give a man a phish…

There’s an old quote, of course…

Give a man a fish and you feed him for a day.  Teach him to fish and you’ve fed him for life.

Today’s topic is about phishing, the activity in which a con artist sends a fake email to others and convinces them into giving up their credentials, credit card details, etc.

What They’re After

It’s almost always about money. They want the login details for your checking account or your credit card. If they can get your email account’s credentials then they’ll search your emails for links to your checking account or credit card. If they get your social media account’s credentials then they’ll know the people who trust you and they’ll send them email as if they’re you, conning your friends into clicking these sorts of links.

041017-Phishing-Activity-minTrust

If a stranger on the sidewalk asked you to put your wallet into a magic hat, you probably wouldn’t. You don’t trust him. So when a stranger on the Internet sends you an email, then you are probably smart enough not to click any links in it.

But now, what happens when an email arrives and it has the correct logo and content from Microsoft?  You trust them.  They wrote the software that’s on your computer, possibly.  They’re telling you that you are about to lose something or in other cases, that you could get something for free.

But of course, that email could seemingly arrive from UPS, FedEx, the U.S. Postal Service, Wells Fargo, Bank of America, Chase, Logitech, Intel, Apple, Google, Intuit, Adobe, Samsung, HP, Facebook, Twitter, Verizon, AT&T, Starbucks, Staples, Yahoo, Bing, MSN, Firefox, Chrome, WordPress…  Literally any name brand or product name you trust can be used to fool you.

Urgency

If someone told you that you had thirty years left in your lifetime, you’d probably be interested but it wouldn’t necessarily change what you do today as a result.  You’d have time to get a second opinion from another doctor, say.

We’re programmed, though, to panic when we have a limited amount of time to make a decision.  If the doctor told you that you needed to get your affairs in order because you have 24 hours left, then you probably wouldn’t calmly make an appointment with that second doctor.  You’d very likely go on a shopping spree or make some other not-so-mature decision in the spur of the moment.  In other words, the rational/analytical part of your brain wouldn’t be in charge.  Your would-be scammer knows this.  So all these attempts have some sort of expiration date/time attached to them.

Free… Isn’t

I’m not sure why people are such suckers for the word “free”.  It seems to be another method of short-circuiting the brain.  Combine free with an expiration date of some kind plus a spoofed pedigree and most people will stupidly click that link.

Antivirus Isn’t “Anti-Stupid Protection”

Unfortunately, your antivirus program can’t protect you from doing something, well… stupid, in this case.  It would be stupid to enter your credentials for anything prompted by any email.

But, what if this is legitimate?  Okay, so what if I have received an email from Geico and they’re trying to tell me that my policy is about to expire?  (Let’s assume for a moment that I have Geico insurance.)  Do I actually need to click their link to find out the status of my policy?  No.  It is infinitely safer for me to open my browser, type in Geico.com in the location field, verify that I haven’t mis-typed the domain name and then to enter my credentials on their website.  In doing so, I’ve completely removed all the dangers of phishing.

Digital Extortion

According to statistics, 64% of Americans are willing to pay a ransom to get their data back (or say control of their computer) and the average bounty demanded is $1,077 per victim. Only 34% of people globally are willing to pay money in these circumstances. Unfortunately, that makes the U.S. a prime focus for these people.

Advertisements

parts is parts

Still designing/printing parts here in plastic from Autodesk Fusion 360, Cura and the Robo C2 printer. It’s amazing how long it can take sometimes to print.  This particular part printed in just over eighteen hours but an earlier (high-quality) version suggested that it would have taken slightly over four days.

I’ve been having problems with a particular spool of filament from Shaxon. Given that it’s infused with carbon fiber, it has a tendency to want to stick to itself on the spool. So I’ve lost about three print jobs so far from a variety of nonsense related to the filament snagging itself as seen here.

IMG_0190

This then results in the loss of filament to the extruder and the print job continues, going through the motions of printing but without plastic. To fix this, I’ve repurposed the base of my rock polisher to hold the spool and locking it in place with a coat hanger for the moment. When the filament tries to snag itself, the entire rig seems to work out with respect to deploying without accidents.

IMG_0195

If you’d like to see what it looks like to 3D print a part like this, here’s a link to the video I created (using that new camera from an earlier post).

