This Week In Security: Adblock For Security, ProxyNotShell Lives, And CVSS 10 To Not Worry About

December 30, 2022 by 14 Comments

The ubiquity of ransomware continues, this time with The Guardian announcing they were partially shut down from an attack. Staff are working from home as the incident is being investigated and data is recovered. Publishing seems to be continuing, and the print paper ran as expected.

There have been a couple reports published recently on how ransomware and other malware is distributed, the first being a public service announcement from the FBI, detailing what might be a blindly obvious attack vector — search engine advertising. A bad actor picks a company or common search term, pays for placement on a search engine, and then builds a fake web site that looks legitimate. For bonus points, this uses a typosquatted domain, like adobe[dot]cm or a punycode domain that looks even closer to the real thing.

The FBI has a trio of recommendations, one of which I whole-heartedly agree with. Their first suggestion is to inspect links before clicking them, which is great, except for the punycode attack. In fact, there are enough lookalike glyphs to make this essentially useless. Second is to type in URLs directly rather than using a search engine to find a company’s site. This is great so long as you know the URL and don’t make a typo. But honestly, haven’t we all accidentally ended up at website[dot]co by doing this? Their last recommendation is the good one, and that is to run a high-quality ad-blocker for security. Just remember to selectively disable blocking for websites you want to support. (Like Hackaday!) Continue reading “This Week In Security: Adblock For Security, ProxyNotShell Lives, And CVSS 10 To Not Worry About”

Robot Rebellion Brings Back BBC Camera Operators

December 30, 2022 by 22 Comments

The modern TV news studio is a masterpiece of live video and CGI, as networks vie for the flashiest presentation. BBC News in London is no exception, and embraced the future in 2013 to the extent of replacing its flesh-and-blood camera operators with robotic cameras. On the face of it this made sense; it was cheaper, and newsroom cameras are most likely to record as set range of very similar shots. A decade later they’re to be retired in a victory for humans, as the corporation tires of the stream of viral fails leaving presenters scrambling to catch up.

A media story might seem slim pickings for Hackaday readers, however there’s food for thought in there for the technically minded. It seems the cameras had a set of pre-programmed maneuvers which the production teams could select for their different shots, and it was too easy for the wrong one to be enabled. There’s also a suggestion that the age of the system might have something to do with it, but this is somewhat undermined by their example which we’ve placed below being from when the cameras were only a year old.

Given that a modern TV studio is a tightly controlled space and that detecting the location of the presenter plus whether they are in shot or not should not have been out of reach in 2013, so we’re left curious as to why they haven’t taken this route. Perhaps OpenCV to detect a human, or simply detecting the audio levels on the microphones before committing to a move could do the job. Either way we welcome the camera operators back even if we never see them, though we’ll miss the viral funnies.

Continue reading “Robot Rebellion Brings Back BBC Camera Operators”

A simple wooden chair with mint metallic connectors at the corners sits next to a pile of wooden pieces wrapped in leather and straps to form a backpack.

A Nomadic Chair

December 29, 2022 by 21 Comments

There’s no shortage of different types of folding or portable chairs, but designer [Jorge Penadés] built a backpack chair that will go the long haul.

Furniture that assembles without screws or glue is always intriguing, and this chair fits the bill. Using simple metal connectors and joinery, it can be setup and taken down in about two minutes without the flimsy feeling of a bag chair. With a natural finish on the wood, the connectors give a nice pop of color without feeling overwhelming. There are even some pictures of a couch version if you follow the link.

In backpack mode, the pieces are held together by leather patches and ratchet straps. [Penadés] was focused on portability over comfort with this piece, but we think this connection method could be used in the future for more comfortable furniture that is still portable.

If you’re looking for more interesting furniture, checkout this Tambour Table with a Puzzling Secret or these CNC-able Seats.

Continue reading “A Nomadic Chair”

Wear Your Fave Cassette Tapes As A Necklace With This 3D Printed Adapter

December 29, 2022 by 47 Comments

While packing merch for a recent gig, I realised I had the opportunity to do something a little fun. I’d released an album on tape, and spent a little extra to ensure the cassette itself was a thing of beauty. It deserved to be seen, rather than hidden away in a case on a shelf. I wanted to turn this piece of musical media into a necklace.

Of course, cassette tapes aren’t meant to be used in this way. Simply throwing a chain through the cassette would lead to tape reeling out everywhere. Thus, I fired up some CAD software and engineered a solution to do the job! Here’s how I built an adapter to turn any cassette tape into a cool necklace.

