The Case For A Technology Aware Lobby Correspondent

November 17, 2023 by 24 Comments

We cover all manner of stories here at Hackaday, including awesome hardware hacks, the latest trends and inventions, and in-depth guides to fascinating technologies. We also cover a few news stories from the wider world outside our community, usually when they have some knock-on effect that has an impact on us. Recently this last category of stories has included laws which present a threat to online encryption and privacy in the UK and in the European Union, for example. They’re not the most joyful of news, but it’s vital for everyone with an interest in online matters to be informed about them.

A Long And Inglorious History

A quad flat-pack computer chip, made by VLSI
The infamous Clipper chip. Travis Goodspeed, CC BY 2.0

Those of us who have followed the world of technology will know that badly thought out laws with a negative impact on technology have a long and inglorious history. Some like the infamous backdoored Clipper chip encryption device die an inglorious death as industry or the public succeed in making them irrelevant, but others such as the Digital Millennium Copyright Act or DMCA live on for decades and present an ongoing malign influence. Most recently our ongoing coverage of dubious drone stories included a hefty dose of equally dubious action from lawmakers.

When considering these pieces of legislation it’s easy to characterise the politicians who advance them as gullible idiots easily swayed by any commercial lobbyist with a fistful of cash. But the reality is far more nuanced, while some of them may well be tempted by those lobbyists  they are in most cases neither gullible nor foolish. Instead they are better characterised as clueless on technical issues, and thus easily swayed by received opinion rather than by technological reality. If there’s a fault in the system it’s that the essential feedback which provides the checks and balances is missing, and oddly while sitting here writing this story, the responsibility for this comes close to home. The solution doesn’t lie in changing the politicians, but in changing how they are treated by journalists. Continue reading “The Case For A Technology Aware Lobby Correspondent”

Hackaday Podcast 244: Fake Chips, Drinking Radium, And Spotting Slippery Neutrinos

November 17, 2023 by 2 Comments

This week, Editor-in-Chief Elliot Williams and Kristina Panos met up to discuss the best hacks of the previous week, at least in our opinions.

After chasing the angry bird away from Kristina’s office, we go to the news and learn that we’re in the middle of a solar conjunction Essentially, the Sun has come between Earth and Mars, making communication impossible for about another week. Did you know that this happens every two years?

Then it’s time for a new What’s That Sound, and although Kristina had an interesting albeit somewhat prompted guess, she was, of course, wrong.

And then it’s on to the hacks, beginning with a really cool digital pen that packs all the sensors. We learned about the world’s largest musical instrument, and compared it to the Zadar Sea Organ in Croatia, which if you’ll recall was once a What’s That Sound.

From there we take a look at fake buck converters, radioactive water as a health fad, and a garage door company that has decided to take their ball and go home. Finally we talk about how slippery neutrinos are, and discuss Tom’s time at JawnCon.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Download and savor at your leisure.

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 244: Fake Chips, Drinking Radium, And Spotting Slippery Neutrinos”

That Time NASA Built A Tiny Tank To Pop Shuttle Tires

November 17, 2023 by 64 Comments

The Space Shuttle has often been called the most complex pieces of machinery ever built, an underhanded compliment if there ever was one. But it’s a claim not strictly limited to the final spacecraft. With a project as far ahead of the technological curve as the Shuttle was in the 1970s, nearly every component and system of the legendary spaceplane required extensive research and development to realize.

A case in point is that the speed and mass of the Shuttle at touchdown required tires that could survive forces far beyond that of a normal airplane. Pumped up to an incredible 350 psi, the space agency estimated each tire had the explosive potential of two and one-half sticks of dynamite. So while testing landing gear upgrades in the 1990s, they cobbled together an RC tank that could “defuse” a damaged tire remotely by drilling holes into it and letting off the pressure. Continue reading “That Time NASA Built A Tiny Tank To Pop Shuttle Tires”

This Week In Security: SSH, FTP, And Reptar

November 17, 2023 by 3 Comments

It’s time to strap on our propeller beanies, because we’re going to talk crypto. The short version is that some SSH handshakes can expose enough information for a third party to obtain the host’s private signing key. That key is the one that confirms you are connecting to the SSH server you think you are, and if the key validation fails, you get a big warning:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!

The math that makes this warning work is public-private key cryptography. The problem we’re talking about today only shows up in RSA authentication. Specifically those that use the Chinese Remainder Theorem (CRT) to quickly calculate the modulos needed to generate the cryptographic signature. If something goes wrong during that calculation, you end up with a signature that is mathematically related to the secret key in a different way than intended. The important point is that knowing this extra value *significantly* weakens the security of the secret key.

This attack has been known for quite some time, but the research has been aimed at causing the calculation fault through power vaults or even memory attacks like Rowhammer. There has also been progress on using a lattice attack against captured handshakes, to make the attack practical with less known information. The real novel element of this week’s approach (pdf) is that it has been tested against SSH.

