Hackaday Columns

4657 Articles

This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.

Hackaday Podcast 176: Freezing Warm Water, Hacking Lenses, Hearing Data, And Watching YouTube On A PET

July 8, 2022 by 3 Comments

It’s podcast time again, and this week Editor-in-Chief Elliot Williams sat down with Staff Writer Dan Maloney to review the best hacks on the planet, and a few from off. We’ll find out how best to capture lightning, debate the merits of freezing water — or ice cream — when it’s warm, and see if we can find out what R2D2 was really talking about with all those bleeps and bloops. Once we decode that, it’ll be time to find out what Tom Nardi was up to while the boss was away with his hidden message in episode 174, and how analog-encoded digital data survives the podcast production and publication chain. But surely you can’t watch a YouTube video on a Commodore PET, can you? As it turns out, that’s not a problem, and neither apparently is 3D printing a new ear.

The meat of Elliot’s “super secret mastering script”?  Use it on your videos too!

ffmpeg -i $infile.wav -c:v copy -af loudnorm=I=-17:LRA=5:tp=-1.5 -ar 44100 $outfile.flac

Direct download, record it to tape, and play it on your boombox.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 176: Freezing Warm Water, Hacking Lenses, Hearing Data, And Watching YouTube On A PET”

This Week In Security:Breaking CACs To Fix NTLM, The Biggest Leak Ever, And Fixing Firefox By Breaking It

July 8, 2022 by 16 Comments

To start with, Microsoft’s June Security Patch has a fix for CVE-2022-26925, a Man-In-The-Middle attack against NTLM. According to NIST, this attack is actively being exploited in the wild, so it landed on the KEV (Known Exploited Vulnerabilities) Catalog. That list tracks the most important vulnerabilities to address, and triggers a mandated patch install no later than July 22nd. The quirk here is that the Microsoft Patch that fixes CVE-2022-26925 also includes a fix for a couple certificate vulnerabilities including CVE-2022-2693, Certifried. That vulnerability was one where a machine certificate could be renamed to the same as a domain controller, leading to organization-wide compromise.

The fix that rolled out in June now requires that a “strong certificate mapping” be in place to tie a user to a certificate. Having the same common name is no longer sufficient, and a secure value like the Security IDentifier (SID) must be mapped from certificate to user in Active Directory. The patch puts AD in a compatibility mode, which accepts the insecure mapping, so long as the user account predates the security certificate. This has an unintended consequence of breaking how the US Government uses CACs (Common Access Cards) to authenticate their users. Government agencies typically start their onboarding by issuing a CAC, and then establishing an AD account for that user. That makes the certificate older, which means the newest patch rejects it. Thankfully there’s a registry key that can be set, allowing the older mapping to still work, though likely with a bit of a security weakness opened up as a result. Continue reading “This Week In Security:Breaking CACs To Fix NTLM, The Biggest Leak Ever, And Fixing Firefox By Breaking It”

Retrotechtacular: 1990s CD Mastering Fit For A King

July 7, 2022 by 48 Comments

Before it was transformed into an ephemeral stream of ones and zeroes, music used to have a physical form of some kind. From wax cylinders to vinyl discs to tapes of various sizes in different housings and eventually to compact discs, each new medium was marketed as a technological leap over the previous formats, each of which justified incrementally more money to acquire.

But that’s the thing — each purchase resulted in you obtaining a physical item, which had an extensive manufacturing and distribution process behind it. And few artists demanded more manufacturing effort than Michael Jackson in his heyday, as revealed by this in-depth look at the CD manufacturing process for The King of Pop’s release of the HIStory double-disc set in 1995.

The video was produced as sort of a love letter to Michael from the staff and management of the Sony Music disc manufacturing plant in Pittman, New Jersey. The process is shown starting with the arrival of masters to the plant, strangely in the form of U-matic videocassettes; the 3/4″ continuous loop tape was normally used for analog video, but could also be used for recording digital audio. The digital audio is then sent for glass mastering, which is where the actual pits are created on a large glass disc under cleanroom conditions. In fact, much of the production process bears a strong similarity to semiconductor manufacturing, from the need for cleanrooms — although under less stringent conditions than in a fab — to the use of plasma etching, vapor deposition, and metal plating operations.

