This Week In Security: IOS, OpenSSL, And SQLite

October 28, 2022 by 13 Comments

Earlier this week, a new release of iOS rolled out, fixing a handful of security issues. One in particular noted it “may have been actively exploited”, and was reported anonymously. This usually means that a vulnerability was discovered in the wild, being used as part of an active campaign. The anonymous credit is interesting, too. An educated guess says that this was a rather targeted attack, and the security company that found it doesn’t want to give away too much information.

Of other interest is the GPU-related fix, credited to [Asahi Lina], the VTuber doing work on porting Linux to the Apple M1/M2 platform, and particularly focusing on GPU drivers. She’s an interesting case, and doing some very impressive work. There does remain the unanswered question of how the Linux Kernel will deal with a pull request coming from a pseudonym. Regardless, get your iOS devices updated.

Continue reading “This Week In Security: IOS, OpenSSL, And SQLite”

showing the connector after its torn down from the side of the wire solder points, showing how thin are the metal pads, and also that one wire has already broken off

NVIDIA Power Cables Are Melting, This May Be Why

October 28, 2022 by 57 Comments

NVIDIA has recently released their lineup of 40-series graphics cards, with a novel generation of power connectors called 12VHPWR. See, the previous-generation 8-pin connectors were no longer enough to satiate the GPU’s hunger. Once cards started getting into the hands of users, surprisingly, we began seeing pictures of melted 12VHPWR plugs and sockets online — specifically, involving ATX 8-pin GPU power to 12VHPWR adapters that NVIDIA provided with their cards.

Now, [Igor Wallossek] of igor’sLAB proposes a theory about what’s going on, with convincing teardown pictures to back it up. After an unscheduled release of plastic-scented magic smoke, one of the NVIDIA-provided connectors was destructively disassembled. Turned out that these connectors weren’t crimped like we’re used to, but instead, the connectors had flat metal pads meant for wires to solder on. For power-carrying connectors, there are good reasons this isn’t the norm. That said, you can make it work, but chances are not in favor of this specific one.

The metal pads in question seem to be far too thin and structurally unsound, as one can readily spot, their cross-section is dwarfed by the cross-section of cables soldered to them. This would create a segment of increased resistance and heat loss, exacerbated by any flexing of the thick and unwieldy cabling. Due to the metal being so thin, the stress points seem quite flimsy, as one of the metal pads straight up broke off during disassembly of the connector.

If this theory is true, the situation is a blunder to blame on NVIDIA. On the upside, the 12VHPWR standard itself seems to be viable, as there are examples of PSUs with native 12HPWR connections that don’t exhibit this problem. It seems, gamers with top-of-the-line GPUs can now empathize with the problems that we hackers have been seeing in very cheap 3D printers.

Gesture Controlled Filming Gear Works Super Intuitively

October 28, 2022 by 4 Comments

Shooting good video can be an arduous task if you’re working all by yourself. [Pave Workshop] developed a series of gesture-responsive tools to help out, with a focus on creating a simple intuitive interface.

The system is based around using a Kinect V2 to perceive gestures made by the user, which can then control various objects in the scene. For instance, a beckoning motion can instruct a camera slider to dolly forward or backwards, and a halting gesture will tell it to stop. Bringing the two hands together or apart in special gestures indicate that the camera should zoom in or out. Lights can also be controlled by pulling a fist towards or away from them to change their brightness.

The devil is in the details with a project that works this smoothly. [Pave Workshop] lays out the details on how everything Node.JS was used to knit together everything from the custom camera slider to Philips Hue bulbs and other Arduino components.

The project looks really impressive in the demo video on YouTube. We’ve seen some other impressive automated filming rigs before, too.

Continue reading “Gesture Controlled Filming Gear Works Super Intuitively”

A Steam Engine For Empty Beer Cans

October 27, 2022 by 10 Comments

If Hero — the ancient Greek inventor — had been able to enjoy a beer after work, he might have pulled a trick like [BevCanTech] did: use it to create a simple steam engine. Of course, we aren’t sure why it has to be a beer can, but even with a soda can there is a fundamental problem: the can is open, assuming you’ve already enjoyed the beverage.

