Hackaday Columns

4332 Articles

This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.

Hackaday Links Column Banner

Hackaday Links: January 19, 2025

January 19, 2025 by 8 Comments

This week, we witnessed a couple of space oopsies as both Starship and New Glenn suffered in-flight mishaps on the same day. SpaceX’s Starship was the more spectacular, with the upper stage of the seventh test flight of the full stack experiencing a “rapid unscheduled disassembly” thanks to a fire developing in the aft section of the stage somewhere over the Turks and Caicos islands, about eight and a half minutes after takeoff from Boca Chica. The good news is that the RUD happened after first-stage separation, and that the Super Heavy booster was not only able to safely return to the pad but also made another successful “chopsticks” landing on the tower. Sorry, that’s just never going to get old.

On the Bezos side of the billionaire rocket club, the maiden flight of Blue Origin’s New Glenn ended with the opposite problem. The upper stage reached orbit, but the reusable booster didn’t make it back to the landing barge parked off the Bahamas. What exactly happened isn’t clear yet, but judging by the telemetry the booster was coming in mighty fast, which may indicate that the engines didn’t restart fully and the thing just broke up when it got into the denser part of the atmosphere.

Continue reading “Hackaday Links: January 19, 2025”

Learn New Tools, Or Hone Your Skill With The Old?

January 18, 2025 by 42 Comments

Buried in a talk on AI from an artist who is doing cutting-edge video work was the following nugget that entirely sums up the zeitgeist: “The tools are changing so fast that artists can’t keep up with them, let alone master them, before everyone is on to the next.” And while you might think that this concern is only relevant to those who have to stay on the crest of the hype wave, the deeper question resounds with every hacker.

When was the last time you changed PCB layout software or refreshed your operating system? What other tools do you use in your work or your extra-curricular projects, and how long have you been using them? Are you still designing your analog front-ends with LM358s, or have you looked around to see that technology has moved on since the 1970s? “OMG, you’re still using ST32F103s?”

It’s not a simple question, and there are no good answers. Proficiency with a tool, like for instance the audio editor with which I crank out the podcast every week, only comes through practice. And practice simply takes time and effort. When you put your time in on a tool, it really is an investment in that it helps you get better. But what about that newer, better tool out there?

Some of the reluctance to update is certainly sunk-cost fallacy, after all you put so much sweat and tears into the current tool, but there is also a real cost to overcome to learn the new hotness, and that’s no fallacy. If you’re always trying to learn a new way of doing something, you’re never going to get good at doing something, and that’s the lament of our artist friend. Honing your craft requires focus. You won’t know the odd feature set of that next microcontroller as well as you do the old faithful – without sitting down and reading the datasheet and doing a couple finger-stretching projects first.

Striking the optimal balance here is hard. On a per-project basis, staying with your good old tool or swapping to the new hotness is a binary choice, but across your projects, you can do some of each. Maybe it makes sense to budget some of your hacking time into learning new tools? How about ten percent? What do you think?

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!

Hackaday Podcast Episode 304: Glitching The RP2350, Sim Sim Sim, And A Scrunchie Clock

January 17, 2025 by 1 Comment

It’s podcast time again, and this week Dan sat down with Elliot for a look back at all the cool hacks we’ve written about. We started off talking about Hackaday Europe, which is coming up in March — seems unlikely that it’s just around the corner, but there it is. There’s also good news: the Hack Chat is back, and we started things off with a bang as Eben Upton stopped by to talk all things Pi. Separately, we talked about fault injection attacks, including how to find the hidden cup of  0xC0FFEE in an RP2350.

We saw a very cool piece of LED jewelry that does a fluid simulation, a direct conversion radio that’s all laid out in front of you, and the scrunchiest mechanical digital clock you’ll ever see. We saw blinkenlights for blinkenlights’ sake, all the ways to put threads in your prints, and how to ditch to coax and wire up your antennas with Cat 6 cable. Plus, it’s an Al Williams twofer in the Can’t-Miss Articles, with a look back at life before GPS and how you can tune into digital ham radio, no radio required.

