Slider

4774 Articles

Ubiquitous Successful Bus: Version 3

November 12, 2024 by 61 Comments

USB 2 is the USB we all know and love. But about ten years ago, USB got an upgrade: USB 3.0. And it’s a lot faster. It started off ten times the speed of USB 2, with 5 Gbps, and later got 20 Gbps and 40 Gbps revisions. How does that work, and how do you hack on it? Well, for a start, it’s very different from USB 2, and the hacking differs in many important ways.

In fact, USB 3 is an entirely separate interface from USB 2, and it does not depend on USB 2 in any way whatsoever – some people think that USB 3 negotiation happens through USB 2, but that’s a complete myth. USB 2 and USB 3 are electrically, physically, and logically distinct interfaces. Except for the fact that USB 3 is backwards compatible with USB 2, they are simply entirely different.

This also means that every USB-A port with USB 3 capabilities (typically blue, but not always) carries two interfaces; indeed, if you want, you can split a typical USB 3 port into a USB 3-only USB-A port and a USB 2-only USB-A port. USB 3-only ports are not legal per USB 3 standard, you’re expected to keep USB 2 there, but only for user convenience; you can split it with a hub and get, like, three extra USB 2 branches for your own use. Even if it’s forbidden, it works flawlessly – it’s what I’m currently using to connect my mouse to my laptop as I’m typing this!

Not to say that USB 3 is all easy to work with – there’s a fair bit of complexity.

Continue reading “Ubiquitous Successful Bus: Version 3”

The Badge Hacks Of Supercon

November 9, 2024 by 4 Comments

We just got home from Supercon and well, it was super. It was great to see everyone, and meet a whole bunch of new folks to boot! The talks were great, and you can see a good half of them already on the Hackaday YouTube channel, so for that you didn’t even have to be there.

The badge hacks were, as with most years, out of this world. I’ll admit that my cheeks were sore from laughing so much after emceeing it this year, due in no small part to two hilarious AI projects, both of which were also righteous hacks in addition to full-on comedy routines. A group of six programmers got all of their hacks working together, and the I2C-to-MQTT bridge had badges blinking in sync even in the audience. You want blinkies? We had blinkies.

But the hack that warmed everyones’ hearts was “I figured it out” by [Connie]. Before this weekend, she had never coded MicroPython and didn’t know anything about I2C. But yet by Sunday afternoon, she made a sweet spiral animation on the LED wheel, and blinked the RGBs in the touchwheel.

What I love about the Hackaday audience is that, when the chips are down, someone doing something new for the first time is valued as much as some of the more showy work done by more experienced programmers. Hacking is also about learning and pushing out boundaries after all. The shouts for “I figured it out” were louder than any others in the graphics hacks category, it took home a prize, and I was smiling from ear to ear.

Hackaday can learn from this too. [Connie]’s hack definitely shows the need for another badge-hack category, first timers, because we absolutely should recognize first tries. There was also a strong petition / protest from people who had worked new hacks onto previous year’s badges – like [Andy] and [koppanyh]’s addition of bit-banged I2C to the Voja 4 badge from two years ago, and [Instant Arcade]’s Polar Pacman, which he named “Ineligible for this Competition” in protest. Touche.

We’re stoked to learn new things, see new hacks, and basically just catch up with everything folks did over the weekend. We can’t wait to see what you’re up to next year!

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!

The Rogue Emperor, And What To Do About Them

November 8, 2024 by 134 Comments

The chances are if you know someone who is a former Apple employee, you’ll have heard their Steve Jobs anecdote, and that it was rather unflattering to the Apple co-founder. I’ve certainly heard a few myself, and quick web search will reveal plenty more. There are enough of them that it’s very easy to conclude the guy was not a very pleasant person at all.

At the same time, he was a person whose public persona transcended reality, and his fan base treated him with an almost Messianic awe. For them everything he touched turned to gold, every new feature on an Apple product was his personal invention, every one of his actions even the not-so-clever ones were evidence of his genius, and anyone who hadn’t drunk the Apple Kool-Aid was anathema.  You’ll still see echoes of this today in Apple fanboys, even though the shine on the company is perhaps now a little tarnished.

