Why Can’t We Have Pretty Things?

September 17, 2022 by 74 Comments

I was reading [Al Williams]’ great rant on why sometimes the public adoption of tech moves so slowly, as exemplified by the Japanese Minister of Tech requesting the end of submissions to the government on floppy diskettes. In 2022!

Along the way, [Al] points out that we still trust ballpoint-pen-on-paper signatures more than digital ones. Imagine going to a bank and being able to open an account with your authentication token! It would be tons more secure, verifiable, and easier to store. It makes sense in every way. Except, unless you’ve needed one for work, you probably don’t have a Fido2 (or whatever) token, do you?

Same goes for signed, or encrypted, e-mail. If you’re a big cryptography geek, you probably have a GPG key. You might even have a mail reader that supports it. But try requesting an encrypted message from a normal person. Or ask them to verify a signature.

Honestly, signing and encrypting are essentially both solved problems, from a technical standpoint, and for a long time. But somehow, from a societal point of view, we’re not even close yet. Public key encryption dates back to the late 1970’s, and 3.5” diskettes are at least a decade younger. Diskettes are now obsolete, but I still can’t sign a legal document with my GPG key. What gives?

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!

3D Printer Upcycles Computer Case To DAS

September 17, 2022 by 29 Comments

Storage technologies are a bit of an alphabet soup, with NAS, SAN, and DAS systems being offered. That’s Network Attached Storage, Storage Area Network, and Direct Attached Storage. The DAS is the simplest, just physical drives attached to a machine, usually in a separate box custom made for the purpose. That physical box can be expensive, particularly if you live on an island like [Nicholas Sherlock], where shipping costs can be prohibitively high. So what does a resourceful hacker do, particularly one who has a 3d printer? Naturally, he designs a conversion kit and turns an available computer case into a DAS.

There’s some clever work here, starting with the baseplate that re-uses the ATX screw pattern. Bolted to that plate are up to four drive racks, each holding up to four drives. So all told, you can squeeze 16 drives into a handy case. The next clever bit is the Voronoi pattern, an organic structure that maximizes airflow and structural strength with minimal filament. A pair of 140mm fans hold the drives at a steady 32C in testing, but that’s warm enough that ABS is the way to go for the build. Keep in mind that the use of a computer case also provides a handy place to put the power supply, which uses the pin-short trick to provide power.

Data is handled with 4 to 1 SATA to SAS breakout cables, internal to external SAS converters, and an external SAS cable to the host PC. Of course, you’ll need a SAS card in your host PC to handle the connections. Thankfully you can pick those up on ebay for $20 USD and up.

If this looks good, maybe check out some other takes on this concept!

AntRunner Is The Satellite Antenna Mount You Need To Take With You

September 17, 2022 by 13 Comments

It stands to reason, that should you wish to communicate with a satellite, whatever antenna you use should point at that satellite. Some of us have done this by hand, following the bright dot of the space station in the night sky. Still, for anything more serious than trying to catch a fleeting SSTV image, a more robust solution is called for. In other words, a motorized antenna rotator, and AntRunner from [Wuxx] is just the ticket. Better still, it’s portable for those /p operating sessions off the beaten track.

The rotator itself is an az-el design with a couple of geared stepper motors. The full mechanism design has been published, but it shouldn’t be too difficult to copy. The interesting part is the controller and software, which can work with Gpredict, Hamlib, and SDR for automated satellite tracking. The controller is as straightforward as an ESP32 running the ESP port of GRBL.

So here’s a portable antenna rotator that’s accessible and widely supported, what’s not to like? As you might expect though, it’s not the first we’ve seen. In fact, the 2014 Hackaday Prize was won by SatNOGs, which includes a 3D printed antenna positioner.

Thanks [Abe Tusk] for the tip!

Hand-Cranked Doodler Made Using A 3D Printer

September 16, 2022 by 20 Comments

3D printers are great at creating complex geometry out of plastic, and that geometry can often pull off some impressive tricks. [DaveMakesStuff] found a way to generate geometry that draws 2D shapes with a pen and some fancy cams, and it’s really fun to watch.

