Hackaday Columns

4659 Articles

This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.

Jenny’s Daily Drivers: Raspberry Pi Desktop

September 5, 2023 by 31 Comments

One of the more exciting prospects upon receiving one of the earliest Raspberry Pi boards back in 2012 was that it was a fully-functional desktop computer in the palm of your hand. In those far-off days, the Debian OS distro for the board wasn’t even yet called Raspbian, but it would run a full-on desktop on your TV and you could use it after a fashion to browse the web or do wordprocessing. It wasn’t in any way fast, but it was usable enough to be more than a novelty. I’ve said before on these pages that the Raspberry Pi folks’ key product is their OS rather than their computers. While they rarely have the fastest or highest spec hardware, you can depend on Raspberry Pi OS being updated and supported through the life of the board unlike many of their competitors. I can download their latest OS image and still run it on that 2012 board, which to me ranks as a very laudable achievement.

The OS They Don’t Really Tell You About

Screenshot of the first i386 Pi desktop
The background image may have changed since the first release back in 2016, but the UI hasn’t.

Raspberry Pi OS doesn’t run on any other ARM single board computers but their own, but it’s not quite accurate to say that it only runs on Raspberry Pi hardware. Since 2016 when it was launched as PIXEL, the folks in Cambridge have also maintained a PC version for 32-bit i386 computers, now called Raspberry Pi Desktop. It may be the Pi product they don’t talk about much, but  you can still find it on their downloads page.

Like the ARM version, it’s based on Debian and presents as close as possible to the environment you’d find on your Pi. I’m interested to see whether it still lives up to the claim of being usable on older hardware, so I’ve downloaded a copy and installed it on my trusty 2007 Dell Inspiron 640. It rocks a 1.6 GHz Core Duo with 4 GB of memory and a SATA SSD so it’s not the lowest spec hardware on the block, but by 2023’s standard it represents a giveaway-spec old laptop. Can I use it as a daily driver? Let’s find out! Continue reading “Jenny’s Daily Drivers: Raspberry Pi Desktop”

Hackaday Links Column Banner

Hackaday Links: September 3, 2023

September 3, 2023 by 16 Comments

Right-to-repair has been a hot-button topic lately, with everyone from consumers to farmers pretty much united behind the idea that owning an item should come with a plausible path to getting it fixed if it breaks, or more specifically, that you shouldn’t be subject to prosecution for trying to repair your widget. Not everyone likes right-to-repair, of course — plenty of big corporations want to keep you from getting up close and personal with their intellectual property. Strangely enough, their ranks are now apparently joined by the Church of Scientology, who through a media outfit in charge of the accumulated works of Church founder L. Ron Hubbard are arguing against exemptions to the Digital Millennium Copyright Act (DMCA) that make self-repair possible for certain classes of devices. They apparently want the exemption amended to not allow self-repair of any “software-powered devices that can only be purchased by someone with particular qualifications or training or that use software ‘governed by a license agreement negotiated and executed’ before purchase.

Continue reading “Hackaday Links: September 3, 2023”

Hackaday Prize 2023: Gen5X A Generatively Designed 5-Axis 3D Printer

September 3, 2023 by 29 Comments

[Ric Real] is entering the 2023 Hackaday Prize with the Gen5X, a generatively designed 3D printed five-axis 3D printer. The concept is not a new one, with the type of construction being seen a few times here and there. In addition to the usual three directions of motion, we’re familiar with, with the cartesian bot design, these types of machines add an additional two rotation axes, one which can swing the build platform front and back around the X-axis, and a second that provides rotation around the Z-axis. These combined motions give rise to some very interesting capabilities, outside of our familiar 3D printing design constraints.

As for the generative side of things, this is a largely theoretical idea. Essentially the concept is that the machine’s design can be iteratively updated and optimised for performance to fit into the constraints of available hardware such as motors and other ‘vitamins’ needed to create the next generation of machines. The design files should be parameterised enough such that this optimisation process can be automated, potentially via input from AI, but we suspect we’re a way off from that yet. Whether this project as yet satisfies any of these lofty goals remains to be seen, but do keep an eye on it if you’re so inclined. There is a Fusion 360 project here to dig into, but if you’re not interested in the research side of the project, but just want to build a 5-axis machine to play with, then you can find the project source on the GitHub Page.

If this feels familiar, you’d be on the right track, as we covered at least one other 5D printer recently. We have also touched upon generative design at least once. We’re sure we will see more on this topic in the future.

Continue reading “Hackaday Prize 2023: Gen5X A Generatively Designed 5-Axis 3D Printer”

To Give Is Better Than To Receive

September 2, 2023 by 24 Comments

Better to give a talk at a hacker event, that is. Or in your hackerspace, or even just to a bunch of fellow nerds whenever you can. When you give the talk, don’t be afraid to make it too “easy” to understand. Making a tough topic comprehensible is often the sign that you really understand it, after all, and it’s also a fantastic service to the audience. And also don’t be afraid that your talk isn’t “hard core” enough, because with a diverse enough crowd, there will absolutely be folks for whom it’s still entirely new, and they’ll be thankful.

These were the conclusions I got from talking to a whole range of people at Chaos Communication Camp the weekend before last, and it’s one of the great opportunities when you go to an event like this. At Camp, there were a number of simultaneous stages, and with so many talks that new ones are still being released. That meant that everyone had their chance to say their bit, and many many did.

