Set Phone To… Hyperspectral

While our eyes are miraculous little devices, they aren’t very sensitive outside of the normal old red, green, and blue spectra. The camera in your phone is far more sensitive, and scientists want to use those sensors in place of expensive hyperspectral ones. Researchers at Purdue have a cunning plan: use a calibration card.

The idea is to take a snap of the special card and use it to understand the camera’s exact response to different colors in the current lighting conditions. Once calibrated to the card, they can detect differences as small as 1.6 nanometers in light wavelengths. That’s on par with commercial hyperspectral sensors, according to the post.

You may wonder why you would care. Sensors like this are useful for medical diagnostic equipment, analysis of artwork, monitoring air quality, and more. Apparently, high-end whisky has a distinctive color profile, so you can now use your phone to tell if you are getting the cheap stuff or not.

We also imagine you might find a use for this in phone-based spectrometers. There is plenty to see in the hyperspectral world.

This Week In Security: Randomness Is Hard, SNMP Shouldn’t Be Public, And GitHub Malware Delivery

Randomness is hard. To be precise, without dedicated hardware, randomness is impossible for a computer. This is actually important to keep in mind when writing software. When there’s not hardware providing true randomness, most rnd implementations use a seed value and a pseudo random number generator (PRNG). A PRNG is a function that takes a seed value, and turns it into a seemingly random value, and also produces a new seed for the next time a random value is needed. This could be as simple as a SHA256 sum, where the hash output is split to become the next seed and the random value.

The PRNG approach does still have a challenge. Where does the initial seed come from? There are a few common, if flawed, approaches, and one of the most common is to use the system clock. It’s not a bulletproof solution, but using the microsecond counter since the last system boot is often good enough, because there are a lot of them to choose from — the entropy is high. With that brief background in mind, let’s talk about what happens in VBScript. The Randomize call is used to seed that initial value, but Randomize has some quirks.

The first is a great feature: calling Randomize a second time with the same seed doesn’t reset the PRNG engine back to the same initial state. And second, when called without a value, Randomize uses the number of system ticks since midnight as the PRNG seed. There are 64 ticks per second, giving five-and-a-half million possible seeds, or 22 bits of entropy. This isn’t great on its own, but Randomize internally typecasts that number of ticks into a narrower value, with a maximum possible of time-based seeds set at 65,536, which is a lot easier to brute-force.

We don’t know the exact application where the researchers at Doyensec found VBScript generating secure tokens, but in their Proof of Concept (PoC) test run, the generated token could be found in four guesses. It’s a terrible security fail for basically any use, and it’s a deceptively easy mistake to make.

Continue reading “This Week In Security: Randomness Is Hard, SNMP Shouldn’t Be Public, And GitHub Malware Delivery”

Steamboat Willie Still Tests Copyright

If you know anything about Mickey Mouse, you’ll be able to tell us that his first outing was in 1928’s Steamboat Willie — an animated short that sees our hero as the hapless pilot of a riverboat battling an assortment of animals and his captain. It entered the public domain last year, meaning that it and the 1928 incarnation of Mickey are now free of any copyright obligation to the media giant.

There’s an interesting development from Florida on that front though as it seems Disney may have been testing this through legal means, and now a law firm wants to see them in court over their proposed use of the film in an advert.

Of course here at Hackaday we don’t cover the dry subject of Florida legal news as a rule, but we are interested in the world of copyright as it applies to many other things that do come under our eye. As we understand it the law firm is requesting the judge assert their protection from trademark claims over the use of Disney’s 1928 Willie, given that there have been claims from the entertainment giant against others doing the same thing.

It’s hardly surprising that a large corporation might seek to use legal muscle and trademark law to de facto extend the term of Mickey’s protection beyond the defined copyright expiration date, so for once it’s refreshing to see them come up against someone unafraid of a courtroom.

We hope that common sense will prevail, and this undermining of a cherished right (not to mention prior case law) is not allowed to succeed. Meanwhile if you’d like a 1928 Mickey that Disney have shied away from coming after, look no further than the EFF.

A Ham-Adjacent Portable Radio Repeater

Although ham radio offers a wide array of bands to transmit on, not to mention plenty of modes to communicate with, not everyone wants or needs to use all of this capability. For those needing simple two-way communication services like FRS or GMRS are available (in North America) with much less stringent licensing requirements, and GMRS even allows repeaters to be used to extend their range beyond the typical mile or so. [Dave] aka [N8DAV] has built an off-grid simplex repeater that can travel around with him wherever he goes.

The repeater itself is based on a pre-built simplex repeater module, which means that it has to record an incoming signal and then play it back on the same frequency. Compared to a split frequency repeater which uses different frequencies for transmit and receive this can be a bit cumbersome but simplifies the design and the use. A Baofeng UV-5R is used to perform the actual radio duties paired to a 40 watt amplifier to extend the range as much as possible. It’s all packed into a Pelican-like case and set up with a large battery that could power it for a number of days, making it useful for camping, rescue, or other off-grid activities.

