Hackaday Podcast 242: Mechanical Math, KaboomBox, And Racing The Beam

October 27, 2023 by 1 Comment

This week, Editor-in-Chief Elliot Williams and Kristina Panos met up from their separate but equally pin drop-quiet offices to discuss the best hacks of the previous week. Well, we liked these one, anyway.

First up in the news, it’s finally time for Supercon! So we’ll see you there? If not, be sure to check out the talks as we live-stream them on our YouTube channel!

Don’t forget — this is your last weekend to enter the 2023 Halloween Hackfest contest, which runs until 9 AM PDT on October 31st. Arduino are joining the fun this year and are offering some spooky treats in addition to the $150 DigiKey gift cards for the top three entrants.

It’s time for a new What’s That Sound, and Kristina was able to stump Elliot with this one. She’ll have to think of some more weirdo sounds, it seems.

Then it’s on to the hacks, beginning with an insanely complex mechanical central air data computer super-teardown from [Ken Shirriff]. We also learned that you can 3D-print springs and things by using a rod as your bed, and we learned whole lot about rolling your own electrolytic capacitors from someone who got to visit a factory.

From there we take a look at a Commodore Datassette drive that sings barbershop, customizing printf, and a really cool dress made of Polymer-dispersed Liquid Crystal (PDLC) panels. Finally we talk about racing the beam when it comes to game graphics, and say goodbye to Kristina’s series on USPS technology.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Download and savor at your leisure.

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 242: Mechanical Math, KaboomBox, And Racing The Beam”

A Simple And Effective 3D Filament Splicer

October 27, 2023 by 29 Comments

There are times in every 3D print enthusiast’s life when it would be convenient to join two pieces of filament. The problem with simply melting them together is that the resulting join has a blob of plastic surrounding it which has difficulty making it through the printer’s internals. [Pete Prodoehl] has a solution, in the form of a well-executed splicing jig that’s sure to leave a join which will glide through your printer.

The trick lies in performing the join in a space only marginally wider than the filament width, in the case of 1.75 mm filament a short piece of 1.775 mm PTFE tube encased in a 3D printed clamp. A 90-degree cut piece of filament is fed through the tube and heated with a candle, then withdrawn into the tube where a 45-degree cut piece is pushed in to fuse with it. The result is a seamless and bulge-less join, that can pass through an extruder without issue and print continuous pieces from different filaments.

It’s a very effective technique, but it’s not the only one we’ve seen over the years. This one by comparison heats the filament in a hair straightener, and relies on gently pulling the join apart as it solidifies in order to reduce the bulge.

This Week In Security: 1Password, Polyglots, And Roundcube

October 27, 2023 by 12 Comments

This week we got news of a security incident at 1Password, and we’re certain we aren’t the only ones hoping it’s not a repeat of what happened at LastPass. 1Password has released a PDF report on the incident, and while there are a few potentially worrying details, put into context it doesn’t look too bad.

The first sign that something might be amiss was an email from Okta on September 29th — a report of the current list of account administrators. Okta provides authentication and Single Sign-On (SSO) capabilities, and 1Password uses those services to manage user accounts and authentication. The fact that this report was generated without anyone from 1Password requesting it was a sign of potential problems.

And here’s the point where a 1Password employee was paying attention and saved the day, by alerting the security team to the unrequested report. That employee had been working with Okta support, and sent a browser session snapshot for Okta to troubleshoot. That data includes session cookies, and it was determined that someone unauthorized managed to access the snapshot and hijack the session, Firesheep style.

Okta logs seemed to indicate that the snapshot hadn’t been accessed, and there weren’t any records of other Okta customers being breached in this way. This pointed at the employee laptop. The report states that it has been taken offline, which is good. Any time you suspect malicious action on a company machine, the right answer is power it off right away, and start the investigation.

And here’s the one part of the story that gives some pause. Someone from 1Password responded to the possible incident by scanning the laptop with the free edition of Malwarebytes. Now don’t get us wrong, Malwarebytes is a great product for finding and cleaning the sort of garden-variety malware we tend to find on family members’ computers. The on-demand scanning of Malwarebytes free just isn’t designed for detecting bespoke malicious tools like a password management company should expect to be faced with.

But that turns out to be a bit of a moot point, as the real root cause was a compromised account in the Okta customer support system, as revealed on the 20th. The Okta report talks about stolen credentials, which raises a real question about why Okta support accounts aren’t all using two-factor authentication.

