Retro Gadgets: The Real Desktop Computer

July 24, 2023 by Al Williams 27 Comments

People argue about the first use of the computer desktop metaphor. Apple claims it. Xerox probably started it. Yet, when I think of computer desktops, I think of the NOVAL 760. Not a household name, to be sure, but a big ad spread in a June 1977 Byte magazine was proud to introduce it. At $2995, we doubt many were sold, but the selling point was… well… it was built into a “handsome wood desk, designed to compliment any decor.” The desk folded down when you were not using the computer, and the keyboard recessed into a drawer.

The computer itself was no slouch for 1977, but nothing you couldn’t find elsewhere. An 8080, speed unspecified, had 16 kB of RAM and 3 kB of PROM. There was also a display with a few kB of memory hanging around, too. And just in case you were worried, the bottom of the page entitled “The Ultimate in Home Computers” reads, “The NOVAL 760 COMPUTER. A fully-assembled, fully-tested personal computer … not a kit!” Of course, for us, that’s not really a selling point. If you wonder why the computer was memory limited, this is the time that Extensys bragged in an ad: 64 kB for $1495! If you ordered one, you could have it in 15 to 30 days, too!

There were options for more memory, and it wasn’t clear how many of the I/O devices in the ad were actually included in the advertised price. Some of the devices seemed very specialized, so we are guessing the basic system didn’t include some of them.

Continue reading “Retro Gadgets: The Real Desktop Computer” →

CircuitPython Happenings Hack Chat With Adafruit

July 24, 2023 by Dan Maloney 29 Comments

Join us on Wednesday, July 26 at noon Pacific for the CircuitPython Happenings Hack Chat with The folks from Adafruit!

It’s always a party when the good folks from Adafruit stop by the Hack Chat, and we expect no less than that this time around. It’s hard to predict where the conversation will go when [LadyAda], [pt], and [Scott] roll in, but we strongly suspect it’ll center on what’s new in the world of CircuitPython.

We’ve heard that they’ve got some cool stuff going on with CircuitPython on the RP2040, which just might lead to a Python-based fix for the current Bus Pirate supply chain problem. It’ll be a swashbucklingly good time, so make sure you stop by.

Our Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, July 26 at 12:00 PM Pacific time. If time zones have you tied up, we have ahandy time zone converter.

Hackaday Links: July 23, 2023

July 23, 2023 by Dan Maloney 4 Comments

It may be midwinter in Perth, but people still go to the beach there, which led to the surprising discovery earlier this week of what appears to be a large hunk of space debris. Local authorities quickly responded to reports of a barnacle-encrusted 2.5-m by 3-m tank-like object on the beach. The object, which has clearly seen better days, was described as being made of metal and a “wood-like material,” which on casual inspection is clearly a composite material like Kevlar fibers in some sort of resin. Local fire officials teamed up with forensic chemists to analyze the object for contamination; finding none, West Australia police cordoned off the device to keep the curious at bay. In an apparently acute case of not knowing how the Internet works, they also “urge[d] everyone to refrain from drawing conclusions” online, which of course sent the virtual sleuths into overdrive. An r/whatisthisthing thread makes a good case for it being part of the remains of the third stage of an Indian Polar Satellite Launch Vehicle (PSLV); reentry of these boosters is generally targeted at the East Indian Ocean for safe disposal, but wind and weather seem to have brought this artifact back from the depths.

Continue reading “Hackaday Links: July 23, 2023” →

Who’s Afraid Of Assembly Language?

July 22, 2023 by Elliot Williams 109 Comments

This week, [Al Williams] wrote a great thought piece about whether or not it was worth learning an assembly language at all anymore, and when. The comments overflowed, and we’re surprised that so many people basically agree with us: yes. Of course, it’s a Hackaday crowd, but I still didn’t expect the outpouring of love for the most primitive of languages.

Assembly language isn’t really one language, though. Every chip speaks its own dialect. Of course there are similarities: every CPU has an add function, right? But almost no CPU has just one add – there are variants with and without carry, storing and reading from working registers or RAM. And once you start talking about memory access, direct or indirect, the individual architectures of the chips demand different assembly languages.

But still, although the particular ways that CPUs do what they do can be incompatible from a strictly language perspective, they are a lot more similar in terms of the programming idioms that you’ll pick up along the way. Just as learning a set of solid algorithms will help you no matter which higher-level language you use, learning the concepts behind crafting loops and simple memory structures out of raw assembly language will serve you no matter which CPU you choose.

