Hackaday Podcast Episode 254: AI, Hijack Guy, And Water Rockets Fly

January 26, 2024 by Al Williams 1 Comment

This week Hackaday Editors Elliot Williams and Al Williams chew the fat about the Haier IOT problem, and all other top Hackaday stories of the week. Want to prove your prowess at C programming? Take a quiz! Or marvel at some hairy display reverse engineering or 3D-printed compressor screws. On the lighter side, there’s an immense water rocket.

After Al waxes nostalgic about the world of DOS Extenders and extended memory, the guys talk about detective work: First detecting AI-written material, and finally, a great detective story about using science to finally (maybe) crack the infamous DB Cooper hijacking case.

Follow along with the links below. Don’t forget to tell us what you think about this episode in the comments!

Here’s a string of bits containing the podcast that looks suspiciously like an MP3!

Continue reading “Hackaday Podcast Episode 254: AI, Hijack Guy, And Water Rockets Fly” →

This Week In Security: MOAB, Microsoft, And Printers

January 26, 2024 by Jonathan Bennett 15 Comments

This week, news has broken of the Mother of All Breaches, MOAB. It’s 12 terabytes and 26 billion records, averaging about 500 bytes each. Now note that a record here is likely not a discrete email address, but simply a piece of data — a row on the database.

Now before we all lose our minds over this, there’s an important detail to take note of: These aren’t new leaks. This is a compilation of leaks, and as far as researchers have checked, there aren’t any new leaks disclosed here. This was someone’s database of accumulated leak data, accidentally re-leaked via an unsecured database. [Troy Hunt] goes so far as to speculate that it could be from a breach search service, which sounds pretty plausible.

There was yet another release of credentials late last week that hasn’t attracted as much attention, but seems to represent a much bigger issue. The Naz.api data set isn’t a breach where a company was hacked, and their entire user database was stolen. Instead, this one is combination of a credential stuffing list and stealer logs.

Credential stuffing is basically a smarter brute force attack, where the credentials from one breach are tried on multiple other sites. Such a list is just the results where guesses were successful. The really interesting bit is that this dataset seems to include stealer logs. Put simply, that’s the results of malware that scrapes victim machines for credentials.

Naz.api has over 70 million unique email addresses, and it looks like about a third of them are new, at least according to the Haveibeenpwned dataset. Now that’s significant, though not really worthy of the MOAB title, either. Continue reading “This Week In Security: MOAB, Microsoft, And Printers” →

Displays We Love Hacking: Parallel RGB

January 25, 2024 by Arya Voronova 8 Comments

You might have seen old display panels, from 3″ to 10″, with 40-pin FFC connectors where every pin seems to be used for some data signal. We call these displays parallel RGB, or TTL RGB, or DPI, and you can find them in higher-power MCU, Raspberry Pi, and other Linux SBC projects. You deserve to know what to do with those – let’s take a look.

The idea is simple – this interface requires you to constantly send a stream of pixels to the display, and you need to send those pixels through a parallel bus. You can send up to 8 bits per color channel per pixel, which makes for 24 bits, and the 24-bit mode is indeed the standard, but in practice, many parallel RGB implementations don’t bother with more than 5-6 bits of color – two common kinds of parallel RGB links are RGB565 and RGB666. The parallel RGB interface is a very straightforward approach to sending pixels to your display, and in many cases, you can also convert parallel RGB to LVDS or VGA interfaces relatively easily!

If you’re new to it, the easiest way you can drive a parallel RGB display is from a Raspberry Pi, where the parallel RGB interface is known as DPI. This is how 800 x 480 display Pi HATs like the Pimoroni HyperPixel work – they use up almost all of the GPIOs on your Pi, but you get a reasonably high-resolution display with a low power footprint, and you don’t need any intermediate ICs either. FPGAs and some higher-grade MCUs also often have parallel RGB output capability, and surely, someone could even use the RP2040 PIO as well!

Throughout the last decade, parallel RGB has been used less and less, but you will still encounter it – maybe you’re working with an old game console like the PSP and would like to put new guts into it, maybe you’re playing with some tasty display that uses parallel RGB, or maybe you’d like to convert parallel RGB into something else while treating it with respect! Let’s go through what makes parallel RGB tick, what tools you have got to work with it, and a few tips and tricks. Continue reading “Displays We Love Hacking: Parallel RGB” →

FLOSS Weekly Episode 767: Owntracks, Are We There Yet?