And that’s great. Because it’s obvious that getting the work done, or diving deep into a particular topic, is part of the hacker experience, but it’s also equally important to share what you’ve gained with the rest of the community. The principle of spreading the knowledge is a cornerstone of our culture, and getting people up to talk about what they’ve learned is the manifestation of this cultural value. If you know something, say something!

Of course, when you’re not at a conference, you could be writing up your hacks and sending them in to the tips line (hint, hint!). That’ll work too.

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!

Hackaday Podcast 234: Machines On Fire, Old Kinect New Kinect, And Birth Of The Breadboard

September 1, 2023 by 6 Comments

It might sound like a joke, but this week, Elliot Williams and Tom Nardi start things off by asking how you keep a Polish train from running. Like always, the answer appears to be a properly modulated radio signal. After a fiery tale about Elliot’s burned beans, the discussion moves over to the adventure that is home CNC ownership, the final chapter in the saga of the Arecibo Telescope, and the unexpected longevity of Microsoft’s Kinect. Then it’s on to the proper way to cook a PCB, FFmpeg in the browser, and a wooden cyberdeck that’s worth carrying around. Finally, they’ll go over the next generation of diode laser engravers, and take a look back at the origins of the lowly breadboard.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Download it yourself. You don’t need the cloud!

Continue reading “Hackaday Podcast 234: Machines On Fire, Old Kinect New Kinect, And Birth Of The Breadboard”

This Week In Security: Not A Vulnerability, BGP Bug Propogation, And Press Enter To Hack

September 1, 2023 by 6 Comments

Curl was recently notified of a CVE, CVE-2020-19909, rated at a hair-raising 9.8 on the CVSS scale. And PostgreSQL has CVE-2020-21469, clocking in with a 7.5 severity. You may notice something odd about those two vulnerabilities, but I promise the 2020 date is only the tip of the iceberg here.

Let’s start with PostgreSQL. That vulnerability was only present in version 12.2, which released in February of 2020, and was fixed with the 12.3 release in May of that same year. The problem is a stack buffer overflow, which doesn’t seem to enable code execution, but does cause a denial of service situation. To trigger the bug? Repeatedly send the PostgreSQL daemon the SIGHUP signal.

If you’re familiar with Linux signals, that might sound odd. See, the SIGHUP signal technically indicates the end of a user session, but most daemons use it to indicate a restart or reload request. And to send this signal, a user has to have elevated privileges — elevated enough to simply stop the daemon altogether. Put simply, it’s not a security vulnerability, just a minor bug.

And now on to curl — This one is just bizarre. The issue is a integer overflow in the --retry-delay argument, which specifies in seconds how often curl should retry a failing download. The value is multiplied by 1000 to convert to milliseconds, resulting in an overflow for very large values. The result of that overflow? A smaller value for the retry delay.

[Daniel Stenberg] makes the point that this tale is a wonderful demonstration of the brokenness of the CVE system and NVD’s handling of it. And in this case, it’s hard not to see this as negligence. We have to work really hard to construct a theoretical scenario where this bug could actually be exploited. The best I’ve been able to come up with is an online download tool, where the user can specify part of the target name and a timeout. If that tool had a check to ensure that the timeout was large enough to avoid excess traffic, this bug could bypass that check. Should we be assigning CVEs for that sort of convoluted, theoretical attack?

But here’s the thing, that attack scenario should rate something like a CVSS of 4.8 at absolute worst. NVD assigned this a 9.8. There’s no way you can squint at this bug hard enough to legitimately rank it that severe. At the time of writing, the NVD lists this as “UNDERGOING REANALYSIS”.
Continue reading “This Week In Security: Not A Vulnerability, BGP Bug Propogation, And Press Enter To Hack”

Logic Analyzers: Tapping Into Raspberry Pi Secrets

August 31, 2023 by 46 Comments

Today, I’d like to highlight a tool that brings your hacking skills to a whole new level, and does that without breaking the bank – in fact, given just how much debugging time you can save, how many fun pursuits you can unlock, and the numerous features you can add, this might be one of the cheapest tools you will get. Whether it’s debugging weird problems, optimizing your code, probing around a gadget you’re reverse-engineering, or maybe trying to understand someone’s open-source library, you are likely missing out a lot if you don’t have a logic analyzer on hand!

It’s heartbreaking to me that some hackers still don’t know the value that a logic analyzer brings. Over and over again, tactical application of a logic analyzer has helped me see an entirely different perspective on something I was hacking on, and that’s just the thing I’d like to demonstrate today.

Diving In

A logic analyzer has a number of digital inputs, and it continuously reads the state of these digital inputs, sending them to your computer or showing them on a screen – it’s like a logic-level-only oscilloscope. If you have an I2C bus with one MCU controlling a sensor, connect a logic analyzer to the clock and data pins, wire up the ground, launch the logic analyzer software on your computer, and see what’s actually happening.

For instance, have you ever noticed the ID_SC and ID_SD pins on the Raspberry Pi GPIO connector? Are you wondering what they’re for? Don’t you want to check what actually happens on these pins? Let’s do that right now! Continue reading “Logic Analyzers: Tapping Into Raspberry Pi Secrets”