Day: March 21, 2025

Benchtop Haber-Bosch Makes Ammonia At Home

March 21, 2025 by 23 Comments

Humans weren’t the first organisms on this planet to figure out how to turn the abundance of nitrogen in the atmosphere into a chemically useful form; that honor goes to some microbes that learned how to make the most of the primordial soup they called home. But to our credit, once [Messrs. Haber and Bosch] figured out how to make ammonia from thin air, we really went gangbusters on it, to the tune of 8 million tons per year of the stuff.

While it’s not likely that [benchtop take on the Haber-Bosch process demonstrated by [Marb’s lab] will turn out more than the barest fraction of that, it’s still pretty cool to see the ammonia-making process executed in such an up close and personal way. The industrial version of Haber-Bosch uses heat, pressure, and catalysts to overcome the objections of diatomic  nitrogen to splitting apart and forming NH3; [Marb]’s version does much the same, albeit at tamer pressures.

[Marb]’s process starts with hydrogen made by dripping sulfuric acid onto zinc strips and drying it through a bed of silica gel. The dried hydrogen then makes its way into a quartz glass reaction tube, which is heated by a modified camp stove. Directly above the flame is a ceramic boat filled with catalyst, which is a mixture of aluminum oxide and iron powder; does that sound like the recipe for thermite to anyone else?

A vial of Berthelot’s reagent, which [Marb] used in his recent blood ammonia assay, indicates when ammonia is produced. To start a run, [Marb] first purges the apparatus with nitrogen, to prevent any hydrogen-related catastrophes. After starting the hydrogen generator and flaring off the excess, he heats up the catalyst bed and starts pushing pure nitrogen through the chamber. In short order the Berthelot reagent starts turning dark blue, indicating the production of ammonia.

It’s a great demonstration of the process, but what we like about it is the fantastic tips about building lab apparatus on the cheap. Particularly the idea of using hardware store pipe clamps to secure glassware; the mold-it-yourself silicone stoppers were cool too.

Continue reading “Benchtop Haber-Bosch Makes Ammonia At Home”

This Week In Security: The Github Supply Chain Attack, Ransomware Decryption, And Paragon

March 21, 2025 by 4 Comments

Last Friday Github saw a supply chain attack hidden in a popular Github Action. To understand this, we have to quickly cover Continuous Integration (CI) and Github Actions. CI essentially means automatic builds of a project. Time to make a release? CI run. A commit was pushed? CI run. For some projects, even pull requests trigger a CI run. It’s particularly handy when the project has a test suite that can be run inside the CI process.

Doing automated builds may sound straightforward, but the process includes checking out code, installing build dependencies, doing a build, determining if the build succeeded, and then uploading the results somewhere useful. Sometimes this even includes making commits to the repo itself, to increment a version number for instance. For each step there are different approaches and interesting quirks for every project. Github handles this by maintaining a marketplace of “actions”, many of which are community maintained. Those are reusable code snippets that handle many CI processes with just a few options.

One other element to understand is “secrets”. If a project release process ends with uploading to an AWS store, the process needs an access key. Github stores those secrets securely, and makes them available in Github Actions. Between the ability to make changes to the project itself, and the potential for leaking secrets, it suddenly becomes clear why it’s very important not to let untrusted code run inside the context of a Github Action.

And this brings us to what happened last Friday. One of those community maintained actions, tj-actions/changed-files, was modified to pull an obfuscated Python script and run it. That code dumps the memory of the Github runner process, looks for anything there tagged with isSecret, and writes those values out to the log. The log, that coincidentally, is world readable for public repositories, so printing secrets to the log exposes them for anyone that knows where to look.

Researchers at StepSecurity have been covering this, and have a simple search string to use: org:changeme tj-actions/changed-files Action. That just looks for any mention of the compromised action. It’s unclear whether the compromised action was embedded in any other popular actions. The recommendation is to search recent Github Action logs for any mention of changed-files, and start rotating secrets if present. Continue reading “This Week In Security: The Github Supply Chain Attack, Ransomware Decryption, And Paragon”

Aluminum Business Cards Make Viable PCB Stencils

March 21, 2025 by 25 Comments

[Mikey Sklar] had a problem—namely, running low on the brass material typically used for making PCB stencils. Thankfully, a replacement material was not hard to find. It turns out you can use aluminum business card blanks to make viable PCB stencils.

Why business card blanks? They’re cheap, for a start—maybe 15 cents each in quantity. They’re also the right thickness, at just 0.8 mm 0.18 mm, and they’re flat, unlike rolled materials that can tend to flip up when you’re trying to spread paste. They’re only good for small PCBs, of course, but for many applications, they’ll do just fine.

To cut these, you’ll probably want a laser cutter. [Mikey] was duly equipped in that regard already, which helped. Using a 20 watt fiber laser at a power of 80%, he was able to get nice accurate cuts for the stencils. Thanks to the small size of the PCBs in question, the stencils for three PCBs could be crammed on to a single card.

If you’re not happy with your existing PCB stencil material, you might like to try these aluminium blanks on for size. We’ve covered other stenciling topics before, too.

Continue reading “Aluminum Business Cards Make Viable PCB Stencils”

Cheap Endoscopic Camera Helps Automate Pressure Advance Calibration

March 21, 2025 by 27 Comments

The difference between 3D printing and good 3D printing comes down to attention to detail. There are so many settings and so many variables, each of which seems to impact the other to a degree that can make setting things up a maddening process. That makes anything that simplifies the process, such as this computer vision pressure advance attachment, a welcome addition to the printing toolchain.

If you haven’t run into the term “pressure advance” for FDM printing before, fear not; it’s pretty intuitive. It’s just a way to compensate for the elasticity of the molten plastic column in the extruder, which can cause variations in the amount of material deposited when the print head acceleration changes, such as at corners or when starting a new layer.

To automate his pressure advance calibration process, [Marius Wachtler] attached one of those dirt-cheap endoscope cameras to the print head of his modified Ender 3, pointing straight down and square with the bed. A test grid is printed in a corner of the bed, with each arm printed using a slightly different pressure advance setting. The camera takes a photo of the pattern, which is processed by computer vision to remove the background and measure the thickness of each line. The line with the least variation wins, and the pressure advance setting used to print that line is used for the rest of the print — no blubs, no blebs.

We’ve seen other pressure-advanced calibrators before, but we like this one because it seems so cheap and easy to put together. True, it does mean sending images off to the cloud for analysis, but that seems a small price to pay for the convenience. And [Marius] is hopeful that he’ll be able to run the model locally at some point; we’re looking forward to that.

Continue reading “Cheap Endoscopic Camera Helps Automate Pressure Advance Calibration”