Had to try it… but I really don’t want to provision and install Windows 10 preview bits on a real PC just to burn an image to a Flash drive.

Thanks to this post, someone figured out how to do it using just a few DLL’s from the Windows 10 install ISO. Downloading it at home would take forever, so got creative and downloaded it on a machine on a fast connection, Dropbox’d the relevant bits over to myself, and bam! Windows 10 Raspberry Pi image. Happy to report it works on Windows 8 just as nicely. Just view the \sources folder on the ISO and just copy all of the files (no subfolders) that are below 15MB in size to somewhere on your local disk. Then throw the flash.ffu file in there and you’re ready to rock.

image

The flashing process looks like this:

image

After successful flash, the SD card looks like this:

image

Done!

16

A few days ago, Scott Hanselman bought a $599 consumer 3D printer on Amazon. He then went on to share the next 16 hours worth of elation, frustration, moments of success and suicidal thoughts that go along with learning 3D printing on consumer hardware and open source tools.

My experience was even worse than his – as a company, we bought into the idea that $1000 worth of 3D printing machine should immediately bring us into the 3D manufacturing revolution. Months later, walking in to yet another night where the MakerBot printer had freaked out and spewed a massive tangle of spider-webby filament balls all over the floor, I was fully convinced that 3D printing, as an concept and industry, was a complete and useless pile of crap. We got 1 successful part for every 5 tries. We bought every kind of add-on available to heat up build plates, printed fan and enclosure mods, with some magic combination of painter’s tape and AquaNet hair spray being the only things that occasionally worked. Before writing it off altogether, we invested in the next level of equipment that held promise, and now work with a basic, professional-grade printer. We spent way more on payroll for someone to sit around and dink with the printer than we did on buying the professional printer. I made a rule that if anyone ever purchased any printer, part, or accessory from MakerBot ever again they would be immediately terminated. That was 2 years ago.

With that said, I challenged Scott to a Pro vs. Consumer 3D printing shootout – our Stratasys uPrint vs. his Simple Metal, to see the good, the bad, and the ugly of each approach, and find out how we compare on each side of the spectrum. We gave it one shot, no do-overs, using only the printer and the software that came with it, for honest comparison.

This blog post represents our “Pro” side of the experience. Open Scott’s side in another tab and compare.

The Model

We each printed the same model from the same source – a coffee cup .STL from Thingiverse, available here. (For the uninitiated, a .STL file to a 3D printer is more or less like a .PDF to your laserjet office printer.) It’s not a super crazy shape, but at the same time requires a bit of support with curved surfaces – about what the “average” 3D print would be.

The Setup/Costs – Stratasys uPrint SE Pro

This is the bad news on our side – you get what you pay for. Stratasys makes the uPrint SE Pro as one of their entry level, professional grade models. It prints a single color at a time, with a single type of material (ABS). To duplicate our setup for this print, you would need the following:

uPrint SE Pro Printer and Dissolving Bath – about $22,000

1 Spool of Model Material (Black) – $205.00 (produces 42 cubic inches of printing)

1 Spool of Support Material – $200.00 (42 cubic inches worth)

Box of Build Plates – $125.00 for 24 (you need one for each print, so it costs about $5.20/each)

Soluble Concentrate – $149.00 for 12 bottles (dissolves support material, aka fancy drain-O)

Warranty Support – $2,000/year – because it does break from time to time.

Add a little bit of shipping, and for a mere $25K you’re ready to print your very own coffee cup.

Setting Up – Hardware

The good news is, all of our supplies come from the manufacturer of the printer – so the major plus on the “Pro” side is that everything works together.

First, we take a build plate out of the box.

Photo Jan 30, 1 52 50 PMPhoto Jan 30, 1 53 00 PM

They are plastic and have a texture on them that is magic, because it sticks to 3D material once and cannot be reused. If we are printing something small, then sometimes we can use one corner of the build plate for one print, then another corner later, but it just depends on the day.

The build plate snaps into place on a platform that is extremely solid – Stratasys seems to over-engineer their hardware, which is nice.

Photo Jan 30, 1 53 08 PMAnim_LoadBuildPlate

Next, printers need material, so we load both the model material (what our print will actually be made of), and the support material (what the printer uses as filler to support overhanging surfaces, and gets dissolved later).

It comes in a “space bag” and gets loaded into a cartridge.

Photo Jan 30, 1 48 54 PMPhoto Jan 30, 1 48 59 PMPhoto Jan 30, 2 22 57 PM

Look closely – you see that little red thing?

Photo Jan 30, 2 23 26 PM

That piece acts as a flow-meter for your material spool, and tracks how much material you have left.

Photo Jan 30, 2 23 19 PM

Unfortunately, this is what I call the “DRM” of 3D printing. This little module makes sure that you are using a Stratasys material spool, and not material from other vendors. It’s one-way and cannot be “rewound”, so you can sometimes end up with a bit of material left over and the module thinks you’re already done, thus rendering the extra material unusable.

Aside from that, we load the spools, which is a matter of sliding them in and pressing “Load” on the printer panel.

Photo Jan 30, 2 23 37 PMAnim_LoadMaterialBayAnim_LoadModel

Now we’re ready to do some printing!

I tried to get a great “action shot” timelapse of the print by taping a GoPro to the inside of the door. It’s a little tight in there, so I cut the handle off the build plate to make room for it.

Photo Jan 30, 2 21 39 PM

That worked great until the printer heated up, the tape turned to goo and fell off, and the GoPro shut itself down at 125 degrees F. So I had to settle for a GoPro shot outside the door instead.

