Author: Dan Maloney

3211 Articles

Hackaday Prize 2023: Sleek Macro Pad Makes 2FA A Little Easier

June 20, 2023 by 1 Comment

We all know the drill when it comes to online security — something you know, and something you have. But when the “something you have” is a two-factor token in a keyfob at the bottom of a backpack, or an app on your phone that’s buried several swipes and taps deep, inconvenience can stand in the way of adding that second level of security. Thankfully, this “2FA Sidecar” is the perfect way to lower the barrier to using two-factor authentication.

That’s especially true for a heavy 2FA user like [Matt Perkins], who typically needs to log in and out of multiple 2FA-protected networks during his workday. His Sidecar is similar in design to many of the macro pads we’ve seen, with a row of Cherry MX key switches, a tiny TFT display — part of an ESP32-S3 Reverse TFT Feather — and a USB HID interface. Pressing one of the five keys on the pad generates a new time-based one-time password (TOTP) and sends it over USB as typed keyboard characters; the TOTP is also displayed on the TFT if you prefer to type it in yourself.

As for security, [Matt] took pains to keep things as tight as possible. The ESP32 only connects to network services to keep the time synced up for proper TOTP generation, and to serve up a simple web configuration page so that you can type in the TOTP salts and service name to associate with each key. He also discusses the possibility of protecting the ESP32’s flash memory by burning the e-fuses, as well as the pros and cons of that maneuver. The video below shows the finished project in action.

This is definitely a “use at your own risk” proposition, but we tend to think that in the right physical environment, anything that makes 2FA more convenient is probably a security win. If you need to brush up on the risks and benefits of 2FA, you should probably start here.

Continue reading “Hackaday Prize 2023: Sleek Macro Pad Makes 2FA A Little Easier”

DIY Picosatellites Hack Chat

June 19, 2023 by 10 Comments

Join us on Wednesday, June 21 at noon Pacific for the DIY Picosatellites Hack Chat with Nathaniel Evry!

Building a satellite and putting it in orbit was until very recently something only a nation had the resources to accomplish, and even then only a select few. Oh sure, there were a few amateur satellites that somehow managed to get built on a shoestring budget and hitch a ride into space, and while their stories are deservedly the stuff of legends, satellite construction took a very long time to be democratized.

Fast forward a half-dozen or so decades, and things have changed dramatically. Satellite launches are still complex affairs — it’s still rocket science, after all — but the advent of the CubeSat format and the increased tempo of launches, both national and commercial, has pushed the barriers to private, low-budget launches way, way down. So much so, in fact, that the phrase “space startup” is no longer something to snicker about.

join-hack-chatOne such group of space entrepreneurs is Quub, Inc., a small company in Lancaster, Pennsylvania which is looking to build and fly a constellation of microsatellites to monitor Earth’s environment in real-time. They’re building sats and signing launch deals using consumer-grade technology and modularized construction, and we’re lucky enough to have Nathaniel Evry, their Chief Research Officer, stop by the Hack Chat. If you’ve ever wondered what it takes to build hardware that can stand the rigors of launch and then perform a task in space, you’ll want to tune in for this one.

Our Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, June 21 at 12:00 PM Pacific time. If time zones have you tied up, we have a handy time zone converter. Click that speech bubble to the right, and you’ll be taken directly to the Hack Chat group on Hackaday.io. You don’t have to wait until Wednesday; join whenever you want and you can see what the community is talking about.

Hackaday Links Column Banner

Hackaday Links: June 18, 2023

June 18, 2023 by 19 Comments

Will it or won’t it? That’s the question much on the minds of astronomers, astrophysicists, and the astro-adjacent this week as Betelgeuse continued its pattern of mysterious behavior that might portend a supernova sometime soon. You’ll recall that the red giant star in the constellation Orion went through a “great dimming” event back in 2019, where its brightness dipped to 60% of its normal intensity. That was taken as a sign that perhaps the star was getting ready to explode — or rather, that the light from whatever happened to the star 548 years ago finally reached us — and was much anticipated by skywatchers, yours truly included. As it turned out, the dimming was likely caused by Betelgeuse belching forth an immense plume of dust, temporarily obscuring our view of its light. Disappointing.

Those who gave up on the hope of seeing a supernova might have done so too fast, though, because now, the star seems to be swinging the other way and brightening. It briefly became the brightest star in Orion, nearly outshining nearby Sirius, the brightest star in the sky. So what does all this on-again, off-again business mean? According to Dr. Becky, a new study — not yet peer-reviewed, so proceed with caution — suggests that the star could go supernova in the next few decades. The evidence for this is completely unrelated to the great dimming event, but by analyzing the star’s long history of variable brightness. The data suggest that Betelgeuse has entered the carbon fusion phase of its life, a period that only lasts on the scale of a hundred years for a star that size. So we could be in for the ultimate fireworks show, which would leave us with a star brighter than the full moon that’s visible even in daylight. And who doesn’t want to see something like that?