I have only written assembly language for a handful of CPUs, and not much of it at that, but I’ve found the microcontrollers to be the friendliest. So if you want to dip your toes in that water, pick up an AVR or an MSP430. Or maybe even the new hotness – a RISC-V. You’ll find the instruction sets small enough that you have to do most of the work yourself. And that is, after all, the point of learning an assembly language: learning to think like the silicon. If you treat it like a fun puzzle to solve, you’ll probably even enjoy the experience.

[Al]’s original question was when you should learn an assembly language: before or after a higher-level language. For 99% of our readers, I’d say the answer is right now.

Ask Hackaday: What’s Linux Anyway?

July 21, 2023 by Al Williams 55 Comments

Any time we mention Linux, it is a fair bet we will get a few comments from people unhappy that we didn’t refer to it as GNU/Linux or with some other appellation. To be fair, they aren’t wrong. Linux is a kernel. Much of what we think of as a Linux desktop OS is really from other sources, including, but not limited to, GNU. We thought about this after reading a report from [The Register] that Linux has nearly half of the desktop OS Linux market. Wait, what?

If you are like us, you probably think that’s a typo. It isn’t. But the more you think about it, the less sense it makes. You know that half of the world’s desktops don’t run Linux. But maybe they mean Unix? Nope. So how can Linux have almost half of the Linux market? That’s like saying nearly half of Hackaday readers read Hackaday, right?

Continue reading “Ask Hackaday: What’s Linux Anyway?” →

Hackaday Podcast 228: Bats, Eggs, Lasers, Duck Tape, And Assembly Language

July 21, 2023 by Dan Maloney 1 Comment

Summer’s in full swing, and this week both Elliot and Dan had to sweat things out to get the podcast recorded. But the hacks were cool — see what I did there? — and provided much-needed relief. Join us as we listen in on the world of bats, look at a laser fit for a hackerspace, and learn how to make an array of magnets greater than — or less than — the sum of its parts. There’ll be flying eggs, keyboards connected to cell phones, and everything good about 80s and 90s cable TV, as well as some of the bad stuff. And you won’t want to miss Elliot putting Dan to shame with the super-size Quick Hacks, either, nor should you skip the Can’t Miss sweep with a pair of great articles by Al Williams.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Download a long series of ones and zeroes that, when appropriately interpreted, sound like two people talking about nerdy stuff!

Continue reading “Hackaday Podcast 228: Bats, Eggs, Lasers, Duck Tape, And Assembly Language” →

This Week In Security: Dating App, WooCommerce, And OpenSSH

July 21, 2023 by Jonathan Bennett 4 Comments

Up first this week is a report from vpnMentor, covering the unsecured database backing a set of dating apps, including 419 Dating. The report is a bit light on the technical details, like what sort of database this was, or how exactly it was accessed. But the result is 2.3 million exposed records, containing email address, photos — sometimes explicit, and more. Apparently also exposed were server backups and logs.

The good news here is that once [Jeremiah Fowler] discovered the database door unlocked and hanging open, he made a disclosure, and the database was secured. We can only hope that it wasn’t discovered by any bad actors in the meantime. The app has now disappeared from the Google Play store, and had just a bit of a sketchy air about it.

WooCommerce Under Siege

Back in March, CVE-2023-28121 was fixed in the WooCommerce plugin for WordPress. The issue here is an authentication bypass that allows an unauthenticated user to commandeer other user accounts.

Within a few months, working exploits had been derived from the details of the patch plugging the hole. It wasn’t hard. A function for determining the current user was explicitly trusting the contents of the X-WCPAY-PLATFORM-CHECKOUT-USER request header. Set that value in a request sent to the server, and ding, you’re administrator.

And now the cows are coming home to roost. Active exploitation started in earnest on July 14, and the folks at Wordfence clocked a staggering 1.3 million exploitation attempts on the 16th. What’s particularly interesting is that the Wordfence data gathering system saw a huge increase in requests for the readme.txt file that indicates the presence of the WooCommerce plugin on a WordPress site. These requests were observed before the attacks got started, making for an interesting early warning system. Continue reading “This Week In Security: Dating App, WooCommerce, And OpenSSH” →