A Canon Lens Is Never Too Old To Be Useful: Soldering Magnifier Hack

Canon Lens

Got an old Canon lens catching dust and are you into DIY hacks? Then this is for you. This is some serious hardware hacking.

A guy going by [Ad_w00000] on Instructables made a soldering magnifier using a Canon SLR zoom lens, the FD 70-210mm f/4, and the Canon Extender FD 2X-B.

[Ad_w00000] says:

Soldering was becoming more difficult for me and magnifying glasses weren’t much help. I saw on the net that someone used a zoom lens from cctv camera and attached it to a webcam. I didn’t have a cctv zoom lens. But I did have an SLR zoom lens! I liked the idea that there is alot of space between the lens and object. Space to work on. So I started this project. Besides I have lots of goodies lying around in my office and its getting more cluttered and now I got to use them up!

The whole thing is pretty complex and involves for sure some skills. For the Canon part of things, [Ad_w00000] took the lens out of the FD 2X-B extender. This allows to take off or change the lens without hassle. A recycled laptop webcam was fitted into a hole drilled into a Canon rear lens cap. Lens cap and lens mounted on the adapter.

The Canon FD 70-210mm f/4, with extender and mounted webcam (image courtesy of [Ad_w00000])

Curious? See everything explained step by step by [Ad_w00000] at Instructables. The story was spotted by hackaday. More Canon hacks are listed here.

If you want to learn more about this Canon vintage lens, check the video below by Mark Holtze.

Hacking Post: You Can Run A Minecraft Server On A Canon Rebel SL2

Rebel SL2 SL3 Minecraft Server

From the series of “totally pointless but absolutely cool” hacks today we feature a new one, and for sure one of the most weird: a Minecraft server running on a camera.

A hacker going by the handle Turtius installed and successfully run a Minecraft server on a Canon Rebel SL2 (EOS 200D in Europe). If you know how Minecraft works, then you likely know that the server (i.e. the SL2 in our example) is only running the “world” that is then displayed on the user’s computer. The game itself runs on the user’s computer. However, at least theoretically, other users could connect to the world managed on the server (the SL2).

The shot video below shows three points of view: i) via a smartphone recording the back of the camera and the monitor, ii) what the Rebel SL2 is seeing, and iii) a screen recording from the computer that is connected to the Canon Rebel SL2. Clearly the SL2 reaches its limits.

Turtius explains here how he did the hack, using avrcraft, a Minecraft server that’s optimized for 8-bit devices. Says Turtius:

[avrcraft] is fully running on the camera. I reverse-engineered the network module used by Canon which just so happens to expose Unix-like sockets and integrated avrcraft with Magic Lantern. It’s running a custom implementation provided by Canon’s operating system and using custom code to interact with the stuff provided by Canon on a lower level.”

Cool hack, eh?

Turtius used a modified version of the free Magic Lantern firmware add-on, and wrote code specifically for the Rebel SL2. You can find the full source code on GitHub but be warned: do it only if you know what you are doing otherwise you risk to brick your camera.

[via PetaPixel]

Friday Hacker Blogging: The History Of Unix and Linux

History Of Unix

Front Page Linux posted an interesting and well written article about the history of Unix and Linux. Definitely worth your attention if you are into computer science.

For this special history guide, we are going to take a trip back in time to see where the seed of Linux was planted — namely via the Unix systems of the early 1970s and how it has progressed through the modern day. Though most are completely unaware of the enormous impact that Unix-like operating systems have planted on our society, understanding its storied history can allow us to realize why the Unix model has lived on far longer and become more successful than any other operating system architecture (and philosophy) in existence.

In fact, the estimated 5 billion people in the world (more than half the population) to own a mobile phone have been using Unix-based operating systems, knowingly or not, since the “smart” phone hit the consumer shelves in the late 2000s. From the Linux-based Android platform to the BSD-flavored iOS, Unix has stolen the massive mobile market along with the majority of other systems in existence. In fact, if you look at the operating system on just about any device besides the desktop PC, it is more likely than not that it runs some form or derivative of Unix.

So, how did an operating system written to port a game from one machine to another gain so much prominence in our world today when it was first conceived and implemented over sixty years ago? Well, our journey begins at AT&T’s famous Bell Laboratory with two unlikely heroes that helped kick off the modern technological age. Strap in and grab some popcorn, this is going to be a wild ride!

