A white man with red hair in pigtails under a brown cap holds an axe with a black head and wooden handle. The axe has a rectangular box welded onto the back side of its trapezoidal head.

Deadblow Axe Splits Wood With Minimal Rebound

February 16, 2024 by 17 Comments

Dead-blow hammers are well-known in the construction industry for minimizing rebound. [Jacob Fischer] is on a mission to bring this concept to splitting axes.

Over the course of several months, [Fischer] has been working on adding a dead-blow to a splitting axe. This fifth iteration uses a custom-forged head from blacksmith [Todd Elder] with a dead-blow box welded to the poll. The combination of the head geometry and the dead-blow distributing the delivery of force seems to result in a very effective splitting axe.

The dead-blow portion of the axe is a steel box filled with lead (Pb) BBs. Since the BBs are trailing the axe head within the box, the force from the BBs is delivered later than the initial impact of the steel axe head onto the block of wood, allowing the full force of the blow to be spread out over more time. Dead-blow hammers typically use polymers to further absorb any rebound energy, so there is some limit to the extent rebound can be reduced as seen in the testing portion of the video.

Looking for other ways to split wood? How about this cross-bladed axe or maybe a log splitter or two? If you’re curious about how they used to make axes in the old days, we’ve got you covered there too.

Continue reading “Deadblow Axe Splits Wood With Minimal Rebound”

Sonolithography With The Raspberry Pi Pico

February 16, 2024 by 5 Comments

You can do some wild things with sound waves, such as annoy your neighbours or convince other road users to move out of your way. Or, if you get into sonolithography like [Oliver Child] has, you can make some wild patterns with ultrasound.

Sonolithography is a method of patterning materials on to a surface using finely-controlled sound waves. To achieve this, [Oliver] created a circular array of sixteen ultrasonic transducers controlled via shift registers and gate driver ICs, under the command of a Raspberry Pi Pico. He then created an app for controlling the transducer array via an attached computer with a GUI interface. It allows the phase and amplitude of each element of the array to be controlled to create different patterns.

Creating a pattern is then a simple matter of placing the array on a surface, firing it up in a given drive mode, and then atomising some kind of dye or other material to visualize the pattern of the acoustic waves.

It could be a useful tool for studying the interactions of ultrasonic waves, or it could just be a way to make neat patterns in ink and dye if that’s what you’re into. [Oliver] notes the techniques of sonolithography could also have implications in biology or fabrication in future, as well. If you found this interesting, you might like to study up on ultrasonic levitation, too!

Change The Jingle In Your Makita Charger Because You Can

February 16, 2024 by 19 Comments

Lots of things beep these days. Washing machines, microwaves, fridge — even drill battery chargers. If you’re on Team Makita, it turns out you can actually change the melody of your charger’s beep, thanks to a project from [Real-Time-Kodi].

The hack is for the Makita DR18RC charger, and the implementation of the hack is kind of amusing. [Real-Time-Kodi] starts by cutting the trace to the buzzer inside the charger. Then, an Arduino is installed inside the charger, hooked up to the buzzer itself and the original line that was controlling it. When it detects the charger trying to activate the buzzer, it uses this as a trigger to play its own melody on the charger instead. The Arduino also monitors the LEDs on the charger in order to determine the current charge state, and play the appropriate jingle for the situation.

It’s an amusing hack, and one that could certainly confuse the heck out of anyone expecting the regular tones out of their Makita charger. It also shows that the simple ways work, too — there was no need to dump any firmware or decompile any code.

Continue reading “Change The Jingle In Your Makita Charger Because You Can”

Slime Mold-Powered Smart Watches See Humans Fall In Love With The Goo

February 16, 2024 by 13 Comments

Humans are very good at anthropomorphising things. That is, giving them human characteristics, like ourselves. We do it with animals—see just about any cartoon—and we even do it with our own planet—see Mother Nature. But we often extend that courtesy even further, giving names to our cars and putting faces on our computers as well.

A recent study has borne this out in amusing fashion. Researchers at the University of Chicago found that human attitudes towards a device can change if they are required to take actions to look after it. Enter the slime mold smartwatch, and a gooey, heartwarming story of love and care between human and machine, mediated by mold.

