Hackaday Columns

4725 Articles

This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.

Tools Of The Trade: Dirt Cheap Or Too Dirty?

May 13, 2023 by 69 Comments

We’ve recently seen a couple reviews of a particularly cheap oscilloscope that, among other things, doesn’t meet its advertised specs. Actually, it’s not even close. It claims to be a 100 MHz scope, and it’s got around 30 MHz of bandwidth instead. If you bought it for higher frequency work, you’d have every right to be angry. But it’s also cheap enough that, if you were on a very tight budget, and you knew its limitations beforehand, you might be tempted to buy it anyway. Or so goes one rationale.

In principle, I’m of the “buy cheap, buy twice” mindset. Some tools, especially ones that you’re liable to use a lot, make it worth your while to save up for the good stuff. (And for myself, I would absolutely put an oscilloscope in that category.) The chances that you’ll outgrow or outlive the cheaper tool and end up buying the better one eventually makes the money spent on the cheaper tool simply wasted.

But that’s not always the case either, and that’s where you have to know yourself. If you’re only going to use it a couple times, and it’s not super critical, maybe it’s fine to get the cheap stuff. Or if you know you’re going to break it in the process of learning anyway, maybe it’s a shame to put the gold-plated version into your noob hands. Or maybe you simply don’t know if an oscilloscope is for you. It’s possible!

And you can mix and match. I just recently bought tools for changing our car’s tires. It included a dirt-cheap pneumatic jack and an expensive torque wrench. My logic? The jack is relatively easy to make functional, and the specs are so wildly in excess of what I need that even if it’s all lies, it’ll probably suffice. The torque wrench, on the other hand, is a bit of a precision instrument, and it’s pretty important that the bolts are socked up tight enough. I don’t want the wheels rolling off as I drive down the road.

Point is, I can see both sides of the argument. And in the specific case of the ’scope, the cheapo one can also be battery powered, which gives it a bit of a niche functionality when probing live-ground circuits. Still, if you’re marginally ’scope-curious, I’d say save up your pennies for something at least mid-market. (Rigol? Used Agilent or Tek?)

But isn’t it cool that we have so many choices? Where do you buy cheap? Where won’t you?

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!

Hackaday Podcast 218: Open Source AI, The Rescue Of Salyut 7, The Homework Machine

May 12, 2023 by 7 Comments

This week, Editor-in-Chief Elliot Williams and Kristina Panos have much in the way of Hackaday news — the Op Amp Challenge is about halfway over, and there are roughly three weeks left in the Assistive Tech challenge of the 2023 Hackaday Prize. Show us what you’ve got on the analog front, and then see what you can do to help people with disabilities to live better lives!

Kristina is still striking out on What’s That Sound, which this week honestly sounded much more horrendous and mechanical than the thing it actually is. Then it’s on to the hacks, beginning with the we-told-you-so that even Google believes that open source AI will out-compete both Google’s own AI and the questionably-named OpenAI.

From there we take a look at a light-up breadboard, listen to some magnetite music, and look inside a pair of smart sunglasses. Finally, we talk cars, beginning with the bleeding edge of driver-less. Then we go back in time to discuss in-vehicle record players of the late 1950s.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in  the comments!

Download and savor at your leisure.

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 218: Open Source AI, The Rescue Of Salyut 7, The Homework Machine”

This Week In Security: TPM And BootGuard, Drones, And Coverups

May 12, 2023 by 17 Comments

Full disk encryption is the go-to solution for hardening a laptop against the worst-case scenario of physical access. One way that encryption can be managed is through a Trusted Platform Module (TPM), a chip on the motherboard that manages the disk encryption key, and only hands it over for boot after the user has authenticated. We’ve seen some clever tricks deployed against these discrete TPMs, like sniffing the data going over the physical traces. So in theory, an integrated TPM might be more secure. Such a technique does exist, going by the name fTPM, or firmware TPM. It uses a Trusted Execution Environment, a TEE, to store and run the TPM code. And there’s another clever attack against that concept (PDF).

It’s chip glitching via a voltage fault. This particular attack works against AMD processors, and the voltage fault is triggered by injecting commands into the Serial Voltage Identification Interface 2.0 (SVI2). Dropping the voltage momentarily to the AMD Secure Processor (AMD-SP) can cause a key verification step to succeed even against an untrusted key, bypassing the need for an AMD Root Key (ARK) signed board firmware. That’s not a simple process, and pulling it off takes about $200 of gear, and about 3 hours. This exposes the CPU-unique seed, the board NVRAM, and all the protected TPM objects.

So how bad is this in the real world? If your disk encryption only relies on an fTPM, it’s pretty bad. The attack exposes that key and breaks encryption. For something like BitLocker that can also use a PIN, it’s a bit better, though to really offer more resistance, that needs to be a really long PIN: a 10 digit PIN falls to a GPU in just 4 minutes, in this scenario where it can be attacked offline. There is an obscure way to enable an “enhanced PIN”, a password, which makes that offline attack impractical with a secure password.

