Hackaday Podcast 226: Ice, Snow, And Cooling Paint In July

This week, Editor-in-Chief Elliot Williams and Al Williams shoot the breeze about all things Hackaday. We start off with some fond remembrances of Don Lancaster, a legendary hardware hacker who passed away last month. There’s also news about the Hackaday Prize (the tool competition) and a rant about fast computers and slow software, a topic that drew many comments this week.

In the What’s That Sound event, Al proves he’s more of a Star Trek fan than a videogamer. But there were plenty of correct answers, but only one winner: [Wybrandus]. There’s always next week, so keep playing!

Elliot may be dreaming of cooler weather since he talks about ice sculptures, snow measurements, and a paint that can make things cooler. We don’t know what Al is dreaming about, but he is worried about his fuses, and the ins and out of open source licensing.

Along the way, you’ll hear about personal vehicles, sky cameras, and zapping weeds with extreme solar power. As usual, there is an eclectic mix of other posts. What has the Hackaday crew been up to? Field trips! Hear about Dan Maloney’s visit to the SNOTEL network to measure snowfall and a report from Al and Bil Herd’s trip to the Vintage Computer Festival Southwest.

What to read along? The links below will get you started. Don’t forget to tell us what you think in the comments!

Or, download a copy for posterity to file away in your archive.

Continue reading “Hackaday Podcast 226: Ice, Snow, And Cooling Paint In July”

This Week In Security: Bogus CVEs, Bogus PoCs, And Maybe A Bogus Breach

It appears we have something of a problem. It’s not really a new problem, and shouldn’t be too surprising, but it did pop up again this week: bogus CVEs. Starting out in the security field? What’s the best way to jump-start a career? Getting a CVE find to your name certainly can’t hurt. And as a result, you get very junior security researchers looking for and reporting novel security vulnerabilities of sometimes dubious quality. Sometimes that process looks a lot like slinging reports against the wall to see what sticks. Things brings us to an odd bug report in the OBS Studio project.

A researcher put together a script to look for possible password exposure on Github projects, and it caught a configuration value named “password” in a .ini file, being distributed in the project source. Obvious credential leak in Git source, right? Except for the little detail that it was in the “locale” folder, and the files were named ca-es.ini, ja-jp.ini, and similar. You may be in on the joke by now, but if not, those are translation strings. It wasn’t leaked credentials, it was various translations of the word “password”. This sort of thing happens quite often, and from the viewpoint of a researcher looking at results from an automated tool, it can be challenging to spend enough time with each result to fully understand the code in question. It looks like this case includes a language barrier, making it even harder to clear up the confusion.

Things took a turn for the worse when a CVE was requested. The CVE Numbering Authority (CNA) that processed the request was MITRE, which issued CVE-2023-34585. It was a completely bogus CVE, and thankfully a more complete explanation from OBS was enough to convince the researcher of his error. That, however, brings us back to CVE-2023-36262, which was published this week. It’s yet another CVE, for the same non-issue, and even pointing at the same GitHub issue where the alleged bug is debunked. There’s multiple fails here, but the biggest disappointment is MITRE, for handing out CVEs twice for the same issue. Shout-out to [Netspooky] on Twitter for spotting this one. Continue reading “This Week In Security: Bogus CVEs, Bogus PoCs, And Maybe A Bogus Breach”

ITER Dreams And The Practical Reality Of Making Nuclear Fusion Work On Earth

Doing something for the first time is tough. Yet to replicate the nuclear fusion process that powers the very stars, and do it right here on Earth in a controlled and sustained fashion is decidedly at the top of the list of ‘tough’ first times. What further complicates matters is when in order to even get to this ‘first’ you also add in a massive, international construction project and a heaping of geopolitics, all of which is a far cry from past nuclear fusion experiments.

With the International Thermonuclear Experimental Reactor (ITER) as the most visible part of nuclear fusion research, it is perhaps little wonder that the recent string of delays and budget increases is leading some to proclaim doom and gloom over the entire sector. This ironically in contrast with the recent news from the US’s NIF and its laser-based inertial confinement fusion, which is both state-funded and will never produce commercial power.

In light of this, it feels pertinent to ask the question of whether ITER is the proverbial white elephant, or even the mausoleum of international science that a recent article in Scientific American makes it out to be. Is fusion research truly doomed to peter out amidst the seemingly never-ending work on ITER?

Continue reading “ITER Dreams And The Practical Reality Of Making Nuclear Fusion Work On Earth”

Exploring A New Frontier: Desktop EDM Is Coming

To say that desktop 3D printing had a transformative effect on our community would be something of an understatement. In just a decade or so, we went from creaky printers that could barely extrude a proper cube to reliable workhorses that don’t cost much more than a decent cordless drill. It’s gotten to the point that it’s almost surprising to see a project grace these pages that doesn’t include 3D printed components in some capacity.