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Download the zero-calorie MP3.

Continue reading “Hackaday Podcast Episode 304: Glitching The RP2350, Sim Sim Sim, And A Scrunchie Clock”

This Week In Security: Rsync, SSO, And Pentesting Mushrooms

January 17, 2025 by 14 Comments

Up first, go check your machines for the rsync version, and your servers for an exposed rsync instance. While there are some security fixes for clients in release 3.4.0, the buffer overflow in the server-side rsync daemon is the definite standout. The disclosure text includes this bit of nightmare fuel: “an attacker only requires anonymous read access to a rsync server, such as a public mirror, to execute arbitrary code on the machine the server is running on.”

A naive search on Shodan shows a whopping 664,955 results for rsync servers on the Internet. Red Hat’s analysis gives us a bit more information. The checksum length is specified by the remote client, and an invalid length isn’t properly rejected by the server. The effect is that an attacker can write up to 48 bytes into the heap beyond the normal checksum buffer space. The particularly dangerous case is also the default: anonymous access for file retrieval. Red Hat has not identified a mitigation beyond blocking access.

If you run servers or forward ports, it’s time to look at ports 873 and 8873 for anything listening. And since that’s not the only problem fixed, it’s really just time to update to rsync 3.4.0 everywhere you can. While there aren’t any reports of this being exploited in the wild, it seems like attempts are inevitable. As rsync is sometimes used in embedded systems and shipped as part of appliances, this particular bug threatens to have quite the long tail. Continue reading “This Week In Security: Rsync, SSO, And Pentesting Mushrooms”

Hackaday Europe 2025 Tickets On Sale, And CFP Extended Until Friday

January 14, 2025 by 6 Comments

We’re opening up shop for Hackaday Europe, so get your tickets now! We’ve managed to get the ticket price down a bit this year, so you can join in all the fun for $145. And if you’re reading this right now, snap up one of the $75 early bird tickets as fast as you can.

Hackaday Europe is going down again in Berlin this year, on March 15th and 16th at MotionLab. It’s going to be a day and a half of presentations, lightning talks, badge hacking, workshops, and more. This is where Hackaday hangs out in person, and it’s honestly just a great time – if your idea of a great time is trading favorite PCB design tricks, crafting crufty code, and generally trading tales of hardware derring-do.

In short, it’s the best of Hackaday, live and in person. Throughout the weekend, all the meals are catered, we’ve got live music at night, and the soldering irons will be warmed up for you. It’s going to be great!

If you’re in town on Friday the 14th, we’ll be meeting up in the evening to get together over some pre-event food and drink, sponsored by Crowd Supply. It’s a nice opportunity to break the ice, get to know the people you’re going to be spending the next 48 hours with, and just mingle without missing that great talk or wonderful workshop. Continue reading “Hackaday Europe 2025 Tickets On Sale, And CFP Extended Until Friday”

Raspberry Pi Hack Chat With Eben Upton

January 13, 2025 by 18 Comments

Join us on Wednesday, January 15 at noon Pacific for the Raspberry Pi Hack Chat with Eben Upton!

join-hack-chatThe Hack Chat has been on an extended hiatus, but we’re back for 2025 and coming strong out of the gate! We’ve been trying to get Raspberry Pi co-founder and CEO Eben Upton on the chat for a while, but there was that whole thing of taking the company public that probably distracted him a wee bit. That’s fine though, because we know he loves getting in the trenches with the hacker community and talking about the things we all love to talk about. It’s not often that you get a chance for a one-on-one like this, so make sure you join us with all your Pi-related questions.

Our Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, January 15 at 12:00 PM Pacific time. If time zones have you tied up, we have a handy time zone converter.

[Image credit: Sniper Zeta, CC BY-SA 4.0]