Slider

4920 Articles

Hackaday Podcast 103: Antennas For Everyone, A Clock Made Of Chains, Magic Eye Tubes, And A Little Google Bashing

January 29, 2021 by 2 Comments

Hackaday editors Mike Szczys and  Elliot Williams discuss the greatest hacks of the week that was. Antennas aren’t rocket science, so this week we really enjoyed a video that demystifies antenna designs and a project that tunes up the antennas on cheap wireless modules in the simplest of ways. Google’s in the news this week with the end to project Loon, and a dust-up with the volunteer package maintainers who have spent years making sure Chromium browser is in the Linux repos. Elliot is gaga for magic eye tubes and crazy musical instruments, while Mike is over the moon for a chain-based clock display. We close up the episode talking about the Concorde, and the math behind cable mechanisms.

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (~65 MB)

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 103: Antennas For Everyone, A Clock Made Of Chains, Magic Eye Tubes, And A Little Google Bashing”

This Week In Security: Sudo, Database Breaches, And Ransomware

January 29, 2021 by 27 Comments
We couldn't resist, OK?
Obligatory XKCD

Sudo is super important Linux utility, as well as the source of endless jokes. What’s not a joke is CVE-2021-3156, a serious vulnerability around incorrect handling of escape characters. This bug was discovered by researchers at Qualys, and has been in the sudo codebase since 2011. If you haven’t updated your Linux machine in a couple days, you may very well be running the vulnerable sudo binary still. There’s a simple one-liner to test for the vulnerability:

sudoedit -s '\' `perl -e 'print "A" x 65536'`

In response to this command, my machine throws this error, meaning it’s vulnerable:

malloc(): corrupted top size
Aborted (core dumped)

To understand the problem with sudo, we have to understand escape characters. It really boils down to spaces in file and folder names, and how to deal with them. You want to name your folder “My Stuff”? That’s fine, but how do you interact with that directory name on the command line, when spaces are the default delimiter between arguments? One option is to wrap it in quotation marks, but that gets old in a hurry. The Unix solution is to use the backslash character as an escape character. Hence you can refer to your fancy folder as My\ Stuff. The shell sees the escape character, and knows to interpret the space as part of the folder name, rather than an argument separator. Escape characters are a common vulnerability location, as there are plenty of edge cases. Continue reading “This Week In Security: Sudo, Database Breaches, And Ransomware”

Swine Of The Times: Pig-to-Human Organ Transplants On Track For 2021

January 28, 2021 by 73 Comments

Every day in the US, seventeen people die because they couldn’t get a organ transplant in time. An American biotech company called United Therapeutics is looking to pick up the lifesaving slack by producing a line of genetically-modified pigs for the purpose of harvesting their organs, among other therapeutic uses. United Therapeutics’ pig-farming subsidiary Revivicor is a spin-off of PPL Therapeutics, the company that gave us Dolly the cloned sheep back in 1996. They intend to start transplanting pig organs into humans as early as this year.

Baby Fae after transplant surgery. Image by Duane Miller-AP via Time Magazine

Although it sounds like science fiction, the idea of transplanting animal cells, organs, and tissue into humans has been around for over a hundred years. The main problem with xenotransplantation is that it usually triggers severe immune system reactions in the recipient’s body. In one of the more noteworthy cases, a baby girl received a baboon heart in 1984, but died a few weeks later because her body rejected the organ.

The leading cause of xenotransplant rejection is a sugar called alpha-gal. This sugar appears on the cell surfaces of all non-primate mammals. Alpha-gal is problematic for other reasons, too: a condition called alpha-gal syndrome usually begins when a Lone Star tick bites a person and transmits alpha-gal cells from the blood of animals they have bitten. From that point on, the person will experience an allergic reaction when eating red meat such as beef, pork, and lamb.

