Slider

4920 Articles

This Week In Security: Text Rendering On Windows, GNU Poke, And Bitsquatting

March 5, 2021 by 27 Comments

Project Zero just unrestricted the details on CVE-2021-24093, a potentially nasty vulnerability in Windows 10’s DirectWrite, a text rendering library. The flaw got fixed in this month’s patch Tuesday roundup. The flaw is accessible in all the major browsers on Windows 10, as they use DirectWrite for font rendering. The trick here is to use a malicious font that uses some nonsense values. Those values result in a buffer allocation that is too small for complex characters such as Æ.

Because the vulnerability is a Windows library, it’s possible that an exploit would automatically work as a sandbox escape, but I haven’t seen confirmation either way. Let us know if you have some insight there.

Via Bleeping Computer

GNU Poke

The good folks at GNU have minted the 1.0 release of poke, a new binary editing tool. The real killer feature of poke is that it can interpret binary data, decoding it back into readable data structures. If you’re familiar with the way Wireshark can decode packets and give useful, organized output, it seems that poke will provide a similar function, but not limited to network traffic.

It looks like it could become a useful tool for getting a look inside otherwise opaque binaries. What poke brings is a system where you can write pretty-printing templates on the fly, which should be very useful when mapping out an unfamiliar binary. Distros will likely pick up and start packaging poke in the coming weeks, making it even easier to get and play with. Continue reading “This Week In Security: Text Rendering On Windows, GNU Poke, And Bitsquatting”

We’re Cloning Animals From The “Frozen Zoo”; Like A Seed Bank But For Animals

March 4, 2021 by 30 Comments

Seed banks are facilities of great value to biodiversity and agriculture around the world. These facilities are used to house stocks of seeds of a wide variety, helping to maintain genetic diversity and avoid the permanent loss of various plant species. While there are some challenges, the basic requirements to run a simple seed bank are to keep a selection of seeds at low temperature and humidity to maximise their viable lifespan.

When it comes to animals, things become more difficult — one can’t simply plant an old seed in the ground and grow a fresh new meerkat, for example. Preservation of animal genetic material poses its own unique set of challenges — ones that the San Diego “Frozen Zoo” don’t shy away from. They’ve recently shown the viability of the program with the healthy birth of a ferret cloned from an animal that died in 1988.

Continue reading “We’re Cloning Animals From The “Frozen Zoo”; Like A Seed Bank But For Animals”

Arduboy FX Mod-Chip: Now You’re Playing With Power

March 4, 2021 by 13 Comments

Traditionally, a forum full of technical users trying integrate their own hardware into a game system for the purposes of gaining unfettered access to its entire software library was the kind of thing that would keep engineers at Sony and Nintendo up at night. The development and proliferation of so called “mod chips” were an existential threat to companies that made their money selling video games, and as such, sniffing out these console hackers and keeping their findings from going public for as long as possible was a top priority.

But the Arduboy is no traditional game system. Its games are distributed for free, so a chip that allows users to cram hundreds of them onto the handheld at once isn’t some shady attempt to pull a fast one on the developers, it’s a substantial usability improvement over the stock hardware. So when Arduboy creator Kevin Bates found out about the grassroots effort to expand the system’s internal storage on the official forums, he didn’t try to put a stop to it. Instead, he asked how he could help make it a reality for as many Arduboy owners as possible.

Now, a little less than three years after forum member Mr.Blinky posted his initial concept for hanging an external SPI flash chip on the system’s test pads, the official Arduboy FX Mod-Chip has arrived. Whether you go the DIY route and build your own version or buy the ready-to-go module, one thing is for sure: it’s a must-have upgrade for the Arduboy that will completely change how you use the diminutive handheld.

Continue reading “Arduboy FX Mod-Chip: Now You’re Playing With Power”

What Uses More Power Than Argentina But Doesn’t Dance The Tango?

March 3, 2021 by 180 Comments

There’s been a constant over the last few weeks’ news, thanks to Elon Musk we’re in another Bitcoin hype cycle. The cryptocurrency soared after the billionaire endorsed it, at one point coming close to $60k, before falling back to its current position at time of writing of around $47k. The usual tide of cryptocurrency enthusiasts high on their Kool-Aid hailed the dawn of their new tomorrow, while a fresh cesspool of cryptocurrency scam emails and social media posts lapped around the recesses of the Internet.

