told them. Target acquisition is the job of an Intel RealSense depth camera, which was used to find targets and calculate the distance to them. An aluminum extrusion frame holds the bow and adjusts its elevation, while a long leadscrew and a servo draw and release the string. With the running gear sorted, [Kamal] turned to high school physics for calculations such as

Pin art is one of those things that simply cannot be left alone if it’s within arms reach, and inevitably end up with a hand or face imprint. [hugs] is also fascinated by them, so he designed the PinThing , a mechanized pin art display. The PinThing pin diameters are much larger than standard pin art, but this is to fit small geared DC motors. Each pin is a short 3D-printed lead screw mechanism. The motors are driven with a stack of motor driver shields on top of an Arduino Uno, which uses Firmata to receive instructions over serial from a Node.js app using the Johnny-Five library. This may be a simple 3×5 proof of concept, but then it could be used for everything from displays to interactive table surfaces. One of the challenges with pixelated mechanical displays like this, the inFORM from MIT, or even flip dot displays , are the costs in actuators and driver electronics. A small 10×10 array requires 100 motors and drivers, which quickly adds up as you expand, even if individual c

Red Hat Security Advisory 2021-2566-01 - The fwupd packages provide a service that allows session software to update device firmware. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities. from Packet Storm https://ift.tt/3y8S1oW

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support. from Packet Storm https://ift.tt/3650E7L

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way. from Packet Storm https://ift.tt/2Tdegv7

Red Hat Security Advisory 2021-2569-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. Issues addressed include buffer overflow, bypass, null pointer, and use-after-free vulnerabilities. from Packet Storm https://ift.tt/3w8b3tW

A KVM guest on AMD can launch a L2 guest without the Intercept VMRUN control bit by exploiting a TOCTOU vulnerability in nested_svm_vmrun. Executing vmrun from the L2 guest, will then trigger a second call to nested_svm_vmrun and corrupt svm->nested.hsave with data copied out of the L2 vmcb. For kernel versions that include the commit "2fcf4876: KVM: nSVM: implement on demand allocation of the nested state" (>=5.10), the guest can free the MSR permission bit in svm->nested.msrpm, while it's still in use and gain unrestricted access to host MSRs. from Packet Storm https://ift.tt/3yayi86

Red Hat Security Advisory 2021-2574-01 - The RPM Package Manager is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Issues addressed include a bypass vulnerability. from Packet Storm https://ift.tt/3AeyDc0

Apache Superset version 1.1.0 suffers from a time-based account enumeration vulnerability. from Packet Storm https://ift.tt/35ZbSLc

Red Hat Security Advisory 2021-2570-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and use-after-free vulnerabilities. from Packet Storm https://ift.tt/3AebCpk

Securepoint SSL VPN Client version 2.0.30 suffers from a local privilege escalation vulnerability. from Packet Storm https://ift.tt/3w260LP

Red Hat Security Advisory 2021-2595-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Issues addressed include a null pointer vulnerability. from Packet Storm https://ift.tt/3hpi0RY

Red Hat Security Advisory 2021-2588-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, HTTP response splitting, denial of service, information leakage, and insecure permissions vulnerabilities. from Packet Storm https://ift.tt/3w4vp7r

Red Hat Security Advisory 2021-2587-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, HTTP response splitting, denial of service, and information leakage vulnerabilities. from Packet Storm https://ift.tt/3duoD4v

Doctors Patients Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. from Packet Storm https://ift.tt/3qyFEjm

Red Hat Security Advisory 2021-2591-01 - EDK is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Issues addressed include a heap corruption vulnerability. from Packet Storm https://ift.tt/2UUSZ9W

Red Hat Security Advisory 2021-2584-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a HTTP request smuggling vulnerability. from Packet Storm https://ift.tt/3y45Wwc

China’s space program has big goals and is already starting to achieve them. Recently, the China National Space Administration has landed its first rover on Mars, and begun to explore the surface of the red planet. It’s a huge step, and something only previously achieved successfully by NASA. Let’s take a look at the Chinese project, its goals, and see how it compares to the American rovers that have also roamed so far away. Wheelin’ on Mars Zhurong pictured next to its landing platform, thanks to a selfie camera it deployed on the Martian surface. Such cameras have become popular in recent missions, as it’s widely agreed that it’s cool to see the rovers doing their thing on Mars. China’s first Mars rover goes by the name of Zhurong, named after a figure in Chinese mythology that is typically associated with fire. Given that Mars is known as the “Planet of Fire” in China, it’s a fitting name selected by a public vote held earlier this year. The rover comes in at a size of 2.6

