Slider

4365 Articles

X-Ray Investigations Hack Chat

January 22, 2024 by 7 Comments

Join us on Wednesday, January 24 at noon Pacific for the X-Ray Investigation Hack Chat with Ahron Wayne!

It’s hard to imagine a world where we didn’t figure out how to use X-rays to peer inside things. Before Röntgen’s discovery that X-rays could penetrate living tissue, doctors had only limited (and often unpleasant) ways to get a look at what was going on inside the human body, and few of us would want to return to those days.

As fantastically useful as X-rays and later computed tomography (CT) became in medicine, it didn’t take too long for other uses for the technology to come along. Non-clinical applications for X-ray and CT abound, including their use in non-invasively exploring relics of immense archaeological value. One recent effort in this space that gained a lot of coverage in the press was the combination of CT imaging and machine learning to read the ink inside carbonized papyrus scrolls from the ruins of Pompeii.

join-hack-chatThe result was the “Vesuvius Challenge,” where different teams looked for techniques to virtually unwrap the roasted relics. Ahron’s contribution to the project was a little unusual — he bought a used desktop CT scanner, fixed it up, and started experimenting with reading ink from the carbonized remains of simulated papyrus scrolls. In other words, he made some scrolls, cooked them to beyond well-done in the oven, and tried to understand what happens to ink on papyrus that gets blasted by a volcano. If that’s not enough to get you to stop by the Hack Chat when Ahron joins us, we’re not sure what else would be! Suffice it to say we’re pretty excited about what Ahron has to say about DIY CT,  X-rays, collaborative open-source citizen science, and unwrapping the mysteries of Pompeii.

Our Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, January 24 at 12:00 PM Pacific time. If time zones have you tied up, we have a handy time zone converter.

Featured image: Daderot, CC0, via Wikimedia Commons

This Week In Security: Gitlab, VMware, And PixeFAIL

January 19, 2024 by 3 Comments

There’s a Gitlab vulnerability that you should probably pay attention to. Tracked as CVE-2023-7028, this issue allows an attacker to specify a secondary email during a the password reset request. Only one email has to match the one on record, but the password reset link gets sent to both emails. Yikes!

What makes this worse is there is already a Proof of Concept (PoC) released, and it’s a trivial flaw. In an HTTP/S post containing the password reset request, just include two email addresses. Thankfully, a fix is already out. Versions 16.7.2, 16.6.4, and 16.5.6 contain this patch, as well as fixes for a flaw that allowed sneaking unauthorized changes into a previously approved merge request, and an issue with Slack and Mattermost where slash commands could be spoofed.

VMware

We don’t want to over-dramatise this vulnerability, but VMware is calling it an emergency. This one affects VMware vRealize and Aria Automation. According to the the CVSS calculator, it’s a low complexity network flaw, but does require at least some privileges. Hopefully more information will come out about this vulnerability, but for now that’s about all we know.

Continue reading “This Week In Security: Gitlab, VMware, And PixeFAIL”

Tech In Plain Sight: Windshield Frit

January 18, 2024 by 29 Comments

You probably see a frit every day and don’t even notice it. What is it? You know the black band around your car’s windshield? That’s a frit (which, by the way, can also mean ingredients used in making glass) or, sometimes, a frit band. What’s more, it probably fades out using a series of dots like a halftone image, right? Think that’s just for aesthetics? Think again.

Older windshields were not always attached firmly, leading to them popping out in accidents. At some point, though, the industry moved to polyurethane adhesives, which are superior when applied correctly. However, they often degrade from exposure to UV. That’s a problem with a windshield, which usually gets plenty of sunlight.

The answer is the frit, a ceramic-based baked-on enamel applied to both sides of the windshield’s edges, usually using silk screening. The inner part serves as a bonding point for the adhesive. However, the outer part blocks UV radiation from reaching the adhesive. Of course, it also hides the adhesive and any edges or wiring beneath it, too.

Continue reading “Tech In Plain Sight: Windshield Frit”

Predicting The A-Bomb: The Cartmill Affair

January 18, 2024 by 18 Comments
The cover of the infamous issue of Astounding, March 1944

There’s an upcoming movie, Argylle, about an author whose spy novels are a little too accurate, and she becomes a target of a real-life spy game. We haven’t seen the movie, but it made us think of a similar espionage caper from 1944 involving science fiction author Cleve Cartmill. The whole thing played out in the pages of Astounding magazine (now Analog) and involved several other science fiction luminaries ranging from John W. Campbell to Isaac Asimov. It is a great story about how science is — well, science — and no amount of secrecy or legislation can hide it.