Continue reading “Swine Of The Times: Pig-to-Human Organ Transplants On Track For 2021”

Google Loon’s Internet Balloons Come Back To Earth After A Decade In The Stratosphere

January 28, 2021 by 47 Comments

After a journey of a decade, what started as Project Loon by Google is no more. Promoted as a way to bring communications to the most remote parts of the globe, it used gigantic, high-altitude balloons equipped with communication hardware for air to ground, as well as air to air communication, between individual balloons. Based around LTE technology, it would bring multiple megabit per second data links to both remote areas and disaster zones.

Seven years into its development, Loon became its own company (Loon LLC), and would provide communications to some areas of Kenya, in addition to Sri Lanka in 2015 and Puerto Rico in 2017 after Hurricane Maria. Three years later, in January of 2021, it was announced that Loon LLC would be shutting down operations. By that point it had become apparent that the technology would not be commercially viable, with alternatives including wired internet access having reduced the target market.

While the idea behind Loon sounds simple in theory, it turns out that it was more complicated than just floating up some weather balloon with LTE base stations strapped to them.

Continue reading “Google Loon’s Internet Balloons Come Back To Earth After A Decade In The Stratosphere”

Sony’s Electric Car Now Road Testing In Austria

January 27, 2021 by 73 Comments

The Consumer Electronics Show was not typically a place for concept cars, and Sony aren’t known as a major automaker. However, times change, and the electric transport revolution has changed much. At the famous trade show, Sony shocked many by revealing its Vision-S concept — a running, driving, prototype electric car.

Far from a simple mockup to show off in-car entertainment or new fancy cameras, Sony’s entry into the automotive world is surprisingly complete. Recently, the Japanese tech giant has been spotted testing the vehicle on the road in Austria, raising questions about the future of the project. Let’s dive in to what Sony has shown off, and what it means for the potential of the Vision-S.

Continue reading “Sony’s Electric Car Now Road Testing In Austria”

Before Google, There Was The Reference Librarian

January 27, 2021 by 75 Comments

I know it is a common stereotype for an old guy to complain about how good the kids have it today. I, however, will take a little different approach: We have it so much better today when it comes to access to information than we did even a few decades ago. Imagine if I asked you the following questions:

  • Where can you have a custom Peltier device built?
  • What is the safest chemical to use when etching glass?
  • What does an LM1812 IC do?
  • Who sells AWG 12 wire with Teflon insulation?

You could probably answer all of these trivially with a quick query on your favorite search engine. But it hasn’t always been that way. In the old days, we had to make friends with three key people: the reference librarian, the vendor representative, and the old guy who seemed to know everything. In roughly that order. Continue reading “Before Google, There Was The Reference Librarian”

What’s The Deal With Chromium On Linux? Google At Odds With Package Maintainers

January 26, 2021 by 152 Comments

Linux users are more likely than most to be familiar with Chromium, Google’s the free and open source web project that serves as the basis for their wildly popular Chrome. Since the project’s inception over a decade ago, users have been able to compile the BSD licensed code into a browser that’s almost the same as the closed-source Chrome. As such, most distributions offer their own package for the browser and some even include it in the base install. Unfortunately, that may be changing soon.

A post made earlier this month to the official Chromium Blog explained that an audit had determined “third-party Chromium based browsers” were using APIs that were intended only for Google’s internal use. In response, any browser attempting to access features such as Chrome Sync with an unofficial API key would be prevented from doing so after March 15th.

To the average Chromium user, this doesn’t sound like much of a problem. In fact, you might even assume it doesn’t apply to you. The language used in the post makes it sound like Google is referring to browsers which are spun off of the Chromium codebase, and at least in part, they are. But the search giant is also using this opportunity to codify their belief that the only official Chromium builds are the ones that they provide themselves. With that simple change, anyone using a distribution-specific build of Chromium just became persona non grata.

Unhappy with the idea of giving users a semi-functional browser, the Chromium maintainers for several distributions such as Arch Linux and Fedora have said they’re considering pulling the package from their respective repositories altogether. With a Google representative confirming the change is coming regardless of community feedback, it seems likely more distributions will follow suit.

Continue reading “What’s The Deal With Chromium On Linux? Google At Odds With Package Maintainers”