Hackaday Podcast Episode 333: Nightmare Whiffletrees, 18650 Safety, And A Telephone Twofer

This week, Hackaday’s Elliot Williams and Kristina Panos met up over the tubes to bring you the latest news, mystery sound, and of course, a big bunch of hacks from the previous week.

In Hackaday news, get your Supercon 2025 tickets while they’re hot! Also, the One Hertz Challenge ticks on, but time is running out. You have until Tuesday, August 19th to show us what you’ve got, so head over to Hackaday.IO and get started now. Finally, its the end of eternal September as AOL discontinues dial-up service after all these years.

On What’s That Sound, Kristina got sort of close, but this is neither horseshoes nor hand grenades. Can you get it? If so, you could win a limited edition Hackaday Podcast t-shirt!

After that, it’s on to the hacks and such, beginning with a talking robot that uses typewriter tech to move its mouth. We take a look at hacking printed circuit boards to create casing and instrument panels for a PDP-1 replica. Then we explore a fluid simulation business card, witness a caliper shootout, and marvel at one file in six formats. Finally, it’s a telephone twofer as we discuss the non-hack-ability of the average smart phone, and learn about what was arguably the first podcast.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Download in DRM-free MP3 and savor at your leisure.

Continue reading “Hackaday Podcast Episode 333: Nightmare Whiffletrees, 18650 Safety, And A Telephone Twofer”

2003 Samsung CD player playing a clear vs normal audio CD. (Credit: Adrian's Digital Basement)

Why Lorde’s Clear CD Has So Many Playback Issues

Despite the regularly proclaimed death of physical media, new audio albums are still being published on CD and vinyl. There’s something particularly interesting about Lorde’s new album Virgin however — the CD is a completely clear disc. Unfortunately there have been many reports of folks struggling to get the unique disc to actually play, and some sharp-eyed commentators have noted that the CD doesn’t claim to be Red Book compliant by the absence of the Compact CD logo.

The clear Lorde audio CD in all its clear glory. (Credit: Adrian's Digital Basement, YouTube)
The clear Lorde audio CD in all its clear glory. (Credit: Adrian’s Digital Basement, YouTube)

To see what CD players see, [Adrian] of Adrian’s Digital Basement got out some tools and multiple CD players to dig into the issue. These players range from a 2003 Samsung, a 1987 NEC, and a cheap portable Coby player. But as all audio CDs are supposed to adhere to the Red Book standard, a 2025 CD should play just as happily on a 1980s CD player as vice versa.

The first step in testing was to identify the laser pickup (RF) signal test point on the PCB of each respective player. With this hooked up to a capable oscilloscope, you can begin to see the eye pattern forming. In addition to being useful with tuning the CD player, it’s also an indication of the signal quality that the rest of the CD player has to work with. Incidentally, this is also a factor when it comes to CD-R compatibility.

While the NEC player was happy with regular and CD-R discs, its laser pickup failed to get any solid signal off the clear Lorde disc. With the much newer Samsung player (see top image), the clear CD does play, but as the oscilloscope shot shows, it only barely gets a usable signal from the pickup. Likewise, the very generic Coby player also plays the audio CD, which indicates that any somewhat modern CD player with its generally much stronger laser and automatic gain control ought to be able to play it.

That said, it seems that very little of the laser’s light actually makes it back to the pickup’s sensor, which means that along with the gain the laser output gets probably cranked up to 11, and with that its remaining lifespan will be significantly shortened. Ergo it’s probably best to just burn that CD-R copy of the album and listen to that instead.

Continue reading “Why Lorde’s Clear CD Has So Many Playback Issues”

This Week In Security: The AI Hacker, FortMajeure, And Project Zero

One of the hot topics currently is using LLMs for security research. Poor quality reports written by LLMs have become the bane of vulnerability disclosure programs. But there is an equally interesting effort going on to put LLMs to work doing actually useful research. One such story is [Romy Haik] at ULTRARED, trying to build an AI Hacker. This isn’t an over-eager newbie naively asking an AI to find vulnerabilities, [Romy] knows what he’s doing. We know this because he tells us plainly that the LLM-driven hacker failed spectacularly.

The plan was to build a multi-LLM orchestra, with a single AI sitting at the top that maintains state through the entire process. Multiple LLMs sit below that one, deciding what to do next, exactly how to approach the problem, and actually generating commands for those tools. Then yet another AI takes the output and figures out if the attack was successful. The tooling was assembled, and [Romy] set it loose on a few intentionally vulnerable VMs.

As we hinted at up above, the results were fascinating but dismal. This LLM successfully found one Remote Code Execution (RCE), one SQL injection, and three Cross-Site Scripting (XSS) flaws. This whole post is sort of sneakily an advertisement for ULTRARED’s actual automated scanner, that uses more conventional methods for scanning for vulnerabilities. But it’s a useful comparison, and it found nearly 100 vulnerabilities among the collection of targets.

