Hardware Should Lead Software, Right?

January 20, 2024 by Elliot Williams 26 Comments

Once upon a time, about twenty years ago, there was a Linux-based router, the Linksys WRT54G. Back then, the number of useful devices running embedded Linux was rather small, and this was a standout. Back then, getting a hacker device that wasn’t a full-fledged computer onto a WiFi network was also fairly difficult. This one, relatively inexpensive WiFi router got you both in one box, so it was no surprise that we saw rovers with WRT54Gs as their brains, among other projects.

Of course, some people just wanted a better router, and thus the OpenWRT project was born as a minimal Linux system that let you do fancy stuff with the stock router. Years passed, and OpenWRT was ported to newer routers, and features were added. Software grew, and as far as we know, current versions won’t even run on the minuscule RAM of the original hardware that gave it it’s name.

Enter the ironic proposal that OpenWRT – the free software group that developed their code on a long-gone purple box – is developing their own hardware. Normally, we think of the development flow going the other way, right? But there’s a certain logic here as well. The software stack is now tried-and-true. They’ve got brand recognition, at least within the Hackaday universe. And in comparison, developing some known-good hardware to work with it is relatively easy.

We’re hardware hobbyists, and for us it’s often the case that the software is the hard part. It’s also the part that can make or break the user experience, so getting it right is crucial. On our hacker scale, we often choose a microcontroller to work with a codebase or tools that we want to use, because it’s easier to move some wires around on a PCB than it is to re-jigger a software house of cards. So maybe OpenWRT’s router proposal isn’t backwards after all? How many other examples of hardware designed to fit into existing software ecosystems can you think of?

Hackaday Podcast Episode 253: More Wood Robot, Glitching And Fuming Nitric Acid, We Heart USB-C

January 19, 2024 by Tom Nardi 4 Comments

This week Hackaday Editors Elliot Williams and Tom Nardi start things off with a traffic report from the Moon, which has suddenly become a popular destination for wayward robots.

From there, they’ll go over a fire-tending contraption that’s equal parts madness and brilliance, two decades of routers being liberated by OpenWRT, impressive feats of chip decapping, and USB-C’s glorious rise to power.

You’ll also hear about the latest developments in laptop RAM, exploits against the flash encryption used on the ESP32, and Android powered oscilloscopes. The duo will wrap things up with horror stories from the self-checkout aisle, and a look at the fantastical rolling power station that Dan Maloney has been building in his driveway.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Oh look, an MP3 version!

Continue reading “Hackaday Podcast Episode 253: More Wood Robot, Glitching And Fuming Nitric Acid, We Heart USB-C” →

This Week In Security: Gitlab, VMware, And PixeFAIL

January 19, 2024 by Jonathan Bennett 3 Comments

There’s a Gitlab vulnerability that you should probably pay attention to. Tracked as CVE-2023-7028, this issue allows an attacker to specify a secondary email during a the password reset request. Only one email has to match the one on record, but the password reset link gets sent to both emails. Yikes!

What makes this worse is there is already a Proof of Concept (PoC) released, and it’s a trivial flaw. In an HTTP/S post containing the password reset request, just include two email addresses. Thankfully, a fix is already out. Versions 16.7.2, 16.6.4, and 16.5.6 contain this patch, as well as fixes for a flaw that allowed sneaking unauthorized changes into a previously approved merge request, and an issue with Slack and Mattermost where slash commands could be spoofed.

VMware

We don’t want to over-dramatise this vulnerability, but VMware is calling it an emergency. This one affects VMware vRealize and Aria Automation. According to the the CVSS calculator, it’s a low complexity network flaw, but does require at least some privileges. Hopefully more information will come out about this vulnerability, but for now that’s about all we know.

Continue reading “This Week In Security: Gitlab, VMware, And PixeFAIL” →

Tech In Plain Sight: Windshield Frit

January 18, 2024 by Al Williams 30 Comments

You probably see a frit every day and don’t even notice it. What is it? You know the black band around your car’s windshield? That’s a frit (which, by the way, can also mean ingredients used in making glass) or, sometimes, a frit band. What’s more, it probably fades out using a series of dots like a halftone image, right? Think that’s just for aesthetics? Think again.

Older windshields were not always attached firmly, leading to them popping out in accidents. At some point, though, the industry moved to polyurethane adhesives, which are superior when applied correctly. However, they often degrade from exposure to UV. That’s a problem with a windshield, which usually gets plenty of sunlight.

The answer is the frit, a ceramic-based baked-on enamel applied to both sides of the windshield’s edges, usually using silk screening. The inner part serves as a bonding point for the adhesive. However, the outer part blocks UV radiation from reaching the adhesive. Of course, it also hides the adhesive and any edges or wiring beneath it, too.

Continue reading “Tech In Plain Sight: Windshield Frit” →

Linux Fu: Where’s That Darn File?

January 17, 2024 by Al Williams 20 Comments

Disk storage has exploded in the last 40 years. These days, even a terabyte drive is considered small. There is one downside, though. The more stuff you have, the harder it is to find it. Linux provides numerous tools to find files when you can’t remember their name. Each has plusses and minuses, and choosing between them is often difficult.

