Hackaday Columns

4565 Articles

This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.

This Week In Security: DNS Oops, Novel C2s, And The Scam Becomes Real

September 5, 2025 by 7 Comments

Something rather significant happened on the Internet back in May, and it seems that someone only noticed it on September 3rd. [Youfu Zhang] dropped a note on one of the Mozilla security mailing lists, pointing out that there was a certificate issued by Fina for 1.1.1.1. That IP address may sound familiar, and you may have questions.

First off, yes, TLS certificates can be issued for IP addresses. You can even get a numeric TLS certificate for your IP address, via Lets Encrypt. And second, 1.1.1.1 sounds familiar because that’s CloudFlare’s public DNS resolver. On that address, Cloudflare notably makes use of DoH, a charming abbreviation for DNS over HTTPS. The last important detail is that Cloudflare didn’t request or authorize the certificate. Significant indeed.

This is a high-profile example of the major weakness of the TLS certificate system. There are over 300 trusted certificate authorities in the Microsoft Root Certificate Program, Financijska agencija (Fina) being one of them. All it takes is for one of those trusted roots to issue a bad certificate, to compromise that system. That it took four months for someone to discover and point out the problem isn’t great. Continue reading “This Week In Security: DNS Oops, Novel C2s, And The Scam Becomes Real”

Returning To An Obsolete Home Movie Format

September 4, 2025 by 7 Comments

A few years ago, I bought an 8 mm home movie camera in a second hand store. I did a teardown on it here and pulled out for your pleasure those parts of it which I considered interesting. My vague plan was to put a Raspberry Pi in it, but instead it provided a gateway into the world of 8mm film technology. Since then I’ve recreated its Single 8 cartridge as a 3D printable model, produced a digital Super 8 cartridge, and had a movie camera with me at summer hacker camps.

When I tore down that Single 8 camera though, I don’t feel I did the subject justice. I concentrated on the lens, light metering, and viewfinder parts of the system, and didn’t bring you the shutter and film advance mechanism. That camera also lacked a couple of common 8 mm camera features; its light metering wasn’t through the lens, and its zoom lens was entirely manual. It’s time to dig out another 8 mm camera for a further teardown.

Continue reading “Returning To An Obsolete Home Movie Format”

Ask Hackaday: Now You Install Your Friends’ VPNs. But Which One?

September 3, 2025 by 75 Comments

Something which may well unite Hackaday readers is the experience of being “The computer person” among your family or friends. You’ll know how it goes, when you go home for Christmas, stay with the in-laws, or go to see some friend from way back, you end up fixing their printer connection or something. You know that they would bridle somewhat if you asked them to do whatever it is they do for a living as a free service for you, but hey, that’s the penalty for working in technology.

Bad Laws Just Make People Avoid Them

There’s a new one that’s happened to me and no doubt other technically-minded Brits over the last few weeks: I’m being asked to recommend, and sometimes install, a VPN service. The British government recently introduced the Online Safety Act, which is imposing ID-backed age verification for British internet users when they access a large range of popular websites. The intent is to regulate access to pornography, but the net has been spread so wide that many essential or confidential services are being caught up in it. To be a British Internet user is to have your government peering over your shoulder, and while nobody’s on the side of online abusers, understandably a lot of my compatriots want no part of it. We’re in the odd position of having 4Chan and the right-wing Reform Party alongside Wikipedia among those at the front line on the matter. What a time to be alive.

Continue reading “Ask Hackaday: Now You Install Your Friends’ VPNs. But Which One?”

No Need For Inserts If You’re Prepared To Use Self-Tappers

September 2, 2025 by 57 Comments

As the art of 3D printing has refined itself over the years, a few accessories have emerged to take prints to the next level. One of them is the threaded insert, a a piece of machined brass designed to be heat-set into a printed hole in the part. They can be placed by hand with a soldering iron, or for the really cool kids, with a purpose-built press. They look great and they can certainly make assembly of a 3D printed structure very easy, but I’m here to tell you they are not as necessary as they might seem. There’s an alternative I have been using for years which does essentially the same job without the drama. Continue reading “No Need For Inserts If You’re Prepared To Use Self-Tappers”

Hackaday Links Column Banner

Hackaday Links: August 31, 2025

August 31, 2025 by 8 Comments

Back in March, we covered the story of Davis Lu, a disgruntled coder who programmed a logic bomb into his employers’ systems. His code was malicious in the extreme, designed as it was to regularly search for his Active Directory entry and fire off a series of crippling commands should it appear he had been fired. His 2019 sacking and subsequent deletion of his AD profile triggered the job, wreaking havoc on servers and causing general mayhem. Whatever satisfaction Lu drew from that must have been fleeting, because he was quickly arrested, brought to trial in federal court, and found guilty of causing intentional damage to protected computer systems.

Lu faced a decade in federal prison for the stunt, but at his sentencing last week, he got four years behind bars followed by three years of supervised release. That’s still a pretty stiff sentence, and depending on where he serves it, things might not go well for him. Uber-geek Chris Boden has some experience in the federal prison system as a result of some cryptocurrency malfeasance; his video on his time in lockup is probably something Mr. Lu should watch while he can. Honestly, we feel bad for him in a way because we’ve been there; we certainly toyed with the logic bomb idea when we were coding for a living, without actually ever doing it. Maybe he thought it would just get treated as a prank, but that was probably never in the cards; as we’re fond of telling our kids, the world just doesn’t have a sense of humor anymore.

Continue reading “Hackaday Links: August 31, 2025”

Hackaday Podcast Episode 335: Beer, Toast, And Pi

August 29, 2025 by 3 Comments

What happens when you listen in on Elliot Williams and Al Williams? You get a round up of the best of last week’s Hackaday posts, of course. The topics this week range from beer brewing to lightning protection, with a little bit of everything in between.

This week, many problems find solutions. Power drill battery dead? Your car doesn’t have a tire pressure monitor? Does your butter tear up your toast? You can find the answer to these problems, and more, on the Hackaday podcast.

For the can’t miss section, the guys are annoyed that Google wants to lock down their phones, and also talk about measuring liquid levels in outer space.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Or download in DRM-free MP3 without requiring developer registration.

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast Episode 335: Beer, Toast, And Pi”