Hackaday Columns

4582 Articles

This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.

Hackaday Links Column Banner

Hackaday Links: June 19, 2022

June 19, 2022 by 11 Comments

The James Webb Space Telescope has had a long and sometimes painful journey from its earliest conception to its ultimate arrival at Lagrange point L2 and subsequent commissioning. Except for the buttery-smooth launch and deployment sequence, things rarely went well for the telescope, which suffered just about every imaginable bureaucratic, scientific, and engineering indignity during its development. But now it’s time to see what this thing can do — almost. NASA has announced that July 12 will be “Image Release Day,” which will serve as Webb’s public debut. The relative radio silence from NASA on Webb since the mirror alignment was completed — apart from the recent micrometeoroid collision, of course — suggests the space agency has been busy with “first light” projects. So there’s good reason to hope that the first released images from Webb will be pretty spectacular. The images will drop at 10:30 AM EDT, so mark your calendars and prepare to be wowed. Hopefully.

Continue reading “Hackaday Links: June 19, 2022”

Hackaday Podcast 173: EMF Camp Special Edition

June 17, 2022 by No comments

With Editor-in-Chief Elliot Williams enjoying some time off, Managing Editor Tom Nardi is flying solo for this special edition of the Hackaday Podcast. Thanks to our roving reporter Jenny List, we’ll be treated to several interviews conducted live from EMF Camp — a European outdoor hacker camp the likes of which those of us in the United States can only dream of. After this special segment, Hackaday contributors Al Williams and Ryan Flowers will stop by to talk about their favorite stories from the week during what may be the longest Quick Hacks on record. There’s a few extra surprises hidden in this week’s program…but if we told you everything, it would ruin the surprise. Listen closely, you never know what (or who) you might hear.

Direct Download link

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 173: EMF Camp Special Edition”

This Week In Security: Pacman, Hertzbleed, And The Death Of Internet Explorer

June 17, 2022 by 25 Comments

There’s not one, but two side-channel attacks to talk about this week. Up first is Pacman, a bypass for ARM’s Pointer Authentication Code. PAC is a protection built into certain ARM Processors, where a cryptographic hash value must be set correctly when pointers are updated. If the hash is not set correctly, the program simply crashes. The idea is that most exploits use pointer manipulation to achieve code execution, and correctly setting the PAC requires an explicit instruction call. The PAC is actually indicated in the unused bits of the pointer itself. The AArch64 architecture uses 64-bit values for addressing, but the address space is much less than 64-bit, usually 53 bits or less. This leaves 11 bits for the PAC value. Keep in mind that the application doesn’t hold the keys and doesn’t calculate this value. 11 bits may not seem like enough to make this secure, but keep in mind that every failed attempt crashes the program, and every application restart regenerate the keys.

What Pacman introduces is an oracle, which is a method to gain insight on data the attacker shouldn’t be able to see. In this case, the oracle works via speculation attacks, very similar to Meltdown and Spectre. The key is to attempt a protected pointer dereference speculatively, and to then observe the change in system state as a result. What you may notice is that this requires an attack to already be running code on the target system, in order to run the PAC oracle technique. Pacman is not a Remote Code Execution flaw, nor is it useful in gaining RCE.

One more important note is that an application has to have PAC support compiled in, in order to benefit from this protection. The platform that has made wide use of PAC is MacOS, as it’s a feature baked in to their M1 processor. The attack chain would likely start with a remote execution bug in an application missing PAC support. Once a foothold is established in uprivileged userspace, Pacman would be used as part of an exploit against the kernel. See the PDF paper for all the details.

Continue reading “This Week In Security: Pacman, Hertzbleed, And The Death Of Internet Explorer”

Mining And Refining: Helium

June 15, 2022 by 46 Comments

With a seemingly endless list of shortages of basic items trotted across newsfeeds on a daily basis, you’d be pardoned for not noticing any one shortage in particular. But in among the shortages of everything from eggs to fertilizers to sriracha sauce has been a growing realization that we may actually be running out of something so fundamental that it could have repercussions that will be felt across all aspects of our technological society: helium.

