Author: Maya Posch

1399 Articles

Building A PV Solar-Powered Quadcopter

November 1, 2025 by 31 Comments
The solar-powered quadcopter from below. (Credit: Luke Maximo Bell)
The solar-powered quadcopter from below. (Credit: Luke Maximo Bell)

One of the most frustrating parts about flying a quadcopter is having to regularly swap battery packs, as this massively limits what you can do with said quadcopter, never mind its effective range. Obviously, having the sun power said quadcopter during a nice sunny day would be a much better experience, but how workable is this really? While airplanes have used solar power to stay aloft practically indefinitely, a quadcopter needs significantly more power, so is it even possible? Recently, [Luke Maximo Bell] set out to give it a whirl.

His quadcopter build uses a large but very lightweight carbon fiber frame, with large 18″ propellers. This provides the required space and lift for the solar panel array, which uses 27 razor-thin panels in a 9×3 grid configuration supported by a lightweight support frame.

Due to the lightweight construction, the resulting quadcopter actually managed to fly using just the direct power from the panels. It should be noted however that it is an exceedingly fragile design, to the point that [Luke]’s cat broke a panel in the array when walking over it while it was lying upside-down on a table.

After this proof of concept, [Luke] intends to add more panels, as well as a battery to provide some buffer and autonomous flying hardware, with the goal of challenging the world record for the longest flying drone. For the rest of us, this might make for a pretty cool idea for a LoRaWAN mesh node or similar, where altitude and endurance would make for a great combo.

Continue reading “Building A PV Solar-Powered Quadcopter”

Making YouTube Work In The Netscape 4.5 Browser On Windows 98

October 31, 2025 by 14 Comments

The World Wide Web of the 90s was a magical place, where you couldn’t click two links without getting bombarded with phrases such as the Information Super Highway and Multimedia Experience. Of course, the multimedia experience you got on your Windows 9x PC was mostly limited to low-res, stuttery RealMedia and Windows video format clips, but what if you could experience YouTube back then, on your ‘multimedia-ready’ Celeron PC, running Netscape 4.5?

Cue the [Throaty Mumbo] bloke over on that very same YouTube, and his quest to make this dream come true. Although somewhat ridiculous on the face of it, the biggest problem is actually the era-appropriate hardware, as it was never meant to decode and display full-HD VP9-encoded videos.

Because the HTTPS requirement has meant that no 1990s or early 2000s browser will ever browse the modern WWW, a proxy was going to be needed no matter what. This Python-based proxy then got kitted out with not just the means to render down the convoluted HTML-CSS-JS mess of a YouTube page into something that a civilized browser can display, but also to fetch YouTube videos with yt-dlp and transcode it into MPEG1 in glorious SD quality for streaming to Netscape on the Windows 98 PC.

Because the same civilized browsers also support plugins, such as Netscape’s NPAPI, this meant that decoding and rendering the video was the easy part, as the browser just had to load the plugin and the latter doing all the heavy lifting. Perhaps unsurprisingly, with some tweaks even Netscape 2.0 can be used to browse YouTube and play back videos this way, with fullscreen playback and seeking support.

Although these days only a rare few modern browsers like Pale Moon still support NPAPI, it’s easy to see how the introduction of browser plugins boosted the multimedia future of the WWW that we find ourselves in today.

Continue reading “Making YouTube Work In The Netscape 4.5 Browser On Windows 98”

PhantomRaven Attack Exploits NPM’s Unchecked HTTP URL Dependency Feature

October 30, 2025 by 14 Comments
An example of RDD in a package's dependencies list. It's not even counted as a 'real' dependency. (Credit: Koi.ai)
An example of RDD in a package’s dependencies list. It’s not even counted as a ‘real’ dependency. (Credit: Koi.ai)

Having another security threat emanating from Node.js’ Node Package Manager (NPM) feels like a weekly event at this point, but this newly discovered one is among the more refined. It exploits not only the remote dynamic dependencies (RDD) ‘feature’ in NPM, but also uses the increased occurrence of LLM-generated non-existent package names to its advantage. Called ‘slopsquatting’, it’s only the first step in this attack that the researchers over at [Koi] stumbled over by accident.

