Hackaday Podcast 054: Xenomorph Cookies, 101 Uses For Hot Glue, Rolling Robots, And A Clippy Computer

Hackaday editors Elliot Williams and Mike Szczys reflect on great hacks of the past few days. Strain relief is something every electronics geek encounters and there’s a spiffy way to make your hot-glue look like a factory connector. There’s something in the air and it seems to be recreating early computers. Did you know astronauts are baking cookies they’re forbidden to eat? And did you hear about the 3D printer that’s being fed oil from the deep fryer?

Take a look at the links below if you want to follow along, and as always tell us what you think about this episode in the comments!

Direct download (~60 MB)

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 054: Xenomorph Cookies, 101 Uses For Hot Glue, Rolling Robots, And A Clippy Computer”

This Week In Security: Robinhood, Apple Mail, ASLR, And More Windows 7

First off this week, a ransomware named Robinhood has a novel trick up its sleeve. The trick? Loading an old known-vulnerable signed driver, and then using a vulnerability in that driver to get a malicious kernel driver loaded.

A Gigabyte driver unintentionally exposed an interface that allows unfettered kernel level read and write access. Because it’s properly signed, Windows will happily load the driver. The ransomware code uses that interface to turn off the bit that enforces the loading of signed drivers only. From there, loading a malicious driver is trivial. Robinhood uses it’s kernel-level access to disable anti-virus applications before launching the data encryption.

This is a striking example of the weakness of binary signing without a mechanism to revoke those signatures. In an ideal world, once the vulnerability was found and an update released, the older, vulnerable driver would have its signature revoked.

The last Windows 7 Update For Real This Time, Maybe

More news in the ongoing saga of Windows 7/Server 2008 reaching end-of-life. KB4539602 was released this patch Tuesday, fixing the black background problem introduced in the last “final” round of updates. Surely that’s the last we’ll hear of this saga, right?

Not so fast. Apparently that patch has led to multiple Windows Server 2008 machines failing to boot after install. According to Microsoft, the problem is a missing previous patch that updates SHA-2 support. Continue reading “This Week In Security: Robinhood, Apple Mail, ASLR, And More Windows 7”

Sky Is New Limit For Dot Com Domain Prices

Earlier this week, domain name registrar Namecheap sent out an email to all customers advising them of a secret deal that went down between ICANN and Verisign sometime late last year. It has the potential to change the prices of domain names drastically over time, and thus change the makeup of the Internet as we know it.

Domain names aren’t really owned, they’re rented with an option to renew, and the annual rate that you pay depends both on your provider’s markup, but also on a wholesale rate that’s the same for all names in that particular domain. This base price is set by ICANN, a non-profit.

Officially, this deal is a proposed Amendment 3 to the contract in place between Verisign and ICANN that governs the “.com” domain. The proposed amendment would let Verisign increase the wholesale rental price of “.com” domain names by 7% per year for the next four years. Then there will be a two-year breather, followed by another four years of 7% annual hikes. And there is no foreseeable end to this cycle. We think it seems reasonable to assume that the domain name registrars might pass the price gouging on to the consumer, but that really remains to be seen.

The annual wholesale domain name price has been sitting at $7.85 since 2012, and as of this writing, Namecheap is charging $8.88 for a standard “.com” address. If our math is correct, ten years from now, a “.com” domain will cost around $13.50 wholesale and $17.50 retail. This almost-doubling in price will affect both small sites and companies that hold many domain names. And the increase will only get more dramatic with time.

So let’s take a quick look at the business of domain names.
Continue reading “Sky Is New Limit For Dot Com Domain Prices”

How To Get Into Cars – Basic Maintenance

So, you’ve decided you want to get into cars. After much research and deliberation, you’ve bought yourself a sweet project car, and can’t wait to get down to work. First things first – it’s time to learn about basic maintenance!

Get It Right For A Good Time

Doing necessary maintenance on time is key to enjoying your project car. Too many gearheads know the pain of a neglected beast that spends more time up on jackstands than out on the road. Buying the right car, and keeping a close eye on what needs to be done, will go a long way to improving your experience and relationship with your ride.

