A sliced digital file of a marker light enclosure. Background is a white and grey grid and object itself is a series of print path lines in red, orange, and green.

3D Printing Hard-To-Find Vintage Vehicle Parts

October 7, 2022 by Navarre Bartz 52 Comments

When I was growing up, my dad and I restored classic cars. Combing junkyards for the pieces we needed was a mixture of interesting and frustrating since there was always something you couldn’t find no matter how long you looked. [Emily Velasco] was frustrated by the high price of parts even when she was able to find them, so she decided to print them herself. She wrote an excellent tutorial about designing and 3D printing replica parts if you find yourself in a similar situation.

All four marker lights on [Velasco]’s 1982 Toyota pickup were on their way to plastic dust, and a full set would run her $160. Instead of shelling out a ton of cash for some tiny parts, she set out to replicate the marker lamps with her 3D printer. Using a cheap marker lamp replacement for a more popular model of pickup as a template, she was able to replace her marker lamps at a fraction of the cost of the options she found online. Continue reading “3D Printing Hard-To-Find Vintage Vehicle Parts” →

Flux: A Forty Foot Long Kinetic Art Piece

October 7, 2022 by Dave Rowntree 5 Comments

No office space is complete without some eye-catching art piece to gawp at whilst you mull over your latest problem. But LED-based displays are common enough to be boring these days. Kinetic art pieces are where it’s at, and this piece called Flux is a perfect example.

Commissioned for the Toronto office of a very popular e-commerce platform and constructed by [Nicholas Stedman], Flux consists of twenty identical planks on the ceiling, arranged in a line forty feet long. Each plank has a pair of rotating prisms, constructed from a stack of foam sheets, finished with metallic paint. The prisms are spun by individual stepper motors, each of which is driven by a TMC2160-based module, making them whisper-quiet.

A simple 3D printed bracket holds a small PCB holding an AMS AS5600 rotary magnetic encoder, onto the rear of the stepper motor. This allows for closed-loop feedback to the shared Arduino, which is very important for a sculpture such as this. Each Arduino is hooked up to a Raspberry Pi, running a simple application written in node.js which is responsible for coordinating movement, as well as uploading updated firmware images as required. A simple, but very effective build, we think!

Even more fun are kinetic art installations that are reactive to some data source, such as Adad, which visualizes lightning strike data. If these builds are just too big and complex, we’ve seen many examples of smaller desktop toys, such as this 3D printed tumbling chain demo for example.

Continue reading “Flux: A Forty Foot Long Kinetic Art Piece” →

Engineers: Be Subversive To Be Green

October 7, 2022 by Jenny List 153 Comments

The caterers for the volunteer workforce behind the summer’s MCH hacker camp in the Netherlands served all-vegan food. This wasn’t the bean sprouts and lentils that maybe some of the more meat-eating readers might imagine when confronted with vegan food, nor was it a half-as-good array of substitutes with leathery soy hamburgers and rubbery fake cheese smelling suspiciously of feet.

Instead it was a well-crafted, interesting, and tasty menu that was something to look forward to after several hours driving a vanload of handwashing sinks. It was in one of their meals that I found food for thought when driving a week later past the huge Garzweiler open-cast lignite mine on my way through Germany to Luxembourg’s Haxogreen as part of my European hacker camp summer tour.

The meal was deep-fried soy protein strips and the mine is probably one of Western Europe’s dirtiest and most problematic CO2 sources in a country that likes to imagine itself as environmentally friendly, so where in this unlikely connection did I find a pairing? Continue reading “Engineers: Be Subversive To Be Green” →

Hackaday Podcast 188: Zapping Cockroaches, Tricking AIs, Antique 3D Scanning, And Grinding Chips To QFN

October 7, 2022 by Dan Maloney 7 Comments

It’s déjà vu all over again as Hackaday Editor-in-Chief Elliot Williams gets together with Staff Writer Dan Maloney to look over the best hacks from the past week. If you’ve got a fear of giant cockroaches, don’t worry; we’ll only mention the regular ones when we talk about zapping them with lasers. What do you need to shrinkify an NES? Just a little sandpaper and a lot of finesse.

Did you know that 3D scanning is (sort of) over a century old? Or that the first real microcomputer dates all the way back to 1972 — and isn’t one of those blinkenlight deals? And watch out for what you tell GPT-3 to ignore — it might just take you very seriously. We’ll touch on solar-powered cameras, a compressor of compressors, and talk about all the unusual places to find lithium batteries for your projects. It’s an episode so good you might just want to listen to it twice!

(In case you’re wondering about all this “twice” stuff — Elliot forgot to hit record on the first take and we had to do the entire podcast over again. Oh, the humanity!)

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download here!

Continue reading “Hackaday Podcast 188: Zapping Cockroaches, Tricking AIs, Antique 3D Scanning, And Grinding Chips To QFN” →

A CRT Monitor From An Obsolete Logic Analyzer

October 7, 2022 by Jenny List 15 Comments

The designers of older equipment that contained a CRT monitor rarely made the effort to design their own driver and deflection circuitry. Instead they were more likely to buy an off the shelf assembly from a monitor manufacturer, and simply supply it with their video. [TomV] has an old HP 16500A logic analyzer, and in it he found a Sony monitor chassis. With a quest for a microfiche service manual and a bit of reverse engineering, he was able to hook it up to a VGA port and use it as an extension monitor for his laptop.

