Hackaday Columns

4725 Articles

This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.

Hackaday Links Column Banner

Hackaday Links: April 7, 2024

April 7, 2024 by 12 Comments

Folks with a bit of knowledge about network security commonly use virtual private networks (VPNs) when out and about. Whether you’re connecting to public WiFi or somebody passes you a questionable Ethernet cable at a hacker con, it’s nice to have a secure endpoint to tunnel all of your traffic. As a secondary bonus, connecting through a VPN can obscure your physical location. It’s that second feature that has a bunch of people jumping on the VPN bandwagon as they try to dodge the recent porn age checks that have gone into effect in a number of states. According to a recent article in PopSci, one particular VPN provider saw a 275% jump in demand on the same day that PornHub cut off access to users in Texas. While the debate over underage users accessing adult content is far outside of our wheelhouse, anything that gets more users connecting to the Internet via encrypted means is arguably a net positive.

If you wanted somebody from the Geek Squad to set up that VPN so you can get back on PornHub to work securely from the local coffee shop, you might be out of luck. Reports have been coming in that Best Buy’s mobile nerd division is seeing sweeping layoffs. Geeks were told to stay home on Tuesday and await a call from corporate, at which point many got the surprising news that they no longer had a job. The /r/GeekSquad subreddit has been a rallying point for staff who got the axe, with the user [jaym026] posting what we assume is an AI-generated inspirational speech from Optimus Prime. Of course, it sucks for anyone to lose their job, especially with the way things are these days. Still, we’re willing to bet almost none of those affected will look back on the day they were let go from an increasingly irrelevant brick-and-mortar electronics store as a low point in their professional careers.

Continue reading “Hackaday Links: April 7, 2024”

Understand Your Tools: Finger Exercises

April 6, 2024 by 12 Comments

A dip meter is basically a coil of wire that, when you excite it, you can use to tell if something inside that coil is resonating along. This lets you measure unknown radio circuits to figure out their resonant frequency, for instance. This week, we featured a clever way to make a dip meter with a nanoVNA, which is an odd hack simply because a dip meter used to be a common spare-parts DIY device, while a vector network analyzer used to cost more than a house.

Times have changed, and for the better. Nowadays, any radio amateur can pick up a VNA for less than the cost of all but the cheesiest of walkie talkies, putting formerly exotic test equipment in the hands of untrained mortals. But what good is a fancy-pants tool if you don’t know how to use it? Our own Jenny List faced exactly this problem when she picked up a nanoVNA, and her first steps are worth following along with if you find yourself in her shoes.

All of this reminded me of an excellent series by Mike Szczys, “Scope Noob”, where he chronicled his forays into learning how to use an oscilloscope by running all of the basic functions by working through a bunch of test measurements that he already knew the answer to.

It strikes me that we could use something like this for nearly every piece of measuring equipment. Something more than just an instruction manual that walks you through what all the dials do. Something that takes you through a bunch of example projects and shows you how to use the tool in question through a handful of projects. Because these days, access to many formerly exotic pieces of measuring gear has enabled many folks to have gear they never would have had before – and all that’s missing is knowing how to drive them.

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!

Fictional Computers: The Three Body Problem

April 5, 2024 by 54 Comments

If you intend to see the Netflix series “The Three Body Problem” or you want to read the Hugo-winning story from Chinese author [Cixin Liu], then you should probably bookmark this post and stop reading immediately. There will be some mild spoilers. You have been warned.

While the show does have some moments that will make your science brain cringe, there is one scene that shows a computer that could actually be built. Would it be practical? Probably not in real life, but in the context provided by the show, it was perfectly feasible. It could have, however, been done a little better, but the idea was — like many great ideas — both deceptively simple and amazingly profound. The computer was made of human beings. I’m not talking like Dune’s mentats — humans with super brains augmented by drugs or technology. This is something very different.

Background

This is your last chance. There are spoilers ahead, although I’ll try to leave out as much as I can. In the story, top scientists receive a mysterious headset that allows them to experience totally immersive holodeck-style virtual reality. When they put the headset on, they are in what appears to be a game. The game puts you in a historical location — the court of Henry VIII or Ghengis Kahn. However, this Earth has three suns. The planet is sometimes in a nicely habitable zone and sometimes is not. The periods when the planet is uninhabitable might have everything bursting into flames or freezing, or there might not be sufficient gravity to hold them on the planet’s surface. (Although I’ll admit, I found that one hard to grasp.)