The build is relatively simple. It consists of a frame which holds a 3D-printed cam turned by a hand crank. That cam controls the movement of a pen in two dimensions, letting it draw all manner of shapes. Videos on Reddit demonstrate it drawing squares, figure eights, and stars, while on YouTube, it writes the phrase “CAM I AM.”

According to [DaveMakesStuff], he figured out how to create the cams with “hours and hours of tedious CAD work.” We imagine there’s a way to do this with maths instead in parametric modelling software, and await such a build on the Hackaday tipsline. Those eager to recreate the build can explore the files on Thingiverse.

We’ve seen some great 3D-printed mechanisms before, too, like this zig-zag cam for a sewing machine. Video after the break.

Continue reading “Hand-Cranked Doodler Made Using A 3D Printer”

What’s Old Is New Again: GPT-3 Prompt Injection Attack Affects AI

September 16, 2022 by 13 Comments

What do SQL injection attacks have in common with the nuances of GPT-3 prompting? More than one might think, it turns out.

Many security exploits hinge on getting user-supplied data incorrectly treated as instruction. With that in mind, read on to see [Simon Willison] explain how GPT-3 — a natural-language AI —  can be made to act incorrectly via what he’s calling prompt injection attacks.

This all started with a fascinating tweet from [Riley Goodside] demonstrating the ability to exploit GPT-3 prompts with malicious instructions that order the model to behave differently than one would expect.

Continue reading “What’s Old Is New Again: GPT-3 Prompt Injection Attack Affects AI”

Vintage Tube Tester Teardown

September 16, 2022 by 12 Comments

[Mr. Carlson] has an old-style 1940-era radio tube tester, the kind that used to inhabit grocery and drug stores. It is in amazing condition and he was kind enough to tear it down for us. The tester is a Model X from the Radiotechnic Laboratory in Evanston Illinois and, like [Mr. Carlson], we were amused that one of the indicators on the device is a Ouija board-like “doubtful” reading. When it lights up, it looks amazing.

This is much older than the old “TV tube testers” we remember as a kid, but the idea is the same: you have a bad radio or TV with tubes in it, it is a fair bet that the problem is a tube. Even if you don’t know much about electronics, you can carefully remove the tubes, drive over to the drugstore, test your tubes and buy a replacement for any that are bad. Uniquely, this tester even had a speaker you could use to listen to the tube’s output while testing.

Continue reading “Vintage Tube Tester Teardown”

Gaze Upon Just How Thin ATM Skimmers Are Getting

September 16, 2022 by 63 Comments

ATM skimmers are electronic devices designed to read financial card information, and they are usually paired with a camera to capture a user’s PIN. These devices always have to hide their presence, and their design has been a bit of an arms race. Skimmers designed to be inserted into a card slot like a parasite have been around for several years, but [Brian Krebs] shows pictures of recently captured skimmer hardware only a fraction of a millimeter thick. And that’s including the battery.

As hardware gets smaller, cameras to capture PIN entry are more easily hidden in things like fake panels.

The goal of these skimmers is to read and log a card’s magnetic strip data. All by itself, that data is not enough to do anything dastardly. That’s why the hardware is complemented by a separate device that captures a user’s PIN as they type it in, and this is usually accomplished with a camera. These are also getting smaller and thinner, which makes them easier to conceal. With a copy of the card’s magnetic strip data and the owner’s PIN, criminals have all they need to create a cloned card that can be used to make withdrawals. (They don’t this so themselves, of course. They coerce or dupe third parties into doing it for them.)

Retrieving data from such skimmers has also led to some cleverness on the part of the criminals. Insertable readers designed to establish a connection to the skimmer and download data is how that gets done. By the way, retrieving data from an installed skimmer is also something criminals don’t do themselves, so that data is encrypted. After all, it just wouldn’t do to have an intermediary getting ideas about using that data for their own purposes. Continue reading “Gaze Upon Just How Thin ATM Skimmers Are Getting”