The monitor chassis is a Sony CHM-9001-00, which sports their 10″ Trinitron tube. These were among the very best CRT tubes of the day, making it the type of module 1990s hacker would have been very pleased to get their hands on. Here in 2022 a look at the monitor’s 40-pin connector reveals a standard RGB interface which the service manual confirms is within the voltage range to be driven from a VGA output. A Thinkpad X220 is pressed into service, with a 576 by 360 pixel at 60 Hz video mode defined, and there we have it, a modern desktop on an obsolete piece of test equipment.

The intended destination for this monitor is a small arcade cabinet, so it needed to be independent of the HP chassis. The required 120 VDC supply comes from an inverter designed for solar battery charging, which balked at the inrush current from the monitor when fed with 12 V. Increasing the supply voltage on the low voltage side solved that, leading to a very serviceable monitor. We have no use for one, but we’d be lying if we said we didn’t want one.

Perhaps you may have wondered, what made Trinitrons so good?

This Week In Security: PHP Attack Defused, Scoreboard Manipulation, And Tillitis

October 7, 2022 by Jonathan Bennett 1 Comment

If you use PHP, you likely use the Composer tool for managing dependencies, at least indirectly. And the good folks at SonarSource found a nasty, potential supply chain attack in this tool, when used in the Packagist repository. The problem is the support for arbitrary README filenames. When a package update shows up on Packagist, that service uses a Version Control Service (VCS) like Git or Mercurial to pull the specified readme location. That pull operation is subject to argument injection. Name your branch --help, and Git will happily run the help argument instead of doing the pull intended. In the case of Git commands, our intrepid researchers were unable to weaponize the issue to achieve code execution.

Composer also supports projects that use Mercurial as their VCS, and Mercurial has a --config option that has… interesting potential. It allows redefining a Mecurial command as a script snippet. So a project just has to contain a malicious payload.sh, and the readme set to --config=alias.cat=!hg cat -r : payload.sh|sh;,txt. For those keeping track at home, the vulnerability is that this cursed string of ugly is accepted by Composer as a valid filename. This uses the --config trick to redefine cat as a bit of script that executes the payload. It ends in .txt because that is a requirement of Composer.

So let’s talk about what this little hack could have been used for, or maybe still used for on an unpatched, private install of Packagist. This is an unattended attack that jumps straight to remote script execution — on an official package repository. If discovered and used for evil, this would have been a massive supply chain attack against PHP deployments. Instead, thanks to SonarSource, it was discovered and disclosed privately back in April. The official Packagist repo at packagist.org was fixed the day after disclosure, and a CVE and updated packages went out six days later. Great work all around.
Continue reading “This Week In Security: PHP Attack Defused, Scoreboard Manipulation, And Tillitis” →

Five-Foot Keyboard Lays It All On The Line

October 7, 2022 by Kristina Panos 17 Comments

We would bet that among the most technologically-inclined of our readership, there are plenty of hunt-and-peck typists. Because of course, typing quickly and from the home row has nothing to do with intelligence, and everything to do with practice and rote muscle memorization. But what if the keyboard was all home row?

That’s right — Google Japan (translated) is back at it with another joke peripheral that happens to be 100% real and open-source. Whether you want to keep your distance from others while you toil at the coffee shop, or really, really want to get into the pair programming thing, this is the keyboard for you. While the prototype was a whopping seven feet long (or wide, whatever), the final version is shorter and friendlier, and can double as a walking stick on those outdoor sanity breaks with the addition of a protective shoe.

As with their mug keyboard, we appreciate the work that went into making this keyboard real just as much as the joke itself. Our favorite factoid has to be that this is made up of 17 different circuit boards, including the control board. Be sure to check out the fairly hilarious promo video after the break.

Continue reading “Five-Foot Keyboard Lays It All On The Line” →

Hackaday

3D Printing Hard-To-Find Vintage Vehicle Parts

Flux: A Forty Foot Long Kinetic Art Piece

Engineers: Be Subversive To Be Green

Hackaday Podcast 188: Zapping Cockroaches, Tricking AIs, Antique 3D Scanning, And Grinding Chips To QFN

Places to follow Hackaday podcasts:

A CRT Monitor From An Obsolete Logic Analyzer

This Week In Security: PHP Attack Defused, Scoreboard Manipulation, And Tillitis

Five-Foot Keyboard Lays It All On The Line

Search

Never miss a hack

If you missed it

Eulogy For The Satellite Phone

Just For Laughs: Charlie Douglass And The Laugh Track

A Gentle Introduction To Ncurses For The Terminally Impatient

End Of An Era: NOAA’s Polar Sats Wind Down Operations

Crowdsourcing SIGINT: Ham Radio At War

Our Columns

Video Game Preservation Through Decompilation

Hackaday Links: June 22, 2025

Retrotechtacular: 1970s Radio

Measurement Is Science

Hackaday Podcast Episode 325: The Laugh Track Machine, DIY USB-C Power Cables, And Plastic Punches

Places to follow Hackaday podcasts:

Search

Never miss a hack

Subscribe

If you missed it

Our Columns