Find the design on Thingiverse, and more details below!

Continue reading “Wear Your Fave Cassette Tapes As A Necklace With This 3D Printed Adapter”

Showing a board with a Pi Pico plugged into it, a USB-A socket marked "USB host", and a character display that says "PASSED" referring to the board being the brains of a testing jig.

USB Host On RP2040 – With PIO

December 28, 2022 by 11 Comments

Folks from [Adafruit] are showing off a neat hack – USB host on RP2040, using the now-famous PIO peripheral. [Adafruit] builds a lot of RP2040 boards, and naturally, you gotta test them before you ship them to customers. They’ve been using very specific Teensies for that, and at some point, those became unobtainium. Based on the work of [sekigon-gonnoc] and with help of [Thach], they’ve made their TinyUSB library support bitbanging of USB over PIO, and successfully ported their test jig firmware to it!

The base Pico-PIO-USB repo by [sekigon-gonnoc] shows a pretty impressive state of affairs – with low-speed and full-speed USB host and full-speed USB device modes supported, and quite a few examples to get you started. [Adafruit]’s work integrates this code into their TinyUSB stack, specifically focusing on MST (mass storage) features – as this is what you need to program a RP2040. Of course, they also provide a mass storage example to boot!

Test jigs are pretty important to have when making multiple pieces of a board, and with RP2040 supporting more and more interfaces thanks to PIO, it sounds like the perfect chip for your next production testing-intended PCB. With the jig brains taken care of, you’ll want to look into building no less important mechanical part, and we’ve covered quite a few ways to sort that out – here’s an OpenSCAD script that generates lasercutting files out of KiCad boards, or a jig built out of scrap copperclad FR4, and a pretty extensive tutorial on making your own lasercuttable jigs, to boot.

Continue reading “USB Host On RP2040 – With PIO”

Giving Stable Diffusion Some Depth

December 28, 2022 by 55 Comments

You’ve likely heard quite a bit of buzz over the last few months about Stable Diffusion. The new version (v2) has come out, and in addition to the standard image-to-image and text-to-image modes, it also has a depth-image-to-image that can be incredibly useful. [Andrew] has a write-up that guides you on using this mode.

The basic idea is that you can take both an image and depth into the model, which allows you to control what gets put where. Stable Diffusion is a bit confusing, but we already have some great resources to wrap your head around it. In terms of input, you can use a depth map from a camera with lidar (many recent phones include this) or have another model (like MiDaS) estimate it from a 2D picture. This becomes powerful when you can preserve a specific composition, such as an iconic scene from a well-known movie. You can keep the characters’ poses on the screen but transform the style of the scene into whatever you wish (as seen above).

We have already covered a technique to generate textures right in blender, but this new depth information has already been implemented to provide better accuracy of the textures.

[Justin Alvey] used it to create architectural photos from dollhouse furniture. Using the MiDaS model, he estimated the depth and threw away the RGB aspects by setting the denoising strength to maximum. The simplified dollhouse furniture was easily recognizable to the model, which helped produce great results.

However, the only downside is that the perspective produces a rather dollhouse feel. Changing the focal length and moving farther away helps. Overall, it’s a clever use of what the new AI model can do. It’s a fast-moving space, so this will likely be out of date in a few months.

 

Fiberglass Mesh For Stronger 3D Prints

December 28, 2022 by 32 Comments

There are many clever ways to make stronger 3D prints, be they by the use of special slicing algorithms or by unusual filaments. [Brtv-z] has taken a more straightforward tack, by making glass-reinforced prints using painters fiberglass mesh tape.

It’s a laborious technique that involves stopping the print to manually place the fiberglass at each successive millimeter of print. The resulting test piece comes off the print bed festooned with fiberglass mesh, and once it’s been trimmed, he subjects it to some tests which you’ll see in the video below the break(Russian language, but there are subtitles).

The tests are fairly rough and ready involving a hammer (we winced at the hammering in a vice, but of course this piece isn’t forged steel!) and standing on a flat piece of print balanced between two blocks. As you’d expect, the reinforced piece appears the stronger, but these tests would benefit from a calibrated set-up to quantify the strength.

So if you’re of a mind to experiment, this certainly seems like an accessible if rather tedious way to make glass reinforced 3D prints. If you then want to characterize them, remember this can be done with a bit of farmyard engineering if you have nothing better.

Continue reading “Fiberglass Mesh For Stronger 3D Prints”