Time-lapse photography of printed part

 

time-lapse photograpy for the robo c2

I’ve upgraded the Robo C2 printer with a nifty Raspberry Pi NoIR camera so that it can take photos, stream video and do time-lapse photography of print jobs. It seems to work great so far and I look forward to putting it through its paces.

And to make this easier for others, I’ve created a documentation repository with step-by-step instructions for anyone else who wants to modify their original printer to do this, too.

Okay, so technically the printer had a glitch 1/3 of the way into printing this (huge) coin example, so I aborted as it started to go funky at some point… which you can’t tell here, tbh.

When printed part becomes modern art

wizarding money

Apologies for the lull in blogging but I’ve been fussing with Autodesk Fusion 360 lately. The current design in 3D printing would be an authentic-looking Knut from the Harry Potter film series.

coins

So for the first coin, I thought I’d try the copper/bronze-looking one since I have some copper-infused PLA filament, some copper-infused artist liquid-stuff and plenty of pennies for electolysis at the end.

I managed to do the front side with a convincing Tratello font for the text and a complete rendering of the details. I will attempt to do a photos->mesh conversion for a better face, however.

Rafting

A raft on the part’s bottom is often necessary so that the part will adhere nicely to the workspace. Unfortunately, that tends to mar up one side of a coin so that approach doesn’t work here. I’ll then want to slice the coin into front/reverse and print both halves.

Weighting

The standard weight of a plastic coin wouldn’t feel right in your hand so the strategy would be to put something inside of two halves to make it seem realistic.

Post-processing

After the actual print, everything you do to make it nice is called post-processing. In this case, this might include assembling the two halves of the coin with glue of some kind, sanding, tumbling in a magnetic rock tumbler device with copper-plated media for a few days, brushed-in application of a copper-infused liquid for touch-ups and finally, wiring and dropping each into an electrolysis chamber so that ionic copper may bind to the outer surface.

Progress

So far, I’ve got one half of the Knut designed and made two test prints. The inside space perfectly matches a penny (which adds weight to the coin and helps to speed up the print time). The filament produces a metallic matte finish and doesn’t appear to have the tell-tale lines you normally might see in a printed part.

The bad news is that my 0.4mm extruder nozzle is too big for this job. I need a tiny opening to print at a higher resolution. So I’ll be ordering some smaller nozzles like this 0.15mm version.

pointOneFive

I have a spare power supply from a computer as well as a recycled hard disk. I’ll remove the top from the disk and then glue some very strong magnets around the top perimeter in alternating orientations every 60°. I’ll need to use my existing rubber drum from a rock tumbler kit for the media and parts.

As for the media, this will be a combination of penny-magnet-penny glued sandwiches plus a collection of copper-clad screws (over steel). This then makes everything inside want to give up copper in the millions of collisions with the copper-infused plastic parts, as influenced by the external rotating magnetic field. After a couple of days, the coins should have a healthy amount of superficial copper added plus a polishing of the printed detail.

don’t make me clamp you, part 3

Oh, the fun.  After a few fails, I managed to print out several C-shaped clamps in carbon fiber—infused PLA, finally getting the temperature right.  I then spent several more hours in Autodesk Fusion 360 to further tweak/finalize the bottom of the chassis for the Raspberry Pi 3 supercomputer and sent that off for a 56-hour print job.  Whoa.

IMG_0139IMG_0138

Four of these clamps then were employed during last night’s printout while it was still going.

IMG_0149IMG_0151

Unfortunately, the pause feature that I’d asked for in the slicing software went rogue upon resume and tried to bury the extruder into the plastic, forcing me to abort at 4am this morning.  <_<

At least there’s much less part curling at the base versus last time. So I think I’ll redesign the clamps to have an even lower top profile and clamp right after the first four layers of the raft are down.

 

outsourcing your work as a captcha

I guess everyone’s seen the robot test captcha thing on Google these days. If you try to use their websearch engine too fast, then you’ll soon be proving that you’re not a script that’s running on some spammer’s computer.

I'mNotARobot

Often, though, you’re then next asked to select which squares have store fronts, or doors, or signs or food.

CaptchaSigns

And of course, since we want that content, we dutifully “prove” that we’re not a robot. But—and I realize this might sound a little cynical of me—what if we’re actually being forced into conscripted labor, as if we were Google’s robots?

