In Search Of The First Comment

Are you writing your code for humans or computers? I wasn’t there, but my guess is that at the dawn of computing, people thought that they were writing for the machines. After all, they were writing in machine language, and whatever bits they flipped into the electronic brain stayed in the electronic brain, unless punched out on paper tape. And the commands made the machine do things, not other people. Code was written strictly for computers.

Modern programming practice, on the other hand, is aimed firmly at people. Variable and function names are chosen to be long and to describe what they contain or do. “Readability” of code is a prized attribute. Indeed, sometimes the fact that it does the right thing at all almost seems to be an afterthought. (I kid!)

Somewhere along this path, there was an important evolutionary step, like the first fish using its flippers to walk on land. Comments were integrated into programming languages, formalizing the notes that coders of old surely wrote by hand in the margins of the paper first-drafts before keying it in. So I went looking for the missing link: the first computer language, and ideally the first program, with comments. I came up empty handed.

Or rather full handed. Every computer language that I could find had comments from the beginning. FORTRAN had comments, marked by a “C” as the first character in a line. APL had comments, marked by the bizarro rune ⍝. Even the custom language written for the Apollo 11 guidance computers had comments — the now-commonplace “#”. I couldn’t find an early programming language without comments.

My guess is that the first language with a comment must have been an assembly language, because I don’t know of any machines with a native comment instruction. (How cool and frivolous would that be?)

Assemblers simply translate mnemonic names to their machine instruction counterparts, but this gives them the important freedom to ignore anything starting with, traditionally, a semicolon. Even though you’re just transferring the contents of register X to the memory location pointed to in register Y, you can write that you’re “storing the height above ground (meters)” in the comments.

The crucial evolutionary step, though, is saving the comments along with the code. Simply ignoring everything that comes after the semicolon and throwing it away doesn’t count. Does anyone know? What was the first code to include comments as part of the code itself, and not simply as marginalia?

Chip Tester Knows If Your Old Chips Are Working

[Noel’s Retro Lab] has looked at retro chip testers before, but in a recent video you can see below he’s looking at the Chip Tester Pro, a preassembled chip tester for vintage chips, especially those used in Commodore computers. The device looks good on the surface with a form factor like a calculator or cell phone, an LCD display, and a 48 pin ZIF socket.

The user interface is pretty simple. A rotary encoder and a big red button are about it. However, there are also some headers where you have to use jumpers to wire signals to the chip. The firmware gives you specific directions, but it is reminiscent of programming old punchcard machines with jumper wires. Luckily, it looks like you only route the power to the device so you don’t have many wires to connect (usually two or three).

Continue reading “Chip Tester Knows If Your Old Chips Are Working”

You Can Build A Lego Rubik’s Cube

Rubik’s cubes are a popular puzzle — one found exciting or infuriating depending on your personal bent. [PuzzLEGO] has designed a LEGO Rubik’s cube, with the latest revision improving on flimsy earlier designs.

The first step was to design a core that would allow the cube to rotate freely without being too loose. This involved a lot of trial and error until [PuzzLEGO] found just the right combination of parts to do the job. From there, it was a matter of introducing the edge pieces and corner pieces without jamming everything up.

It took some experimenting to get everything moving together smoothly, but the end result is pretty impressive. It’s certainly not a build you’d use for speedcubing; the fragility meant that it took 20 minutes to solve just one face. [PuzzLEGO] hopes to make further improvements to increase playability.

If you want to replicate the feat, you’ll need plenty of little Lego bits and pieces, but it’s definitely a replicable build. Alternatively, consider using Lego to build a Rubik’s Solver, instead. Video after the break.

Continue reading “You Can Build A Lego Rubik’s Cube”

Vacuum Forming With 3D Printed Buck Tutorial

[Matterhackers] has a nice video tutorial on using vacuum forming to create plastic items. Sure, you have a 3D printer, but vacuum forming has some advantages if you are making thin and flexible items quickly. But don’t feel bad. The master item in the process is from a 3D printer. Like a mold, the forming won’t produce a duplicate of the master, called a buck. Rather, the buck provides something like a die that the plastic wraps around.

While obvious vacuum-formed items include such things as take-out food containers and plastic blister packaging for retail items, you can also make more substantial items. Apparently, all theStar Wars movies in the original trilogy used vacuum forming to create stormtrooper armor.

Continue reading “Vacuum Forming With 3D Printed Buck Tutorial”

ua-parser-js compromised

Supply Chain Attack: NPM Library Used By Facebook And Others Was Compromised

Here at Hackaday we love the good kinds of hacks, but now and then we need to bring up a less good kind. Today it was learned that the NPM package ua-parser-js was compromised, and any software using it as a library may have become victim of a supply chain attack. What is ua-parser-js and why does any of this matter?

In the early days of computing, programmers would write every bit of code they used themselves. Larger teams would work together to develop larger code bases, but it was all done in-house. These days software developers don’t write every piece of code. Instead they use libraries of code supplied by others.