The paper’s authors performed weekly scans of the entire IPv4 public network space, capturing the handshake from any listening SSH server, and also had 5 years of historic data to draw from. And the results are mixed. There is a Cisco SSH server string that is extremely common in the dataset, and only once did one of these machines send a miscalculated handshake. Possibly a random ram bit flip to blame. And on the other hand, the string “SSH-2.0-Zyxel SSH server” had so many bad signatures, it suggests a device that *always* sends a miscalculated signature. Continue reading “This Week In Security: SSH, FTP, And Reptar”

Taking A Public Transit Display From Project To Product

November 17, 2023 by 16 Comments

We’ve noticed an uptick in “project to product” stories lately, which seems like a fantastic trend to us. It means that hackers are turning out projects that really resonate with people, to the degree that taking the leap and scaling up from a one-off to a marketable product is worth the inherent risk. And luckily enough for the rest of us, we get to learn from their experiences.

The latest example of this comes to us from [Stefan Schüller], who from the sound of things only reluctantly undertook the conversion of his LED matrix public transit sign into an actual product. The original project had a lot going for it; it looked fantastic, it was technologically simple, and it provided a valuable service. But as a project, it made certain assumptions and concessions that would cause problems when in the hands of a customer. Chief among these was the physical protection of the fragile LEDs, which could easily shear off the display modules if bumped or dropped. There were also firmware issues, such as access to the backend API that serves the transit data; requiring each customer to sign up for and configure their own API key is a non-starter for a product.

In the article, [Stefan] enumerates a long list of problems that going from project to product raises, as well as how he addressed them. The API issue was solved by implementing his own service, which acts as a middleman between the official API and his customers. A nice plexiglass and sheet-metal frame serves to protect the display, too. Design changes were made as well, not only to provide better functionality but to make manufacturing easier. [Stefan] also relates a tale of woe with regard to getting the display’s app into the app stores, something that few of us have to deal with when we’re just fiddling around with something on the bench.

All in all, [Stefan] does a great job walking us through the trials and tribulations of bringing a product to market. There are similar lessons in this production run scale-up, too, but with an entirely different level of project complexity.

Apple Archeology: The Future Once Had Server Side Computing In It

November 17, 2023 by 14 Comments

To read the IT press in the early 1990s, those far-off days just before the Web was the go-to source of information, was to be fed a rosy vision of a future in which desktop and server computing would be a unified and powerful experience. IBM and Apple would unite behind a new OS called Taligent that would run Apple, OS/2, and 16-bit Windows code, and coupled with UNIX-based servers, this would revolutionise computing.

We know that this never quite happened as prophesied, but along the way, it did deliver a few forgotten but interesting technologies. [Old VCR] has a look at one of these, a feature of the IBM AIX, which shipped with mid-90s Apple servers as a result of this partnership, in which Mac client applications could have server-side components, allowing them to offload computing power to the more powerful machine.

The full article is very long but full of interesting nuggets of forgotten 1990s computing history, but it’s a reminder that DOS/Windows and Novell Netware weren’t the only games in town. The Taligent/AIX combo never happened, but its legacy found its way into the subsequent products of both companies. By the middle of the decade, even Microsoft had famously been caught out by the rapid rise of the Web. He finishes off by creating a simple sample application using the server-side computing feature, a native Mac OS application that calls a server component to grab the latest Hacker News stories. Unexpectedly, this wasn’t the only 1990s venture from Apple involving another company’s operating system. Sometimes, you just want to run Doom.

A Canned Ham Ham Antenna

November 16, 2023 by 29 Comments

If you’d have asked us for odds on whether you could successfully turn a canned ham into an amateur radio antenna, we’d have declined the offer. Now, having seen [Ben Eadie (VE6SFX)]’s “hamtenna” project, we’d look at just about any “Will it antenna?” project with a lot less skepticism than before.

To be painfully and somewhat unnecessarily clear about [Ben]’s antenna, the meat-like product itself is not in the BOM for this build, although he did use it as sustenance. Rather, it was the emptied and cleaned metal can that was the chief component of the build, along with a few 3D printed standoffs and the usual feedline and connectors. This is a slot antenna, a design [Ben] recently experimented with by applying copper foil tape to his car’s sunroof. This time around, the slot was formed by separating the top and bottom of the can using the standoffs and electrically connecting them with a strip of copper tape.

Connected to a stub of coax and a BNC connector, a quick scan with a NanoVNA showed a fantastic 1.26:1 SWR in the center of the 70-cm ham band, and a nearly flat response all the way across the band. Results may vary depending on the size of canned ham you sacrifice for this project; [Ben]’s can measured just about 35 cm around, a happy half-wavelength coincidence. And it actually worked in field tests — he was able to hit a local repeater and got good signal reports. All that and a sandwich? Not too shabby.

Continue reading “A Canned Ham Ham Antenna”