Day: April 3, 2026

This Week In Security: The Supply Chain Has Problems

April 3, 2026 by 7 Comments

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project.

Axios was created as a more developer-friendly Javascript HTTP interface for node.js, giving a promise-based API instead of the basic callback API. (Promise-based programming allows for simpler coding workflows, where a program can wait for a promise to be fulfilled, instead of the developer having to manage the state of every request manually.) Javascript has since provided a modern Fetch API that provides similar functionality, but Axios remains one of the most popular packages on the node.js NPM repository, with 100 million weekly downloads.

The lead developer of Axios believes he was compromised by a collaboration request – a common tactic for phishing specific targets: a project for an IDE like VS Code can include code that executes on the developers system when the project is run. Even outside a traditional IDE, common development tools like configure scripts and makefiles can easily run commands.

Socket.dev breaks down the attack in detail. Once the attackers had credentials to publish to the Axios NPM, they inserted malware as a new dependency to Axios, instead of modifying Axios itself. This likely helped the attack bypass other security checkers. The dependency – plain-crypto-js – is itself simply a copy of a popular encryption utility library, but one which executes additional code during the post-installation process available to all NPM packages. Continue reading “This Week In Security: The Supply Chain Has Problems”

DC In The Data Center For A More Efficient Future

April 3, 2026 by 45 Comments

If you own a computer that’s not mobile, it’s almost certain that it will receive its power in some form from a mains wall outlet. Whether it’s 230 V at 50 Hz or 120 V at 60 Hz, where once there might have been a transformer and a rectifier there’s now a switch-mode power supply that delivers low voltage DC to your machine. It’s a system that’s efficient and works well on the desktop, but in the data center even its efficiency is starting to be insufficient. IEEE Spectrum has a look at newer data centers that are moving towards DC power distribution, raising some interesting points which bear a closer look.

A traditional data center has many computers which in power terms aren’t much different from your machine at home. They get their mains power at distribution voltage — probably 33 KV AC where this is being written — they bring it down to a more normal mains voltage with a transformer just like the one on your street, and then they feed a battery-backed uninterruptible Power Supply (UPS) that converts from AC to DC, and then back again to AC. The AC then snakes around the data center from rack to rack, and inside each computer there’s another rectifier and switch-mode power supply to make the low voltage DC the computer uses.

The increasing demands of data centers full of GPUs for AI processing have raised power consumption to the extent that all these conversion steps now cost a significant amount of wasted power. The new idea is to convert once to DC (at a rather scary 800 volts) and distribute it direct to the cabinet where the computer uses a more efficient switch mode converter to reach the voltages it needs.

It’s an attractive idea not just for the data center. We’ve mused on similar ideas in the past and even celebrated a solution at the local level. But given the potential ecological impact of these data centers, it’s a little hard to get excited about the idea in this context. The fourth of our rules for the responsible use of a new technology comes in to play. Fortunately we think that both an inevitable cooling of the current AI hype and a Moore’s Law driven move towards locally-run LLMs may go some way towards solving that problem on its own.

header image: Christopher Bowns, CC BY-SA 2.0.

Chicken Coop Door Performs In Harsh Environment

April 3, 2026 by 22 Comments

One of the pitfalls of modern engineering is that it’s entirely possible to end up in a situation where a product or solution has been designed by someone who has never left a desk. Which wouldn’t be a problem if things didn’t have a tendency to work differently in real life than they do in theory.

One of those things is automatic chicken coop doors, which have to operate reliably in not only a wide range of climates but with a number of possible physical limitations as well. [Vinnie] has taken on the challenge of building one which actually accomplishes all of these tasks, after realizing that the off-the-shelf solutions were victims of design over practicality.

[Vinnie] designed this door to be operated by the one thing that’s always 100% reliable: gravity. A linear actuator lifts the door at the beginning of the day, and then at night it’s allowed to fall back down in its track. A latch secures it against smarter intruders like raccoons. [Vinnie] has found that this lifting mechanism holds up much better in mud, snow, ice, and other difficult conditions than any other method he’s tried so far.

The system is built around a ATmega1284P, and calculates the sunrise and sunset times each day to know when to open or close the door. He’s built the system as a state machine which makes it more robust during power outages, which is a necessity since his chicken coop is mobile and is frequently out of range of WiFi and is battery powered.

The approach [Vinnie] takes to automation is something that has application outside of his own farmstead. Using state machines instead of schedules, ensuring the design is as simple as possible and works within its environment, and minimizing reliance on electric and data infrastructure can go a long way to solving problems that might not appear when designing something on paper.

He’s been automating many other things on his farm as well, and it’s worth checking it out if you haven’t seen it already.