Silicon ChipYet another threat to surfing the net - February 2018 SILICON CHIP
  1. Outer Front Cover
  2. Contents
  3. Publisher's Letter: Yet another threat to surfing the net
  4. Feature: Turning your garbage into useful electricity by Ross Tester
  5. Project: A Water Tank Level Meter with WiFi and More! by Nicholas Vinen
  6. Review: Navman’s DriveDuo – Satnav and Dashcam by Leo Simpson
  7. Project: 6-Element VHF TV Yagi to kill UHF 4G interference by Leo Simpson
  8. Feature: El Cheapo Modules 13: sensing motion and moisture by Jim Rowe
  9. Serviceman's Log: Smart TVs can be pretty dumb sometimes by Dave Thompson
  10. Product Showcase
  11. Project: Highly versatile & accurate dot/bar 10-LED Bargraph by John Clarke
  12. Project: The Arduino Mega Box Music Player revisited by Bao Smith
  13. Vintage Radio: A more detailed look at the 1919/20 Grebe Synchrophase by Ian Batty
  14. PartShop
  15. Subscriptions
  16. Market Centre
  17. Advertising Index
  18. Notes & Errata: UV Light Box & Timer / Micromite BackPack Touchscreen DDS Signal Generator / Deluxe Touchscreen eFuse / Kelvin the Cricket
  19. Outer Back Cover: Hare & Forbes Machineryhouse

This is only a preview of the February 2018 issue of Silicon Chip.

You can view 37 of the 104 pages in the full issue, including the advertisments.

For full access, purchase the issue for $10.00 or subscribe for access to the latest issues.

