Day: August 1, 2016

From Shop Floor Dust To Carbon Steel

August 1, 2016 by 15 Comments

[Chandler Dickinson] did his monthly sweep of the floor in his blacksmith’s shop when it occurred to him that all that metal dust had to go somewhere, didn’t it? So he did the only reasonable thing and made a crude foundry out of cinder blocks, melted his dirt in it, and examined what came out the other end.

His first step was to “pan” for steel. He rinsed all the dirt in a bucket of water and then ran a magnet at the bottom of the bucket. The material that stuck to the magnet, was ripe for reclaimation.

Next he spent a few hours charging a cinderblock foundry with coal and his iron dust. The cinderblocks cracked from the heat, but at the end he had a few very ugly brittle rocks that stuck to a magnet.

Of course there’s a solution to this non-homogenous steel. As every culture with crappy steel eventually discovered, you can get really good steel if you just fold it over and over again.  So he spend some time hammering one of his ugly rocks and folding it a bit. He didn’t get to two hundred folds, but it was enough to show that the resulting slag was indeed usable iron.

He did a deeper examination of the steel last week, going as far as to etch it, after discovering that the metal sparked completely differently when sanded on one side versus the other. It definitely needed work, but all seemed to have worked in the end.

Continue reading “From Shop Floor Dust To Carbon Steel”

Firearm Tech – Are Smart Guns Even Realistic?

August 1, 2016 by 304 Comments

At frustratingly regular intervals, the debate around gun control crops up, and every time there is a discussion about smart guns. The general idea is to have a gun that will not fire unless authenticated and authorized. There’s usually a story about a young person who invents a smart controller and another company that is struggling because they just can’t get “Big Guns” to buy into the idea. We aren’t going to focus on the politics; we’re going to look at whether the technology is realistic, and why a lot of the news stories about new tech never pan out.

Let’s start with an example of modern technology creeping into established machines: the car. These are giant hunks of metal with nearly constant explosions, controlled by sophisticated electronics that are getting smarter and more connected every day. Industry is adopting it with alacrity, and the vehicles are getting more efficient and powerful because of it. So why can’t firearms?

Continue reading “Firearm Tech – Are Smart Guns Even Realistic?”

The Most Useless Book Scanner

August 1, 2016 by 9 Comments

How do artificial intelligences get so intelligent? The same way we do, they get a library card and head on over to read up on their favorite topics. Or at least that’s the joke that [Jakob Werner] is playing with in his automaton art piece, “A Machine Learning” (Google translated here).

Simulating a reading machine, a pair of eyeballs on stalks scan left-right and slowly work their way down the page as another arm swings around and flips to the next one. It’s all done with hand-crafted wooden gears, in contrast to the high-tech subject matter. It’s an art piece, and you can tell that [Jakob] has paid attention to how it looks. (The all-wooden rollers are sweet.) But it’s also a “useless machine” with a punch-line.

Is it a Turing test? How can we tell that the machine isn’t reading? What about “real” AIs? Are they learning or do they just seem to be? OK, Google’s DeepMind is made of silicon and electricity instead of wood, but does that actually change anything? It’s art, so you get license to think crazy thoughts like this.

We’ve covered a few, less conceptual, useless machines here. Here is one of our favorite. Don’t hesitate to peruse them all.

LastPass Happily Forfeits Passwords To Simple Javascript

August 1, 2016 by 37 Comments

Lastpass is a great piece of software when it comes to convenience, but a recent simple hack shows just how insecure software like it can be. [Mathias Karlsson] nabbed a nice $1000 bounty for its discovery.

Lastpass’s auto-fill works by injecting some html into the website you’re visiting. It runs a bit of Javascript to parse the URL. However, the parsing script was laughably vague. By changing the URL of the page, inserting a few meaningless-to-the server slugs into the URL, an attacker could get Lastpass to give it a password and username combo for any website.

The discussion in the HackerNews comment section more-or-less unilaterally agreed that most systems like this have their glaring flaws, but that the overall benefits of having secure passwords generated and managed by software was still worth the risk when compared to having a few commonly reused passwords over multiple sites.

One could get a more secure key manager by using software like KeePass, but it’s missing some of the convenience factor of remote-based services and relies on a user protecting their key files adequately.

Still, as scary as they are, openly discussing hacks like this after responsible disclosure is good because they force companies like Lastpass, who have some very big name clients, to take their code review and transparency more seriously.