Continue reading “This Week In Security: 1Password, Polyglots, And Roundcube”

Retrotechtacular: Crash Testing Truck Attenuators, For Science

October 27, 2023 by 19 Comments

There are those among us who might bristle at something from the early 1980s qualifying for “Retrotechtacular” coverage, but it’s been more than 40 years since the California Department of Transportation’s truck-mounted attenuators crash testing efforts, so we guess it is what it is.

If you’re worried that you have no idea what a “truck-mounted attenuator” might be, relax — you’ve probably seen these devices attached to the backs of trucks in highway work zones. They generally look like large boxes attached to frames at the rear of the truck which are intended to soften the blow should a car somehow not see the giant orange truck covered with flashing lights and drive into the rear of it at highway speeds. Truck-mounted attenuators are common today, but back in 1982 when this film was produced, the idea was still novel enough to justify crash-testing potential designs.

Continue reading “Retrotechtacular: Crash Testing Truck Attenuators, For Science”

Why Game Boy IPS Screens Flicker

October 27, 2023 by 17 Comments

The Nintendo Game Boy was a very popular handheld in its time, but its display technology has not aged gracefully. Ripping out the original screen and dropping in a modern IPS LCD is a popular mod, but that often comes with a weird flicker now and then. [makho] is here to explain why.

The problem was that the Game Boy didn’t have any way to do transparency in the original hardware. Instead, sprites that were supposed to be a little bit transparent were instead flickered on and off rapidly. The original LCD was so slow that this flicker would be largely hidden, with the sprites in question looking suitably transparent. However, switch to a modern IPS LCD with its faster refresh rate, and the flickering will be readily visible. So it’s not a bug — it’s something that was intentionally done by developers that were designing for the screen technology of the 1980s, not the 2020s.

IPS screens have become the must-have upgrade for modern Game Boy users. Most would tell you the improved image quality and rich color is worth a little flicker here and there.

Continue reading “Why Game Boy IPS Screens Flicker”

Remembering The MUDdiest Of Times With The MUD1 And MUD2 Online RPGs

October 26, 2023 by 14 Comments

Before there were massively multiplayer online role-playing games (MMORPGs) like EverQuest, the genre was called a Multi-User Dungeon (MUD), following in the trend of calling text adventures at that time ‘dungeon crawlers’. These multi-player games required you to bring along your own imagination, for these were purely text-based affairs. Despite the first of these (MUD1) having been released all the way back in 1978 for the DEC PDP-10, these games are still being played today, long after they stopped being in the (game) news cycle.

The brief history and today’s status of MUD1 is covered in a recent article by [Bryan Lunduke], following its creation in 1979 in the UK by [Richard Bartle] and [Roy Trubshaw], its struggles and eventual renaming to ‘British Legends

Technically all you need to play is a telnet client, though you can always use a graphical web browser to log into a text adventure. Much like playing a game like Zork — which heavily inspired MUDs — you got to use your wits and map drawing skills to figure out how to navigate around the world. You can also play the new and improved MUD: MUD2. Make sure to take a peek on [Richard]’s aesthetically yellow MUD-related website and the latest gossip in the Muddled Times before joining either the UK MUD2 server or the Canadian one.

Although definitely leaning on one’s imagination more than the advanced graphics of a graphical MUD like EverQuest require, there’s a lot of fun to be had in these MUDs, as well as the plethora of others.

Thanks to [Stephen Walters] for the tip.

Blatano Art Project Tracks Devices In Its Vicinity

October 26, 2023 by 2 Comments

Computers, surveillance systems, and online agents are perceiving us all the time these days. Most of the time, it takes place in the shadows, and we’re supposed to be unaware of this activity going on in the background. The Blatano art piece from [Leigh] instead shows a digital being that actively displays its perception of other digital beings in the world around it.

The project is based on an ESP32, using the BLE Scanner library to scan for Bluetooth devices in the immediate vicinity. Pwnagochi and Hash Monster tools are also used to inspect WiFi traffic, while the CovidSniffer library picks up packets from contact-tracking apps that may be operating in the area.

This data is used to create profiles of various devices that the Blatano can pick up. It then assigns names and little robotic images to each “identity,” and keeps tabs on them over time. It’s an imperfect science, given that some devices regularly change their Bluetooth identifiers and the like. Regardless, it’s interesting to watch a digital device monitor the scene like a wallflower watching punters at a house party.

If you’ve built your own art-surveillance devices to comment on the state of modernity, don’t hesitate to drop us a line!