In this episode, the CrowdStrike fiasco has Hackaday Editors Elliot Williams and Tom Nardi pondering the fragility of our modern infrastructure. From there the discussion moves on to robotic sailboats, the evolving state of bespoke computers, and the unique capabilities of the Super Nintendo cartridge. You’ll also hear about cleaning paintings with lasers, the advantages of electronic word processors, stacking 3D printed parts, and the joys of a nice data visualization. They’ll wrap the episode up by marveling at the techniques required to repair undersea fiber optic cables, and the possibilities (and frustrations) of PCB panelization using multiple designs.
Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!
Sometimes off-the-shelf solutions to a problem don’t meet your expectations. That’s what led [TomGoff] to build his own solar pond fountain.
This build features a lot of creative reuse of materials [TomGoff] already had on hand, like the end of a cable reel for the platform and a wheelbarrow inner tube for flotation. A 3D printed nozzle in the center of this apparatus is attached to a 12 V water pump and the whole thing is controlled by an Arduino running 30 seconds on and 3 minutes off to conserve battery power.
A hand-built perfboard contains a light dependent resistor (LDR) to tell the Arduino not to run at night, the relay for the pump, and a battery charge monitor. Be sure to check out the full write-up to see the video of the Tinkercad electronics simulation as well as the code. A 20 W solar panel keeps the whole thing charged so you don’t have to run mains power out to your pond.
It’s a bit of bitter irony, when a security product gets used maliciously, to pull off the exact attack it was designed to prevent. Enter Proofpoint, and the EchoSpoofing attack. Proofpoint offers an email security product, filtering spam and malicious incoming emails, and also handling SPF, DKIM, and DMARC headers on outgoing email. How does an external service provide those email authentication headers?
One of the cardinal sins of running an email server is to allow open relaying. That’s when anyone can forward email though an SMTP server without authentication. What we have here is two nearly open relays, that wound up with spoofed emails getting authenticated just like the real thing. The first offender is Microsoft’s Office365, which seems to completely skip checking for email spoofing when using SMTP relaying from an allowed IP address. This means a valid Office365 account allows sending emails as any address. The other half relies on the way Proofpoint works normally, accepting SMTP traffic from certain IP addresses, and adding the authentication headers to those emails. There’s an option in Proofpoint to add the Microsoft Office 365 servers to that list, and apparently quite a few companies simply select that option.
The end result is that a clever spammer can send millions of completely legitimate looking emails every day, that look very convincing even to sophisticated users. At six months of activity, averaging three millions emails a day, this campaign managed just over half a billion malicious emails from multiple high-profile domains.
The good news here is that Proofpoint and Guardio discovered the scheme, and worked with Microsoft to develop the X-OriginatorOrg header that is now applied to every email sent from or through the Office365 servers. This header marks the account tenant the email belongs to, giving vendors like Proofpoint a simple way to determine email validity. Continue reading “This Week In Security: Echospoofing, Ransomware Records, And Github Attestations”→
Most people love lasers, because they can make cats chase, read music from a shiny disc, etch and cut materials, and be very shiny in Hollywood blockbusters, even when their presence makes zero sense. That said, lasers are also extremely dangerous, as their highly focused nature and wide range of power levels can leave a person dazzled, blinded or dead from direct and indirect exposure. A lapse in laser safety was how [Phil Broughton] ended up with part of his retina forever marked, as he describes his adventures with an overly enthusiastic laser company sales person.
Quanta Ray PRO350 with frequency doubling, emitting a 532 nm beam – Sales brochure image from Quanta Ray, unknown date
It didn’t take much, just this sales person who made a really poor decision while trying to please some customers and nearly ended with multiple adults, a local school, pilots at a nearby airfield getting their retinas blasted out due to an absolutely harebrained idea to use a fairly high-powered Quanta-Ray Nd:YAG laser on reflective surfaces in the open.
This was in 1999, and fortunately [Phil] only suffered some fairly minor damage to his retina from the laser beam reflection. What happened to the customers (who wore argon laser safety glasses) or the sales critter (who left soon after) is not described, but both may have received some bad news when they had their eyes checked shortly after at the ophthalmologist.