The degree to which helium is central to almost every aspect of daily life is hard to overstate. Helium’s unique properties, like the fact that it remains liquid at just a few degrees above absolute zero, contribute to its use in countless industrial processes. From leak detection and welding to silicon wafer production and cooling the superconducting magnets that make magnetic resonance imaging possible, helium has become entrenched in technology in a way that belies its relative scarcity.

But where does helium come from? As we’ll see, the second lightest element on the periodic table is not easy to come by, and considerable effort goes into extracting and purifying it enough for industrial use. While great strides are being made toward improved methods of extraction and the discovery of new deposits, for all practical purposes helium is a non-renewable resource for which there are no substitutes. So it pays to know a thing or two about how we get our hands on it.

Continue reading “Mining And Refining: Helium”

Art of 3D printer in the middle of printing a Hackaday Jolly Wrencher logo

3D Printering: Today’s Resins Can Meet Your Needs

June 13, 2022 by 27 Comments

Filament-based 3D printers spent a long time at the developmental forefront for hobbyists, but resin-based printers have absolutely done a lot of catching up, and so have the resins they use. It used to be broadly true that resin prints looked great but were brittle, but that’s really not the case anymore.

A bigger variety of resins and properties are available to hobbyists than ever before, so if that’s what’s been keeping you away, it’s maybe time for another look. There are tough resins, there are stiff resins, there are heat-resistant resins, and more. Some make casting easy, and some are even flexible. If your part or application needs a particular property, there is probably a resin for it out there.

Continue reading “3D Printering: Today’s Resins Can Meet Your Needs”

Low-Cost Nanopositioning Hack Chat

June 13, 2022 by 7 Comments

Join us on Wednesday, June 15 at noon Pacific for the Low-Cost Nanopositioning Hack Chat with En-Te Hwu!

It may sound like a provocative statement to make, but technology has been on a downward trend for a long time. That’s not a moral or ethical proclamation, but rather an observation about the scale of technology. Where once the height of technology was something like a water-powered mill, whose smallest parts were the size of a human hand and tolerances were measured in inches, today we routinely build machines by etching silicon chips with features measured in nanometers, look inside the smallest of cells and manipulate their innards, and use microscopes that can visualize materials at the atomic level.

The world has gotten much, much smaller lately, and operating on that scale requires thinking about motion in a different way than we’ve been used to. Being able to move things at nanometer resolutions isn’t easy, but it’s not impossible, and it can even be accomplished on a DIYer’s budget — if you know what you’re doing.

join-hack-chatTo help us sort through the realities of nano-scale positioning, En-Te Hwu, a professor at the Technical University of Denmark who works on micromachines for intelligent drug delivery, has spun up some really interesting low-cost nanopositioning systems. Using old DVD players or off-the-shelf linear slides, he’s able to achieve nanoscale movement and sensing for a variety of purposes. He’ll stop by the Hack Chat to discuss how we can build nanopositioning and sensing into our projects, and to start exploring the world we can’t even see.

Our Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, June 15 at 12:00 PM Pacific time. If time zones have you tied up, we have a handy time zone converter.

Featured image:  Low-cost, open-source XYZ nanopositioner for high-precision analytical applications, CC-BY-4.0

Continue reading “Low-Cost Nanopositioning Hack Chat”

Hackaday Links Column Banner

Hackaday Links: June 12, 2022

June 12, 2022 by 4 Comments

“Don’t worry, that’ll buff right out.” Alarming news this week as the James Webb Space Telescope team announced that a meteoroid had hit the space observatory’s massive primary mirror. While far from unexpected, the strike on mirror segment C3 (the sixth mirror from the top going clockwise, roughly in the “south southeast” position) that occurred back in late May was larger than any of the simulations or test strikes performed on Earth prior to launch. It was also not part of any known meteoroid storm in the telescope’s orbit; if it had been, controllers would have been able to maneuver the spacecraft to protect the gold-plated beryllium segments. The rogue space rock apparently did enough damage to be noticeable in the data coming back from the telescope and to require adjustment to the position of the mirror segment. While it certainly won’t be the last time this happens, it would have been nice to see one picture from Webb before it started accumulating hits.

Continue reading “Hackaday Links: June 12, 2022”