Read about the history of Unix at Front Page Linux. You can also use this post to discuss about whatever (photographic) topic you wish.

Friday Hacker Blogging: Get Doom Running On a Canon PIXMA Printer

Doom

Back in 2014 security researcher found a vulnerability in Canon PIXMA printers. They demonstrated the vulnerability by installing the 1990’s game Doom on the printer.

Canon wireless Pixma printers can be accessed through a web page, for instance to see printer information like ink levels or to update the firmware.

Says the hacker at Context (emphasis added):

This interface does not require user authentication allowing anyone to connect to the interface. At first glance the functionality seems to be relatively benign, you could print out hundreds of test pages and use up all the ink and paper, so what? The issue is with the firmware update process. While you can trigger a firmware update you can also change the web proxy settings and the DNS server. If you can change these then you can redirect where the printer goes to check for a new firmware. So what protection does Canon use to prevent a malicious person from providing a malicious firmware? In a nutshell – nothing, there is no signing (the correct way to do it) but it does have very weak encryption. I will go into the nuts and bolts of how I broke that later in this blog post. So we can therefore create our own custom firmware and update anyone’s printer with a Trojan image which spies on the documents being printed or is used as a gateway into their network. For demonstration purposes I decided to get Doom running on the printer (Doom as in the classic 90s computer game).

And Doom it was:

Canon acknowledged the issue and provided the following statement regarding this issue:

“We thank Context for bringing this issue to our attention; we take any potential security vulnerability very seriously.  At Canon we work hard at securing all of our products, however with diverse and ever-changing security threats we welcome input from others to ensure our customers are as well protected as possible.

We intend to provide a fix as quickly as is feasible.  All PIXMA products launching from now onwards will have a username/password added to the PIXMA web interface, and models launched from the second half of 2013 onwards will also receive this update, models launched prior to this time are unaffected. This action will resolve the issue uncovered by Context.”  

It is a good practice to never connect a printer to the Internet.

If you want to dive deeper into the hacking and learn how Canon’s encryption was broken read the article at Context. This post can be used to discuss about whatever topic you want.

Friday Hacker Blogging: digiKam 7.1 Released, Fully Supports Canon CR3 Format

Digikam 7.1

The open source and free software digiKam 7.1 has been released. Full support for the Canon CR3 format has been added.

Release notes for digiKam 7.1 are here.

When you buy an expensive camera, such as the latest Canon devices, you should expect the image provided to be seriously pre-processed by the camera firmware and ready to use immediately. This is true for JPEG, but not RAW files, where the format changes for every new camera released, as it depends on the camera’s sensor data. This is also the case for the Canon CR3: the RAW format produced by this camera has required intensive reverse-engineering that the digiKam team cannot always support well. This is why we use the powerful Libraw library to post-process the RAW files on the computer. This library includes complex algorithms to support all kinds of different RAW file formats, including the Canon CR3.

You can download digiKam 7.1 for 64-bit or 32-bit systems from their website.

As usual you can use this post to discuss about whatever you want.

Friday Hacker Blogging: How To Watch Star Wars In Linux Terminal (and update on Canon hacker attack)

Star Wars In Lunux

For the Friday Hacker blogging series here is something that’s as fun as it is useless, but it will appeal to all those hardcore Star Wars fans.

You can watch Star Wars in Linux terminal (not just Linux, every *nix flavor will likely work). We are not talking about a digitally remastered version here, no high res graphics or else. In fact there are no graphics in a modern meaning. All you have to do is to enter the following command in your terminal:

telnet towel.blinkenlights.nl 

You can stop the “movie” with ctrl-j, and then type quite to exit.

Should you not have telnet on your system you can easily install it. For instance on Ubuntu or Debian:

sudo apt install telnet

Here are two screenshots.

Ready for Star Wars in Linux terminal?

Canon Ransomware Attack

Here is also an update on the ransomware attack against Canon. See here for an update or if you don’t know what a ransomware attack is. The Maze ransomware gang updated their leak site and now it states that “0.2%” of Canon data was published. Previously it was 5%. We do not know yet what exactly that means. Also, we obtained a copy of the leaked Canon data and can confirm it does not contain sensible sensitive or otherwise critical information.

Screenshot from the Maze leaks site

You can use the Friday Hacker Blogging post to discuss whatever topic you want. Please be respectful and polite.