Continue reading “Slime Mold-Powered Smart Watches See Humans Fall In Love With The Goo”

Hackaday Podcast Episode 258: So Much Unix, Flipper Flip-out, And The Bus Pirate 5

February 16, 2024 by 2 Comments

Hackaday Editors Elliot Williams and Tom Nardi discuss all the week’s best and most interesting hacks and stories, starting with Canada’s misguided ban on the Flipper Zero for being too spooky. From there they’ll look at the state-of-the-art in the sub-$100 3D printer category, Apple’s latest “Right to Repair” loophole, running UNIX on the NES (and how it’s different from Japan’s Famicom), and the latency of various wireless protocols.

After singing the praises of the new Bus Pirate 5, discussion moves on to embedded Linux on spacecraft, artfully lifting IC pins, and the saga of the blue LED. Finally you’ll hear the how and why behind electrical steel, and marvel at a Mach 10 missile that (luckily) never needed to be used.

Grab a copy for yourself if you want to listen offline.

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast Episode 258: So Much Unix, Flipper Flip-out, And The Bus Pirate 5”

Compact Cycloidal Drive Lives Inside This Custom Brushless Motor

February 16, 2024 by 7 Comments

With the popularity of robot dogs, many people have gotten on the bandwagon and tried building DIY versions. Most of them end up attaching a gearbox to an off-the-shelf brushless motor and call it a day. Not everyone goes that way, though, which is why this internal cycloidal drive actuator caught our eye.

Taking design cues from the MIT Mini Cheetah, [Aaed Musa] approached his actuator from the inside out, literally. His 3D printed cycloidal gearbox is designed to fit inside the stator of a BLDC motor. And not just any BLDC motor, but one built mostly from scratch using a hand-wound — and unwound, and wound again — stator along with a rotor that started as a printed part but was eventually machined from steel. Apart from its fixed ring, the cycloidal drive was mostly 3D printed, with everything fitting nicely inside the stator.

The video below shows the design and assembly process as well as testing of the finished drive. It seems to do really well with speed and positional accuracy, and it delivers a substantial amount of torque. Maybe a little too much, though; testing it with a heavy weight on the end of an arm got the stator coils hot enough to warp the printed parts within. But no matter; this was only a prototype after all. [Aaed] says improvements are in the works, including replacing all the plastic parts with metal ones.

Need a little background on cycloidal drives? They’re pretty cool.

Continue reading “Compact Cycloidal Drive Lives Inside This Custom Brushless Motor”

This Week In Security: Filename Not Sanitized, MonikerLink, And Snap Attack!

February 16, 2024 by 7 Comments

Reading through a vulnerability report about ClamAV, I came across a phrase that filled me with dread: “The file name is not sanitized”. It’s a feature, VirusEvent, that can be enabled in the ClamnAV config. And that configuration includes a string formatting function, where the string includes %v and %s, which gets replaced with a detected virus name and the file name from the email. And now you see the problem, I hope: The filename is attacker supplied input.

Where this really gets out of hand is what ClamAV does with this string. execle("/bin/sh", "sh", "-c", buffer_cmd, NULL, env). So let’s talk defensive program design for a minute. When it comes to running a secondary command, there are two general options, system() and the exec*() family of system calls. system() is very simple to use. It pauses execution of the main process and asks the operating system to run a string, just as if the user had typed that command into the shell. While this is very convenient to use, there is a security problem if any of that command string is user-supplied. All it takes is a semicolon or ampersand to break assumptions and inject a command.

To the rescue comes exec(). It’s a bit more complicated to use, requiring the programmer to manually call fork() and wait(). But it’s not running the command via the shell. exec() executes a program directly, totally eliminating the potential for command injection! Except… oops.

Yeah, exec() and related calls don’t offer any security protections when you use them to execute /bin/sh. I suspect the code was written this way to allow running a script without specifying /bin/sh in the config. The official fix was to disable the filename format character, and instead supply it as an environment variable. That certainly works, and that fix is available in 1.0.5, 1.2.2, and 1.3.0.

The real danger here is that we have another case where some hardware appliance manufacturer has used ClamAV for email filtering, and uses this configuration by default. That’s how we get orders from CISA to unplug your hardware, because it’s already compromised. Continue reading “This Week In Security: Filename Not Sanitized, MonikerLink, And Snap Attack!”