This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.
Elliot Williams and Tom Nardi start this week’s episode off with some deep space news, as NASA’s OSIRIS-REx returns home with a sample it snapped up from asteroid Bennu back in 2020. From there, discussion moves on to magical part sorting, open source (eventually…) plastic recycling, and the preposterously complex method newer Apple laptops use to determine if their lid is closed. They’ll also talk about the changing perceptions of 3D printed parts, a new battery tech that probably won’t change the world, and a clock that can make it seem like your nights are getting longer and longer. Stick around until the end to hear about the glory days of children’s architecture books, and the origins of the humble microwave oven.
Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!
It seems that this attack only works on older Cisco routers, and the pattern is to log in with stolen or guessed credentials, revert the firmware to a yet older version, and then replace it with a malicious boot image. But the real fun here is the “magic packets”, a TCP or UDP packet filled with random data that triggers an action, like enabling that SSH backdoor service. That idea sounds remarkable similar to Fwknop, a project I worked on many years ago. It would be sort of surreal to find some of my code show up in an APT.
Don’t Look Now, But Is Your GPU Leaking Pixels
There’s a bit debate on who’s fault this one is, as well as how practical of an attack it is, but the idea is certainly interesting. Compression has some interesting system side effects, and it’s possible for a program with access to some system analytics to work out the state of that compression. The first quirk being leveraged here is that GPU accelerated applications like a web browser use compression to stream the screen view from the CPU to the GPU. But normally, that’s way too many pixels and colors to try to sort out just by watching the CPU and ram power usage.
And that brings us to the second quirk, that in Chrome, one web page can load a second in an iframe, and then render CSS filters on top of the iframe. This filter ability is then used to convert the page to black and white tiles, and then transform the white tiles into a hard-to-compress pattern, while leaving the black ones alone. With that in place, it’s possible for the outer web page to slowly recreate the graphical view of the iframe, leaking information that is displayed on the page.
And this explains why this isn’t the most practical of attacks, as it not only requires opening a malicious page to host the attack, it also makes some very obvious graphical changes to the screen. Not to mention taking at least 30 minutes of data leaking to recreate a username displayed on the Wikipedia page. What it lacks in practicality, this approach makes up for in cleverness and creativity, though. The attack goes by the GPU.zip moniker, and the full PDF is available. Continue reading “This Week In Security: Magic Packets, GPU.zip, And Enter The Sandman”→
Twenty years ago, in a world dominated by dial-up connections and a fledgling World Wide Web, a group of New Zealand friends embarked on a journey. Their mission? To bring to life a Matrix fan film shot on a shoestring budget. The result was The Fanimatrix, a 16-minute amateur film just popular enough to have its own Wikipedia page.
As reported by TorrentFreak, the humble film would unknowingly become a crucial part of torrent history. It now stands as the world’s oldest active torrent, with an uptime now spanning a full 20 years. It has become a symbol of how peer-to-peer technology democratized distribution in a fast-changing world.
When we last left the post office, they had implemented OCR to read even the sloppiest of handwriting. And to augment today’s 99% accuracy rate, there’s a center full of humans who can decipher the rest of those messy addresses with speed and aplomb. Before that, we took a look at many of the machines that make up the automated side of the post office’s movements. But what was being done to improve the customer experience during all of this time?
Quite a bit, as it turns out. In this installment, we’ll take a look at the development of vending machines and programs like Speed Mail, Missile Mail, and V-Mail (no, not voicemail!) as they relate to enhanced customer service over the years.
Our homes are full of technological marvels, and, as a Hackaday reader, we are betting you know the basic ideas behind a microwave oven even if you haven’t torn one apart for transformers and magnetrons. So we aren’t going to explain how the magnetron rotates water molecules to produce uniform dielectric heating. However, when we see our microwave, we think about two things: 1) this thing is one of the most dangerous things in our house and 2) what makes that little turntable flip a different direction every time you run the thing?