We’ve seen a huge influx of bespoke portable computers over the last couple of years thanks to availability of increasingly powerful single-board computers. The vast majority of these have been ARM powered using something like the Raspberry Pi 4, and naturally, run Linux. Only a handful have run on x86 hardware, usually because whoever built it wanted to be able to run Windows. But this handheld x86 Hackintosh running the latest Mac OS on the LattePanda Alpha is truly something unique. Creator [iketsj] claims it to be a world’s first, and after a bit of searching, we’re inclined to agree. While others have installed Mac OS on the LattePanda to create Hackintosh laptops, this would indeed appear to be the first handheld computer to utilize this particular hardware and software blend. Like other custom portables we’be seen, this one starts with a 3D printed enclosure. The overall design reminds us a bit of the YARH.IO we covered last year , and even borrows the trick of reusing the

[T-Kuhn]’s Octo-Bouncer platform has learned some new tricks since we saw it last . If you haven’t seen it before, this device uses computer vision from a camera mounted underneath its thick, clear acrylic platform to track a ball in 3D space, and make the necessary (and minute) adjustments needed to control the ball’s movements with a robotic platform in real time. We loved the Octo-Bouncer’s mesmerizing action when we saw it last , and it’s only gotten better. Not only is there a whole new custom ball detection algorithm that [T-Kuhn] explains in detail, there are also now visualizations of both the ball’s position as well as the plate movements. There’s still one small mystery, however. Every now and again, [T-Kuhn] says that the ball will bounce in an unexpected direction. It doesn’t seem to be a bug related to the platform itself, but [T-Kuhn] has a suspicion. Since contact between the ball and platform is where all the control comes from, and the ball and platform touch only ve

The art of building purely mechanical automatons has dramatically declined with the arrival of electronics over the past century, but there are still a few craftsmen who keep the art form alive. [François Junod] is one of these masters, and the craftsmanship and intricacy on display in his automata is absolutely amazing. [François]’ creations are all completely devoid of electronics, and are powered either by wound-up springs or weights. The mechanics of the automata are part of the display, and contain a vast array of gears, linkages, belts and tracks. Many of them also include their own soundtrack, which range from simple bells and chimes to complete melodies from mechanized wind instruments, as demonstrated in Le Champignonneur  below. He also collaborates with craftsman like jewelers on works like La Fée Ondine , which we thought was CGI when we first saw it in the video after the break. Very few people have the time, skill and patience to make these creations, but we are glad

Explain a Game Boy to a child in 2021 and they’ll have little idea of how much impact that chunky grey brick had back in the day. Search for a YouTube video to demonstrate, and you might find the one we’ve put below the break. It starts with the classic Tetris on the Game Boy, then moves on to Super Mario World before treating us to Sonic the Hedgehog, and finally Doom. All seminal games of the Game Boy’s heyday, with one small problem. The last three were never Game Boy titles, and certainly wouldn’t have run on the device’s limited hardware. Most of you will by now not be surprised to find that the narrator is none other than [Sprite_tm], and his Game Boy has one of the nicest Raspberry Pi conversions we’ve ever seen . Given his previous work we expected the cartridges to have an ESP32 on board that  somehow mapped into Game Boy display memory, but in fact he’s swapped the original Nintendo motherboard with a replacement carrying an ICE40 FPGA on one side to handle the Nintendo har

[James Bruton] is experimenting is a series of interesting mechanical mechanisms, the latest being a CVT transmission system which uses a tilting sphere to get a variable speed output from a constant speed input. Video after the break. In [James]’ proof of concept RC vehicle, a single powered disc is mounted on top, at 90 degree to the wheels. A rotating sphere makes contact with both the driven disc and the wheel. When the rotation axis of the sphere is at 45° between the disc and the wheel, it provides a one 1:1 transmission ratio. As the axis is tilted, the contact points on the sphere shift, changing the relative circumference at the contact points, and therefore changing the transmission ratio. It can also reverse by tilting the sphere in the opposite direction, and disconnected from the output wheel by aligning it with the hole in the bottom of the sphere. [James]’ simple two-wheel RC car concept quite well, driving around his kitchen with the transmission spheres being tilted

