Hackaday Links Column Banner

Hackaday Links: June 23, 2024

When a ransomware attack targets something like a hospital, it quickly becomes a high-profile event that understandably results in public outrage. Hospitals are supposed to be backstops for society, a place to go when it all goes wrong, and paralyzing their operations for monetary gain by taking over their information systems is just beyond the pale. Tactically, though, it makes sense; their unique position in society seems to make it more likely that they’ll pay up.

Which is why the ongoing cyberattack against car dealerships is a little perplexing — can you think of a less sympathetic victim apart from perhaps the Internal Revenue Service? Then again, we’re not in the ransomware business, so maybe this attack makes good financial sense. And really, judging by the business model of the primary target of these attacks, a company called CDK Global, it was probably a smart move. We had no idea that there was such a thing as a “Dealer Management System” that takes care of everything from financing to service, and that shutting down one company’s system could cripple an entire industry, but there it is.

Continue reading “Hackaday Links: June 23, 2024”

Thanks For The Great Comments!

Every once in a while, there’s a Hackaday article where the comments are hands-down the best part of a post. This happened this week with Al Williams’ Ask Hackaday: How Do You Make Front Panels?. I guess it’s not so surprising that the comments were full of awesome answers – it was an “Ask Hackaday” after all. But you all delivered!

A technique that I had never considered came up a few times: instead of engraving the front of an opaque panel, like one made of aluminum or something, instead if you’re able to make the panel out of acrylic, you can paint the back side, laser or engrave into it, and then paint over with a contrast color. Very clever!

Simply printing the panel out onto paper and laminating it got a number of votes, and for those who are 3D printing the enclosure anyway, simply embossing the letters into the surface had a number of fans. The trick here is in getting some contrast into the letters, and most suggested changing filament. All I know is that I’ve tried to do it by painting the insides of the letters white, and it’s too fiddly for me.

But my absolute favorite enclosure design technique got mentioned a number of times: cardboard-aided design. Certainly for simple or disposable projects, there’s nothing faster than just cutting up some cardboard and taping it into the box of your desires. I’ll often do this to get the sizes and locations of components right – it’s only really a temporary solution. Although some folks have had success with treating the cardboard with a glue wash, paint, or simply wrapping it in packing tape to make it significantly more robust. Myself, if it ends up being a long-term project, I’ll usually transfer the cardboard design to 3DP or cut out thin plywood.

I got sidetracked here, though. What I really wanted to say was “thanks!” to everyone who submitted their awesome comments to Al’s article. We’ve had some truly hateful folks filling the comment section with trash lately, and I’d almost given up hope. But then along comes an article like this and restores my faith. Thanks, Hackaday!

Hackaday Podcast Episode 276: A Mac On A Pico, Ropes On The Test Stand, A Battleship Up On Blocks

The week gone by was rich with fun hacks, and Elliot and Dan teamed up this time around to run them down for everyone. The focus this week seemed to trend to old hardware, from the recently revived Voyager 1 to a 1940s car radio, a homebrew instrument from 1979, a paper tape reader, and a 128k Mac emulator built from an RP2040.

Newer hacks include a 3D-printed bottle labeler, a very hackable smart ring, and lessons learned about programming robots. We also took a look at turning old cell phones into Linux machines, making sure climbing ropes don’t let you down, and snooping on orbital junk with a cool new satellite.

We wrapped things up with a discussion of just how weird our solar system is, and Dan getting really jealous about Tom Nardi’s recent trip to see the battleship New Jersey from an up close and personal perspective.

 

Worried about attracting the Black Helicopters? Download the DRM-free MP3 and listen offline, just in case.

Continue reading “Hackaday Podcast Episode 276: A Mac On A Pico, Ropes On The Test Stand, A Battleship Up On Blocks”

This Week In Security: Chat Control, Vulnerability Extortion, And Emoji Malware

Way back in 2020, I actually read the proposed US legislation known as EARN IT, and with some controversy, concluded that much of the criticism of that bill was inaccurate. Well what’s old is new again, except this time it’s the European Union that’s wrestling with how to police online Child Sexual Abuse Material (CSAM). And from what I can tell of reading the actual legislation (pdf), this time it really is that bad.