Once the master stampers are made, things really ramp up in replication. There the stamper discs go into injection molding machines, where hot polycarbonate is forced against the surface under pressure. The copies are aluminized, spin-coated with UV-cure lacquer, and sent on down the line to testing, screen printing, and packaging. Sony hired 40 extra full-time workers, who appear to have handled all the tedious manual tasks like assembling the jewel cases, to handle the extra load of this release.

As cheesy as this thank-you video may be, it was likely produced with good reason. This was a time when a Michael Jackson release was essentially a guarantee of full employment for a large team of workers. The team was able to produce something like 50,000 copies a day, and given that HIStory sold over 20 million copies, that’s a lot of workdays for the good folks at Pittman.

Continue reading “Retrotechtacular: 1990s CD Mastering Fit For A King”

The Benefits Of Displacement Ventilation

July 7, 2022 by 27 Comments

The world has been shaken to its core by a respiratory virus pandemic. Humanity has been raiding the toolbox for every possible weapon in the fight, whether that be masks, vaccinations, or advanced antiviral treatments.

As far as medicine has come in tackling COVID-19 in the past two years, the ultimate solution would be to cut the number of people exposed to the pathogen in the first place. Improving our ventilation methods may just be a great way to cut down on the spread. After all, it’s what they did in the wake of the Spanish Flu.

Continue reading “The Benefits Of Displacement Ventilation”

Linux Fu: The Browser Emacs Fusion

July 6, 2022 by 20 Comments

It is no secret that I have a few things permanently burned into my neurons: the 1802 instruction set, the commands for WordStar, and the commands for emacs. There was a time when emacs was almost my operating system. With no X11, emacs gave you a way to have a shell in one window, check your mail, and keep your work open.

I still use emacs a lot (although I’ve been getting more and more pleased with vscode with an emacs keybinding extension). But I also spend a lot of time — like right now — writing in a Web browser. Especially if I’m writing about code, it gets hard to remember which set of keys you have to use and I’ve wanted to do something about it for a long time. The answer is a very cool program called Autokey. (You can download my files for it, but you probably want to read more first.) It probably doesn’t work if you have switched to Wayland, but it can do a lot for you ranging from saving you some typing to reprogramming your favorite program to have different keystrokes. However, it isn’t without its problems, and I’ll tell you what I know about it.

The Value Proposition

Autokey sits in your system tray and it watches what you type. In its most simple usage, you can set up different phrases to substitute what you type.

For example, I might reprogram HaD to show up as Hackaday to save myself some typing. I usually use some odd character at the start or end so I don’t accidentally trigger things. So maybe I’m tired of typing or mistyping http://www.hackaday.com. I could set up ~had to automatically type the correct URL for me.

Continue reading “Linux Fu: The Browser Emacs Fusion”

Hacker Camps Post-Pandemic, Electromagnetic Field 2022

July 5, 2022 by 21 Comments

After a four-year hiatus and a cancelled event, it was time earlier this month for British and European hackers to return to their field in Herefordshire. A special field, Eastnor Castle Deer Park, venue for the Electromagnetic Field 2022 hacker camp. I packed up an oversized rucksack and my folding bike, and set off to enjoy a few days in the company of my fellow geeks.

As the first of the large European hacker camps since 2019 there was both an excitement and a slight trepidation in finally hanging out with several thousand people, even if mostly outdoors. The UK has a good COVID vaccine uptake and the camp organisers requested that attendees test themselves before travelling to Eastnor, but after two years of precautions and the pandemic still being with us there’s still some risk to take into account. Happily they were able to strike a decent balance between precautions and event progress, and we were able to proceed with a fairly normal hacker camp.

Plenty Of Talks, But They’re Not Online Yet

Sadly the extensive programme of talks has yet to make it onto YouTube or media.ccc.de at the time of writing, so the section I’d normally devote to them may have to wait for another time. Thus this write-up is more about the social aspect than the action.