Continue reading “Hackaday Links: June 18, 2023”

Hackaday Podcast 223: Smoking Smart Meter, 489 Megapixels, And Unshredding Documents

June 16, 2023 by 10 Comments

Elliot’s back from vacation, and Dan stepped into the virtual podcast studio with him to uncover all the hacks he missed while hiking in Italy. There was a lot to miss, what with a smart meter getting snuffed by a Flipper Zero — or was it? How about a half-gigapixel camera built out of an old scanner, or a sonar-aimed turret gun? We also looked at a couple of projects that did things the hard way, like a TV test pattern generator that was clearly a labor of love, and an all-transistor HP frequency counter. More plastic welding? Hey, a fix is a fix! Plus, we’ll dive into why all those Alexas are just gathering dust, and look at the really, REALLY hard problems involved in restoring shredded documents.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Download a long series of ones and zeroes that, when appropriately interpreted, sound like two people talking about nerdy stuff!

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 223: Smoking Smart Meter, 489 Megapixels, And Unshredding Documents”

Persistence Pays In TI-99/4A Cassette Tape Data Recovery

June 16, 2023 by 11 Comments

In the three or four decades since storing programs on audio cassettes has been relevant, a lot of irreplaceable personal computing history has been lost to the ravages of time and the sub-optimal conditions in the attics and basements where tapes have been stored. Luckily, over that time we’ve developed a lot of tools and techniques that might make it possible to recover some of these ancient treasures. But as [Noel] shows us, recovering data from cassette tapes is a tricky business.

His case study for the video below is a tape from a TI-99/4A that won’t load. A quick look in Audacity at the audio waveform seems to show the problem — an area of severely attenuated signal. Unfortunately, no amount of boosting and filtering did the trick, so [Noel] had to dig a bit deeper. It turns out that the TI tape interface standard, with its redundant data structure, was somewhat to blame for the inability to read this particular tape. As [Noel] explains, each 64-bit data record is recorded to tape twice, along with a header and a checksum. If neither record decodes correctly, then tape playback just stops.

Luckily, someone who had already run into this problem spun up a Windows program to help. CS1er — our guess would be “Ceaser” — takes WAV file input and loads each record, simply flagging the bad ones instead of just bailing out. [Noel] used the program to analyze multiple recordings of the same data and eventually got enough good records to reassemble the original program, a game called Dogfight — or was it Gogfight? Either way, he managed to get most of the data off the tape, and since it was a BASIC program, it was pretty easy to figure out the missing bytes by inspection.

[Noel]’s experience will no doubt be music to the ears of the TI aficionados out there. Of which we’ve seen plenty, from the TI-99 demoscene to running Java on one, and whatever this magnificent thing is.

Continue reading “Persistence Pays In TI-99/4A Cassette Tape Data Recovery”

Retrotechtacular: Circuit Potting, And PCBs The Hard Way

June 15, 2023 by 8 Comments

There was a time when the very idea of building a complex circuit with the intention of destroying it would have been anathema to any electrical engineer. The work put into designing a circuit, procuring the components, and assembling it, generally with point-to-point wiring and an extravagant amount of manual labor, only to blow it up? Heresy!

But, such are the demands of national defense, and as weapons morphed into “weapon systems” after World War II, the need arose for electronics that were not only cheap enough to blow up but also tough enough to survive the often rough ride before the final bang. The short film below, simply titled Potted and Printed Circuits, details the state of the art in miniaturization and modularization of electronics, circa 1952. It was produced by the Telecommunications Research Establishment (TRE), the main electronics R&D entity in the UK during the war which was responsible for inventions such as radar, radio navigation, and jamming technology.

Continue reading “Retrotechtacular: Circuit Potting, And PCBs The Hard Way”

Flipper Zero “Smoking” A Smart Meter Is A Bad Look For Hardware Hackers

June 14, 2023 by 126 Comments

Alright, we’re calling it — we need a pejorative equivalent to “script kiddie” to describe someone using a Flipper Zero for annoyingly malign purposes. If you need an example, check out the apparent smart meter snuff video below.

The video was posted by [Peter Fairlie], who we assume is the operator of the Flipper Zero pictured. The hapless target smart meter is repeatedly switched on and off with the Flipper — some smart meters have contactors built in so that service can be disconnected remotely for non-payment or in emergencies — which rapidly starts and stops a nearby AC compressor. Eventually, the meter releases a puff of Magic Smoke, filling its transparent enclosure and obscuring the display. The Flipper’s operator mutters a few expletives at the results, but continues turning the meter on and off even more rapidly before eventually running away from the scene of the crime.

We qualify this as “apparent” because the minute we saw this over on RTL-SDR.com, we reached out to reverse engineer par excellence and smart meter aficionado [Hash] for an opinion. Spoiler alert: [Hash] thinks it’s an elaborate hoax; the debunking starts at the 4:32 mark in the second video below. The most damning evidence is that the model of smart meter shown in the video doesn’t even have a disconnect, so whatever [Peter] is controlling with the Flipper, it ain’t the meter. Also, [Hash] figured out where [Peter] lives — he doxxed himself in a previous video — and not only does the meter shown in the video not belong to the Canadian power company serving the house, StreetView shows that there’s a second meter, suggesting that this meter may have been set up specifically for the lulz.

It should go without saying that Hackaday is about as supportive of hardware experimentation as an organization can be. But there have to be some boundaries, and even if this particular video turns out to be a hoax, it clearly steps over the line. Stuff like this paints a poor picture of what hardware hacking is all about, and leads to unintended consequences that make it harder for all of us to get the tools we need.

Continue reading “Flipper Zero “Smoking” A Smart Meter Is A Bad Look For Hardware Hackers”