Hackaday Podcast 197: Decoding VHS, Engineering The TV Guardian, And Gitting Code Into Your ESP32s

December 16, 2022 by No comments

This week, Editor-in-Chief Elliot Williams and Assignments Editor Kristina Panos delighted in the aural qualities of Kristina’s brand new, real (read: XLR) microphone before embarking on creating a podcast highlighting the best of the previous week’s hacks.

This week in the news, NASA returned to the Moon with Artemis I, and this time, there are CubeSats involved. After that, it’s on to the What’s That Sound results show, marred by Kristina’s cheating scandal (listening ahead of time) and Elliot’s reading the filename aloud before we started recording. Finally, we move on to the hacks — they start with a trip to the 90s both sonically and visually, and end with a really nice alarm clock that’s decidedly 70s, and definitely Hackaday.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

And/or download it and listen offline.

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 197: Decoding VHS, Engineering The TV Guardian, And Gitting Code Into Your ESP32s”

This Week In Security: Scamming The FBI, In The Wild, And AI Security

December 16, 2022 by 16 Comments

If you’re part of a government alphabet agency, particularly running a program to share information to fight cybercrime, make sure to properly verify the identity of new members before admission. Oh, and make sure the API is rate-limited so a malicious member can’t scrape the entire user database and sell it on a dark web forum.

Putting snark aside, this is exactly what has happened to the FBI’s InfraGuard program. A clever user applied to the program using a CEO’s name and phone number, and a convincing-looking email address. The program administrators didn’t do much due diligence, and approved the application. Awkward.

BSD Ping

First off, the good folks at FreeBSD have published some errata about the ping problem we talked about last week. First off, note that while ping does elevate to root privileges via setuid, those privileges are dropped before any data handling occurs. And ping on FreeBSD runs inside a Capsicum sandbox, a huge obstacle to system compromise from within ping. And finally, further examination of the bug in a real-world context casts doubt on the idea that Remote Code Execution (RCE) is actually possible due to stack layouts.

If someone messes up somewhere, go look if you messed up in the same or similar way somewhere else.

Sage advice from [Florian Obser], OpenBSD developer. So seeing the ping problem in FreeBSD, he set about checking the OpenBSD ping implementation for identical or similar problems. The vulnerable code isn’t shared between the versions, so he reached for afl++, a fuzzing tool with an impressive list of finds. Connect afl++ to the function in ping that handles incoming data, and see what shakes out. The conclusion? No crashes found in this particular effort, but several hangs were identified and fixed. And that is a win. Continue reading “This Week In Security: Scamming The FBI, In The Wild, And AI Security”

Mazda Patents Spinning Dorito To Extend EV Range

December 16, 2022 by 44 Comments

OK, so a Wankel engine doesn’t really use a Dorito as its cylinders, but it sure looks like one. The company has announced it will offer a range extender rotary engine for the MX-30 electric “crossover” vehicle, but [CarBuzz] dug into the patent papers to find out that it has some interesting twists.

The MX-30 is an EV with a relatively small 35.5 kWh battery. Like a hybrid vehicle, the car includes a small internal combustion engine that can charge the battery. It does not, however, directly drive the wheels at any time. The Wankel has several improvements, including a secondary port that allows more air into the combustion chamber when the engine has to produce high power. But there’s a problem…

The secondary port is great when you are pushing hard, but at low speed, it produces inefficiency. To combat that, Mazda includes a valve to seal off the second port when it doesn’t make sense to open it. But that’s not the strange part. The strange part is that the engine also has its own electric assist motor that runs off the main battery.  That’s right. The battery you are charging provides some energy to operate the electric assist motor to help the engine that is charging the battery. If that makes your head spin like the Wankel’s rotor, you aren’t alone.

The assist motor can assist or retard the output shaft during the intake stroke. This can optimize the intake to the combustion chamber. Of course, this will cause odd movement in the engine’s output, but since it doesn’t drive the car, who cares? The battery isn’t going to mind if the output isn’t smooth.

The Wankel shows up in a lot of odd places. We’ve seen Wankel air compressors. Despite detractors, there have been many improvements in the design over the years.

