Slider

4834 Articles

Hackaday Links Column Banner

Hackaday Links: May 7, 2023

May 7, 2023 by 39 Comments

More fallout for SpaceX this week after their Starship launch attempt, but of the legal kind rather than concrete and rebar. A handful of environmental groups filed the suit, alleging that the launch generated “intense heat, noise, and light that adversely affects surrounding habitat areas and communities, which included designated critical habitat for federally protected species as well as National Wildlife Refuge and State Park lands,” in addition to “scatter[ing] debris and ash over a large area.”

Specifics of this energetic launch aside, we always wondered about the choice of Boca Chica for a launch facility. Yes, it has all the obvious advantages, like a large body of water directly to the east and being at a relatively low latitude. But the whole area is a wildlife sanctuary, and from what we understand there are still people living pretty close to the launch facility. Then again, you could pretty much say the same thing about the Cape Canaveral and Cape Kennedy complex, which probably couldn’t be built today. Amazing how a Space Race will grease the wheels of progress.

Continue reading “Hackaday Links: May 7, 2023”

The New Hotness

May 6, 2023 by 35 Comments

If there’s one good thing to be said about the chip shortage of 2020-2023 (and counting!) it’s that a number of us were forced out of our ruts, and pushed to explore parts that we never would have otherwise. Or maybe it’s just me.

Back in the old times, I used to be a die-hard Atmel AVR fan for small projects, and an STM32 fan for anything larger. And I’ll freely admit, I got stuck in my ways. The incredible abundance of dev boards in the $2 range also helped keep me lazy. I had my thing, and I was fine sticking with it, admittedly due to the low price of those little blue pills.

An IN-12B Nixie tube on a compact driver PCBAnd then came the drought, and like everyone else, my stockpile of microcontrollers started to dwindle. Replacements at $9 just weren’t an option, so I started looking around. And it’s with no small bit of shame that I’ll admit that I hadn’t been keeping up with the changes as much as I should have. Nowadays, it’s all ESP32s and RP2040s over here, and granted there’s a bit of a price bump, but the performance is there in abundance. But I can’t help feeling like I’m a few years back of the cutting edge.

So when I see work like what [CNLohr] and [Bitluni] are doing with the ultra-cheap CH32V003 microcontrollers, it makes me think that I need to start filling in gaps in my comfortable working-set of chips again. But how the heck am I supposed to keep up? And how do you? It took a global pandemic and silicon drought to force me out of my comfort zone last time. Can the simple allure of dirt-cheap chips get me out? We’ll see!

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!

Linux Fu: Supercharge Bash History

May 5, 2023 by 18 Comments

Having a history of shell commands is a great idea. It is, of course, enormously handy when you have to run something repetitively or you make a simple mistake that needs correction. However, as I’ve mentioned in the past, bash history isn’t without its problems. For one thing, by default, you don’t get history in one window from typing in another window. If you use a terminal multiplexer or a GUI, you are very likely to have many shells open. You can make them share history, but that comes with its own baggage. If you think about it, we have super fast computers with tons of storage compared to the “old days,” yet shell history is pretty much the same as it has been for decades. But [Rcaloras] did think about it and created Bashhub, a history database for bash, zsh, and probably some other shells, too.

Command detail screen

You might think you don’t need anything more than what you have, and, of course, you don’t. However, Bashhub offers privately stored and encrypted history across machines. It also provides context about commands you’ve executed in the past. In other words, you can see the directory you were in, the exact time and date, the system you were on, and the last return code of the command.

Continue reading “Linux Fu: Supercharge Bash History”

Hackaday Podcast 217: The Unintentional Space And 3D Printing Episode

May 5, 2023 by No comments

Hackaday Editors Elliot Williams and Tom Nardi definitely didn’t plan on devoting most of this episode to 3D printing and space stories, but let’s be honest, it was bound to happen sooner or later. After an update on the Hackaday Prize, the discussion moves on to a pair of troubled spacecraft and the challenges of exploring the final frontier. From there you’ll hear about a chocolate 3D printer we’ve had our eyes on for years, the tools you should have next to your own (non-chocolate) 3D printer, and a bit of contemplation of what it really means to design for 3D printing versus traditional manufacturing methods. But it’s not all plastic fantastic — by the end of the episode you’ll also hear about some particularly bold high-altitude aviators and the surprisingly short time we have left with the humble barcode.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Going to be stranded on a desert island? Download the podcast now!