January 24, 2024 by Jonathan Bennett 2 Comments

This week Jonathan Bennett and Jeff Massie talk with JP Mens about Owntracks, the collection of programs that lets you take back control of your own location data. It’s built around the simple idea of taking position data from a mobile phone or other data source, sending it over MQTT to a central server, and logging that data to a simple data store.

From there, you can share it as trips, mark points of interest, play back your movement in a web browser, and more. And because it’s just JSON inside MQTT, it’s pretty trivial to make a connector to interface with other projects, like Home Assistant. We’ve even covered the process!

Continue reading “FLOSS Weekly Episode 767: Owntracks, Are We There Yet?” →

Ask Hackaday: What About Imperfect Features?

January 24, 2024 by Arya Voronova 24 Comments

Throughout the last few years’ time, I’ve been seeing sparks of an eternal discussion here and there. It’s a nuanced one, but if I could summarize, it’s about different feature development strategies we can follow to design things, especially if they’re aimed at a larger market. Specifically – when adding a feature, how complete and perfect should it be?

A while back, I read a Mastodon thread about VLC not implementing backwards per-frame skipping. At the surface level, it’s about an indignant user asking – what’s the deal with VLC not having a “go back a frame” button? A ton of video players have this feature implemented. There’s a forum thread linked, and, reading it could leave you with a good few conflicting emotions. Here’s a recap.

In what appears to be one of multiple threads asking about a ‘previous frame’ button in VLC, there’s an 82-post discussion involving multiple different VLC developers. The users’ argument is that it appears to be clearly technically possible to add a ‘previous frame’ button in practice, and the developers’ argument is that it’s technologically complex to implement in some cases – for certain formats, even impossible to implement! Let’s go into the developers’ stated reasoning in more details, then – here’s what you can find in the thread, to the best of my ability.

Continue reading “Ask Hackaday: What About Imperfect Features?” →

Could Solar-Powered Airships Offer Cleaner Travel?

January 23, 2024 by Lewin Day 93 Comments

The blimp, the airship, the dirigible. Whatever you call them, you probably don’t find yourself thinking about them too often. They were an easy way to get airborne, predating the invention of the airplane by decades. And yet, they suffered—they were too slow, too cumbersome, and often too dangerous to compete once conventional planes hit the scene.

And yet! Here you are reading about airships once more, because some people aren’t giving up on this most hilarious manner of air travel. Yes, it’s 2024, and airship projects continue apace even in the face of the overwhelming superiority of the airplane.

Continue reading “Could Solar-Powered Airships Offer Cleaner Travel?” →

Switching Regulators For Dummies

January 22, 2024 by Arya Voronova 30 Comments

We often use linear regulators in our designs. They are cheap and simple – you put the regulator chip itself on the board, add two capacitors, and get a voltage. Linear regulators are imperfect, of course – they can’t help but waste the voltage difference as heat, for a start, which straight up excludes them for high-current purposes, or significant voltage difference conversions, unless you have a hefty heatsink handy. They also can’t boost voltage, which means you can only go from high to low – a bit of a disappointment.

Of course, we haven’t been just throwing our hands up in the air if a linear regulator doesn’t fit our purpose. Switching regulators have none of these disadvantages, which is why your mobile phone alone has a few dozen of these. They are way more efficient and hi-tec, able to convert one voltage into another while losing hardly any power into heat. All that you need to do is switch an inductor at a somewhat high frequency!

However, for some, switching regulators might look a bit intimidating. They tend to have higher standards for board layout compared to linear regulators, and, they do need an inductor – sometimes, a few more components too. Inductors alone are somewhat intimidating components, with a fair few more parameters than we’d expect, and you might get confused when looking into adding a switching regulator to your circuit.

No more! In this article, I shall give you the switching regulator basics, remove any fog of war that might be clouding your vision, and show you just how easily you can get a good few amps at your favourite voltage whenever you need it. Continue reading “Switching Regulators For Dummies” →