Slider

4977 Articles

Ask Hackaday: Using CoPilot? Are You Entertained?

April 1, 2026 by 44 Comments

There’s a great debate these days about what the current crop of AI chatbots should and shouldn’t do for you. We aren’t wise enough to know the answer, but we were interested in hearing what is, apparently, Microsoft’s take on it. Looking at their terms of service for Copilot, we read in the original bold:

Copilot is for entertainment purposes only. It can make mistakes, and it may not work as intended. Don’t rely on Copilot for important advice. Use Copilot at your own risk.

While that’s good advice, we are pretty sure we’ve seen people use LLMs, including Copilot, for decidedly non-entertaining tasks. But, at least for now, if you are using Copilot for non-entertainment purposes, you are violating the terms of service.

Continue reading “Ask Hackaday: Using CoPilot? Are You Entertained?”

Solar Balconies Take Europe By Storm

March 31, 2026 by 138 Comments

Solar power has been around for a long time now. Once upon a time, it was mostly the preserve of research projects and large-scale municipal installations. Eventually, as the technology grew ever cheaper, rooftop solar came along, and cashed-up homeowners rushed to throw panels on their homes to slash their power bills and even make money in some cases.

Those in apartments or rented accommodations had largely been left out of the solar revolution. That was, until the advent of balcony solar. Popular in Germany, but little known in the rest of the world, the concept has brought home power generation to a larger market than ever.

Continue reading “Solar Balconies Take Europe By Storm”

Reflective pool of the Court of the Myrtles, looking north towards the Comares Tower. (Credit: Tuxyso, Wikimedia)

Medieval Alhambra’s Pulser Pump And Other Aquatic Marvels

March 30, 2026 by 6 Comments

Recently the Practical Engineering YouTube channel featured a functional recreation of a pump design that is presumed by some to have been used to pump water up to the medieval Alhambra palace and its fortress, located in what is today Spain. This so-called pulser pump design is notable for not featuring any moving parts, but the water pump was just one of many fascinating engineering achievements that made the Alhambra a truly unique place before the ravages of time had their way with it.

Although the engineering works were said to still have been functional in the 18th century, this pumping system and many other elements that existed at the peak of its existence had already vanished by the 19th century for a number of reasons. During this century a Spanish engineering professor, Cáceres, tried to reconstruct the mechanism as best as he could based on the left-over descriptions, but sadly we’ll likely never know for certain that it is what existed there.

Similarly, the speculated time-based fountain in the Court of the Lions and other elements are now forever lost to time, but we have plenty of theories on how all of this worked in a pre-industrial era.

Continue reading “Medieval Alhambra’s Pulser Pump And Other Aquatic Marvels”

Spy Tech: Conflicts Bring A New Number Station

March 30, 2026 by 19 Comments

If you know much about radios and espionage, you’ve probably encountered number stations. These are mysterious stations that read out groups of numbers or otherwise encoded messages to… well… someone. Most of the time, we don’t know who is receiving the messages. You’d be excused for thinking that this is an old technology. After all, satellite phones, the Internet, and a plethora of options now exist to allow the home base to send spies secret instructions. However, the current-day global conflict has seen at least one new number station appear, apparently associated with the United States and, presumably, targeting some recipients in Iran, according to priyom.org.

As you might expect, these stations don’t identify themselves, but the Enigma Control List names this one as V32. It broadcasts two two-hour blocks a day at 0200 UTC and a repeat at 1800 UTC. Each message starts with the Farsi word for “attention” followed by what is assumed to be some header information as two 5-digit groups. Then there is a set of 181 five-digit groups. Each message is padded out to take 20 minutes, and there are six messages in each transmission.

Continue reading “Spy Tech: Conflicts Bring A New Number Station”

This Week In Security: Second Verse, Worse Than The First

March 27, 2026 by 16 Comments

Isn’t there some claim events come in threes? After the extremely rare leak of the iOS Coruna exploit chain recently, now we have details from Google on a second significant exploit in the wild, dubbed Darksword.

Like Coruna, Darksword appears to have followed the path of government security contractors, to different government actors, to crypto stealer. It appears to focus on exploits already fixed in modern iOS releases, with most affecting iOS 18 and all patched by iOS 26.3.

Going from almost no public examples of modern iOS exploits to two in as many weeks is wild, so if mobile device security is of interest, be sure to check out the Google write-up.

Another FBI Router Warning

The second too early to be retro – but too important to ignore – repeat security item is a second alert by the FBI cautioning about end-of-life consumer network hardware under active exploitation, with the FBI tracking almost 400,000 device infections so far.

Like the warning two weeks ago, the FBI calls out a handful of consumer routers – but this time they’re devices that may actually still be service in some of our homes (or our less cutting edge friends and family), calling out devices from Netgear, TP-Link, D-Link, and Zyxel:

  • Netgear DGN2200v4 and AC1900 R700
  • TP-Link Archer C20, TL-WR840N, TL-WR849N, and WR841N
  • D-Link DIR-818LW, 850L, and 860L
  • Zyxel EMG6726-B10A, VMG1312-B10D, VMG1312-T20B, VMG3925-B10A, VMG3925-B10C, VMG4825-B10A, VMG4927-B50A, VMG8825-T50K

While many of these devices are over ten years old, they still support modern networking – some of them even supporting 802.11ac (also called Wi-Fi 5).  Unfortunately, since support has been ended by the manufacturers, publicly disclosed vulnerabilities have not been patched (and now never will be, officially) Continue reading “This Week In Security: Second Verse, Worse Than The First”

FLOSS Weekly Episode 867: Pangolin: People Can Lie

March 25, 2026 by No comments

This week Jonathan chats with Milo Schwartz about Pangolin, the Open Source tunneling solution. Why do we need something other than Wireguard, and how does Pangolin fix IoT and IT problems? And most importantly, how do you run your own self-hosted Pangolin install? Watch to find out!

Continue reading “FLOSS Weekly Episode 867: Pangolin: People Can Lie”

Retail Fail: The :CueCat Disaster

March 25, 2026 by 71 Comments

Digital Convergence Corporation is hardly a household name, and there’s a good reason for that. However, it raised about $185 million in investments around the year 2000 from companies such as Coca-Cola, Radio Shack, GE, E. W. Scripps, and the media giant Belo Corporation. So what did all these companies want, and why didn’t it catch on? If you are old enough, you might remember the :CueCat, but you probably thought it was Radio Shack’s disaster. They were simply investors.

The Big Idea

The :CueCat was a barcode scanner that, usually, plugged into a PC’s keyboard port (in those days, that was normally a PS/2 port). A special cable, often called a wedge, was like a Y-cable, allowing you to use your keyboard and the scanner on the same port. The scanner looked like a cat, of course.

However, the :CueCat was not just a generic barcode scanner. It was made to only scan “cues” which were to appear in catalogs, newspapers, and other publications. The idea was that you’d see something in an ad or a catalog, rush to your computer to scan the barcode, and be transported to the retailer’s website to learn more and complete the purchase.

The software could also listen using your sound card for special audio codes that would play on radio or TV commercials and then automatically pop up the associated webpage. So, a piece of software that was reading your keyboard, listening to your room audio at all times, and could inject keystrokes into your computer. What could go wrong?

Continue reading “Retail Fail: The :CueCat Disaster”