First, a Little History
Westinghouse Powercaster which could, among other things, toast bread in six seconds
People think that Raytheon engineer Percy Spenser, the chief of their power tube division, noticed that while working with a magnetron he found his candy bar had melted. This is, apparently, true, but Spenser wasn’t the first to notice. He was, however, the first to investigate it and legend holds that he popped popcorn and blew up an egg on a colleague’s face (this sounds like an urban legend about “egg on your face” to us). The Raytheon patent goes back to 1945.
However, cooking with radio energy was not a new idea. In 1933, Westinghouse demonstrated cooking foods with a 10 kW 60 MHz transmitter (jump to page 394). According to reports, the device could toast bread in six seconds. The same equipment could beam power and — reportedly — exposing yourself to the field caused “artificial fever” and an experience like having a cocktail, including a hangover on overindulgence. In fact, doctors would develop radiothermy to heat parts of the body locally, but we don’t suggest spending an hour in the device.
When you’ve been a fact-sponge for electronics trivia for over four decades, it’s not often that an entire class of parts escapes your attention. But have you seen the Skiatron? It’s a CRT that looks like a normal mid-20th-century tube, until it’s switched on. Then its secret is revealed; instead of the glowing phosphor trace we’d expect, the paper-white screen displays a daylight-readable and persistent black trace. They’re invariably seen in videos of radar installations, with the 360 degree scans projected onto large table-top screens which show the action like a map. It’s like e-ink, but from the 1940s. What’s going on?
The tenebrescent mineral Hackmanite, before and after UV exposure. Leland Green…, CC BY-SA 2.0 and CC BY-SA 2.0.
The phosphor coating on a traditional CRT screen is replaced by a halide salt, and the property on which the display relies is called tenebrescence, changing colour under the influence of radiation. This seems most associated online with UV treatment of some minerals and gemstones to give them a prettier look, and its use a s a display technology is sadly forgotten.
A high-school physics understanding of the phenomenon is that energy from the UV light or the electron beam in the case of the tube, places some electrons in the crystal into higher energy levels, at which they absorb some visible light wavelengths. This is reversible through heat, in some substances requiring the application of heat while in others the heat of room temperature being enough. Of course here at Hackaday we’re hands-on people, so into the EPROM eraser went a small amount of table salt in a makeshift dish made of paper, but sadly not to be rewarded by a colour change.
On a real dark-trace CRT the dark trace would be illuminated from behind by a ring light round the glass neck of the tube. An interesting aside is that, unlike phosphor CRTs, they were more suitable for vertical mounting. It seems that small amounts of phosphor could detach themselves from a vertically mounted screen and drop into the electron gun, something that wasn’t a problem for tenebrescent coatings.
This display tech has shuffled off into the graveyard of obsolescence, we’re guessing because CRT technology became a lot better over the 1950s, and radar technologies moved towards a computerised future in which the persistence of the display wasn’t the only thing keeping the information on the screen. It seems at first sight to be a surprise that tenebrescent coatings have never resurfaced in other displays for their persistence, but perhaps there was always a better alternative whether it was ultra-low-power LCDs or more recently e-ink style devices.
For more bleeding-edge 1950s radar displays, we’ve previously brought you Volscan, a radar with an early form of GUI, which no doubt was one of those which consigned dark-trace CRTs to history.
When you think about it, wiggling your fingers over a bunch of magic chiclets is a pretty strange gateway to the written word. And yet, here we sit a hundred-odd years after someone first decided that the same basic interface used to run pianos and harpsichords for centuries would be a fantastic model for mechanizing the whole writing thing. Just because it makes perfect sense thanks to the outsized portion of our brains dedicated to the motor and sensory functions of our wonderfully complex and versatile hands doesn’t mean it’s not weird.
Still and all, it seems like there could be some room for improvement in the basic design of keyboards. We could probably do with something that makes typing easier, results in less repetitive strain, or is just more fun to do. Pushing back on the traditional and boring designs of the past is where we find the strange breed of keyboard builders and modders that our very own Kristina Panos counts herself part of. You know here from her popular “Keebin’ with Kristina” series, and now we’ve coaxed her into checking into the Hack Chat to talk to all the rest of us keyboard-minded individuals. If you’ve ever thought that there has to be a better way to enter text, or even just something a little bit different, you’ll want to come along and join the conversation.
