Two Factor Authentication Apps: Mistakes To Malware

May 17, 2023 by Elliot Williams 58 Comments

Everyone in security will tell you need two-factor authentication (2FA), and we agree. End of article? Nope. The devil, as always with security, is in the details. Case in point: in the last few weeks, none less than Google messed up with their Google Authenticator app. The security community screamed out loud, and while it’s not over yet, it looks like Google is on the way to fixing the issue.

Since 2FA has become a part of all of our lives – or at least it should – let’s take a quick dip into how it works, the many challenges of implementing 2FA correctly, what happened with Google Authenticator, and what options you’ve got to keep yourself safe online.

Continue reading “Two Factor Authentication Apps: Mistakes To Malware” →

Tools Of The Trade: Dirt Cheap Or Too Dirty?

May 13, 2023 by Elliot Williams 69 Comments

We’ve recently seen a couple reviews of a particularly cheap oscilloscope that, among other things, doesn’t meet its advertised specs. Actually, it’s not even close. It claims to be a 100 MHz scope, and it’s got around 30 MHz of bandwidth instead. If you bought it for higher frequency work, you’d have every right to be angry. But it’s also cheap enough that, if you were on a very tight budget, and you knew its limitations beforehand, you might be tempted to buy it anyway. Or so goes one rationale.

In principle, I’m of the “buy cheap, buy twice” mindset. Some tools, especially ones that you’re liable to use a lot, make it worth your while to save up for the good stuff. (And for myself, I would absolutely put an oscilloscope in that category.) The chances that you’ll outgrow or outlive the cheaper tool and end up buying the better one eventually makes the money spent on the cheaper tool simply wasted.

But that’s not always the case either, and that’s where you have to know yourself. If you’re only going to use it a couple times, and it’s not super critical, maybe it’s fine to get the cheap stuff. Or if you know you’re going to break it in the process of learning anyway, maybe it’s a shame to put the gold-plated version into your noob hands. Or maybe you simply don’t know if an oscilloscope is for you. It’s possible!

And you can mix and match. I just recently bought tools for changing our car’s tires. It included a dirt-cheap pneumatic jack and an expensive torque wrench. My logic? The jack is relatively easy to make functional, and the specs are so wildly in excess of what I need that even if it’s all lies, it’ll probably suffice. The torque wrench, on the other hand, is a bit of a precision instrument, and it’s pretty important that the bolts are socked up tight enough. I don’t want the wheels rolling off as I drive down the road.

Point is, I can see both sides of the argument. And in the specific case of the ’scope, the cheapo one can also be battery powered, which gives it a bit of a niche functionality when probing live-ground circuits. Still, if you’re marginally ’scope-curious, I’d say save up your pennies for something at least mid-market. (Rigol? Used Agilent or Tek?)

But isn’t it cool that we have so many choices? Where do you buy cheap? Where won’t you?

Supercon 2023 Is On, We Want You!

May 10, 2023 by Elliot Williams 15 Comments

We’re absolutely excited to be able to announce that the Hackaday Supercon is on for 2023, and will be taking place Nov 3 – Nov 5 in sunny Pasadena CA. And with that, we’d like to open the floodgates: we’d like to hear your proposals for talks and workshops! The Call for Speakers and Call for Workshops forms are online now, and you’ve got until July 18th to get yourself signed up.

Continue reading “Supercon 2023 Is On, We Want You!” →

The New Hotness

May 6, 2023 by Elliot Williams 35 Comments

If there’s one good thing to be said about the chip shortage of 2020-2023 (and counting!) it’s that a number of us were forced out of our ruts, and pushed to explore parts that we never would have otherwise. Or maybe it’s just me.

Back in the old times, I used to be a die-hard Atmel AVR fan for small projects, and an STM32 fan for anything larger. And I’ll freely admit, I got stuck in my ways. The incredible abundance of dev boards in the $2 range also helped keep me lazy. I had my thing, and I was fine sticking with it, admittedly due to the low price of those little blue pills.

And then came the drought, and like everyone else, my stockpile of microcontrollers started to dwindle. Replacements at $9 just weren’t an option, so I started looking around. And it’s with no small bit of shame that I’ll admit that I hadn’t been keeping up with the changes as much as I should have. Nowadays, it’s all ESP32s and RP2040s over here, and granted there’s a bit of a price bump, but the performance is there in abundance. But I can’t help feeling like I’m a few years back of the cutting edge.