And if hardware glitching a computer seems to complicated, why not just use the leaked MSI keys? Now to be fair, this only seems to allow a bypass of Intel’s BootGuard, but it’s still a blow. MSI suffered a ransomware-style breach in March, but rather than encrypt data, the attackers simply threatened to release the copied data to the world. MSI apparently refused to pay up, and source code and signing keys are now floating in the dark corners of the Internet. There have been suggestions that this leak impacts the entire line of Intel processors, but it seems likely that MSI only had their own signing keys to lose. But that’s plenty bad, given the lack of a revocation system or automatic update procedure for MSI firmware. Continue reading “This Week In Security: TPM And BootGuard, Drones, And Coverups”

Linux Fu: C On Jupyter

May 11, 2023 by 22 Comments

If you are a Pythonista or a data scientist, you’ve probably used Jupyter. If you haven’t, it is an interesting way to work with Python by placing it in a Markdown document in a web browser. Part spreadsheet, part web page, part Python program, you create notebooks that can contain data, programs, graphics, and widgets. You can run it locally and attach to it via a local port with a browser or, of course, run it in the cloud if you like. But you don’t have to use Python.

You can, however, use things with Jupyter other than Python with varying degrees of success. If you are brave enough, you can use C. And if you look at this list, you’ll see you can use things ranging from Javascript, APL, Fortran, Bash, Rust, Smalltalk, and even MicroPython.

Continue reading “Linux Fu: C On Jupyter”

Share Your Projects: Making Helpful PCBs

May 9, 2023 by 38 Comments

When it comes to things that hackers build, PCBs are a sizeable portion of our creative output. It’s no wonder – PCB design is a powerful way to participate in the hardware world, making your ideas all that more tangible with help of a friendly PCB fab. It’s often even more lovely when the PCB has been designed for you, and all you have to do is press “send” – bonus points if you can make a few changes for your own liking!

A lot of the time, our projects are untrodden ground, however, and a new design needs to be born. We pick out connectors, work through mechanical dimensions, figure out a schematic and check it with others, get the layout done, and look at it a few more times before sending it out for production. For a basic PCB, that is enough – but of course, it’s no fun to stop at ‘basic’, when there’s so many things you can do at hardly any cost.

Let’s step back a bit – you’ve just designed a board, and it’s great! It has all the chips and the connectors you could need, and theoretically, it’s even supposed to work first try. Now, let’s be fair, there’s an undeniable tendency – the more PCBs you design, the better each next one turns out, and you learn to spend less time on each board too. As someone with over two hundred PCBs under her belt, I’d like to show you a bunch of shortcuts that make your PCB more helpful, to yourself and others.

There’s a few ways that you can share your PCB projects in a more powerful way – I’d like to point out a few low-hanging fruits, whether README.md files or markings on the PCB itself. I’ve been experimenting quite a bit with external and embedded documentation of PCBs, as well as PCB sharing methods, got some fun results, and I’d like to share my toolkit through a few punchy examples and simple tricks. I’d also like to hear about yours – let’s chat! Continue reading “Share Your Projects: Making Helpful PCBs”

A Literate Assembly Language

May 8, 2023 by 80 Comments

A recent edition of [Babbage’s] The Chip Letter discusses the obscurity of assembly language. He points out, and I think correctly, that assembly language is more often read than written, yet nearly all of them are hampered by obscurity left over from the days when punched cards had 80 columns and a six-letter symbol was all you could manage in the limited memory space of the computer. For example,  without looking it up, what does the ARM instruction FJCVTZS do? The instruction’s full name is Floating-point Javascript Convert to Signed Fixed-point Rounding Towards Zero. Not super helpful.

But it did occur to me that nothing is stopping you from writing a literate assembler that is made to be easier to read. First, most C compilers will accept some sort of asm statement, and you could probably manage that with compile-time string construction and macros. However, I think there is a better possibility.

Reuse, Recycle

Since I sometimes develop new CPU architectures, I have a universal cross assembler that is, honestly, an ugly hack, but it works quite well. I’ve talked about it before, but if you don’t want to read the whole post about it, it uses some simple tricks to convert standard-looking assembly language formats into C code that is then compiled. Executing the resulting program outputs the desired machine language into a desired file format. It is very easy to set up, and in the middle, there’s a nice C program that emits machine code. It is not much more readable than the raw assembly, but you shouldn’t have to see it. But what if we started the process there and made the format readable?

At the heart of the system is a C program that lives in soloasm.c. It handles command line options and output file generation. It calls an external function, genasm with a single integer argument. When that argument is set to 1, it indicates the assembler is in its first pass, and you only need to fill in label values with real numbers. If the pass is a 2, it means actually fill in the array that holds the code.

That array is defined in the __solo_info instruction (soloasm.h). It includes the size of the memory, a pointer to the code, the processor’s word size, the beginning and end addresses, and an error flag. Normally, the system converts your assembly language input into a bunch of function calls it writes inside the genasm function. But in this case, I want to reuse soloasm.c to create a literate assembly language. Continue reading “A Literate Assembly Language”

Hackaday Links Column Banner

Hackaday Links: May 7, 2023

May 7, 2023 by 39 Comments

More fallout for SpaceX this week after their Starship launch attempt, but of the legal kind rather than concrete and rebar. A handful of environmental groups filed the suit, alleging that the launch generated “intense heat, noise, and light that adversely affects surrounding habitat areas and communities, which included designated critical habitat for federally protected species as well as National Wildlife Refuge and State Park lands,” in addition to “scatter[ing] debris and ash over a large area.”

Specifics of this energetic launch aside, we always wondered about the choice of Boca Chica for a launch facility. Yes, it has all the obvious advantages, like a large body of water directly to the east and being at a relatively low latitude. But the whole area is a wildlife sanctuary, and from what we understand there are still people living pretty close to the launch facility. Then again, you could pretty much say the same thing about the Cape Canaveral and Cape Kennedy complex, which probably couldn’t be built today. Amazing how a Space Race will grease the wheels of progress.

Continue reading “Hackaday Links: May 7, 2023”