2025 One Hertz Challenge: A Discrete Component Divider Chain

July 25, 2025 by 17 Comments

Most of us know that a quartz clock uses a higher frequency crystal oscillator and a chain of divider circuits to generate a 1 Hz pulse train. It’s usual to have a 32.768 kHz crystal and a 15-stage divider chain, which in turn normally sits inside an integrated circuit. Not so for [Bobricius], who’s created just such a divider chain using discrete components.

The circuit of a transistor divider is simple enough, and he’s simply replicated it fifteen times in surface mount parts on a PCB with an oscillator forming the remaining square in a 4 by 4 grid. In the video below the break we can see him measuring the frequency at each point, down to the final second. It’s used as the timing generator for an all transistor clock, and as we can see it continues that trend. Below the break is a video showing all the frequencies in the chain.

This project is part of our awesome 2025 One Hertz Challenge, for all things working on one second cycles. Enter your own things that go tick and tock, we’d live to see them!

Continue reading “2025 One Hertz Challenge: A Discrete Component Divider Chain”

Hackaday Podcast Episode 330: Hover Turtles, Dull Designs, And K’nex Computers

July 25, 2025 by No comments

What did you miss on Hackaday last week? Hackaday’s Elliot Williams and Al Williams are ready to catch you up on this week’s podcast. First, though, the guys go off on vibe coding and talk about a daring space repair around Jupiter.

Then it is off to the hacks, including paste extruding egg shells, bespoke multimeters, and an 8-bit mechanical computer made from a construction toy set.

For can’t miss articles, you’ll hear about boring industrial design in modern cell phones and a deep dive into how fresh fruit makes it to your table in the middle of the winter.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

The DRM-free MP3 was stored in a public refrigerated warehouse to ensure freshness. Why not download it and add it to your collection?

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast Episode 330: Hover Turtles, Dull Designs, And K’nex Computers”

Compass CNC

Human In The Loop: Compass CNC Redefines Workspace Limits

July 25, 2025 by 9 Comments

CNCs come in many forms, including mills, 3D printers, lasers, and plotters, but one challenge seems universal: there’s always a project slightly too large for your machine’s work envelope. The Compass CNC addresses this limitation by incorporating the operator as part of the gantry system.

The Compass CNC features a compact core-XY gantry that moves the router only a few inches in each direction, along with Z-axis control to set the router’s depth. However, a work envelope of just a few inches would be highly restrictive. The innovation of the Compass CNC lies in its reliance on the operator to handle gross positioning of the gantry over the workpiece, while the machine manages the precise, detailed movements required for cutting.

Most of the Compass CNC is constructed from 3D printed parts, with a commercial router performing the cutting. A Teensy 4.1 serves as the control unit, managing the gantry motors, and a circular screen provides instructions to guide the operator on where to position the tool.

Those familiar with CNC routers may notice similarities to the Shaper Origin. However, key differences set the Compass CNC apart. Primarily, it is an open source project with design files freely available for those who want to build their own. Additionally, while the Shaper Origin relies on a camera system for tracking movement, the Compass CNC uses four mouse sensors to detect its position over the workpiece.

The Compass CNC is still in development, and kits containing most of the necessary components for assembly are available. We’re excited to see the innovative creations that emerge from this promising new tool.

Continue reading “Human In The Loop: Compass CNC Redefines Workspace Limits”

This Week In Security: Sharepoint, Initramfs, And More

July 25, 2025 by 12 Comments

There was a disturbance in the enterprise security world, and it started with a Pwn2Own Berlin. [Khoa Dinh] and the team at Viettel Cyber Security discovered a pair of vulnerabilities in Microsoft’s SharePoint. They were demonstrated at the Berlin competition in May, and patched by Microsoft in this month’s Patch Tuesday.

This original exploit chain is interesting in itself. It’s inside the SharePoint endpoint, /_layouts/15/ToolPane.aspx. The code backing this endpoint has a complex authentication and validation check. Namely, if the incoming request isn’t authenticated, the code checks for a flag, which is set true when the referrer header points to a sign-out page, which can be set arbitrarily by the requester. The DisplayMode value needs set to Edit, but that’s accessible via a simple URL parameter. The pagePath value, based on the URL used in the call, needs to start with /_layouts/ and end with /ToolPane.aspx. That particular check seems like a slam dunk, given that we’re working with the ToolPane.aspx endpoint. But to bypass the DisplayMode check, we added a parameter to the end of the URL, and hilariously, the pagePath string includes those parameters. The simple work-around is to append another parameter, foo=/ToolPane.aspx.

Putting it together, this means a POST of /_layouts/15/ToolPane.aspx?DisplayMode=Edit&foo=/ToolPane.aspx with the Referrer header set to /_layouts/SignOut.aspx. This approach bypasses authentication, and allows a form parameter MSOTlPn_DWP to be specified. These must be a valid file on the target’s filesystem, in the _controltemplates/ directory, ending with .iscx. But it grants access to all of the internal controls on the SafeControls list.

