Slider

4767 Articles

Illustrated Kristina with an IBM Model M keyboard floating between her hands.

Keebin’ With Kristina: The One With The Circuit Sculpture Keyboard

January 7, 2025 by 2 Comments

The left half of GEMK-47, a mechanical keyboard with a round screen.
Image by [New-Concentrate6308] via reddit
Don’t worry, [New-Concentrate6308] is working on the GitHub for this final build of 2024, dubbed the GEMK_47. That stands for Grid Ergo Magnetic Keyboard, but I swear there are 48 keys.

What we’ve got here is a split ergo with an ortholinear layout. There’s a round screen and encoder on the left side, and a 35 mm trackpad on the right. There’s also space for some other round thing on this side, should you want another rotary encoder or whatever fits in place of the spacer.

Internally, there’s a Waveshare RP2040 Tiny and a mixture of Gateron Oil Kings and Gateron Yellow V3 switches. That lovely case is printed in silk silver PLA, but [New-Concentrate6308] wants to try metal-filled PLA for the next version. Although the original idea was to go wireless, ZMK didn’t play nicely with that round display, which of course is non-negotiable.

Continue reading “Keebin’ With Kristina: The One With The Circuit Sculpture Keyboard”

Before GPS There Was LORAN

January 6, 2025 by 38 Comments

We found it nostalgic to watch [ve3iku] fire up an old Loran-A receiver and, as you can see in the video below, he got it working. If you aren’t familiar with LORAN, it was a common radio navigation technique before GPS took over everything.

LORAN — an acronym for Long Range Navigation — was a US byproduct of World War II and was similar in many ways to Britain’s Gee system. However, LORAN operated at lower frequencies to improve its range. It was instrumental in helping convoys cross the Atlantic and also found use in the Pacific theater.

Continue reading “Before GPS There Was LORAN”

One Small Step: All About Stepper Motors

January 6, 2025 by 12 Comments

The primary feature of stepper motors is listed right within their name: their ability to ‘step’ forwards and backwards, something which they (ideally) can do perfectly in sync with the input provided to their distinct coils. It’s a feature that allows the connected controller to know the exact position of the stepper motor, without the need for any sensor to provide feedback after a movement, saving a lot of hardware and effort in the process.

Naturally, this is the optimal case, and there are a wide number of different stepper motor configurations in terms of coil count,  types of rotors and internal wiring of the coils, as well as complications such as skipped steps due to mechanical or driver issues. Despite this, in general stepper motors are quite reliable, and extremely versatile. As a result they can be found just about anywhere where accurate, step-based movement is desirable, such as (3D) printers and robotics.

For each application the right type of stepper motor and driving circuit has to be determined, of course, as they also have many reasons why you’d not want to use them, or just a particular type. When diving into a new stepper motor-based project, exactly what are the considerations to pay attention to?

Continue reading “One Small Step: All About Stepper Motors”

Hackaday Links Column Banner

Hackaday Links: January 5, 2025

January 5, 2025 by 4 Comments

Good news this week from the Sun’s far side as the Parker Solar Probe checked in after its speedrun through our star’s corona. Parker became the fastest human-made object ever — aside from the manhole cover, of course — as it fell into the Sun’s gravity well on Christmas Eve to pass within 6.1 million kilometers of the surface, in an attempt to study the extremely dynamic environment of the solar atmosphere. Similar to how manned spacecraft returning to Earth are blacked out from radio communications, the plasma soup Parker flew through meant everything it would do during the pass had to be autonomous, and we wouldn’t know how it went until the probe cleared the high-energy zone. The probe pinged Earth with a quick “I’m OK” message on December 26, and checked in with the Deep Space Network as scheduled on January 1, dumping telemetry data that indicated the spacecraft not only survived its brush with the corona but that every instrument performed as expected during the pass. The scientific data from the instruments won’t be downloaded until the probe is in a little better position, and then Parker will get to do the whole thing again twice more in 2025. Continue reading “Hackaday Links: January 5, 2025”

This Week In Security: License Plates, TP-Link, And Attacking Devs

December 27, 2024 by 22 Comments

We’re covering two weeks of news today, which is handy, because the week between Christmas and New Years is always a bit slow.