Items relevant to "A Water Tank Level Meter with WiFi and More!":
  • WiFi Water Tank Level Meter shield PCB with stackable headers [21110171] (AUD $7.50)
  • Small 2A boost step-up regulator module (MT3608) (Component, AUD $3.00)
  • IPP80P03P4L-07 high-current P-channel Mosfet (Component, AUD $2.50)
  • IPP80P03P4L-04 high-current P-channel Mosfet (Component, AUD $5.00)
  • GY-68 Barometric Pressure/Altitude/Temperature I²C Sensor breakout board (Component, AUD $2.50)
  • DHT22/AM2302 Compatible Temperature and Humidity sensor module (Component, AUD $9.00)
  • 5dBi 2.4GHz WiFi antenna with U.FL/IPX adaptor cable (Component, AUD $12.50)
  • 2dBi omnidirectional 2.4GHz WiFi antenna with U.FL/IPX adaptor cable (Component, AUD $10.00)
  • Elecrow 1A/500mA Li-ion/LiPo charger board with USB power pass-through (Component, AUD $25.00)
  • Arduino sketch (.ino) file and libraries for the WiFi Water Tank Level Meter (Software, Free)
  • WiFi Water Tank Level Meter shield PCB pattern (PDF download) [21110171] (Free)
Items relevant to "El Cheapo Modules 13: sensing motion and moisture":
  • Arduino and BASIC source code for El Cheapo Modules 13 (Software, Free)
Articles in this series:
  • El Cheapo Modules From Asia - Part 1 (October 2016)
  • El Cheapo Modules From Asia - Part 2 (December 2016)
  • El Cheapo Modules From Asia - Part 3 (January 2017)
  • El Cheapo Modules from Asia - Part 4 (February 2017)
  • El Cheapo Modules, Part 5: LCD module with I²C (March 2017)
  • El Cheapo Modules, Part 6: Direct Digital Synthesiser (April 2017)
  • El Cheapo Modules, Part 7: LED Matrix displays (June 2017)
  • El Cheapo Modules: Li-ion & LiPo Chargers (August 2017)
  • El Cheapo modules Part 9: AD9850 DDS module (September 2017)
  • El Cheapo Modules Part 10: GPS receivers (October 2017)
  • El Cheapo Modules 11: Pressure/Temperature Sensors (December 2017)
  • El Cheapo Modules 12: 2.4GHz Wireless Data Modules (January 2018)
  • El Cheapo Modules 13: sensing motion and moisture (February 2018)
  • El Cheapo Modules 14: Logarithmic RF Detector (March 2018)
  • El Cheapo Modules 16: 35-4400MHz frequency generator (May 2018)
  • El Cheapo Modules 17: 4GHz digital attenuator (June 2018)
  • El Cheapo: 500MHz frequency counter and preamp (July 2018)
  • El Cheapo modules Part 19 – Arduino NFC Shield (September 2018)
  • El cheapo modules, part 20: two tiny compass modules (November 2018)
  • El cheapo modules, part 21: stamp-sized audio player (December 2018)
  • El Cheapo Modules 22: Stepper Motor Drivers (February 2019)
  • El Cheapo Modules 23: Galvanic Skin Response (March 2019)
  • El Cheapo Modules: Class D amplifier modules (May 2019)
  • El Cheapo Modules: Long Range (LoRa) Transceivers (June 2019)
  • El Cheapo Modules: AD584 Precision Voltage References (July 2019)
  • Three I-O Expanders to give you more control! (November 2019)
  • El Cheapo modules: “Intelligent” 8x8 RGB LED Matrix (January 2020)
  • El Cheapo modules: 8-channel USB Logic Analyser (February 2020)
  • New w-i-d-e-b-a-n-d RTL-SDR modules (May 2020)
  • New w-i-d-e-b-a-n-d RTL-SDR modules, Part 2 (June 2020)
  • El Cheapo Modules: Mini Digital Volt/Amp Panel Meters (December 2020)
  • El Cheapo Modules: Mini Digital AC Panel Meters (January 2021)
  • El Cheapo Modules: LCR-T4 Digital Multi-Tester (February 2021)
  • El Cheapo Modules: USB-PD chargers (July 2021)
  • El Cheapo Modules: USB-PD Triggers (August 2021)
  • El Cheapo Modules: 3.8GHz Digital Attenuator (October 2021)
  • El Cheapo Modules: 6GHz Digital Attenuator (November 2021)
  • El Cheapo Modules: 35MHz-4.4GHz Signal Generator (December 2021)
  • El Cheapo Modules: LTDZ Spectrum Analyser (January 2022)
  • Low-noise HF-UHF Amplifiers (February 2022)
  • A Gesture Recognition Module (March 2022)
  • Air Quality Sensors (May 2022)
  • MOS Air Quality Sensors (June 2022)
  • PAS CO2 Air Quality Sensor (July 2022)
  • Particulate Matter (PM) Sensors (November 2022)
  • Heart Rate Sensor Module (February 2023)
  • UVM-30A UV Light Sensor (May 2023)
  • VL6180X Rangefinding Module (July 2023)
  • pH Meter Module (September 2023)
  • 1.3in Monochrome OLED Display (October 2023)
  • 16-bit precision 4-input ADC (November 2023)
  • 1-24V USB Power Supply (October 2024)
  • 0.91-inch OLED Screen (November 2024)
Items relevant to "Highly versatile & accurate dot/bar 10-LED Bargraph":
  • 10-LED Bargraph PCB [04101181] (AUD $7.50)
  • 10-LED Bargraph Signal Processing PCB [04101182] (AUD $5.00)
  • 10-LED Bargraph PCB patterns (PDF download) [04101181/2] (Free)
Items relevant to "The Arduino Mega Box Music Player revisited":
  • Firmware (Arduino sketch) for the LC Meter (Mega Box) (Software, Free)
  • Firmware (Arduino sketch) for the VS1053 Music Player (Mega Box) (Software, Free)
  • Geeetech VS1053B MP3/audio shield for Arduino (Component, AUD $10.00)
  • Firmware (Arduino sketch) for the VS1053 Music Player (Mega Box) (Software, Free)
Articles in this series:
  • The Arduino MegaBox from Altronics (December 2017)
  • Arduino LC Meter Shield Kit (January 2018)
  • The Arduino Mega Box Music Player revisited (February 2018)
  • Altronics New MegaBox V2 Arduino prototyping system (December 2019)