Building A Chain Drive Differential From Junkyard Parts

December 15, 2022 by 26 Comments

A differential is a very useful thing for a vehicle. It allows two driven wheels to rotate at different speeds, such as when going around a corner. [Workshop From Scratch] needed a chain driven differential, so set about building one from a salvaged automotive unit.

The differential itself was taken from a BMW E46 3-Series, specifically a 2.0-liter diesel model. The work began by removing the differential’s center gears from its big, hefty iron housing. Disassembly then ensued, with the spider gears removed from their carrier and the other components discarded. The differential gears themselves were installed instead in a new compact housing, fabricated with much welding and lathery. The housing was fitted with a large chain sprocket to deliver drive, in place of the original differential’s ring gear and pinion.

The video’s description states it would be an ideal differential for a go-kart, buggy, or other such small vehicle. Given the differential gears were originally built to handle a full-sized car, they should be more than capable of dealing with such applications.

If you’re a little unfamiliar with how differentials work, check out this primer from the early 20th century. It’s widely considered to be the best education on the topic. Video after the break.

Continue reading “Building A Chain Drive Differential From Junkyard Parts”

Supercon 2022: Sam Mulvey Shows You How To FM Radio

December 15, 2022 by 19 Comments

Sam Mulvey built his own radio station in Tacoma, WA. Is there a better way to meld ham radio practice with a colossal number of DIY electrical and computer projects? Sam would say there isn’t one! This 45-minute talk is basically the lessons-learned review of setting up KTQA 95.3 – the radio station on the hill.

Sam starts out the talk by introducing you to LPFM. And maybe you didn’t know that there’s a special type of license issued by the US FCC allowing non-profit community radio stations up to 100 W, covering an radius of around 5 km. It’s like running a pirate radio station, but by jumping through a few legal hoops, made legal.

Trash on the Radio

Putting a radio station together on a budget requires a ton of clever choices, flexibility, and above all, luck. But if you’re willing to repair a busted CD player or turntable, scrounge up some used computers, and work on your own amplifiers, the budget doesn’t have to be the limiting factor.

Being cheap means a lot of DIY. For instance, Sam and friends made a custom console to support all the gear and hide all the wiring. Some hot tips from the physical build-out: painted cinderblocks make great studio monitor stands, and Cat-5 can carry two channels of balanced audio along with power, with sufficient isolation that it all sounds clean. Continue reading “Supercon 2022: Sam Mulvey Shows You How To FM Radio”

Australia’s Soft Plastic Recycling Debacle

December 15, 2022 by 81 Comments

We’ve all been told to cut back on waste to help prevent environmental crisis on Earth. Reducing waste helps reduce the need to spend time and energy digging up fresh materials, and helps reduce the amount of trash we have to go out and bury in the ground in landfills. Recycling is a big part of this drive, allowing us to divert waste by reprocessing it into fresh new materials.

Sadly, though, recycling isn’t always as magical as it seems. As Australia has just found out, it’s harder than it sounds, and often smoke and mirrors prevent the public from understanding what’s really going on. Here’s how soft plastic recycling went wrong Down Under.

Continue reading “Australia’s Soft Plastic Recycling Debacle”

Virtual Yule Log Brings Old Tradition To The Web

December 15, 2022 by 2 Comments

Yule Log broadcasts are a bit of an American tradition, though similar content has also been broadcast around the world. They consist of a video of a log burning in a fireplace, ideally merrily so, and often feature Christmas carols or other holiday songs to help create a festive mood. [Joshua Gross] wanted to bring that tradition up to date, and thus built a Yule Log website with the help of some creative technologists.

What are Yule looking at?

WebYuleLog.com, as the project is known, features several web-based recreations of the Yule Log concept. They are charming little creations built with different techniques, from the AI-generated to those hewn from simple, pure HTML and CSS.  They range from cute 8-bit-esque tributes to burning firewood, to the ethereal and unrecognizable thought bubbles of an image-generating neural network. We’re pretty sure one of them is a oblique reference to an old Excel 97 Easter Egg, too.

It’s funny how much can be achieved within a modern browser window. Once upon a time, you were lucky to get a few GIFs and an obnoxious looping MIDI soundtrack.