Eastnor Castle Deer Park lies in a secluded Herefordshire valley, and the entry is vla a small estate road that treats you to an unfolding vista as you approach, of the marquees and other structures nestled among the trees. The usual queue for a wristband and you’re in, with the minor inconvenience of a trek trough the site to wherever your village lies. This year I was with my hackerspace in the Milton Keynes Makerspace village, next to one of the estate roads at the side of the valley and clustered round a tent with the commendable purpose of distributing free cups of very high quality tea. My tent up, I was ready to tour the site, and renew some friendships after so long apart. Continue reading “Hacker Camps Post-Pandemic, Electromagnetic Field 2022”

Hackaday Links Column Banner

Hackaday Links: July 3, 2022

July 3, 2022 by 10 Comments

Looks like we might have been a bit premature in our dismissal last week of the Sun’s potential for throwing a temper tantrum, as that’s exactly what happened when a G1 geomagnetic storm hit the planet early last week. To be fair, the storm was very minor — aurora visible down to the latitude of Calgary isn’t terribly unusual — but the odd thing about this storm was that it sort of snuck up on us. Solar scientists first thought it was a coronal mass ejection (CME), possibly related to the “monster sunspot” that had rapidly tripled in size and was being hyped up as some kind of planet killer. But it appears this sneak attack came from another, less-studied phenomenon, a co-rotating interaction region, or CIR. These sound a bit like eddy currents in the solar wind, which can bunch up plasma that can suddenly burst forth from the sun, all without showing the usually telltale sunspots.

Then again, even people who study the Sun for a living don’t always seem to agree on what’s going on up there. Back at the beginning of Solar Cycle 25, NASA and NOAA, the National Oceanic and Atmospheric Administration, were calling for a relatively weak showing during our star’s eleven-year cycle, as recorded by the number of sunspots observed. But another model, developed by heliophysicists at the U.S. National Center for Atmospheric Research, predicted that Solar Cycle 25 could be among the strongest ever recorded. And so far, it looks like the latter group might be right. Where the NASA/NOAA model called for 37 sunspots in May of 2022, for example, the Sun actually threw up 97 — much more in line with what the NCAR model predicted. If the trend holds, the peak of the eleven-year cycle in April of 2025 might see over 200 sunspots a month.

So, good news and bad news from the cryptocurrency world lately. The bad news is that cryptocurrency markets are crashing, with the flagship Bitcoin falling from its high of around $67,000 down to $20,000 or so, and looking like it might fall even further. But the good news is that’s put a bit of a crimp in the demand for NVIDIA graphics cards, as the economics of turning electricity into hashes starts to look a little less attractive. So if you’re trying to upgrade your gaming rig, that means there’ll soon be a glut of GPUs, right? Not so fast, maybe: at least one analyst has a different view, based mainly on the distribution of AMD and NVIDIA GPU chips in the market as well as how much revenue they each draw from crypto rather than from traditional uses of the chips. It’s important mainly for investors, so it doesn’t really matter to you if you’re just looking for a graphics card on the cheap.

Speaking of businesses, things are not looking too good for MakerGear. According to a banner announcement on their website, the supplier of 3D printers, parts, and accessories is scaling back operations, to the point where everything is being sold on an “as-is” basis with no returns. In a long post on “The Future of MakerGear,” founder and CEO Rick Pollack says the problem basically boils down to supply chain and COVID issues — they can’t get the parts they need to make printers. And so the company is looking for a buyer. We find this sad but understandable, and wish Rick and everyone at MakerGear the best of luck as they try to keep the lights on.

And finally, if there’s one thing Elon Musk is good at, it’s keeping his many businesses in the public eye. And so it is this week with SpaceX, which is recruiting Starlink customers to write nasty-grams to the Federal Communications Commission regarding Dish Network’s plan to gobble up a bunch of spectrum in the 12-GHz band for their 5G expansion plans. The 3,000 or so newly minted experts on spectrum allocation wrote to tell FCC commissioners how much Dish sucks, and how much they love and depend on Starlink. It looks like they may have a point — Starlink uses the lowest part of the Ku band (12 GHz – 18 GHz) for data downlinks to user terminals, along with big chunks of about half a dozen other bands. It’ll be interesting to watch this one play out.