The legislation lays out two primary goals, both of them problematic. The first is detection, or what some are calling “upload moderation”. The technical details are completely omitted here, simply stating that services “… take reasonable measures to mitigate the risk of their services being misused for such abuse …” The implication here is that providers would do some sort of automated scanning to detect illicit text or visuals, but exactly what constitutes “reasonable measures” is left unspecified.

The second goal is the detection order. It’s worth pointing out that interpersonal communication services are explicitly mentioned as required to implement these goals. From the bill:

Providers of hosting services and providers of interpersonal communications services that have received a detection order shall execute it by installing and operating technologies approved by the Commission to detect the dissemination of known or new child sexual abuse material or the solicitation of children…

This bill is careful not to prohibit end-to-end encryption, nor require that such encryption be backdoored. Instead, it requires that the apps themselves be backdoored, to spy on users before encryption happens. No wonder Meredith Whittaker has promised to pull the Signal app out of the EU if it becomes law. As this scanning is done prior to encryption, it’s technically not breaking end-to-end encryption.

You may wonder why that’s such a big deal. Why is it a non-negotiable for the Signal app to not look for CSAM in messages prior to encryption? For starters, it’s a violation of user trust and an intentional weakening of the security of the Signal system. But maybe most importantly, it puts a mechanism in place that will undoubtedly prove too tempting for future governments. If Signal can be forced into looking for CSAM in the EU, why not anti-government speech in China?

Continue reading “This Week In Security: Chat Control, Vulnerability Extortion, And Emoji Malware”

Ask Hackaday: How Do You Make Front Panels?

We’ll admit it. The closer a project is to completion, the less enthusiasm we have for it. Once the main design is clearly going to work on a breadboard, we’re ready to move on to the next one. We don’t mind the PCB layout, especially with modern tools. However, once the board is done, you have to do the case. Paradoxically, this was easier in the old days because you just picked some stock box, drilled some holes, and while it looked terrible, it was relatively easy.

Today, the bar is much higher. You’ll probably 3D print or laser cut an enclosure. If it looks no better than what you did in the 1970s, you won’t win many admirers. We routinely cover projects that could easily pass for commercial products. So how do you do it?

The Parts

The enclosure may even be the easy part. There are plenty of scripts and generators that will make you a nice box that meets your specifications. You can probably even get the holes made as you build. Back in the day, it was a challenge to cut odd-shaped holes for things like serial port connectors. Now, no problem. The printer or laser will just make a hole with any shape you like. You may even want to try a new angle on 3D printing.

Mounting the PCB isn’t that hard, either. With 3D printing, you can create standoffs, but even if you laser cut, you can easily use conventional standoffs. In a pinch, we’ve used long bolts with nuts.

The real problem, it seems to us, is the front panel. Only Star Trek can get away with front panels containing a bunch of knobs and dials with no markings. And although we call them “front” panels, sometimes you need markings on the back or even the sides, too. Continue reading “Ask Hackaday: How Do You Make Front Panels?”

FLOSS Weekly Episode 788: Matrix, It’s Git, For Communications

This week Jonathan Bennett and Simon Phipps chat with Matthew Hodgson and Josh Simmons about Matrix, the open source decentralized communications platform. How is Matrix a Git for Communications? Are the new EU and UK laws going to be a problem? And how is the Matrix project connected with the Element company?

Continue reading “FLOSS Weekly Episode 788: Matrix, It’s Git, For Communications”

Linux Fu: Kernel Modules Have Privileges

I did something recently I haven’t done in a long time: I recompiled the Linux kernel. There was a time when this was a common occurrence. You might want a feature that the default kernel didn’t support, or you might have an odd piece of hardware. But these days, in almost all the cases where you need something like this, you’ll use loadable kernel modules (LKM) instead. These are modules that the kernel can load and unload at run time, which means you can add that new device or strange file system without having to rebuild or even restart the kernel.

Normally, when you write programs for Linux, they don’t have any special permissions. You typically can’t do direct port I/O, for example, or arbitrarily access memory. The kernel, however, including modules, has no such restriction. That can make debugging modules tricky because you can easily bring the system to its knees. If possible, you might think about developing on a virtual machine until you have what you want. That way, an errant module just brings down your virtual machine. Continue reading “Linux Fu: Kernel Modules Have Privileges”