So when I see work like what [CNLohr] and [Bitluni] are doing with the ultra-cheap CH32V003 microcontrollers, it makes me think that I need to start filling in gaps in my comfortable working-set of chips again. But how the heck am I supposed to keep up? And how do you? It took a global pandemic and silicon drought to force me out of my comfort zone last time. Can the simple allure of dirt-cheap chips get me out? We’ll see!

Thinking Inside The Box

April 29, 2023 by Elliot Williams 144 Comments

Last week, I wrote about NASA’s technology demonstrator projects, and how they’ve been runaway successes – both the Mars rovers and the current copter came from such experimental beginnings. I argued that letting some spirit of experimentation into an organization like NASA is probably very fruitful from time to time.

And then a few days later, we saw SpaceX blow up a rocket and completely shred its launch platform in the process. Or maybe it was the other way around, because it looks like the concrete thrown up by the exhaust may have run into the engines, causing the damage that would lead to the vehicle spinning out of control. SpaceX was already working on an alternative launch pad using water-cooled steel, but it ran what it had. They’re calling the mission a success because of what they learned, but it’s clearly a qualified success. They’ll rebuild and try again.

In comparison, the other US-funded rocket run by Boeing, the SLS suffered years of delays, cost tremendous amounts of money, and has half the lift of SpaceX’s Super Heavy. But it made it to space. Science was done, many of the CubeSats onboard got launched, the unmanned capsule orbited the moon, and splashed down safely back on earth. They weren’t particularly taking any big risks, but they got the job done.

The lore around SpaceX is that they’re failing forward to success. And it’s certainly true that they’ve got their Falcon 9 platform down to a routine, at a lower cost per launch than was ever before possible, and that their pace has entirely shaken up the conservative space industry. They’ll probably get there with their Starship / Super Heavy too. SLS was an old-school rocket, and they had boring old flame diverters on their launch pad, which means that SLS will never take off from Mars. On the other hand, one of the two systems has put a payload around the Moon.

Maybe there’s something to be said for thinking inside the box from time to time as well?

Hackaday Podcast 216: FETs, Fax, And Electrochemical Fab

April 28, 2023 by Elliot Williams 3 Comments

In this week’s podcast, non-brothers Elliot Williams and Al Williams talk about our favorite hacks of the week. Elliot’s got analog on the brain, courtesy of the ongoing Op Amp Contest, and Al is all about the retrocomputers, from a thrift-store treasure to an old, but still incredibly serviceable, voice synthesizer. Both agree that they love clever uses of mechanical parts and that nobody should fear the FET.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Download your own personal copy!

Continue reading “Hackaday Podcast 216: FETs, Fax, And Electrochemical Fab” →

The Freedom To Fail

April 22, 2023 by Elliot Williams 38 Comments

When you think of NASA, you think of high-stakes, high-cost, high-pressure engineering, and maybe the accompanying red tape. In comparison, the hobby hacker has a tremendous latitude to mess up, dream big, and generally follow one’s bliss. Hopefully you’ll take some notes. And as always with polar extremes, the really fertile ground lies in the middle.

[Dan Maloney] and I were thinking about this yesterday while discussing the 50th flight of Ingenuity, the Mars helicopter. Ingenuity is a tech demo, carrying nothing mission critical, but just trying to figure out if you could fly around on Mars. It was planned to run for five flights, and now it’s done 50.

The last big tech demo was the Sojourner Rover. It was a small robotic vehicle the size of a microwave oven that they hoped would last seven days. It went for 85, and it gave NASA the first taste of success it needed to follow on with 20 years of Martian rovers.

Both of these projects were cheap, by NASA standards, and because they were technical demonstrators, the development teams were allowed significantly more design freedom, again by NASA standards.

None of this compares to the “heck I’ll just hot-air an op-amp off an old project” of weekend hacking around here, but I absolutely believe that a part of the tremendous success of both Sojourner and Ingenuity were due to the risks that the development teams were allowed to take. Creativity and successful design thrives on the right blend of constraint and freedom.

Will Ingenuity give birth to a long series of flying planetary rovers as Sojourner did for her rocker-bogie based descendants? Too early to tell. But I certainly hope that someone within NASA is noticing the high impact that these technical demonstrator projects have, and also noting why. The addition of a little bit of hacker spirit to match NASA’s professionalism probably goes a long way.