Calling it the PhantomRaven attack for that cool vibe, they found that it had started in August of 2025, with some malicious packages detected and removed by NPM, but eighty subsequent packages evaded detection. A property of these packages is that in their dependencies list they use RDD to download malicious code from a HTTP URL. It was this traffic to the same HTTP domain that tipped off the researchers.

For some incomprehensible reason, allowing these HTTP URLs as package dependency is an integral part of the RDD feature. Since the malicious URL is not found in the code itself, it will slip by security scanners, nor is the download cached, giving the attackers significantly more control. This fake dependency is run automatically, without user interaction or notification that it has now begun to scan the filesystem for credentials and anything else of use.

The names of the fake packages were also chosen specifically to match incomplete package names that an LLM might spit out, such as unused-import instead of the full package name of eslint-plugin-unused-imports as example. This serves to highlight why you should not only strictly validate direct dependencies, but also their dependencies. As for why RDD is even a thing, this is something that NPM will hopefully explain soon.

Top image: North American Common Raven (Corvus corax principalis) in flight at Muir Beach in Northern California (Credit: Copetersen, Wikimedia)

Self-Driving Cars And The Fight Over The Necessity Of Lidar

October 30, 2025 by 73 Comments

If you haven’t lived underneath a rock for the past decade or so, you will have seen a lot of arguing in the media by prominent figures and their respective fanbases about what the right sensor package is for autonomous vehicles, or ‘self-driving cars’ in popular parlance. As the task here is to effectively replicate what is achieved by the human Mark 1 eyeball and associated processing hardware in the evolutionary layers of patched-together wetware (‘human brain’), it might seem tempting to think that a bunch of modern RGB cameras and a zippy computer system could do the same vision task quite easily.

This is where reality throws a couple of curveballs. Although RGB cameras lack the evolutionary glitches like an inverted image sensor and a big dead spot where the optical nerve punches through said sensor layer, it turns out that the preprocessing performed in the retina, the processing in the visual cortex and analysis in the rest of the brain is really quite good at detecting objects, no doubt helped by millions of years of only those who managed to not get eaten by predators procreating in significant numbers.

Hence the solution of sticking something like a Lidar scanner on a car makes a lot of sense. Not only does this provide advanced details on one’s surroundings, but also isn’t bothered by rain and fog the way an RGB camera is. Having more and better quality information makes subsequent processing easier and more effective, or so it would seem.

Continue reading “Self-Driving Cars And The Fight Over The Necessity Of Lidar”

Why Sodium-Ion Batteries Are Terrible For Solar Storage

October 30, 2025 by 78 Comments

These days just about any battery storage solution connected to PV solar or similar uses LiFePO4 (LFP) batteries. The reason for this is obvious: they have a very practical charge and discharge curve that chargers and inverters love, along with a great round trip efficiency. Meanwhile some are claiming that sodium-ion (Na+) batteries would be even better, but this is not borne out by the evidence, with [Will Prowse] testing and tearing down an Na+ battery to prove the point.

The OCV curve for LFP vs Na+ batteries.
The OCV curve for LFP vs Na+ batteries.

The Hysincere brand battery that [Will] has on the test bench claims a nominal voltage of 12 V and a 100 Ah capacity, which all appears to be in place based on the cells found inside. The lower nominal voltage compared to LFP’s 12.8 V is only part of the picture, as can be seen in the OCV curve. Virtually all of LFP’s useful capacity is found in a very narrow voltage band, with only significant excursions when reaching around >98% or <10% of state of charge.