For better or worse, repositories of code are now available to do even the smallest of functions so that a developer doesn’t have to write the function from scratch. One such registry is npm (Node Package Manager), who organize a collection of contributed libraries written in JavaScript. One only need to use npm to include a library in their code, and all of the functions of that code are available to the developer. One such example is ua-parser-js which is a User Agent Parser written in JavaScript. This library makes it easy for developers to find out the type of device and software being used to access a web page.

On October 22 2021, the developer of ua-parser-js found that attackers had uploaded a version of his software that contained malware for both Linux and Windows computers. The malicious versions were found to steal data (including passwords and Chrome cookies, perhaps much more) from computers or run a crypto-currency miner. This prompted GitHub to issue a Critical Severity Security Advisory.

What makes this compromise so dangerous is that ua-parser-js is considered to be part of a supply chain, and has been adopted even by Facebook for use in some of its customer facing software. The developer of ua-parser-js has already secured his GitHub account and uploaded new versions of the package that are clean. If you have any software that uses this library, make sure you’ve got the latest version!

Of course this is by no means a unique occurrence. Last month Maya Posch dug into growing issues that come from some flaws of trust in package management systems. The art for that article is a house of cards, an apt metaphor for a system that is only as stable as the security of each and every package being built upon.

3D Printer Cuts Metal

Every now and then we’ll see a 3D printer that can print an entire house out of concrete or print an entire rocket out of metal. But usually, for our budget-friendly hobbyist needs, most of our 3D printers will be printing small plastic parts. If you have patience and a little bit of salt water, though, take a look at this 3D printer which has been modified to cut parts out of any type of metal, built by [Morlock] who has turned a printer into a 5-axis CNC machine.

Of course, this modification isn’t 3D printing metal. It convers a 3D printer’s CNC capabilities to turn it into a machining tool that uses electrochemical machining (ECM). This process removes metal from a work piece by passing an electrode over the metal in the presence of salt water to corrode the metal away rapidly. This is a remarkably precise way to cut metal without needing expensive or heavy machining tools which uses parts that can easily be 3D printed or are otherwise easy to obtain. By using the 3D printer axes and modifying the print bed to be saltwater-resistant, metal parts of up to 3 mm can be cut, regardless of the type of metal used. [Morlock] also added two extra axes to the cutting tool, allowing it to make cuts in the metal at odd angles.

Using a 3D printer to perform CNC machining like this is an excellent way to get the performance of a machine tool without needing to incur the expense of one. Of course, it takes some significant modification of a 3D printer but it doesn’t need the strength and ridigity that you would otherwise need for a standard CNC machine in order to get parts out of it with acceptable tolerances. If you’re interested in bootstraping one like that using more traditional means, though, we recently featured a CNC machine that can be made from common materials and put together for a minimum of cost.

Continue reading “3D Printer Cuts Metal”

Vizio In Hot Water Over Smart TV GPL Violations

As most anyone in this community knows, there’s an excellent chance that any consumer product on the market that’s advertised as “smart” these days probably has some form of Linux running under the hood. We’re also keenly aware that getting companies to hold up their end of the bargain when it comes to using Linux and other GPL licensed software in their products, namely releasing their modified source, isn’t always as cut and dried as it should be.

Occasionally these non-compliant companies will get somebody so aggravated that they actually try to do something about it, which is where smart TV manufacturer Vizio currently finds itself. The Software Freedom Conservancy (SFC) recently announced they’re taking the Irvine, California based company to court over their repeated failures to meet the requirements of the GPL while developing their Linux-powered SmartCast TV firmware. In addition to the Linux kernel, the SFC also claims Vizio is using modified versions of various other GPL and LGPL protected works, such as U-Boot, bash, gawk, tar, glibc, and ffmpeg.

According to the SFC press release, the group isn’t looking for any monetary damages. They simply want Vizio to do what’s required of them as per the GPL and release the SmartCast source code, which they hope will allow for the development of an OpenWrt-like replacement firmware for older Vizio smart TVs. This is particularly important as older models will often stop receiving updates, and in many cases, will no longer be able to access all of the services they were advertised as being able to support. Clearly the SFC wants this case to be looked at as part of the larger Right to Repair debate, and given the terrible firmware we’ve seen some of these smart TVs ship with, we’re inclined to agree.

Now of course, we’ve seen cases like this pop up in the past. But what makes this one unique is that the SFC isn’t representing one of the developers who’s software has been found to be part of Vizio’s SmartCast, they’re actually the plaintiff. By taking the position of a consumer who has purchased a Vizio product that included GPL software, the SFC is considered a third-party beneficiary, and they are merely asking the court to be given what’s due to them under the terms of the license.

As firm believers in the open source movement, we have zero tolerance for license violators. Vizio isn’t some wide-eyed teen, randomly copying code they found from GitHub without understanding the implications. This is a multi-billion dollar company that absolutely should know better, and we’ll be happy to see them twist in the wind a bit before they’re ultimately forced to play by the rules.