Photo Jan 30, 2 41 46 PM

Setting Up – Software

With this type of printer, you work with Stratays’s “Catalyst” software. Again, everything just works together – no mucking around with config’s and jumping through multiple tools, which is nice.

  1. Download the .STL from Thingiverse.
    01_ThingiverseDL
  2. Add the .STL to Catalyst.
    04_CatalystInitialImport
  3. Press “Auto Orient” and “Add to Pack”, progress bars fly and magic happens. (Really, software is just calculating the most efficient way to print it, where the coffee cup needs supports and so forth.)
    06_CatalystAutoOrient
  4. Drag it to position it on the build plate where I want it to print.08_AddToPack
  5. Send/queue the print to the printer.
  6. Hit the blinking “Start Model” button on the printer’s front panel.Photo Jan 30, 2 42 55 PM09_CatalystStatus

Printing

I hit print and walked away. The printer tells me % complete and time remaining (7 hours and 29 minutes) and is also monitored in the Catalyst software.

Photo Jan 30, 3 39 11 PMPhoto Jan 30, 5 59 11 PM

The printer is very conscious of interrupting airflow, so a magnetic latch engages and prevents us stupid humans from opening the door mid-print, without the software’s permission.

This print ultimately took 8 hours, 22 minutes, at 0.1mm resolution, used 4.84 cubic inches of model material, and 0.433 cubic inches of support material.

Dissolving

Out pops our 3D printed coffee cup!

Photo Feb 02, 11 32 09 AMPhoto Feb 02, 11 32 54 AMAnim_RemoveCup

You can see the model material (in black) and the support material (in white). The white has to disappear, so to do that, we dunk the whole thing in a hot bath.

Photo Feb 02, 11 34 31 AMPhoto Feb 02, 11 34 45 AMAnim_InBath

The bath comes with, and is considered part of the printer. It’s a highly concentrated liquid (resembles Drain-O) mixed with water. We have to change it out every month or so. This unit heats up the liquid, and has a hot-tub style jet inside to keep a continuous flow of water over the part. We use big rubber gloves to prevent contact with this solution on bare skin.

All Done

We lift the container out of the bath, and what remains is our coffee cup and build plate without support material.

Photo Feb 02, 3 32 48 PMAnim_BathOut

A quick rinse, and we’re ready for coffee.

Photo Feb 02, 3 38 17 PMPhoto Feb 02, 3 38 10 PM

Cost of a Coffee Cup

In direct costs, we used $23.62 in model material, $2.06 in support material, and $5.20 build plate, for a total of $30.88. We have a fancy spreadsheet that calculates our total cost (printer cost over its lifespan, average reusable supplies based on our normal print volume), and our average cost per cubic inch of model printed is about $11.80. So if a customer asked us to print this coffee cup, it would run about $58.00.

On to Scott for the conclusion…

What does the end-result look like in cost/value/process? Was Scott able to print it in one shot without drama, or did 3D printer parts and a tangled mess of open-source bits come flying out of the nearest window in a fit of rage? How close are consumer printers to competing with professional printers in ultimate time and value?

We shipped Scott our version of the coffee cup, and he tallied the final scores. See what he had to say…

It’s been an interesting past few days. As you can probably tell from the counters at http://shellshock.brandonpotter.com, the vulnerability test tool logs some statistical information.

When the tool sends a HTTP request, it contains a special URL that, if successful, lets us know that the bash command was executed on the remote system, and via which type of HTTP header embed was successful in executing the command.

At the time of this post, a little over 121,000 tests have been run, representing approximately 88,000 unique hosts. The vast majority of systems have not been affected in a way that this tool detects. Last week, it was around 8% of systems, and as of today that number has dropped closer to 6% and continues to drop. Here is the breakdown of vulnerabilities that the tool has found:

  • 35% – Cookie Attack – These sites were susceptible to a bash command embedded in a Cookie HTTP header.
  • 33% – Referer Attack – Bash command embedded in a Referer HTTP header.
  • 32% – User-Agent Attack – Bash command embedded in a User-Agent header.

So, it’s roughly evenly distributed across HTTP headers, but Cookie is the most vulnerable by a few points.

The test tool also uses a few different commands, since it depends on wget or curl and these may be located in different locations. /usr/bin/wget is by far the most successful, with 52% of the vulnerabilities identified through it. (Not that this matters, since most intentional attacks would likely focus on doing something a little more evil than wget’ing a URL, but it has been interesting to see which worked.)

Note: Keep in mind that this is a HTTP test tool only, and while HTTP is the easiest and most open attack point to your servers, it is not necessarily the only way this can be exploited if you didn’t patch. For the test tool to find a vulnerability, you must have a vulnerable Bash shell, in addition to a CGI script / environment running on your web server that calls Bash to do something.

On a different, more mildly interesting note of how folks are testing their junk…

There is a disclaimer that the test tool should only be used on your own sites. Of the crazy people, the misfits, the rebels, the troublemakers:

  • 695 people have tested google.com – fear not, they have things under control over there now.
  • 259 people have tested facebook.com – uncle Mark would be proud.
  • 155 people have tested shellshock.brandonpotter.com (y’all think you’re funny)
  • 75 people have tested 127.0.0.1 (again this is why we can’t have nice things)

A few of the popular sites have been blocked now, since it’s just a waste of resources at this point testing them over and over. I’m no fun.

Looking through the web logs, honorable mention goes to the good people testing these “sites”…

  • -1 or 1=1 and (select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
  • 1' || (select dbms_pipe.receive_message((chr(95)||chr(33)||chr(64)||chr(51)||chr(100)||chr(105)||chr(108)||chr(101)||chr(109)||chr(109)||chr(97)),25) from dual) || '
  • (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns)