This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.
This week Jonathan and Katherine talk with Jamie Abrahams about Drupal, and how AI just makes sense. No, really. Jamie makes a compelling case that Drupal is a really good tool for building AI workflows. We cover security, personal AI, and more!
Continue reading “FLOSS Weekly Episode 841: Drupal And AI: The Right Tool For Everything”
Supersonic air travel is great if you want to get somewhere quickly. Indeed, the Concorde could rush you from New York to London in less than three and a half hours, over twice as fast as a conventional modern airliner. Despite the speed, though, supersonic passenger service has never really been sustainable thanks to the noise involved. Disruption from sonic booms has meant that supersonic travel over land is near-universally banned. This strictly limits the available routes for supersonic passenger jets, and thus their economic viability.
Solving this problem has been a hot research topic for some time. Now, it appears there might be a way forward for supersonic air travel over land, using a neat quirk of Earth’s atmosphere.
There’s something ominous about robots taking over jobs that humans are suited to do. Maybe you don’t want a job turning a wrench or pushing a broom, but someone does. But then there are the jobs no one wants to do or physically can’t do. Robots fighting fires, disarming bombs, or cleaning up nuclear reactors is something most people will support. But can you climb through a water pipe from the inside? No? There are robots that are available from several commercial companies and others from university researchers from multiple continents.
If you think about it, it makes sense. For years, companies that deal with pipes would shoot large slugs, or “pigs”, through the pipeline to scrape them clean. Eventually, they festooned some pigs with sensors, and thus was born the smart pig. But now that it is possible to make tiny robots, why not send them inside the pipe to inspect and repair?
There’s interesting news out of Wyoming, where a coal mine was opened this week. But the fact that it’s the first new coal mine in 50 years isn’t the big news — it’s the mine’s abundance of rare earth elements that’s grabbing the headlines. As we’ve pointed out before, rare earth elements aren’t actually all that rare, they’re just widely distributed through the Earth’s crust, making them difficult to recover. But there are places where the concentration of rare earth metals like neodymium, dysprosium, scandium, and terbium is slightly higher than normal, making recovery a little less of a challenge. The Brook Mine outside of Sheridan, Wyoming is one such place, at least according to a Preliminary Economic Assessment performed by Ramaco Resources, the mining company that’s developing the deposit.
The PEA states that up to 1,200 tons of rare earth oxides will be produced a year, mainly from the “carbonaceous claystones and shales located above and below the coal seams.” That sounds like good news to us for a couple of reasons. First, clays and shales are relatively soft rocks, making it less energy- and time-intensive to recover massive amounts of raw material than it would be for harder rock types. But the fact that the rare earth elements aren’t locked inside the coal is what’s really exciting. If the REEs were in the coal itself, that would present something similar to the “gasoline problem” we’ve discussed before. Crude oil is a mixture of different hydrocarbons, so if you need one fraction, like diesel, but not another, like gasoline, perhaps because you’ve switched to electric vehicles, tough luck — the refining process still produces as much gasoline as the crude contains. In this case, it seems like the coal trapped between the REE-bearing layers is the primary economic driver for the mine, but if in the future the coal isn’t needed, the REEs could perhaps be harvested and the coal simply left behind to be buried in the ground whence it came.
One of the tropes of the space race back in the 1960s, which helped justify the spending for the part of the public who thought it wasn’t worth it, was that the technology developed for use in space would help us out here back on earth. The same goes for the astronomical expenses in Formula 1, or even on more pedestrian tech like racing bikes or cinematography cameras. The idea is that the boundaries pushed out in the most extreme situations could nonetheless teach us something applicable to everyday life.
This week, we saw another update from the Minuteman project, which is by itself entirely ridiculous – a 3D printer that aims to print a 3D Benchy in a minute or less. Of course, the Minuteman isn’t alone in this absurd goal: there’s an entire 3D printer enthusiast community that is pushing the speed boundaries of this particular benchmark print, and times below five minutes are competitive these days, although with admittedly varying quality. (For reference, on my printer, a decent-looking Benchy takes about half an hour, but I’m after high quality rather than high speed.)
One could totally be forgiven for scoffing at the Speed Benchy goal in general, the Minuteman, or even The 100, another machine that trades off print volume for extreme speed. But there is definitely trickle-down for the normal printers among us. After all, pressure advance used to be an exotic feature that only people who were using high-end homemade rigs used to care about, and now it’s gone mainstream. Who knows if the Minuteman’s variable temperature or rate smoothing, or the rigid and damped frames of The 100, or its successor The 250, will make normal printers better.
So here’s to the oddball machines, that push boundaries in possibly ridiculous directions, but then share their learnings with those of us who only need to print kinda-fast, but who like to print other things than little plastic boats that don’t even really float. At least in the open-source hardware community, trickle-down is very real.
This week, Hackaday’s Elliot Williams and Kristina Panos joined forces to bring you the latest news, mystery sound, and of course, a big bunch of hacks from the previous week.
In Hackaday news, the One Hertz Challenge ticks on. You have until Tuesday, August 19th to show us what you’ve got, so head over to Hackaday.IO and get started now! In other news, we’ve just wrapped the call for Supercon proposals, so you can probably expect to see tickets for sale fairly soon.
On What’s That Sound, Kristina actually got this one with some prodding. Congratulations to [Alex] who knew exactly what it was and wins a limited edition Hackaday Podcast t-shirt!
After that, it’s on to the hacks and such, beginning with a ridiculously fast Benchy. We take a look at a bunch of awesome 3D prints a PEZ blaster and a cowbell that rings true. Then we explore chisanbop, which is not actually K-Pop for toddlers, as well as a couple of clocks. Finally, we talk a bit about dithering before taking a look at the top tech of 1985 as shown in Back to the Future (1985).
Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!
Download in DRM-free MP3 and savor at your leisure.
Continue reading “Hackaday Podcast Episode 328: Benchies, Beanies, And Back To The Future“
@jack is back with a weekend project. Yes, that Jack. [Jack Dorsey] spent last weekend learning about Bluetooth meshing, and built Bitchat, a BLE mesh encrypted messaging application. It uses X25519 for key exchange, and AES-GCM for message encryption. [Alex Radocea] took a look at the current state of the project, suspects it was vibe coded, and points out a glaring problem with the cryptography.
So let’s take a quick look at the authentication and encryption layer of Bitchat. The whitepaper is useful, but still leaves out some of the important details, like how the identity key is tied to the encryption keys. The problem here is that it isn’t.
Bitchat has, by necessity, a trust-on-first-use authentication model. There is intentionally no authentication central authority to verify the keys of any given user, and the application hasn’t yet added an out-of-band authentication method, like scanning QR codes. Instead, it has a favorites system, where the user can mark a remote user as a favorite, and the app saves those keys forever. There isn’t necessarily anything wrong with this approach, especially if users understand the limitations.
The other quirk is that Bitchat uses ephemeral keys for each chat session, in an effort to have some forward secrecy. In modern protocols, it’s desirable to have some protection against a single compromised encryption key exposing all the messages in the chain. It appears that Bitchat accomplishes this by generating dedicated encryption keys for each new chat session. But those ephemeral keys aren’t properly verified. In fact, they aren’t verified by a user’s identity key at all!
The attack then, is to send a private message to another user, present the public key of whoever your’re trying to impersonate, and include new ephemeral encryption keys. Even if your target has this remote user marked as a favorite, the new encryption keys are trusted. So the victim thinks this is a conversation with a trusted person, and it’s actually a conversation with an attacker. Not great. Continue reading “This Week In Security: Bitchat, CitrixBleed Part 2, Opossum, And TSAs”