Purchase a printed copy of this issue for $10.00.
SILICON SILIC CHIP www.siliconchip.com.au Publisher Leo Simpson, B.Bus., FAICD Yet another threat to surfing the net Derby Street, Silverwater, NSW 2148. Just as this issue was going to press, news broke about a number of related vulnerabilities in Intel and compatible CPUs. Known as “Spectre” and “Meltdown”, they allow untrusted programs to read sensitive data. These vulnerabilities exist in pretty much every desktop and laptop PC in use today and some tablets and phones may also be affected. And there’s a problem with the timing of this news because companies like Microsoft had hoped to release fixes before these problems became public knowledge. But now the cat is out of the bag. While it should be possible to change operating systems to prevent malware from exploiting these flaws, those changes are likely to degrade overall system performance. Some estimates are that this could slow down your computer as much as 30% but recent bulletins from companies like Apple suggest that this won’t be the case. So what can you do? Well, if you’re paranoid or dealing with top-secret information, you could stop using your computer until updates are available. However, at any given time, it’s virtually guaranteed that someone, somewhere knows about a flaw in your operating system (whether it’s Windows, Linux, Mac OS or something else) that could be exploited to access your private data. These do eventually come to light and eventually they are patched. But there may be a window of days, months or even years during which malicious parties can take advantage of them to create viruses, worms, trojans and other assorted nasties. Unless you become a hermit and live in a cave in the mountains, I’m not sure that you can ever be be completely safe from such flaws. You could keep a separate computer to use only for sensitive tasks (banking and so on), and keep it unplugged from the internet most of the time. That may not make you 100% safe but it would probably help. But you would still need to keep the software on that machine up-to-date. So why didn’t anybody discover Spectre or Meltdown before? Apparently these problems have existed in Intel CPUs as early as 1995 and possibly even earlier but they are quite subtle flaws and difficult to exploit. I do not think it’s very likely that we will see actual malware taking advantage of these, especially now that operating systems are being desperately patched. But I could be wrong. Explaining the actual mechanism behind these flaws is difficult for all but the most advanced programmers to understand. In brief, they take advantage of the fact that you can get the processor to execute instructions which occur after accessing restricted memory, even though that access will trigger a fault interrupt. This is due to the “speculative execution” mechanism built into modern CPUs in order to speed them up. While the CPU correctly discards the results of these invalid instructions, it still has to spend time executing them and by arranging for them to have a certain delay, then measuring that delay, it is possible to infer the contents of memory that a process does not actually have permission to access. That memory could belong to any process, including the kernel, and could contain sensitive data such as passwords. Researchers have created software which takes advantage of this to read normally inaccessible memory. However, as I said above, I still think (or is that hope?) it’s too difficult to use in actual malware. Time will tell if I am right. More than anything else, these revelations indicate just how easy it is for a potentially serious security flaw to escape notice for many years. For most people, the best they can do it make sure that their computer always has the latest updates – and don’t ever click on attachments in emails from people that you don’t know. ISSN 1030-2662 Recommended & maximum price only. Nicholas Vinen Editor Nicholas Vinen Technical Editor John Clarke, B.E.(Elec.) Technical Staff Ross Tester Jim Rowe, B.A., B.Sc Bao Smith, B.Sc Photography Ross Tester Reader Services Ann Morris Advertising Enquiries Glyn Smith Phone (02) 9939 3295 Mobile 0431 792 293 glyn<at>siliconchip.com.au Regular Contributors Dave Thompson David Maddison B.App.Sc. (Hons 1), PhD, Grad.Dip.Entr.Innov. Geoff Graham Associate Professor Graham Parslow Ian Batty Cartoonist Brendan Akhurst SILICON CHIP is published 12 times a year by Silicon Chip Publications Pty Ltd. ACN 003 205 490. ABN 49 003 205 490. All material is copyright ©. No part of this publication may be reproduced without the written consent of the publisher. Subscription rates: $105.00 per year in Australia. For overseas rates, see our website or the subscriptions page in this issue. Editorial office: Unit 1 (up ramp), 234 Harbord Rd, Brookvale, NSW 2100. Postal address: PO Box 139, Collaroy Beach, NSW 2097. Phone (02) 9939 3295. E-mail: silicon<at>siliconchip.com.au Printing and Distribution: 2 Editorial Viewpoint Silicon Chip Celebrating 30 Years siliconchip.com.au