Prompt Injection Tricks AI Into Downloading And Executing Malware

January 26, 2025 by 8 Comments

[wunderwuzzi] demonstrates a proof of concept in which a service that enables an AI to control a virtual computer (in this case, Anthropic’s Claude Computer Use) is made to download and execute a piece of malware that successfully connects to a command and control (C2) server. [wonderwuzzi] makes the reasonable case that such a system has therefore become a “ZombAI”. Here’s how it worked.

Referring to the malware as a “support tool” and embedding instructions into the body of the web page is what got the binary downloaded and executed, compromising the system.

After setting up a web page with a download link to the malicious binary, [wunderwuzzi] attempts to get Claude to download and run the malware. At first, Claude doesn’t bite. But that all changes when the content of the HTML page gets rewritten with instructions to download and execute the “Support Tool”. That new content gets interpreted as orders to follow; being essentially a form of prompt injection.

Claude dutifully downloads the malicious binary, then autonomously (and cleverly) locates the downloaded file and even uses chmod to make it executable before running it. The result? A compromised machine.

Now, just to be clear, Claude Computer Use is experimental and this sort of risk is absolutely and explicitly called out in Anthropic’s documentation. But what’s interesting here is that the methods used to convince Claude to compromise the system it’s using are essentially the same one might take to convince a person. Make something nefarious look innocent, and obfuscate the true source (and intent) of the directions. Watch it in action from beginning to end in a video, embedded just under the page break.

Continue reading “Prompt Injection Tricks AI Into Downloading And Executing Malware”

A black box with the words "Steam BRICK" emblazoned in white and orange text. It sits on a grey surface with various electronic parts surrounding it.

Steam Brick Makes Your Steam Deck Headless

January 26, 2025 by 44 Comments

Handhelds are designed to be portable, but what if you need something smaller than OEM? The Steam Brick pulls basically everything off of a Steam Deck to make it as portable as possible.

[crastinator-pro] found they rarely used the controller or screen on their Steam Deck, and the form factor was too bulky to conveniently chuck into their bag, negating the advantage of owning a portable console. As to be expected from any self-respecting hacker, they did a couple quick tests with components unplugged then got to work with the rotary tool.

After excising the main board from its handheld bonds and trimming unnecessary bits from the aluminum frame around the mainboard, they designed a case that can be tossed in a bag without any special treatment. The case was printed in polycarbonate to better withstand the heat of the console running at full tilt, and the colorful details were added in PLA with a 3D pen.

We’ve discussed using a Steam Deck as a single-board computer before, but if you want to keep it in one piece, you could also get it setup in a slick keyboard case.

Capacitor Decoupling Chaos, And Why You Should Abandon 100 NF

January 25, 2025 by 64 Comments

Everyone knows that the perfect capacitor to decouple the power rails around ICs is a 100 nF ceramic capacitor or equivalent, yet where does this ‘fact’ come from and is it even correct? These are the questions that [Graham] set out to answer once and for all. He starts with an in-depth exploration of the decoupling capacitor (and related) theory. [Graham] then dives into the way that power delivery is affected by the inherent resistance, capacitance, and inductance of traces. This is the problem that decoupling capacitors are supposed to solve.

Effectively, the decoupling capacitor provides a low-impedance path at high frequencies and a high-impedance path at low frequencies. Ideally, a larger value capacitor would be better, but since this is the real world and capacitors have ESL and ESR parameters, we get to look at impedance graphs. This is the part where we can see exactly what decoupling effect everyone’s favorite 100 nano-farad capacitors have, which as it turns out is pretty miserable.

Meanwhile, a 1 µF (ceramic) capacitor will have much better performance, as shown with impedance graphs for MLCC capacitors. As a rule of thumb, a single large decoupling capacitor is better, while two MLCC side-by-side can worsen noise. Naturally, one has to keep in mind that although ‘more capacity is better for decoupling’, there is still such a thing as ‘inrush current’ so don’t go too crazy with putting 1,000 µF decoupling capacitors everywhere.

Does A Radome Affect Radio?

January 25, 2025 by 24 Comments

Not too far away from where this is being written is one of Uncle Sam’s NATO outposts, a satellite earth station for their comms system. Its most prominent feature is a radome, a huge golf-ball-like structure visible for miles, that protects a large parabolic antenna from the British weather. It makes sense not just for a superpower to protect its antennas from the elements, and [saveitforparts] is doing the same with a geodesic dome for his radio telescope experiments. But what effect does it have on the received signal? He’s made a video to investigate.

The US military radome is likely constructed of special RF-transparent materials, but this smaller version has a fibreglass skin and an aluminium frame. When he compares internal and external sky scans made with a small motorised satellite TV antenna he finds that the TV satellites are just as strong, but that the noise floor is higher and the frame is visible in the scan. It’s particularly obvious with such small dish, and his planned larger array should improve matters.

