Hackaday Columns

4773 Articles

This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.

This Week In Security: Another Linux Exploit, Ubuntu Knocked Offline, Finals Interrupted, And Backdoored Tools

May 8, 2026 by 15 Comments

After the CopyFail vulnerability gave root access from any user on almost all distributions last week, this week we’ve got DirtyFrag. This chains the vulnerability in CopyFail (xfrm-ESP) and a new vulnerability in a RPC function which allows similar overwriting of the page cache.

Both vulnerabilities manipulate the Linux page cache where data from disk is stored for rapid access. The kernel will always prefer the cached version of a file, which means that anything that is able to manipulate the contents of the cache can effectively replace the contents of the file. Both of the vulnerabilities leverage a similar mechanism – picking a binary which is flagged to run as root, such as su, and replacing the contents that would prompt for the users password with a launcher to immediately run a shell.

Like CopyFail, DirtyFrag requires the ability to execute code on the target in the first place, but turning almost any code or command execution vulnerability in any network service into root raises the impact significantly, allowing an attacker to break out of containers and privilege environments, or establish a persistent presence in the system when the original vulnerabilities are discovered and closed.

The previous mitigations to block specific kernel modules related to CopyFail are not sufficient to block the new vulnerabilities. At the time of writing this, there are no available patches from the distributions, however the vulnerable kernel modules can be temporarily disabled.

CopyFail added to KEV

CISA (the United States cyber security agency) has added CopyFail to the KEV, or Known Exploited Vulnerabilities list. Attacks on the KEV have been observed under active exploitation, which in the case of CopyFail is hardly a surprise.

The KEV is designed as a tool to allow security teams in government and commercial industry to prioritize the highest risk vulnerabilities – or at least give another source of data to point at when you say “we really need to patch this now”.

Prolonged Ubuntu DDOS

On the heels of the CopyFail vulnerability impacting almost all distributions, Ubuntu has had to face a prolonged distributed denial-of-service (DDoS) attack against the main infrastructure. Ars Technica reported at the beginning of the attack, and after several days, services appear to be restored. In the meantime, core services such as package updates, core repositories, and even the Ubuntu and Canonical websites were largely unreachable.

An Iraqi group claims responsibility for the attack, but it is unclear if they were the actual perpetrators – or why. The timing with the CopyFail vulnerability seems like an opportune moment to cause chaos by taking the update mechanisms of a major distribution offline, but in the era of modern Internet behavior, it could also just have been a Tuesday.

Continue reading “This Week In Security: Another Linux Exploit, Ubuntu Knocked Offline, Finals Interrupted, And Backdoored Tools”

Congratulations To The Green Powered Challenge Winners!

May 7, 2026 by 3 Comments

For this challenge, we asked you to show off your hacks that power themselves sustainably from the environment around them. After all, nobody likes wires, and changing batteries is just a hassle. What’s better than an autonomous gizmo? Nothing.

Because this is Hackaday, we expected to see some finished-looking projects, some absolutely zany concepts, and basically everything in-between, and you did not disappoint! So without further ado, let’s have a look at the 2026 Green Powered Challenge winners, each of whom will be going on a $150 shopping spree at DigiKey, our contest’s sponsor.

Continue reading “Congratulations To The Green Powered Challenge Winners!”

Retrotechtacular: Julius Sumner Miller Breaks Lamps With Magnets

May 6, 2026 by 23 Comments

If you watched the Mickey Mouse Club way back when, you might remember Professor Wonderful, who was, in reality, physics professor [Julius Sumner Miller]. He also had his own show, “Why Is It So?” along with appearances on talk shows. We recently ran across one of the shows from 1962 where [Miller] uses electromagnets to break a lamp.

[Miller] moved to Australia, and this episode is from the Australian version of “Why Is It So?” As you might expect, given the topic, the professor covers Oersted and Faraday.

Continue reading “Retrotechtacular: Julius Sumner Miller Breaks Lamps With Magnets”

Strange Ways To Make Cold

May 4, 2026 by 15 Comments

Making stuff cool and keeping it that way has been a pretty essential part of human civilization for thousands of years, with only in the past few hundred years man-made methods having become available that remove the reliance on the whims of nature and lugging around massive blocks of ice. The most important cooling method is undoubtedly that of vapor-compression refrigeration, but this is hardly the only method to transfer thermal energy from one location to another.