For those wondering why [Dave] is using his ham call sign instead of his GMRS one, all of the equipment in this build will work in either the UHF ham bands or the channels reserved for GMRS with minor adjustments, so it’s perfectly possible to use the setup for one’s preferred license. And, for those in other parts of the world without GMRS there’s a similar class of radio called UHF CB which might be able to support similar builds, but be sure to check your local jurisdiction’s laws before hooking something like this up. For an even longer-range radio repeater using similar equipment we’d recommend looking to the skies.

Continue reading “A Ham-Adjacent Portable Radio Repeater”

The New Raspberry Pi 500+: Better Gaming With Less Soldering Required

When Raspberry Pi released the Pi 500, as essentially an RPi 5 integrated into a chiclet keyboard, there were rumors based on the empty spots on the PCB that a better version would be released soon. This turned out to be the case, with [Jeff Geerling] now taking the new RPi 500+ to bits for some experimentation and keyboard modding.

The 500’s case was not designed to be opened, but if you did, you’d find that there was space allocated for a Power-Over-Ethernet section as well as an M.2 slot, albeit with all of the footprints unpopulated. Some hacking later and enterprising folk found that soldering the appropriate parts on the PCB does in fact enable a working M.2 slot. What the 500+ thus does is basically do that soldering work for you, while sadly not offering a PoE feature yet without some DIY soldering.

Perhaps the most obvious change is the keyboard, which now uses short-travel mechanical switches – with RGB – inside an enclosure that is now fortunately easy to open, as you may want to put in a different NVMe drive at some point. Or, if you’re someone like [Jeff] you want to use this slot to install an M.2 to Oculink adapter for some external GPU action.

After some struggling with eGPU devices an AMD RX 7900 XT was put into action, with the AMD GPU drivers posing no challenge after a kernel recompile. Other than the Oculink cable preventing the case from closing and also losing the M.2 NVMe SSD option, it was a pretty useful mod to get some real gaming and LLM action going.

With the additions of a presoldered M.2 slot and a nicer keyboard, as well as 16 GB RAM, you have to decide whether the $200 asking price is worth it over the $90 RPi 500. In the case of [Jeff] his kids will have to make do with the RPi 500 for the foreseeable future, and the RPi 400 still finds regular use around his studio.

Continue reading “The New Raspberry Pi 500+: Better Gaming With Less Soldering Required”

Vertical Solar Panels Are Out Standing

If you’re mounting solar panels, everybody knows the drill, right? Point them south, angled according to latitude. It’s easy. In a video which demonstrates that [Everyday Dave] is truly out standing in his field, we hear a different story. [Dave] has a year’s worth of data in his Solar Panel Showdown that suggests there are good reasons to mount your panels vertically.

Specifically, [Dave] is using bifacial solar panels– panels that have cells on both sides. In his preferred orientation, one side faces South, while the other faces North. [Dave] is in the Northern Hemisphere, so those of you Down Under would have to do the opposite, pointing one face North and the other South.

Since [Dave] is far from the equator, the N/S vertical orientation beats the pants off of East-West facing panels, especially in winter. What’s interesting is how much better the bifacial panels do compared to the “standard” tilted orientation. While peak power in the summer is much better with the tilted bifacial panels (indeed, even the tilted single-sided panels), in winter the vertical N/S panels blow them out of the water. (Especially when snow gets involved. Vertical panels don’t need sweeping!)

Continue reading “Vertical Solar Panels Are Out Standing”

A suitcase made of two rectangular plastic crates latched together sits prone on a concrete floor. The top shell is a beige-ish grey with a navy check and the word "JerseyMaid" on it updside down. The navy bottom crate is navy with the letters "lsen" in large cursive font ant the letters "ORATION" in smaller print below it. Much of the text is covered by a large latch and a power tool battery mount. Bright pink tape affixes a blue tarp skirt to the bottom of the hover suitcase.

Hovercraft Suitcase Gives Your Luggage A Smooth Ride

The wheels on roller suitcases are one of their primary failure points. After the destruction of the wheel mount on her DIY suitcase, [Laura Kampf] wondered if it would be better to dispense with wheels altogether.

To give her suitcase a lift, [Kampf] decided to turn it into a hovercraft so it couldn’t be stopped by pavement or puddles. The first task was finding an appropriate fan, and a compact leaf blower donated it’s body to makerdom for the project. After reducing the blower to it’s constituent components and finding a secret turbo switch, work began on the momentum curtain.

“Nose-holing” the arrangement and size of the holes to pipe air through the stapled tarp and tape skirt seemed to be the bulk of the trial-and-error in this one. Based on other hovercraft designs [Kampf] found, keeping the holes near the center of the inflated portion gave better lift. In the end, the carry-on is able to lift a decent amount even on its lowest setting, resulting in a suitcase that is “not embarrassing” for travel. No word yet on what TSA thinks.

If you’re looking for another unexpected lift off, how about a full-sized flying Delorean replica? We’ve also covered some of the reasons why we don’t see more of these all terrain wonders.

Continue reading “Hovercraft Suitcase Gives Your Luggage A Smooth Ride”