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 217: The Unintentional Space And 3D Printing Episode”

This Week In Security: Oracle Opera, Passkeys, And AirTag RFC

May 5, 2023 by 10 Comments

There’s a problem with Opera. No, not that kind of opera. The Oracle kind. Oracle OPERA is a Property Management Solution (PMS) that is in use in a bunch of big-name hotels around the world. The PMS is the system that handles reservations and check-ins, talks to the phone system to put room extensions in the proper state, and generally runs the back-end of the property. It’s old code, and handles a bunch of tasks. And researchers at Assetnote found a serious vulnerability. CVE-2023-21932 is an arbitrary file upload issue, and rates at least a 7.2 CVSS.

It’s a tricky one, where the code does all the right things, but gets the steps out of order. Two parameters, jndiname and username are encrypted for transport, and the sanitization step happens before decryption. The username parameter receives no further sanitization, and is vulnerable to path traversal injection. There are two restrictions to exploitation. The string encryption has to be valid, and the request has to include a valid Java Naming and Directory Interface (JNDI) name. It looks like these are the issues leading Oracle to consider this flaw “difficult to exploit vulnerability allows high privileged attacker…”.

The only problem is that the encryption key is global and static. It was pretty straightforward to reverse engineer the encryption routine. And JDNI strings can be fetched anonymously from a trio of endpoints. This lead Assetnote to conclude that Oracle’s understanding of the flaw is faulty, and a much higher CVSS score is appropriate. Particularly with this Proof of Concept code, it is relatively straightforward to upload a web shell to an Opera system.

The one caveat there is that an attacker has to get network access to that install. These aren’t systems intended to be exposed to the internet, and my experience is that they are always on a dedicated network connection, not connected to the rest of the office network. Even the interconnect between the PMS and phone system is done via a serial connection, making this network flaw particularly hard to get to. Continue reading “This Week In Security: Oracle Opera, Passkeys, And AirTag RFC”

Metallurgist working by the blast furnaces in Třinec Iron and Steel Works. (Credit: Třinecké železárny)

We Already Live In A Hydrogen Economy: Steel Production, Generator Cooling, And Welding Gas

May 4, 2023 by 61 Comments

Although generally hydrogen is only mentioned within the context of transportation and energy storage, by far the most useful applications are found in industrial applications, including for the chemical industry, the manufacturing of steel, as well as that of methanol and fertilizer. This is illustrated by how today most of all hydrogen produced today is used for these industrial applications, as well as for applications such as cooling turbo generators, with demand for hydrogen in these applications rapidly increasing.

Currently virtually all hydrogen produced today comes from natural gas, via steam methane reformation (SMR), with potentially methane pyrolysis making natural gas-derived hydrogen a low-carbon source. The remainder of hydrogen comes from coal gasification and a small fraction from electrolysis of water. The hydrogen is often produced on-site, especially at industrial plants and thermal power plants. So aside from any decarbonization efforts, there are many uses for hydrogen which the public appears to be generally unaware of.

This leads us to the somewhat controversial hydrogen ladder.

Continue reading “We Already Live In A Hydrogen Economy: Steel Production, Generator Cooling, And Welding Gas”

NASA’s Voyager Space Probe’s Reserve Power, And The Intricacies Of RTG-Based Power Systems

May 3, 2023 by 46 Comments

Launched in 1977, the Voyager 1 and 2 space probes have been operating non-stop for over 45 years, making their way from Earth to our solar system’s outer planets and beyond. Courtesy of the radioisotope thermoelectric generators (RTGs) which provided 470 W at launch, they are able to function in the darkness of Deep Space as well as they did within the confines of our Sun-lit solar system. Yet as nothing in the Universe is really infinite, so too do these RTGs wear out over time, both from natural decay of their radioactive source and from the degradation of the thermocouples.

Despite this gradual drop in power, NASA recently announced that Voyager 2 has a hitherto seemingly unknown source of reserve power that will postpone the shutdown of more science instruments for a few more years. The change essentially bypasses a voltage regulator circuit and associated backup power system, freeing up the power consumed by this for the scientific instruments which would otherwise have begun to shut down years sooner.

While this is good news in itself, it’s also noteworthy because the Voyager’s 45+ year old Multi-Hundred Watt (MHW) RTGs are the predecessor to the RTGs that are still powering the New Horizons probe after 17 years, and the Mars Science Laboratory (Curiosity) for over 10 years, showing the value of RTGs in long-term exploration missions.

Although the basic principle behind an RTG is quite simple, their design has changed significantly since the US put a SNAP-3 RTG on the Transit 4B satellite in 1961.

Continue reading “NASA’s Voyager Space Probe’s Reserve Power, And The Intricacies Of RTG-Based Power Systems”