In 1943, Cartmill queried Campbell about the possibility of a story that would be known as “Deadline.” It wasn’t his first story, nor would it be his last. But it nearly put him in a Federal prison. Why?  The story dealt with an atomic bomb.

Nothing New

By itself, that’s probably not a big deal. H.G. Wells wrote “The World Set Free” in 1914, where he predicted nuclear weapons. But in 1914, it wasn’t clear how that would work exactly. Wells mentioned “uranium and thorium” and wrote a reasonable account of the destructive power: Continue reading “Predicting The A-Bomb: The Cartmill Affair”

Linux Fu: Where’s That Darn File?

January 17, 2024 by 20 Comments

Disk storage has exploded in the last 40 years. These days, even a terabyte drive is considered small. There is one downside, though. The more stuff you have, the harder it is to find it. Linux provides numerous tools to find files when you can’t remember their name. Each has plusses and minuses, and choosing between them is often difficult.

Definitions

Different tools work differently to find files. There are several ways you might look for a file:

  1. Find a file if you know its name but not its location.
  2. Find a file when you know some part of its name.
  3. Find a file that contains something.
  4. Find a file with certain attributes (e.g., larger than 100 kB)

You might combine these, too. For example, it is reasonable to query all PDF files created in the last week that are larger than 100 kB.

There are plenty of different types of attributes. Some file systems support tags, too. So, you might have a PERSONAL tag to mark files that apply to you personally. Unfortunately, tool support for tags is somewhat lacking, as you’ll see later.

Another key point is how up-to-date your search results are. If you sift through terabytes of files for each search, that will be slow. If you keep an index, that’s fast, but the index will quickly be out of date. Do you periodically refresh the index? Do you watch the entire file system for changes and then update the index? Different tools do it differently. Continue reading “Linux Fu: Where’s That Darn File?”

Ask Hackaday: Why Are Self-Checkouts Failing?

January 16, 2024 by 260 Comments

Most people who read Hackaday have positive feelings about automation. (Notice we said most.) How many times have you been behind someone in a grocery store line waiting for them to find a coupon, or a cashier who can’t make change without reading the screen and thought: “There has to be a better way.” The last few years have seen that better way, but now, companies are deciding the grass isn’t greener after all. The BBC reports that self-checkouts have been a “spectacular failure.” That led us to wonder why that should be true.

As a concept, everyone loves it. Stores can hire fewer cashiers. Customers, generally, like having every line open and having a speedy exit from the store. The problem is, it hasn’t really panned out that way. Self-checkout stations frequently need maintenance, often because it can’t figure out that you put something in the bag. Even when they work flawlessly, a customer might have an issue or not understand what to do. Maybe you’ve scanned something twice and need one of them backed off. Then, there are the age-restricted products that require verification. So now you have to hire a crew of not-cashiers to work at the automated not-register. Sure, you can have one person cover many registers, but when one machine is out of change, another won’t print a receipt, and two people are waiting for you to verify their beer purchase, you are back to waiting. Next thing you know, there’s a line.

Continue reading “Ask Hackaday: Why Are Self-Checkouts Failing?”

Illustrated Kristina with an IBM Model M keyboard floating between her hands.

Keebin’ With Kristina: The One With The Really Snazzy Folding Keyboard

January 16, 2024 by 4 Comments

Sometimes you just have to throw your hat in the ring, and throw it hard. Here is [mkdxdx]’s rockin’ EVH 5150-esque take on the keyboard business. The Mriya foldable keyboard aims to be and sport a number of things, and it does all of them in great style. I could totally see my fingers flying over this thing somewhere in the wild, with robots fighting in the distance.

Image by [mkdxdx] via Hackaday.IO
I have to say I really like the fact that [mkdxdx] uses thumb keys here for what I can only assume are Enter, Space, and Backspace. It’s a nice compromise between compactness and ergonomics. I also really like the totally impractical but quite cool-looking connector that runs between the top and bottom.

If the color scheme looks familiar, you’re probably remembering [mkdxdx]’s first-place-winning entry into the 2023 Cyberdeck Contest. This RP2040-based keyboard might just end up as part of a larger project, but it’s already an outstanding peripheral. We can’t wait to see the next phase, should there be one for this keyboard.

Continue reading “Keebin’ With Kristina: The One With The Really Snazzy Folding Keyboard”