What this means is that with existing chargers and inverters, there is a whole chunk of the Na+ discharge curve that’s impossible to use, and chargers will refuse to charge Na+ batteries that are technically still healthy due to the low cell voltage. In numbers, this means that [Will] got a capacity of 82 Ah out of this particular 100 Ah battery, despite the battery costing twice that of a comparable LFP one.

Yet even after correcting for that, the internal resistance of these Na+ batteries appears to be significantly higher, giving a round trip efficiency of 60 – 92%, which is a far cry from the 95% to 99% of LFP. Until things change here, [Will] doesn’t see much of a future for Na+ beyond perhaps grid-level storage and as a starter battery for very cold climates.

Continue reading “Why Sodium-Ion Batteries Are Terrible For Solar Storage”

Hello World In C Without Linking In Libraries

October 29, 2025 by 25 Comments

If there’s one constant with software developers, it is that sometimes they get bored. At these times, they tend to think dangerous thoughts, usually starting with ‘What if…’. Next you know, they have gone down a dark and winding rabbit hole and found themselves staring at something so amazing that the only natural conclusion that comes to mind is that while educational, it serves no immediate purpose.

The idea of applying this to snipping out the <stdio.h> header in C and the printf() function that it provides definitely is a good example here. Starting from the typical Hello World example in C, [Old Man Yells at Code] over at YouTube first takes us from the standard dynamically linked binary at a bloated 16 kB, to the statically linked version at an eyepopping 767 kB.

To remove any such dynamic linkages, and to keep file sizes somewhat sane, he then proceeds to first use the write()function from the <unistd.h> header, which does indeed cut out the <stdio.h> include, before doing the reasonable thing and removing all includes by rewriting the code in x86 assembly.

While this gets the final binary size down to 9 kB and needs no libraries to link with, it still performs a syscall, after setting appropriate register values, to hand control back to the kernel for doing the actual printing. If you try doing something similar with syscall(), you have to link in libc, so it might very well be that this is the real way to do Hello World without includes or linking in libraries. Plus the asm keyword is part of C, although one could argue that at this point you could just as well write everything in x86 ASM.

Of course, one cannot argue that this experience isn’t incredibly educational, and decidedly answers the original ‘What if…’ question.

Continue reading “Hello World In C Without Linking In Libraries”

Testing Cheap DC Breakers And How To Not Start Fires

October 28, 2025 by 11 Comments

One characteristic of adding PV solar to homes is a massive increase in high-voltage and high-current DC installations. With this comes a need for suitable breakers, but without the requisite knowledge it can be easy to set up a fire hazard. There is also the issue of online shopping platforms making it easy to get fuses and breakers that may not be quite as capable as they claim, never mind being rated for DC use.

Recently [Will Prowse] had a poke at a range of common purportedly DC-rated breakers from everyone’s favorite US-based seller of tat, to see whether they should be bought or avoided at all cost. Perhaps unsurprisingly the cheap breakers are about as dodgy as you’d imagine. With a hundred plus amps flowing through them they get surprisingly crispy, even if they generally did their job. Minus the few that arrived in a broken condition, of course.

Ultimately [Will] found that the molded case circuit break (MCCB) by one ‘DIHOOL’ performed the best. Compared to the competition, it is much larger and has sizeable terminals that avoid the quaint heat-soaking issues seen with the cheap-and-cheerful rest. At a mere $34 for the 125A-rated version, it’s still a fraction of the cost of a comparable Eaton MCCB, but should upset your insurance company significantly less than the alternatives.

Don’t forget to add in fuses, with [Will] testing a range of cheapo 12V DC fuses, to see which one will prevent fires, and which one cause them. Unsurprisingly, some of them like the Bojack-branded ones ran very hot, making them more of a liability than an asset.

As for what makes DC breakers so different from AC one is that the extinguishing point of a DC arc is much steeper, which means that an AC breaker is likely to fail to extinguish the arc when used for DC applications. This is why a properly rated and ideally certified breaker is essential, and also not really the point where you want to start saving money.

Continue reading “Testing Cheap DC Breakers And How To Not Start Fires”