For example, we recently covered an elastocaloric cooling project by a group of scientists that uses strips of NiTi metal. By flexing these they induce a cooling effect which when put in a number of stages serves to transfer a significant amount of thermal energy between both sides, much like a vapor-compression system but without the gases and compressor. Meanwhile the Seebeck effect is relatively well-known from Peltier thermocouple devices, and features heavily in portable refrigerators and kin where these solid-state devices can also transfer thermal energy.

Of course, along with how they function the major question with all of these cooling technologies is how efficient they are, as this determines when you’d want to even consider them for a specific application.

Continue reading “Strange Ways To Make Cold”

Hackaday Links Column Banner

Hackaday Links: May 3, 2026

May 3, 2026 by 3 Comments

Software that collects public data from the Internet and uses it to provide half-assed answers to your questions might seem like a modern craze, but today we bid farewell to a website that helped pioneer pretend conversations all the way back in 1997 — as of May 1st, Ask Jeeves is no more.

Well, technically they dropped the “Jeeves” part back in 2006. Since then it’s just been Ask.com, but as the name implies the idea was more or less the same. Rather than the relatively rigid parameters and keywords required by traditional search engines, you could ask Jeeves questions about the world using natural language. Early advertisements showed the virtual valet answering arbitrary questions like “How many calories in a banana?,” which of course today seems commonplace and utterly unimpressive, but was a pretty wild for the 1990s.

It might seem surprising that a site designed from day one to offer a human-like Q&A experience should fold right as such technology is becoming commonplace. But of course, that commonality is the problem. When Google can answer your questions just as well (or poorly…) as Jeeves or anyone else, what’s the benefit for the average Internet user to seek out another service? But it’s still somewhat ironic, which is probably why the farewell message on Ask.com ends with the line “Jeeves’ spirit endures.”

Continue reading “Hackaday Links: May 3, 2026”

Peripherals Hacks

May 2, 2026 by 10 Comments

Custom peripheral projects are among the most rewarding. Especially if you’re like me and you sit at the computer eight hours per day, anything that you can use on a daily basis is super satisfying. This topic of DIY peripherals came up on the podcast while chatting with Kristina, who is no stranger to odd inputs herself.

We were talking about a trackball that had been modified to read twisting gestures, by a clever hijacking of the twin mouse sensors inside. If you do a lot of 3D modeling, you can absolutely get by with just a mouse and shift-ctrl-alt as modifiers, but it’s so much more immediate to use a dedicated 3D input device. (I’ve got an ancient serial Space Mouse just under my left hand as I type this.)

My old favorite, which I haven’t used in ages, is the guts of a 5” hard-drive platter stack that I turned into a scroll wheel. Unfortunately, I don’t have space for it on my desk anymore, but it was just so pleasing to scroll through a document with something that had some real chonky momentum to it.

And it’s easier than ever to make your own. The classic blocky macropad is a great introduction, but as long as you’re doing the design yourself, why not extend it, or at least make it fit your hand? Or take your flights of fancy even further away from the mainstream. Consider the Bluetooth mouse ring, for instance.

Point is, the software side of almost any peripheral device you can imagine is sorted out already, and interfacing with the hardware is equally simple. Peripheral hacks have such a low barrier to entry, but afford so many creative hardware possibilities. And nothing says “Jedi” like building your own lightsaber.

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!

Hackaday Podcast Episode 368: A Pen That Draws Against You, 3D Printing Stuff, And Tablet, Shmablet!

May 1, 2026 by 2 Comments

This week, Hackaday’s Elliot Williams and Kristina Panos met up over the international tubes to bring you the latest news, mystery sound results show, and of course, a big bunch of hacks from the previous seven days or so.

A Bulbasaur pencil sharpener from 1999.Regarding Hackaday Europe, we announced the last round of speakers and opened up the workshop ticket sales. In other news, the Green-Powered Challenge has wrapped, and judging will begin quite soon.

On What’s That Sound, we can score another one for Kristina, which brings her record to approximately four wins and sixty-eight losses. She knew without a doubt that this was a guillotine paper cutter, probably because she recorded the sound herself. Hey, don’t take this away from her.

After that, it’s on to the hacks, beginning with a really cool laser-powered mist-and-mirrors multi-view display, a robotic drawing assistant of questionable utility, and a new slicer that enables horizontal overhangs without supports.

We also look at a trackball 3D controller, a 3D-printed pinball machine, and a good way to kill humidity sensors with humidity. Finally, we’re both shocked to learn that we’ve been on GPS mk. II for some time now. But then once we get over that, we talk tablets and their usefulness, or lack thereof.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Download in DRM-free MP3 and savor at your leisure.

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast Episode 368: A Pen That Draws Against You, 3D Printing Stuff, And Tablet, Shmablet!”