There’s an entire second half to [Khoa Dinh]’s write-up, detailing the discovery of a deserialization bug in one of those endpoints, that also uses a clever type-confusion sort of attack. The end result was remote code execution on the SharePoint target, with a single, rather simple request. Microsoft rolled out patches to fix the exploit chain. The problem is that Microsoft often opts to fix vulnerabilities with minimal code changes, often failing to fix the underlying code flaws. This apparently happened in this case, as the authentication bypass fix could be defeated simply by adding yet another parameter to the URL.

These bypasses were found in the wild on July 19th, and Microsoft quickly confirmed. The next day, the 20th, Microsoft issued an emergency patch to address the bypasses. The live exploitation appears to be coming from a set of Chinese threat actors, with a post-exploitation emphasis on stealing data and maintaining access. There seem to be more than 400 compromised systems worldwide, with some of those being rather high profile.

Continue reading “This Week In Security: Sharepoint, Initramfs, And More”

Transparent PCBs Trigger 90s Nostalgia

July 25, 2025 by 34 Comments

What color do you like your microcontroller boards? Blue? Red? Maybe white or black? Sadly, all of those are about to look old hat. Why? Well, as shared by [JLCPCB], this transparent Arduino looks amazing.

The board house produced this marvel using its transparent flexible printed circuit (FPC) material. Basically, the stuff they use for ribbon cables and flex PCBs, just made slightly differently to be see-through instead of vaguely brown.

The circuit in question is a Flexduino, an Arduino clone specifically designed to work on flexible substrates. It looks particularly good on this transparent material, with the LEDs glowing and the white silkscreen for contrast. If you like what you see, you can order your own circuits using this material directly from JLCPCB’s regular old order form.

Most of all, this project reminds us of the 1990s. Back then, you could get all kinds of games consoles and other electronics with transparent housings. There was the beloved PlayStation Crystal, while Nintendo did something similar with the N64 while adding a whole line of tinted color and charcoal versions too. Somehow seeing a bit of the inside of things is just cool. Even if, in some cases, it’s just to avoid smuggling in prisons.

It took decades before you could get custom PCBs quickly and easily. Now, board houses are competing for the enthusiast (consumer?) market, and competition is spurring development of crazy stuff like transparent and even glow in the dark PCBs. What next? We’re thinking edible, ROHS and WEEE be damned. Drop your thoughts in the comments.

Thanks to [George Graves] for the tip!

Reachy The Robot Gets A Mini (Kit) Version

July 25, 2025 by 11 Comments

Reachy Mini is a kit for a compact, open-source robot designed explicitly for AI experimentation and human interaction. The kit is available from Hugging Face, which is itself a repository and hosting service for machine learning models. Reachy seems to be one of their efforts at branching out from pure software.

Our guess is that some form of Stewart Platform handles the head movement.

Reachy Mini is intended as a development platform, allowing people to make and share models for different behaviors, hence the Hugging Face integration to make that easier. On the inside of the full version is a Raspberry Pi, and we suspect some form of Stewart Platform is responsible for the movement of the head. There’s also a cheaper (299 USD) “lite” version intended for tethered use, and a planned simulator to allow development and testing without access to a physical Reachy at all.

Reachy has a distinctive head and face, so if you’re thinking it looks familiar that’s probably because we first covered Reachy the humanoid robot as a project from Pollen Robotics (Hugging Face acquired Pollen Robotics in April 2025.)

The idea behind the smaller Reachy Mini seems to be to provide a platform to experiment with expressive human communication via cameras and audio, rather than to be the kind of robot that moves around and manipulates objects.

It’s still early in the project, so if you want to know more you can find a bit more information about Reachy Mini at Pollen’s site and you can see Reachy Mini move in a short video, embedded just below.

Continue reading “Reachy The Robot Gets A Mini (Kit) Version”

Not Repairing An Old Tape Recorder

July 24, 2025 by 9 Comments

When you think of a tape recorder, you might think of a cassette tape. However, [Michael Simpson] has an old Star-Lite small reel-to-reel tape machine. It isn’t a repair so much as a rework to make it work better. These cheap machines were never the best, although a $19 tape player back then was a luxury.

Part of the problem is that the design of the tape player wasn’t all that good to begin with. The motor runs off two C cells in parallel. When these were new in the 1960s, that would have meant conventional carbon-zinc batteries, so the voltage would have varied wildly. That didn’t matter, though, because the drive was directly to the tape reel, so the speed also varied based on how much tape was left on the reel.

The amplifier has four transistors. [Michael] decided to replace the capacitors on the unit. He noticed, too, that the volume control is in line with the microphone when recording, so even though the recording was supposedly in need of repair, it turned out to be simply a case of the volume control being turned down. Pretty impressive for a six-decade-old piece of consumer electronics.

The capacitor change-out was simple enough. Some cleaning and lubing was also in order. Did it help? You’ll have to listen and decide for yourself.

So, no real repair was in the works, but it is an interesting look back at an iconic piece of consumer tech. Tape recorders like this were an early form of social media. No kidding. If you’d rather not buy a tape recorder, you could roll your own.

Continue reading “Not Repairing An Old Tape Recorder”