Apparently, the inhabitants of this quasi-Earth can hibernate through the “chaotic eras” and wait for the next “stable era” that lasts a long time. The problem, as you probably know, is that there is no general closed-form solution for the three-body problem. Of course, there are approximations and special cases, but it isn’t easy to make long-term predictions about the state of three bodies, even with modern computers.

Continue reading “Fictional Computers: The Three Body Problem”

Hackaday Podcast Episode 265: Behind The Epic SSH Hack, 1980s Cyber Butler, The Story Of Season 7

April 5, 2024 by No comments

This week, Editor-in-Chief Elliot Williams and Kristina Panos convened once again to give the lowdown on this week’s best hacks. First up in the news — it’s giga-sunset time for Gigaset IoT devices, which simultaneously became paperweights on March 29th. And all that Flipper Zero panic? It has spread to Australia, but still remains exactly that: panic.

Then it’s on to What’s That Sound. Kristina failed again, although she was in the right neighborhood. Can you get it? Can you figure it out? Can you guess what’s making that sound? If you can, and your number comes up, you get a special Hackaday Podcast t-shirt.

Then it’s on to the hacks, beginning with the terrifying news of an xz backdoor. From there, we marvel at a 1980s ‘butler in a box’ — a voice-activated home automation system — and at the idea of LoRa transmissions without a radio. Finally, we discuss why you don’t want to piss off Trekkies, and whether AI has any place in tech support.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Download and savor at your leisure.

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast Episode 265: Behind The Epic SSH Hack, 1980s Cyber Butler, The Story Of Season 7”

This Week In Security: XZ, ATT, And Letters Of Marque

April 5, 2024 by 11 Comments

The xz backdoor is naturally still the top story of the week. If you need a refresher, see our previous coverage. As expected, some very talented reverse engineers have gone to work on the code, and we have a much better idea of what the injected payload does.

One of the first findings to note is that the backdoor doesn’t allow a user to log in over SSH. Instead, when an SSH request is signed with the right authentication key, one of the certificate fields is decoded and executed via a system() call. And this makes perfect sense. An SSH login leaves an audit trail, while this backdoor is obviously intended to be silent and secret.

It’s interesting to note that this code made use of both autotools macros, and the GNU ifunc, or Indirect FUNCtions. That’s the nifty feature where a binary can include different versions of a function, each optimized for a different processor instruction set. The right version of the function gets called at runtime. Or in this case, the malicious version of that function gets hooked in to execution by a malicious library. Continue reading “This Week In Security: XZ, ATT, And Letters Of Marque”

Ultimate Power: Lithium-Ion Batteries In Series

April 4, 2024 by 52 Comments

At some point, the 3.6 V of a single lithium ion battery just won’t do, and you’ll absolutely want to stack LiIon cells in series. When you need high power, you’ve either got to increase voltage or current, and currents above say 10 A require significantly beefed up components. This is how you’re able to charge your laptop from your USB-C powerbank, for instance.

Or maybe you just need higher voltages, and don’t feel like using a step-up converter, which brings along with it some level of inefficiency. Whatever your reasons, it’s time to put some cells into series. Continue reading “Ultimate Power: Lithium-Ion Batteries In Series”

FLOSS Weekly Episode 777: Asterisk — Wait, Faxes?

April 3, 2024 by 9 Comments

This week Jonathan Bennett and David Ruggles sit down with Joshua Colp to talk about Asterisk! That’s the Open Source phone system software you already interact with without realizing it. It started as a side project to run the phones for Linux Support Services, and it turned out working on phone systems was more fun than supporting Linux. The project grew, and in the years since has landed at Sangoma, where Joshua holds the title of Asterisk Project Lead.

Asterisk is used in call centers, business phone systems, and telecom appliances around the world. But how does it handle faxes, WebRTC, and stopping spam calls? Just kidding on that last one, still an unsolved problem.

Continue reading “FLOSS Weekly Episode 777: Asterisk — Wait, Faxes?”