Definitions

Different tools work differently to find files. There are several ways you might look for a file:

Find a file if you know its name but not its location.
Find a file when you know some part of its name.
Find a file that contains something.
Find a file with certain attributes (e.g., larger than 100 kB)

You might combine these, too. For example, it is reasonable to query all PDF files created in the last week that are larger than 100 kB.

There are plenty of different types of attributes. Some file systems support tags, too. So, you might have a PERSONAL tag to mark files that apply to you personally. Unfortunately, tool support for tags is somewhat lacking, as you’ll see later.

Another key point is how up-to-date your search results are. If you sift through terabytes of files for each search, that will be slow. If you keep an index, that’s fast, but the index will quickly be out of date. Do you periodically refresh the index? Do you watch the entire file system for changes and then update the index? Different tools do it differently. Continue reading “Linux Fu: Where’s That Darn File?” →

Illustrated Kristina with an IBM Model M keyboard floating between her hands.

Keebin’ With Kristina: The One With The Really Snazzy Folding Keyboard

January 16, 2024 by Kristina Panos 4 Comments

Sometimes you just have to throw your hat in the ring, and throw it hard. Here is [mkdxdx]’s rockin’ EVH 5150-esque take on the keyboard business. The Mriya foldable keyboard aims to be and sport a number of things, and it does all of them in great style. I could totally see my fingers flying over this thing somewhere in the wild, with robots fighting in the distance.

I have to say I really like the fact that [mkdxdx] uses thumb keys here for what I can only assume are Enter, Space, and Backspace. It’s a nice compromise between compactness and ergonomics. I also really like the totally impractical but quite cool-looking connector that runs between the top and bottom.

If the color scheme looks familiar, you’re probably remembering [mkdxdx]’s first-place-winning entry into the 2023 Cyberdeck Contest. This RP2040-based keyboard might just end up as part of a larger project, but it’s already an outstanding peripheral. We can’t wait to see the next phase, should there be one for this keyboard.

Continue reading “Keebin’ With Kristina: The One With The Really Snazzy Folding Keyboard” →

USB-C PD: New Technology Done Right

January 15, 2024 by Jenny List 42 Comments

There is a tendency as we get older, to retreat into an instinctive suspicion of anything new or associated with young people. All of us will know older people who have fallen down this rabbit hole, and certainly anything to do with technological advancement is often high on their list of ills which beset society. There’s a Douglas Adams passage which sums it up nicely:

“I’ve come up with a set of rules that describe our reactions to technologies:
1. Anything that is in the world when you’re born is normal and ordinary and is just a natural part of the way the world works.
2. Anything that’s invented between when you’re fifteen and thirty-five is new and exciting and revolutionary and you can probably get a career in it.
3. Anything invented after you’re thirty-five is against the natural order of things.”

Here at Hackaday we’re just like anybody else, in that we all get older. Our lives are devoted to an insatiable appetite for new technology, but are we susceptible to the same trap, and could we see something as against the antural order of things simply because we don’t like it? It’s something that has been on my mind in some way since I wrote a piece back in 2020 railing at the ridiculous overuse of new technologies to limit the lifespan and repairability of new cars and then a manifesto for how the industry might fix it, am I railing against it simply because I can’t fix it with a screwdriver in the way I could my 1960 Triumph Herald? I don’t think so, and to demonstrate why I’d like to talk about another piece of complex new technology that has got everything right.

In 2017 I lamented the lack of a universal low voltage DC power socket that was useful, but reading the piece here in 2024 it’s very obvious that in the years since my quest has been solved. USB Power Delivery was a standard back then, but hadn’t made the jump to the ubiquity the USB-C-based power plug and socket enjoys today. Most laptops still had proprietary barrel jack connectors, and there were still plenty of phones with micro-USB sockets. In the years since it’s become the go-to power standard, and there are a huge number of modules and devices to supply and receive it at pretty high power.

At first sight though, it might seem as though USB-PD is simply putting a piece of unnecessary technology in the way of what should be a simple DC connector. Each and every USB-PD connection requires some kind of chip to manage it, to negotiate the connection, and to transform voltage. Isn’t that the same as the cars, using extra technology merely for the sake of complexity? On the face of it you might think so, but the beauty lies in it being a universally accepted standard. If car manufacturers needed the same functionalty you’d have modules doing similar things in a Toyota, a Ford, or a Renault, but they would all be proprietary and they’d be eye-wateringly expensive to replace. Meanwhile USB-PD modules have to work with each other, so they have become a universal component available for not a huge cost. I have several bags of assorted modules in a box of parts here, and no doubt you do too. The significant complexity of the USB-PD endpoint doesn’t matter any more, because should it break then replacing it is an easy and cheap process.

This is not to say that USB-PD is without its problems though, the plethora of different cable standards is its Achilies’ heel. But if you’re every accused of a knee-jerk reaction to a bad piece of new technology simply because it’s new, point them to it as perhaps the perfect example of the responsible use of new technology.