This Week In Security: Microsoft Patches, Typosquatting Continues, And Code Signing For All

November 11, 2022 by Jonathan Bennett 3 Comments

The pair of Outlook vulnerabilities we’ve been tracking have finally been patched, along with another handful of fixes this Patch Tuesday, a total of six being 0-day exploits. The third vulnerability was also a 0-day, discovered by the Google Threat Analysis Group. This one resulted in arbitrary code execution when a Windows client connected to a malicious server.

A pair of escalation of privilege flaws were fixed, one being yet another print spooler issue, and the other part of a key handling service. The final zero-day fixed was a mark-of-the-web bypass, that being the tag that gets added to file metadata to indicate it’s a download from the internet. If you deliver malware inside an ISO or marked read-only in a zip file, it doesn’t show the warning when executing.

Will Typosquat For Bitcoin

A trend that doesn’t show signs of slowing down is Typosquatting, the simple malware distribution strategy of uploading tainted packages using misspelled variations of legitimate package names. The latest such scheme, discovered by researchers at Phylum, delivered a crypto-stealer in Python packages. These packages were hosted on PyPi, under names like baeutifulsoup4 and cryptograpyh. The packages install a JavaScript file that runs in the background of the browser, and monitors for a cryptocurrency address on the clipboard. When detected, the intended address is swapped for an attacker-controlled address. Continue reading “This Week In Security: Microsoft Patches, Typosquatting Continues, And Code Signing For All” →

Surface Mount Breathing Light PCB, using LM358 op-amp

Surface-Mount Light Breathes Life Into Your Project

November 11, 2022 by Dave Walker 13 Comments

If you’ve ever seen those gadgets with the “breathing light” LEDs on them and wondered how to do it, then [DIY GUY Chris] can show you how to design your own surface-mount version, using only analogue electronics.

Simulation trace showing the LED breathing light circuit operating. Traces for voltage and current are shown over a few seconds — The LED current tracks up and down in an approximately triangular-wave pattern

The circuit itself is built around a slow triangular-wave oscillator, that ramps the current up and down in the LEDs to make it look as if the lights are breathing in and out. The overall effect is rather pleasing, and the oscillation speed can be adjusted using the on-board potentiometer.

This project is actually an update to a previous version that used through-hole components (also shown in the video below), and goes to show that revisiting completed projects can give them a new lease of life. It also shows how easy it has become to design and order custom circuit boards these days. It’s not so long ago that a project like this would have been either made on stripboard or etched from copper-plated FR4 in a bubbling tank of acid!

If you have revisited an old project that you’re proud of and would like to show others, why not drop us a message on our tips line?

We have covered some other options for breathing LEDs in the past, such as this digital logic version, and this Arduino library that has a host of other effects to choose from, too. Continue reading “Surface-Mount Light Breathes Life Into Your Project” →

Oh Snap! 3D Printing Snapping Parts Without Breakage

November 11, 2022 by Al Williams 22 Comments

One of the great things about plastic is that it can be relatively flexible. We see things all the time that snap together, but when 3D printing, you don’t often run into snap fit designs. [Engineers Grow] has a video to help you design snap fittings that don’t break.

In the first video that you can see below, he covers three parameters that can help. The first is the length of the snap element. Secondly, the undercut size can be reduced. You can also try making the snap; as thin as possible, although in the example he went too thin and wound up breaking the snap anyway.

The final suggestion, covered in detail in the second video below, is to change the material you use. The key parameter is known as elongation at break. For PLA the typical value for this is 8%. ABS is 10%, PETG is 24% and Nylon is 100%. Simplistically, you could assume that a PETG piece could deform up to 25% before breaking. That may be true, but it will permanently deform long before that. The video suggests using 10 or 15% of the value to assure the part doesn’t lose its shape.

In the third video, you’ll learn, too, that print orientation counts. Making the hooks grow off the build plate leads to a weak hook as you might expect.

We’ve looked at the mechanics behind these before. You can find a lot of detailed technical data about joints, too.

Continue reading “Oh Snap! 3D Printing Snapping Parts Without Breakage” →