Ever since the SMART Response XE was brought to our attention back in 2018, we’ve been keeping a close lookout for projects that make use of the Arduino-compatible educational gadget. Admittedly it’s taken a bit longer than we’d expected for the community to really start digging into the capabilities of the QWERTY handheld, but occasionally we see an effort like this port of BASIC to the SMART Response XE by [Dan Geiger] that reminds us of why we were so excited by this device to begin with. This project combines the efforts of SMART Response XE support library by [Larry Bank] with Tiny BASIC Plus, which itself is an update of the Arduino BASIC port by [Michael Field]. The end result is a fun little BASIC handheld that has all the features and capabilities you’d expect, plus several device-specific commands that [Dan] has added such as BATT to check the battery voltage and MSAVE / MLOAD which will save and load BASIC programs to EEPROM. To install the BASIC interpreter to your o

On the scale of things worth worrying about, having to consider whether your EPROMs will be accidentally erased by some stray light in the shop is probably pretty low on the list. Still, losing irreplaceable data can make for a bad day, so it might just pay to know what your risks really are. To address this question, [Adrian] set out to test just how susceptible to accidental erasure some common EPROM chips are . An EPROM, or “erasable programmable read-only memory”, is a non-volatile memory chip that can be programmed electrically and then erased optically, by exposing the die inside the chip to light at a specific wavelength, usually in a special chip erasing tool. But erasure can also happen in daylight ( even if it takes a few weeks ), so [Adrian] cooked up an experiment to see what the risk really is. He exposed a selection of EPROMs with known contents to UV and checked their contents. Three of the chips had a simple paper or foil label applied, while one had its quartz windo

The unspoken promise of new technologies is that they will advance and enhance our picture of the world — that goes double for the ones that are specifically designed to let us look closer at the physical world than we’ve ever been able to before. One such advancement was the invention of X-ray crystallography that let scientists peer into the spatial arrangements of atoms within a molecule. Kathleen Lonsdale got in on the ground floor of X-ray crystallography soon after its discovery in the early 20th century, and used it to prove conclusively that the benzene molecule is a flat hexagon of six carbon atoms, ending a decades-long scientific dispute once and for all. Benzene is an organic chemical compound in the form of a colorless, flammable liquid. It has many uses as an additive in gasoline, and it is used to make plastics and synthetic rubber. It’s also a good solvent. Although the formula for benzene had been known for a long time, the dimensions and atomic structure remained a

Red Hat Security Advisory 2021-2599-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include bypass and use-after-free vulnerabilities. from Packet Storm https://ift.tt/3y5fQhb

Red Hat Security Advisory 2021-2563-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability. from Packet Storm https://ift.tt/360b6NX

Red Hat Security Advisory 2021-2561-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.5.0 serves as a replacement for Red Hat JBoss Web Server 5.4.2, and includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a remote SQL injection vulnerability. from Packet Storm https://ift.tt/3w4tnUQ

Red Hat Security Advisory 2021-2562-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.5.0 serves as a replacement for Red Hat JBoss Web Server 5.4.2, and includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References. Issues addressed include a remote SQL injection vulnerability. from Packet Storm https://ift.tt/3drahBU

Red Hat Security Advisory 2021-2500-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution and denial of service vulnerabilities. from Packet Storm https://ift.tt/3w3aKAH

Red Hat Security Advisory 2021-2499-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.36. Issues addressed include a denial of service vulnerability. from Packet Storm https://ift.tt/3A4XrTH

This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware. from Packet Storm https://ift.tt/3w89tIy

ES File Explorer version 4.1.9.7.4 arbitrary file read exploit. from Packet Storm https://ift.tt/3h2jF0R

Recycling plastic into filament normally involves chopping it into tiny pieces and pushing it through a screw extruder. [ JRT3D ] is taking a different approach with PetBot, which cuts PET bottles into tape and then turns it into filament. See the videos after the break. Cutting the tape and extrusion happens in two completely separated processes on the same machine. A PET bottle is prepared by cutting off the bottom, and the open rim is pushed between a pair of bearings, where a cutter slices the bottle into one long strip, as a driven spool rolls it up. The spool of tape is then moved to the second stage of the machine, which pulls the tape through a hot end very similar to that on a 3D printer. While most conventional extruders push the plastic through a nozzle with a screw, the PetBot only heats up the tape to slightly above its glass transition temperature, which allows the driven spool to slowly pull it through the nozzle without breaking. A fan cools the filament just before i