And up first is the inevitable problem with digital license plates. Unless very carefully designed to be bulletproof, they can be jailbroken, and the displayed number can be changed. And the Reviver plates were definitely not bulletproof, exposing a physical programming port on the back of the plate. While it’s not explicitly stated, we’re guessing that’s a JTAG port, given that the issue is considered unpatchable, and the port allows overwriting the firmware. That sort of attack can be hardened against with signed firmware, and using an MCU that enforces it.

This does invite comparisons to the James Bond revolving license plate — and that comparison does put the issue into context. It’s always been possible to swap license plates. If someone really wants to cause mischief, traditional plates can be stolen, or even faked. What a digital plate adds to the equation is the ability to switch plate numbers on the fly, without stopping or turning a screwdriver. Regardless, this seems like it will be an ongoing problem, as so many manufacturers struggle to create secure hardware.

Malicious RDP

There’s a clever attack, that uses Microsoft’s Remote Desktop Protocol (RDP), to give away way too much control over a desktop. That’s accomplished by sending the target a .rdp file that shares local resources like the clipboard, filesystem, and more. What’s new is that it seems this theoretical attack has now shown up in the wild.

The attack campaign has been attributed to APT29, CozyBear, a threat actor believed to be associated with Russia’s Foreign Intelligence Service. This attribution tracks with the victims of choice, like government, research, and Ukrainian targets in particular. To escape detection, the malicious RDP endpoints are set up behind RDP proxies, running on services like AWS. The proxies and endpoints are accessed through TOR and other anonymous proxies. The .rdp files were spread via spear-phishing emails sent through compromised mail servers. The big push, with about 200 targets, was triggered on October 22nd. Researchers at TrendMicro believe this was the end of a targeted campaign. The idea being that at the end of the campaign, it no longer matters if the infrastructure and methods get discovered, so aim for maximum impact.

Free* Mcdonalds?

Here we learn that while McDonald’s USA dosn’t have a bug bounty program, McDonald’s India does — and that’s why researcher [Eaton Zveare] looked there. And found a series of Broken Object Level Authorization (BOLA) bugs. That’s a new term to this column, but a concept we’ve talked about before. BOLA vulnerabilities happen when a service validates a user’s authentication token, but doesn’t properly check that the user is authorized to access the specific resources requested.

In the McDonald’s case, any user of the web app is issued a guest JWT token, and that token is then valid to access any Order ID in the system. That allows some interesting fun, like leaving reviews on other users’ orders, accessing delivery maps, and getting copies of receipts. But things got really interesting when creating an account, and then ordering food. A hidden, incomplete password login page allowed breaking the normal user verification flow, and creating an account. Then after food is added to the cart, the cart can be updated to have a total price of a single rupee, about the value of a penny.

This research earned [Eaton] a $240 Amazon gift card, which seems a little stingy, but the intent behind the gesture is appreciated. The fixes landed just over 2 months after reported, and while [Eaton] notes that this is slower than some companies, it’s significantly faster than some of the less responsive vendors that we’ve seen.

Banning TP-Link

The US Government has recently begun discussing a plan to ban TP-Link device purchases in the United States. The reported reason is that TP-Link devices have shipped with security problems. One notable example is a botnet that Microsoft has been tracking, that primarily consists of TP-Link devices.

This explanation rings rather hollow, particularly given the consistent security failings from multiple vendors that we’ve covered on this very column over the years. Where it begins to make more sense is when considered in light of the Chinese policy that all new vulnerabilities must first be reported to the Chinese government, and only then can fixes be rolled out. It suggests that the US Commerce Department suspects that TP-Link is still following this policy, even though it’s technically now a US company.

I’m no stranger to hacking TP-Link devices. Many years ago I wrote a simple attack to put the HTTPD daemon on TP-Link routers into debug mode, by setting the wifi network name. Because the name was used to build a command run with bash, it was possible to do command injection, build a script in the device’s /tmp space, and then execute that script. Getting to debug mode allowed upgrading to OpenWRT on the device. And that just happens to be my advice for anyone still using TP-Link hardware: install OpenWRT on it.

Developers Beware

We have two separate instances of malware campaigns directly targeting developers. The first is malicious VSCode extensions being uploaded to the marketplace. These fakes are really compelling, too, with lots of installs, reviews, and links back to the real pages. These packages seem to be droppers for malware payloads, and seem to be targeting cryptocurrency users.