A pressure vessel with a big gaping hole in it isn’t much of a pressure vessel. The resealing process was actually quite simple. First, you bend back the tab to close up the opening as best you can. Next, you use cyanoacrylate glue and baking soda to seal up what’s left. We wondered if you could use epoxy, hot glue, or UV-curable resin. The top might get too hot for hot glue to last, but we aren’t sure.

Continue reading “A Steam Engine For Empty Beer Cans”

A Collection Of Websites That Look Like Desktops

October 27, 2022 by 15 Comments

Web design has come a long way since those halcyon days of Web 1.0. There are plenty of rules about how to make a clean and efficient website, but sometimes it’s more fun to throw them out and just be creative instead. In that vein, [Simone] has curated a wonderful collection of websites that emulate the computer desktop experience online.

The collection’s website very much fits this theme. Upon visiting, an Award BIOS screen flashes up. From there, we get a Windows 95-like interface full of links to other sites that emulate a computer desktop layout. There’s even a 3D screensaver that pops up if you mouse away for too long.

There’s Browso.app, which semi-accurately tells you information about your computer in a theme reminiscent of MacOS 9. Meanwhile, clicking on “It Is As if You Were Doing Work” will take you to a weird game that’s compelling in its replication of office banality. Nightwave Plaza offers exquisite vaporwave vibes, while others simply intend to faithfully recreate various OSes in a browser window.

It’s a fun collection of websites that go from the weirdly afamiliar to downright impressive recreations of former realities. It’s certainly fun to click around for a while and see what’s out there. We do love some good web ephemera around these parts!

A Solar Supercap Power Supply To Keep Your Projects Running

October 27, 2022 by 16 Comments

Solar garden lights and many other similar trinkets typically rely on cheap rechargeable batteries as a power source when the sun isn’t shining. [Darryl] figured that a supercapacitor could do the job instead, and set about building a solar supercap power supply that could run various projects. 

The power supply is built to use a small 60 x 40mm solar panel that provides approximately 500 mW at max output. This charges two supercapacitors which feed their output into a TPS61200 boost converter, specifically designed for working with ultra-low input voltages down to 0.3 V. The boost convert can then be configured to output 3.3 V or 5 V depending on the desired voltage for the device to be powered. A special MOSFET array part is used to charge the dual supercaps in series, ensuring they stay balanced and don’t get overcharged by the sun.

The design has worked well in practice. [Darryl] reports that it has successfully powered a LoRa device reporting every 10 minutes for over two years without issue.

Solar power is a magical thing, capable of providing energy for free if you can get out there and capture it. If you’re working on your own solar-powered projects, don’t hesitate to drop us a line!

A Homemade Tube Amplifier Featuring Homemade Tubes

October 27, 2022 by 23 Comments

With the wealth of cheap and highly integrated audio amplifier modules on the market today, it takes a special dedication to roll your own from parts. Especially when those parts include vacuum tubes, and doubly so when you make the vacuum tubes from scratch too.

Now, we get it — some readers are going to find it hard to invest an hour in watching [jdflyback] make a pair of triodes to build his amplifier. But really, you’ve got to check this out. Making vacuum tubes with all the proper equipment — glassblower’s lathe, various kinds of oxy-fuel torches, all the right hand tools — is hard enough. But when your lathe is a cordless drill, and you’re using a spot welder that looks like it’s cobbled together from junk, your tube-making game gets a lot harder. Given all that, you’d expect the tubes to look a lot rougher than they are, but even with plain tungsten wire heaters and grids made from thick copper wire, they actually work pretty well. Sure, the heaters glow as bright as light bulbs, but that’s all part of the charm.

Speaking of charm, we just love the amp these tubes went into. Built in 1920s breadboard-style, the features some beautiful vintage mica capacitors and wirewound resistors, plus a variable resistor the likes of which we’ve never seen. The one nod to modernity is the clever use of doorbell transformers, one for a choke and one for the speaker transformer. They don’t sound great, but there’s no doubt they work.

We may have seen other homemade vacuum tubes before — we even recently featured a DIY X-ray tube — but there’s something about [jdflyback]’s tubes that really gets us going.

Continue reading “A Homemade Tube Amplifier Featuring Homemade Tubes”