What if we’re actually being forced into conscripted labor, as if we were Google’s robots?

Try to follow along…

Amazon Mechanical Turk

Amazon has a variety of services within the AWS space. The one I’m thinking about at this moment is their Amazon Mechanical Turk. If you have a computer and Internet and want to make some money doing (usually) mundane tasks, then Amazon will pay you to do so.

For instance, Amazon might pay a hundred people to look at one image after another and to indicate/highlight where in the image they see a sign or a store front or whatever it is that Amazon needs highlighted. Humans are great at this. Artificial intelligence applications are getting there, only it takes a supercomputer these days in order to do these tasks.

What if Google doesn’t want to use their supercomputers nor wants to pay anyone to do object recognition either?

Google Maps Streetview

Google’s mapping featureset with Streetview represents a way for them to make a lot of money. And their collection of project managers would love to know where storefronts are within all that captured data. (Imagine that they’ve paid drivers to drive around a car with 360° cameras.) Because behind every storefront is a business who could pay Google money for placement within Google Local.

Now, Google has datacenters with plenty of available processing power to do this. But what if… they’re using us instead.

Think about it, we’re asked to identify objects within photos (which look like they’re taken from the Streetview data) and we’re being asked to identify things (businesses) which could make Google money or things (signs) which could be used in mapping directions.

Call me cynical but Google is looking a little guilty on this one. Why aren’t we identifying the squares with puppies in them? Because puppies don’t buy listing upgrades, that’s why.

 

don’t make me clamp you… (part 2)

You wouldn’t believe the difficulty I just had getting Autodesk Fusion 360 to do what I’d thought would be trivial: I wanted to cut down an existing part from Thingiverse to meet my needs.

Thingiverse ≠ OpenSource

The first thing I learned yesterday from this is that—even though Thingiverse seems like a wonderfully collaborative place—it isn’t actually open-source. If this were open-source, then in addition to the mesh (STL) files that are shared, each author would also include their project file as well (DWG, for example).

Don’t get me wrong, Thingiverse allows people to share their work. And yet, it isn’t the same as github which allows someone to take 100% of what you worked on, tweak it and then share that as well. It’s this iterative modification that makes open-source so powerful. And the reason behind that is that each new person doesn’t have to start from scratch.

CAD Project File

A typical computer-aided design file will include a variety of information. Most, though, are built around the concept of an initial sketch in two dimensions with a variety of measured constraints, for example. One then brings that 2D sketch into the third dimension and suddenly you have a part.

If you’d like to then edit the sketch or change the height of the sketch in that third dimension, you’d need to have that project file. (Thingiverse does not share project files.)

Mesh File

At the end of a design session, it would be necessary then to export that part into a 3D model which is usually a collection of points and triangular faces. The sum of these describes a solid in 3D space. (These STL files are shared on Thingiverse.)

Toolpaths File

Once you’ve exported your own design to an STL file (or you’ve downloaded one from someplace like Thingiverse), the file is taken into software like Cura if you’re trying to print to a 3D printer. This is known as “slicing” since it’s Cura’s job to know your printer well enough that it may slice your part from the bottom, up. Each layer then is converted into a number of instructions called G-code which tells the printer exactly what to do at every step of the way. (Thingiverse does not share these files either.)

Autodesk Wants You to Design in Autodesk

It was clear from my initial interaction with Autodesk’s support that they don’t want you to work using other software. They want you to start over and redesign your part in their software. Given that they charge $40/month to use the software, it’s easy to see why.

They actually do support the conversion of a mesh file into your project file in such a way that you can cut it, for example. They just hide the feature as an Easter Egg; only after turning off project journaling (Time Line) can you see the Mesh-to-BRep option. Granted, the program became painfully slow using this feature since it was grappling with about 50,000 triangular faces. Eventually, though, it processed the mesh file and I was able to apply the cutting action to remove some of the clamp from Thingiverse.

Progress So Far

Knowing that I could further modify the C part of the clamp should I need to, I then set the first of two prints into motion.

With the standard white PLA filament in the printer, I was able to print this in just over twelve hours last night. It’s a collection of eight screws plus their respective protector caps for the ends of those ball points. And tonight, I’ll print the C-shaped parts in black carbon fiber PLA for its added strength. (I’ll need to break them away from the adhesion raft, of course.)