The AI did what you’d expect, finding plenty of false positives. Ask an AI to describe a vulnerability, and it will glad do so — no real vulnerability required. But the real problem was the multitude of times that the AI stack did demonstrate a problem, and failed to realize it. [Romy] has thoughts on why this attempt failed, and two points stand out. The first is that while the LLM can be creative in making attacks, it’s really terrible at accurately analyzing the results. The second observation is one of the most important observations to keep in mind regarding today’s AIs. It doesn’t actually want to find a vulnerability. One of the marks of security researchers is the near obsession they have with finding a great score. Continue reading “This Week In Security: The AI Hacker, FortMajeure, And Project Zero”

Teletext Around The World, Still

When you mention Teletext or Videotex, you probably think of the 1970s British system, the well-known system in France, or the short-lived US attempt to launch the service. Before the Internet, there were all kinds of crazy ways to deliver customized information into people’s homes. Old-fashioned? Turns out Teletext is alive and well in many parts of the world, and [text-mode] has the story of both the past and the present with a global perspective.

The whole thing grew out of the desire to send closed caption text. In 1971, Philips developed a way to do that by using the vertical blanking interval that isn’t visible on a TV. Of course, there needed to be a standard, and since standards are such a good thing, the UK developed three different ones.

The TVs of the time weren’t exactly the high-resolution devices we think of these days, so the 1976 level one allowed for regular (but Latin) characters and an alternate set of blocky graphics you could show on an expansive 40×24 palette in glorious color as long as you think seven colors is glorious. Level 1.5 added characters the rest of the world might want, and this so-called “World System Teletext” is still the basis of many systems today. It was better, but still couldn’t handle the 134 characters in Vietnamese.

Meanwhile, the French also wanted in on the action and developed Antiope, which had more capabilities. The United States would, at least partially, adopt this standard as well. In fact, the US fragmented between both systems along with a third system out of Canada until they converged on AT&T’s PLP system, renamed as North American Presentation Layer Syntax or NAPLPS. The post makes the case that NAPLPS was built on both the Canadian and French systems.

That was in 1986, and the Internet was getting ready to turn all of these developments, like $200 million Canadian system, into a roaring dumpster fire. The French even abandoned their homegrown system in favor of the World System Teletext. The post says as of 2024, at least 15 countries still maintain teletext.

Continue reading “Teletext Around The World, Still”

Open Source Lithium-Titanate Battery Management System

Lithium-titanate (LTO) is an interesting battery chemistry that is akin to Li-ion but uses Li2TiO3 nanocrystals instead of carbon for the anode. This makes LTO cells capable of much faster charging and with better stability characteristics, albeit at the cost of lower energy density. Much like LiFePO4 cells, this makes them interesting for a range of applications where the highest possible energy density isn’t the biggest concern, while providing even more stability and long-term safety.

That said, LTO is uncommon enough that finding a battery management system (BMS) can be a bit of a pain. This is where [Vlastimil Slintak]’s open source LTO BMS project may come in handy, which targets single cell (1S) configurations with the typical LTO cell voltage of around 1.7 – 2.8V, with 3 cells in parallel (1S3P). This particular BMS was designed for low-power applications like Meshtastic nodes, as explained on the accompanying blog post which also covers the entire development and final design in detail.

The BMS design features all the stuff that you’d hope is on there, like under-voltage, over-voltage and over-current protection, with an ATtiny824 MCU providing the brains. Up to 1 A of discharge and charge current is supported, for about 2.4 Watt at average cell voltage. With the triple 1,300 mAh LTO cells in the demonstrated pack you’d have over 9 Wh of capacity, with the connected hardware able to query the BMS over I2C for a range of statistics.

Thanks to [Marcel] for the tip.

Rediscovering Microsoft’s Oddball Music Generator From The 1990s

There has been a huge proliferation in AI music creation tools of late, and a corresponding uptick in the number of AI artists appearing on streaming services. Well before the modern neural network revolution, though, there was an earlier tool in this same vein. [harke] tells us all about Microsoft Music Producer 1.0, a forgotten relic from the 1990s.

The software wasn’t ever marketed openly. Instead, it was a part of Microsoft Visual InterDev, a web development package from 1997. It allowed the user to select a style, a personality, and a band to play the song, along with details like key, tempo, and the “shape” of the composition. It would then go ahead and algorithmically generate the music using MIDI instruments and in-built synthesized sounds.

As [harke] demonstrates, there are a huge amounts of genres to choose from. Pick one, and you’ll most likely find it sounds nothing like the contemporary genre it’s supposed to be recreating. The more gamey genres, though, like “Adventure” or “Chase” actually sound pretty okay. The moods are hilariously specific, too — you can have a “noble” song, or a “striving” or “serious” one. [harke] also demonstrates building a full song with the “7AM Illusion” preset, exporting the MIDI, and then adding her own instruments and vocals in a DAW to fill it out. The result is what you’d expect from a composition relying on the Microsoft GS Wavetable synth.

Microsoft might not have cornered the generative music market in the 1990s, but generative AI is making huge waves in the industry today.

Continue reading “Rediscovering Microsoft’s Oddball Music Generator From The 1990s”

Calibration, Good Old Calibration

Do you calibrate your digital meters? Most of us don’t have the gear to do a proper calibration, but [Mike Wyatt] shares his simple way to calibrate his DMMs using a precision resistor coupled with a thermistor. The idea is to use a standard dual banana plug along with a 3D-printed housing to hold the simple electronics.

The calibration element is a precision resistor. But the assembly includes a 1% thermistor. In addition to the banana plugs, there are test points to access the resistor and another pair for the thermistor.

Continue reading “Calibration, Good Old Calibration”