Cooper Zurad

There’s just one problem — everything that comes out of them is plastic. Oh sure, some plastics are stronger than others…but they’re still plastic. Fine for plenty of tasks, but certainly not all. The true revolution for makers and hackers would be a machine that’s as small, convenient, and as easy to use as a desktop 3D printer, but capable of producing metal parts.

If Cooper Zurad has his way such a dream machine might be landing on workbenches in as little as a month, thanks in part to the fact that its built upon the bones of a desktop 3D printer. His open source Powercore device allows nearly any 3D printer to smoothly cut through solid metal using a technique known as electrical discharge machining (EDM). So who better to helm this week’s Desktop EDM Hack Chat?

Continue reading “Exploring A New Frontier: Desktop EDM Is Coming”

Gearing Up With The 2023 Hackaday Prize

You know how it goes. You’re working on a project, and you need to do some ultra-precise probing, so you end up making a custom PCB probing octopus along the way. Or you find that you spend more time making the jig to hold down a part for machining than you do machining it. Hackers are not merely a tool-using species, we’re a tool-making species – it’s in our nature to want to build the tools that make it easier to get the job done.

The Gearing Up round of the Hackaday Prize celebrates the tool makers. If you’ve got a project that maybe isn’t an end in itself, but rather one of those utility project that can make all the difference, we want to see it here. Maybe it’s obscure measurement gear, maybe it’s a test rig or a bolt sorter, maybe you’ve built your own reflow hot plate. This is the challenge round for you!

The Gearing Up round runs from yesterday, July 4th, until August 8th. As with all of the 2023 Hackaday Prize rounds, ten finalists will receive $500 and get entered for the big prizes to be announced in November. Continue reading “Gearing Up With The 2023 Hackaday Prize”

A man in a dark shirt stands at a podium in front of a projector screen with the text "50% OF US CAR TRIPS" in white above yellow text saying "1 HUMAN < 3 MILES". The screen is flanked by decor saying "Supercon" in white on a black background.

Supercon 2022: Bradley Gawthrop Wants You To Join The PEV Revolution

During the 20th Century, much of the western world decided that motor vehicles were the only desirable form of transportation. We built our cities to accommodate cars through parking, stop lights, and any number of other infrastructure investments so that you could go get milk and bread in style. In the US, 50% of automobile trips are less than three miles and have only one occupant. [Bradley Gawthrop] asked if there might be a more efficient way to do all this? Enter the Personal Electric Vehicle (PEV).

What Are PEVs?

PEVs are a nascent part of the transportation mix that fall under the wider umbrella of “micromobility,” including scooters, bikes, skateboards, and the like. The key differentiator here is that they are at least partially electrically-driven. [Gawthrop] walks us through several of the different types during his Supercon 2022 talk, but since they are all small, electric powered devices for transporting one or two people, they can trace their lineage back to the infamous Segway Human Transporter.

Using an electric motor or two connected to a controller and batteries, the overall system complexity for any of these devices is quite low and ripe for the hacking. Given the right tools and safety precautions, anyone should be able to crack a PEV open and repair or tinker with it. As with many things in life, the real story is more complicated.

As [Gawthrop] notes, many a hacker has said, “I wish I’d been able to be involved in X before…” where X equals some technology like home automation and it’s before it got creepy or dystopian in some manner. He exhorts us that the time to be in on the ground floor with PEVs is now. Continue reading “Supercon 2022: Bradley Gawthrop Wants You To Join The PEV Revolution”

3D Printing Food Hack Chat

Join us on Wednesday, July 5 at noon Pacific for the 3D Printing Food Hack Chat with Ellie Weinstein!

In the right hands, food goes beyond mere sustenance and becomes a work of art. We’ve all seen examples — the carefully crafted blends of flavors, the quality ingredients expertly cooked, the artful platings that make a dramatic presentation at the table. But where the artistry really seems to take off is with desserts, which pastry chefs and confectioners can take to the next level with edible sculptures of chocolate and other sweets that can tower dramatically over the table.

join-hack-chatThat’s all well and good for the haute cuisine set, but what about the rest of us? We can’t all have the talent and drive needed to produce edible art, so perhaps we can leverage technology to help us out. That’s just one of the rationales behind food 3D printing, which is what we’ll be exploring with Ellie Weinstein. She’s the CEO of Cocoa Press, where they’re bringing chocolate 3D printing to the mainstream. It’s not as easy as you might think — there are plenty of nuances and engineering challenges when you’re trying to print chocolate or any other kind of food. Make sure you stop by and check it out; it’s sure to be a treat.

Our Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, July 5 at 12:00 PM Pacific time. If time zones have you tied up, we have a handy time zone converter.