If you’ve just bought a car, no matter how good things look, it’s a good idea to go through things with a fine-tooth comb to make sure everything’s up to scratch. This can avoid expensive damage down the line, and is a great way to get your feet wet if you’re new to working on cars. Here’s a bunch of easy jobs you can tackle as a novice that will keep your ride in tip-top condition. Continue reading “How To Get Into Cars – Basic Maintenance”

HackIt: Why Aren’t We Hacking On The LED Printer?

Strings of LEDs are a staple of the type of project we see here at Hackaday, with addressable devices such as the WS2812 in particular having changed beyond recognition what is possible on a reasonable budget. They’ve appeared in all kinds of projects, but are perhaps most memorable when used in imaging projects such as screen-like arrays or persistence-of-vision systems. There’s another addressable LED product that we haven’t seen here, which is quite a surprise considering that it can be found with relative ease in junk piles and has been on the market for decades. We’re talking about the LED printer, and the addressable LED product in question is a very high density array of LEDs the width of a page, designed to place an image of the page to be printed on the toner transfer drum.

Continue reading “HackIt: Why Aren’t We Hacking On The LED Printer?”

DIY Radio Telescopes Hack Chat

Join us on Wednesday, February 12 at noon Pacific for the DIY Radio Telescopes Hack Chat with James Aguirre!

For most of history, astronomers were privy to the goings-on in the universe only in a very narrow slice of the electromagnetic spectrum. We had no idea that a vibrant and wondrous picture was being painted up and down the wavelengths, a portrait in radio waves of everything from nearly the moment of creation to the movement of galaxies. And all it took to listen in was an antenna and a radio receiver.

Over the years, radio telescopes have gotten more and more sophisticated and sensitive, and consequently bigger and bigger. We’re even to the point where one radio telescope often won’t cut it, and astronomers build arrays of telescopes spread over miles and miles, some with antennas that move around on rails. In the search for signals, radio astronomy has become the very definition of “Big Science.”

But radio astronomy doesn’t have to be big to be useful. James Aguirre, an astronomer at the University of Pennsylvania, spends his days (and nights) studying the radio universe with those big instruments. But he’s also passionate about down-scaling things and teaching everyone that small radio telescopes can be built on the cheap. His Mini Radio Telescope project uses a cast-off satellite TV dish and a couple of hundred bucks worth of readily available gear to scan the skies for all sorts of interesting phenomena.

Dr. Aguirre will join us on the Hack Chat to discuss all things radio astronomy, and how you can get in on the radio action on the cheap. Chances are good your junk pile — or your neighbor’s roof — has everything you need, and you might be surprised how approachable and engaging DIY radio astronomy can be.

join-hack-chatOur Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, February 12 at 12:00 PM Pacific time. If time zones have got you down, we have a handy time zone converter.

Click that speech bubble to the right, and you’ll be taken directly to the Hack Chat group on Hackaday.io. You don’t have to wait until Wednesday; join whenever you want and you can see what the community is talking about. Continue reading “DIY Radio Telescopes Hack Chat”

Ask Hackaday: What’s Your Coronavirus Supply Chain Exposure?

In whichever hemisphere you dwell, winter is the time of year when viruses come into their own. Cold weather forces people indoors, crowding them together in buildings and creating a perfect breeding ground for all sorts of viruses. Everything from the common cold to influenza spread quickly during the cold months, spreading misery and debilitation far and wide.

In addition to the usual cocktail of bugs making their annual appearance, this year a new virus appeared. Novel coronavirus 2019, or 2019-nCoV, cropped up first in the city of Wuhan in east-central China. From a family of viruses known to cause everything from the common cold to severe acute respiratory syndrome (SARS) in humans, 2019-nCoV tends toward the more virulent side of the spectrum, causing 600 deaths out of 28,000 infections reported so far, according to official numbers at the time of this writing.

(For scale: the influenzas hit tens of millions of people, resulting in around four million severe illnesses and 500,000 deaths per season, worldwide.)

With China’s unique position in the global economy, 2019-nCoV has the potential to seriously disrupt manufacturing. It may seem crass to worry about something as trivial as this when people are suffering, and of course our hearts go out to the people who are directly affected by this virus and its aftermath. But just like businesses have plans for contingencies such as this, so too should the hacking community know what impact something like 2019-nCoV will have on supply chains that we’ve come to depend on.

Continue reading “Ask Hackaday: What’s Your Coronavirus Supply Chain Exposure?”