This Time It’s Different!

The worst phrase that anyone can normally say about a financial bubble is the dreaded phrase “This time it’s different“, but there is something different about this Bitcoin hype cycle. It’s usual to hear criticism of Bitcoin for its volatility or its sometime association with shady deals, but what’s different this time is that the primary criticism is of its environmental credentials. The Bitcoin network, we are told, uses more electricity than the Netherlands, more than Argentina, and in an age where global warming has started to exert an uncomfortable influence over our lives, we can’t afford such extravagance and the emissions associated with them.

Here at Hackaday we are more concerned with figures than arguments over the future of currency, so the angle we take away from it all lies with those power stats. How much energy does Argentina use, and is the claim about Bitcoin credible?

Continue reading “What Uses More Power Than Argentina But Doesn’t Dance The Tango?”

Using Phase Change Materials For Energy Storage

March 3, 2021 by 35 Comments

Renewable energy sources are becoming increasingly popular. However, such energy can be wasted if an excess is available when it’s not yet needed. A particularly relevant example is solar power; solar panels provide most of their output during the day, while often a household’s greatest energy use is at night.

One way to get around this problem is by storing excess energy so that it can be used later. The most common way this is done is with large batteries, however, it’s not the only game in town. Phase change materials are proving to be a useful tool to store excess energy and recover it later – storing energy not as electricity, but as heat. Let’s take a look at how the technology works, and some of its most useful applications. Continue reading “Using Phase Change Materials For Energy Storage”

Rube Goldberg’s Least Complicated Invention Was His Cartooning Career

March 2, 2021 by 27 Comments

The name Rube Goldberg has long been synonymous with any overly-built contraption played for laughs that solves a simple problem through complicated means. But it might surprise you to learn that the man himself was not an engineer or inventor by trade — at least, not for long. Rube’s father was adamant that he become an engineer and so he got himself an engineering degree and a job with the city. Rube lasted six months engineering San Francisco’s sewer systems before quitting to pursue his true passion: cartooning.

Rube’s most famous cartoons — the contraptions that quickly became his legacy — were a tongue-in-cheek critique meant to satirize the tendency of technology to complicate our lives in its quest to simplify them. Interestingly, a few other countries have their own version of Rube Goldberg. In the UK it’s Heath Robinson, and in Denmark it’s Robert Storm Petersen, aka Storm P.

Rube Goldberg was a living legend who loved to poke fun at everything happening in the world around him. He became a household name early in his cartooning career, and was soon famous enough to endorse everything from cough drops to cigarettes. By 1931, Rube’s name was in the Merriam-Webster dictionary, his legacy forever cemented as the inventor of complicated machinery designed to perform simple tasks. As one historian put it, Rube’s influence on culture is hard to overstate.

Continue reading “Rube Goldberg’s Least Complicated Invention Was His Cartooning Career”

An Homage To Daft Punk In Fan-Made Helmets Through The Years.

March 2, 2021 by 32 Comments

It’s with sadness that we note the end to an end. The French dance music duo Daft Punk have split up, announced in a video that’s has already clocked 22 million views.The band have inspired hardware geeks across the world not just with their music but the way they present themselves. A perennial project has been to replicate in some way their iconic robot helmets.

Ben Heck's 2009 take on the helmet
Harrison Krix’s 2009 take on Guy-Manuel de Homem-Christo’s helmet.

The artists themselves have been reticent about the exact technology that powers their headgear, but while this is a source of endless mystery and speculation to the music press it’s safe to assume from our perspective that their designers have the same parts at their disposal as we have. Microcontrollers, EL wire, and LEDs are universal, so the challenge lies in artistic expression with the helmet design rather than in making the effects themselves. We’ve reached into the archives for a bit of Daft Punk helmet nostalgia, so stick on Harder Better Faster and lets take a look at them, er, one more time.

Continue reading “An Homage To Daft Punk In Fan-Made Helmets Through The Years.”