These kind of stories are a stark reminder that laser safety is not optional. Lasers producing a visible (400 – 700 nm) wavelength above Class 2 should only be operated in a fully secured environment, with safety glasses for the appropriate laser wavelength. Class 2 lasers producing a non-visible wavelength can cause permanent damage because the blink reflex of the eye does not offer any protection here.
As even some dodgy laser pointers are being (illegally) sold online are actually Class 2, this should make it clear that laser eye injury can happen to anyone, and it only takes a second to change someone’s life forever.
Floppies were once the standard method of information exchange, but decades of storage can render them unreadable, especially if mold sets in. [Rob Smith] wanted to clean some floppies in style and made a Disco Rube Goldberg-Style device for the job.
Starting with a disk caddy on linear rails, [Smith] has a track for the floppy to follow. First it goes through a set of pads with cleaning solution on them, and is then dried off with heating elements. To make it more fun, the device has LEDs and a set of speakers at the bottom to treat the disk to a more complete car wash-esque experience.
Cotton swabs and a cleaning solution are all you really need to do the job by hand, but if you have a lot of floppies, that can get tedious quickly. [Smith] compares his machine’s performance to doing it by hand with both IPA and a dish soap solution showing that his machine does indeed clean the disks and usually makes them more readable than they were before. He cautions that it might be best to make multiple copies of the disk during the cleaning process as it isn’t always constructive though.
Magnetic materials are typically divided into ferromagnetic and antiferromagnetic types, depending on their magnetic moments (electron spins), resulting in either macroscopic (net) magnetism or not. Altermagnetism is however a recently experimentally confirmed third type that as the name suggests alternates effectively between these two states, demonstrating a splitting of the spin energy levels (spin-split band structure). Like antiferromagnets, altermagnets possess a net zero magnetic state due to alternating electron spin, but they differ in that the electronic band structure are not Kramers degenerate, which is the feature that can be tested to confirm altermagnetism. This is the crux of the February 2024 research paper in Nature by [J. Krempaský] and colleagues.
Specifically they were looking for the antiferromagnetic-like vanishing magnetization and ferromagnetic-like strong lifted Kramers spin degeneracy (LKSD) in manganese telluride (MnTe) samples, using photoemission spectroscopy in the UV and soft X-ray spectra. A similar confirmation in RuO2 samples was published in Science Advances by [Olena Fedchenko] and colleagues.
What this discovery and confirmation of altermagnetism means has been covered previously in a range of papers ever since altermagnetism was first proposed in 2019 by [Tomas Jungwirth] et al.. A 2022 paper published in Physical Review X by [Libor Šmejkal] and colleagues details a range of potential applications (section IV), which includes spintronics. Specific applications here include things like memory storage (e.g. GMR), where both ferromagnetic and antiferromagnetics have limitations that altermagnetism could overcome.
Naturally, as a fairly new discovery there is a lot of fundamental research and development left to be done, but there is a good chance that within the near future we will see altermagnetism begin to make a difference in daily life, simply due to how much of a fundamental shift this entails within our fundamental understanding of magnetics.
Heading image: Illustrative models of collinear ferromagnetism, antiferromagnetism, and altermagnetism in crystal-structure real space and nonrelativistic electronic-structure momentum space. (Credit: Libor Šmejkal et al., Phys. Rev. X, 2022)
Photons are particles of light, or waves, or something like that, right? [Mithuna Yoganathan] explains this conundrum in more detail than you probably got in your high school physics class.
While quantum physics has been around for over a century, it can still be a bit tricky to wrap one’s head around since some of the behaviors of energy and matter at such a small scale aren’t what we’d expect based on our day-to-day experiences. In classical optics, for instance, a brighter light has more energy, and a greater amplitude of its electromagnetic wave. But, when it comes to ejecting an electron from a material via the photoelectric effect, if your wavelength of light is above a certain threshold (bigger wavelengths are less energetic), then nothing happens no matter how bright the light is.
Scientists pondered this for some time until the early 20th Century when Max Planck and Albert Einstein theorized that electromagnetic waves could only release energy in packets of energy, or photons. These quanta can be approximated as particles, but as [Yoganathan] explains, that’s not exactly what’s happening. Despite taking a few classes in quantum mechanics, I still learned something from this video myself. I definitely appreciate her including a failed experiment as anyone who has worked in a lab knows happens all the time. Science is never as tidy as it’s portrayed on TV.