If malware in your VSCode extensions isn’t bad enough, OtterCookie is a campaign believed to come from North Korea, spreading via fake job interviews. The interview asks a candidate to run a Node.js project, or install an npm package as part of prep. Those are malicious packages, and data stealers are deployed upon launch. Stay frosty, even on the job hunt.

Bits and Bytes

PHP has evolved over the years, but there are still a few quirks that might trip you up. One of the dangerous ones is tied up in $_SERVER['argv'], a quick way to test if PHP is being run from the command line, or on a server. Except, that relies on register_argc_argv set to off, otherwise query strings are enough to fool a naive application into thinking it’s running on the command line. And that’s exactly the footgun that caught Craft CMS with CVE-2024-56145.

Australia may know something we don’t, setting 2030 as the target for retiring cryptography primitives that aren’t quantum resistant. That’s RSA, Elliptic-curve, and even SHA-256. It’s a bit impractical to think that those algorithms will be completely phased out by then, but it’s an interesting development to watch.

Fuzzing is a deep subject, and the discovery of 29 new vulnerabilities found in GStreamer is evidence that there’s still plenty to discover. This wasn’t coverage-guided fuzzing, where the fuzzer mutates the fuzzing input to maximize. Instead, this work uses a custom corpus generator, where the generator is aware of how valid MP4 files are structured.

Battery-Electric Ships: Coming Soon To A Harbor Near You?

December 26, 2024 by 77 Comments

When ships moved from muscle- and wind power to burning coal and other fossil fuels for their propulsion, they also became significantly faster and larger. Today’s cargo ships and ferries have become the backbone of modern civilization, along with a range of boat types. Even though tugs and smaller pleasure vessels are a far cry from a multi-thousand ton cargo or cruise ship, one would be hard-pressed to convert these boats back to a pure muscle or wind-based version. In short, we won’t be going back to the Age of Sail, but at the same time the fossil fuel-burning engines in these boats and ship come with their own range of issues.

Even if factors like pollution and carbon emissions are not something which keep you up at night, fuel costs just might, with these and efficiency regulations increasing year over year. Taking a page from alternative propulsion systems in cars and trucks, the maritime industry has been considering a range of replacements for diesel and steam engines. Here battery-electric propulsion is somewhat of an odd duck, as it does not carry its own fuel and instead requires on-shore recharging stations. Yet if battery-electric vehicles (BEVs) can be made to work on land with accompanying low ‘refueling’ costs, why not ships and boats?

A recent study by Lawrence Berkeley National Laboratory (LBNL) researchers Hee Seung Moon et al. as published in Nature Energy claims that a significant part of US maritime traffic can be electrified this way. Yet as a theoretical model, how close does it hit to the harsh realities imposed by this physical world which we live in?

Continue reading “Battery-Electric Ships: Coming Soon To A Harbor Near You?”

Tech In Plain Sight: Incandescent Bulbs

December 26, 2024 by 71 Comments

While they are dying out, you can still find incandescent bulbs. While these were once totally common, they’ve been largely replaced by LEDs and other lighting technology. However, you still see a number of them in special applications or older gear. If you are above a certain age, you might be surprised that youngsters may have never seen a standard incandescent lightbulb. Even so, the new bulbs are compatible with the old ones, so — mechanically, at least — the bulbs don’t look different on the outside.

You might have learned in school that Thomas Edison invented the light bulb, but the truth is much stranger (public domain)

It has been known for a long time that passing a current through a wire creates a glow. The problem is, the wire — the filament — would burn up quickly. The answer would be a combination of the right filament material and using an evacuated bulb to prevent the filament degrading. But it took over a century to get a commercially successful lightbulb.

We were all taught in school that Thomas Edison invented the light bulb, but the truth is much more complicated. You can go back to 1761 when Ebenezer Kinnersley first caused a wire to glow. Of course, wires would quickly burn up in the air. By the early 19th century, limelight was fairly common in theaters. Limelight — also known as the Drummond light — heated a piece of calcium oxide using a gas torch — not electric, but technically incandescence. Ships at sea and forts in the U.S. Civil War used limelights to illuminate targets and, supposedly, to blind enemy troops at night. Check out the video below to see what a limelight looks like.

Continue reading “Tech In Plain Sight: Incandescent Bulbs”