We would be curious to know whether an offset-fed dish constructed to minimise ground noise reaching the LNB, would improve matters further. It’s no surprise that the frame doesn’t impede the TV satellites though, as it is many wavelengths wide at that frequency. The video is below the break, and meanwhile, we featured the antenna he’s using here in 2023.

Continue reading “Does A Radome Affect Radio?”

Software Lets You Paint Surface Patterns On 3D Prints

January 25, 2025 by 19 Comments

Just when you think you’ve learned all the latest 3D printing tricks, [TenTech] shows up with an update to their Fuzzyficator post-processing script. This time, the GPL v3 licensed program has gained early support for “paint-on” textures.

Fuzzyficator works as a plugin to OrcaSlicer, Bambu Studio, and PrusaSlicer. The process starts with an image that acts as a displacement map. Displacement map pixel colors represent how much each point on the print surface will be moved from its original position. Load the displacement map into Fuzzyficator, and you can paint the pattern on the surface right in the slicer.

This is just a proof of concept though, as [TenTech] is quick to point out. There are still some bugs to be worked out. Since the modifications are made to the G-code file rather than the model, the software has a hard time figuring out if the pattern should be pressed into the print, or lifted above the base surface. Rounded surfaces can cause the pattern to deform to fit the surface.

If you’d like to take the process into your own hands, we’ve previously shown how Blender can be used to add textures to your 3D prints.

Continue reading “Software Lets You Paint Surface Patterns On 3D Prints”

Soviet Wired Radio, How It Worked

January 25, 2025 by 39 Comments

At the height of the Cold War, those of us on the western side of the wall had plenty of choice over our radio listening, even if we stuck with our country’s monolithic broadcaster. On the other side in the Soviet Union, radio for many came without a choice of source, in the form of wired radio systems built into all apartments. [Railways | Retro Tech | DIY] grew up familiar with these wired radios, and treats us to a fascinating examination of their technology, programming, and ultimate decline.

In a Soviet apartment, usually in the kitchen, there would be a “Radio” socket on the wall. Confusingly the same physical dimension as a mains socket, it carried an audio signal. The box which plugged into it was referred to as a radio, but instead contained only a transformer, loudspeaker, and volume control. These carried the centralised radio station, piped from Moscow to the regions by a higher voltage line, then successively stepped down at regional, local, and apartment block level. A later refinement brought a couple more stations on separate sub-carriers, but it was the single channel speakers which provided the soundtrack for daily life.

The decline of the system came over the decades following the end of communism, and he describes its effect on the mostly older listenership. Now the speaker boxes survive as affectionate curios for those like him who grew up with them.

You probably won’t be surprised to find twisted-wire broadcasting in use in the West, too.

Continue reading “Soviet Wired Radio, How It Worked”

Preventing AI Plagiarism With .ASS Subtitling

January 25, 2025 by 55 Comments

Around two years ago, the world was inundated with news about how generative AI or large language models would revolutionize the world. At the time it was easy to get caught up in the hype, but in the intervening months these tools have done little in the way of productive work outside of a few edge cases, and mostly serve to burn tons of cash while turning the Internet into even more of a desolate wasteland than it was before. They do this largely by regurgitating human creations like text, audio, and video into inferior simulacrums and, if you still want to exist on the Internet, there’s basically nothing you can do to prevent this sort of plagiarism. Except feed the AI models garbage data like this YouTuber has started doing.

At least as far as YouTube is concerned, the worst offenders of AI plagiarism work by downloading the video’s subtitles, passing them through some sort of AI model, and then generating another YouTube video based off of the original creator’s work. Most subtitle files are the fairly straightfoward .srt filetype which only allows for timing and text information. But a more obscure subtitle filetype known as Advanced SubStation Alpha, or .ass, allows for all kinds of subtitle customization like orientation, formatting, font types, colors, shadowing, and many others. YouTuber [f4mi] realized that using this subtitle system, extra garbage text could be placed in the subtitle filetype but set out of view of the video itself, either by placing the text outside the viewable area or increasing its transparency. So now when an AI crawler downloads the subtitle file it can’t distinguish real subtitles from the garbage placed into it.

[f4mi] created a few scripts to do this automatically so that it doesn’t have to be done by hand for each one. It also doesn’t impact the actual subtitles on the screen for people who need them for accessibility reasons. It’s a great way to “poison” AI models and make it at least harder for them to rip off the creations of original artists, and [f4mi]’s tests show that it does work. We’ve actually seen a similar method for poisoning data sets used for emails long ago, back when we were all collectively much more concerned about groups like the NSA using automated snooping tools in our emails than we were that machines were going to steal our creative endeavors.

Thanks to [www2] for the tip!

Continue reading “Preventing AI Plagiarism With .ASS Subtitling”