It’s easy to spot parallels to this story in some of today’s tech moguls who have gathered similar devotion, but it’s a phenomenon by no means limited to tech founders. Anywhere there is an organisation or group that is centred around an individual, from the smallest organisation upwards, it’s possible for it to enter an almost cult-like state in which the leader both accumulates too much power, and loses track of some of the responsibilities which go with it. If it’s a tech company or a bowls club we can shrug our shoulders and move to something else, but when it occurs in an open source project and a benevolent dictator figure goes rogue it has landed directly on our own doorstep as the open-source community. It’s happened several times that I can immediately think of and there are doubtless more cases I am unaware of, and every time I am left feeling that our community lacks an adequate mechanism to come through it unscathed. Continue reading “The Rogue Emperor, And What To Do About Them”

Hackaday Podcast Episode 295: Circuit Graver, Zinc Creep, And Video Tubes

November 8, 2024 by 1 Comment

With Superconference 2024 in the books, Dan joined Elliot, fresh off his flight back from Pasadena, to look through the week (or two) in hacks. It was a pretty good crop, too, despite all the distractions and diversions. We checked out the cutest little quadruped, a wireless antenna for wireless communications, a price-tag stand-in for paper calendars, and a neat way to test hardware and software together.

We take the closest look yet at why Arecibo collapsed, talk about Voyager’s recent channel-switching glitch, and find out how to put old Android phones back in action. There’s smear-free solder paste application, a Mims-worthy lap counter, and a PCB engraver that you’ve just got to see. We wrap things up with a look at Gentoo and pay homage to the TV tubes of years gone by — the ones in the camera, for the TV sets.

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Download the zero-calorie MP3.

Continue reading “Hackaday Podcast Episode 295: Circuit Graver, Zinc Creep, And Video Tubes”

This Week In Security: Linux VMs, Real AI CVEs, And Backscatter TOR DoS

November 8, 2024 by 4 Comments

Steve Ballmer famously called Linux “viral”, with some not-entirely coherent complaints about the OS. In a hilarious instance of life imitating art, Windows machines are now getting attacked through malicious Linux VM images distributed through phishing emails.

This approach seems to be intended to fool any anti-malware software that may be running. The VM includes the chisel tool, described as “a fast TCP/UDP tunnel, transported over HTTP, secured via SSH”. Now that’s an interesting protocol stack. It’s an obvious advantage for an attacker to have a Linux VM right on a target network. As this sort of virtualization does require hardware virtualization, it might be worth disabling the virtualization extensions in BIOS if they aren’t needed on a particular machine.

AI Finds Real CVE

We’ve talked about some rather unfortunate use of AI, where aspiring security researchers asked an LLM to find vulnerabilities in a project like curl, and then completely wasted a maintainer’s time on those bogus reports. We happened to interview Daniel Stenberg on FLOSS Weekly this week, and after he recounted this story, we mused that there might be a real opportunity to use LLMs to find vulnerabilities, when used as a way to direct fuzzing, and when combined with a good test suite.

And now, we have Google Project Zero bringing news of their Big Sleep LLM project finding a real-world vulnerability in SQLite. This tool was previously called Project Naptime, and while it’s not strictly a fuzzer, it does share some similarities. The main one being that both tools take their educated guesses and run that data through the real program code, to positively verify that there is a problem. With this proof of concept demonstrated, it’s sure to be replicated. It seems inevitable that someone will next try to get an LLM to not only find the vulnerability, but also find an appropriate fix. Continue reading “This Week In Security: Linux VMs, Real AI CVEs, And Backscatter TOR DoS”

Mechanisms: Tension Control Bolts

November 7, 2024 by 54 Comments

If there’s an enduring image of how large steel structures used to be made, it’s probably the hot riveting process. You’ve probably seen grainy old black-and-white films of a riveting gang — universally men in bib overalls with no more safety equipment than a cigarette, heating rivets to red heat in a forge and tossing them up to the riveters with a pair of tongs. There, the rivet is caught with a metal funnel or even a gloved hand, slipped into a waiting hole in a flange connecting a beam to a column, and beaten into submission by a pair of men with pneumatic hammers.

Dirty, hot, and dangerous though the work was, hot riveted joints were a practical and proven way to join members together in steel structures, and chances are good that any commercial building that dates from before the 1960s or so has at least some riveted joints. But times change and technology marches on, and riveted joints largely fell out of fashion in the construction trades in favor of bolted connections. Riveting crews of three or more men were replaced by a single ironworker making hundreds of predictable and precisely tensioned connections, resulting in better joints at lower costs.

Bolted joints being torqued to specs with an electric wrench might not have the flair of red-hot rivets flying around the job site, but they certainly have a lot of engineering behind them. And as it turns out, the secret to turning bolting into a one-person job is mostly in the bolt itself.

Continue reading “Mechanisms: Tension Control Bolts”

FLOSS Weekly Episode 808: Curl – Gotta Download ’em All

November 6, 2024 by 9 Comments

This week, Jonathan Bennett and Randal Schwartz chat with Daniel Stenberg about curl! How many curl installs are there?! What’s the deal with CVEs? How has curl managed to not break its ABI for 18 years straight? And how did Daniel turn all this into a career instead of just a hobby? Watch to find out!

Continue reading “FLOSS Weekly Episode 808: Curl – Gotta Download ’em All”