IMG_0123IMG_0124

In case you’re wondering, I had to laboriously place each of the sixteen individual parts into Cura’s workplace, carefully including enough space between them. The tighter you bunch them, the less movement the printer will have to do and the faster it will print. Get them too close and the extruder might bump into one of the other parts or perhaps merge two parts together.

As you can see from the slight bit of raft curl on the right side in the second photo, these clamps in theory will do a nice job of holding the raft down into the bed for the first inch or so of the part’s printing. In some cases, they should save what would otherwise be a failed printout.

don’t make me clamp you…

Trying to push the envelope in print volume on the Robo C2 printer, I’m finding that the part wants to curl on the bed (since the latter isn’t heated). Hmm…

curl

This is a common occurrence, I understand.  It’s due to the uneven temperatures of plastic on the bed versus the new (hot) layers of added plastic. To get a part this big, I actually had to lie to the software and to suggest that the printer has a bigger range than this. This sort of tweaking is commonplace.

Hairspraying the bed is a known gimmick for 3D printing, but as you can see, the painter’s tape is well-stuck to the part.  Instead, I’m thinking of 1) printing the raft at the bottom, 2) pausing the print at this point, 3) removing the bed, 4) applying clamps around the edges and finally, 5) resuming the print job.

Tool-Making 101

From my experience in a plastic manufacturing plant, I learned that if something doesn’t work:  modify it, build a helper tool or change the process somehow so that it does work. Here, I’m opting to build a set of clamps to assist in the 3D print process and to insert a pause into those instructions (“GCODE”) at the proper moment.

Half the battle, then, is designing and building a number of clamps.  To be useful, they should allow their placement at a variety of distances from the edges of the bed. They should hold throughout the job even if things are vibrating and moving around. They should never restrict bed movement. Since the print job goes for perhaps ten hours, they must not fail in any way if I’m not there to watch their performance.

The other half of the battle is to create something which modifies the GCODE instructions to place a pause at the right moment (as soon as the raft has been laid down). My guess is that this will look like an OctoPrint plugin. There probably already are a number of plugins which pause at a particular z, meaning that they will pause the print job when it comes to a particular vertical layer. I was thinking that I might invent a different approach somehow in this space but I’ll see what I can come up with. I like the concept of pause after raft, though, and would imagine that this would be useful enough to others.

This should save a lot of print jobs from curl, I hope. And that should translate into a lot of money saved in filament, as well as time.

clamps

keeping your pi cool

An average computer’s operating system maintains some logistics about the cpu, like its input voltage, temperature and the like. The Raspberry Pi single board computer is no exception and will even scale back its speed if it determines that its internal temperature is getting too high. That’s a good thing but another approach is to proactively cool the cpu with a fan when it’s approaching that threshhold.

pi-temp.png

Since I’m creating a cube-like chassis to hold four of these Raspberry Pi 3 computers, I’ll soon need this functionality. So I’ve just created a new repository with JavaScript code to return the cpu’s temperature in fahrenheit/celsius as a string or a number. One could then programmatically turn on/off a fan using the GPIO pins using this information.

Here’s that repository:  raspi-temp

3d cover for the pi noir camera

Using the (included) industrial-grade Autodesk Fusion 360 software, I was able to design a part for my Robo C2 printer. It’s a cover and mount for the Raspberry Pi NoIR v2 camera (8MP resolution @ $27). I picked up several cheap suction cups (@ $0.99) from Ace Hardware yesterday and used a digital caliper to carefully measure the distances all around. I’ll sand it a little to make it smooth; the photos below is what it looks like after removing the raft and supports (throw-away extras to make everything print correctly). The jaggies inside the suction cup slot I’ll leave since they’ll grip tightly. I’ll likely also keep some of the jaggies in the fitting between lid and base for the same reason.

I’ll still need to receive the longer cable from Adafruit for this to work so I haven’t snapped down the parts firmly yet. In the meantime, I might create a ribbon clip with a second suction cup (editing the money clip from an earlier post).

If you’d like the STL files for the part now, let me know and I can shoot you the URL for those but I’ll eventually write up a step-by-step tutorial on the full upgrade to adding the video feed capability.

IMG_0116IMG_0117IMG_0118IMG_0119IMG_0120IMG_0121IMG_0122

100posts