Hackaday Columns

4659 Articles

This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.

Bare-Metal STM32: Adding An Analog Touch With ADCs

June 29, 2022 by 11 Comments

An Analogue to Digital Converter (ADC) is at its core a straight-forward device: by measuring an analog voltage within a set range and converting the measured level to a digital value we can use this measurement value in our code. Through the use of embedded ADCs in microcontrollers we can address many essential use cases, ranging from measuring the setting on a potentiometer, to reading an analog output line on sensors, including the MCU’s internal temperature and voltage sensors.

The ADCs found in STM32 MCUs have a resolution between 12 to 16 bits, with the former being the most common type. An ADC can be configured to reduce this resolution, set a specific sampling speed, and set up a multi-mode configuration depending on the exact ADC peripheral. STM32 MCUs feature at least a single ADC peripheral, while some have multiple. In this article we will take a look at how to configure and use the basic features of the ADCs in STM32 MCUs, specifically the ADCs found in F0 and the ADC5_V1_1 type as found in most F3-family MCUs.

Continue reading “Bare-Metal STM32: Adding An Analog Touch With ADCs”

2022 Hackaday Prize: Reuse, Recycle, Revamp Finalists

June 28, 2022 by 13 Comments

The 2022 Hackaday Prize is focused on taking care of the planet. The theme of our second challenge round, “Reduce, Recycle, Revamp” is all about tailoring your projects to make use of existing resources and keeping material out of the landfill rather than contributing to it. Our judges have scrutinized the entries and handed me the sealed envelope. All of these ten projects will receive $500 right now and are eligible for the Grand Prize of $50,000, to be announced in November.

We were looking for two broad types of recycling projects in this round, either projects that incorporate a significant recycled component in their build, or projects that facilitate recycling themselves, and frankly we got a good mix of both!
Continue reading “2022 Hackaday Prize: Reuse, Recycle, Revamp Finalists”

Hackaday Links Column Banner

Hackaday Links: June 26, 2022

June 26, 2022 by 13 Comments

Head for the hills!! We’re all doomed! At least that’s the impression you might get from the headlines about the monster Earth-facing sunspot this week. While any sunspot that doubles in size within a matter of days as AR3038 has done is worth looking at, chances are pretty low that it will cause problems here on Earth. About the best this class of sunspot can manage is an M-class solar flare, which generally cause radio blackouts only at the poles, and may present a radiation problem for the crew of the ISS. So no, this sunspot is probably not going to kill us all. But then again, this is the 2020s, and pretty much everything bad seems like it’s possible.

Speaking of bad outcomes, pity the poor Sonos customers and their ongoing battle with the company’s odd “glitches.” For whatever reason, customers have been getting shipments of Sonos products they never ordered, with at least one customer getting over $15,000 worth of products shipped. The customer reports ordering five Sonos items, but the company saw fit to fill the order six times, stuffing their apartment with goods. Sonos doesn’t appear to be doing much to make it right; while offering the customer free shipping labels to return the goods, they were expected to schlep the packages to a UPS store. And then there’s the money — Sonos charged the customer for all the unordered goods, and won’t issue a refund till it’s all returned.

If you’ve ever wondered exactly what the signals going up and down your cable line look like, you’ll want to check out this video from Double A Labs. Using an RTL-SDR dongle and some spectrum analyzer software they probed the RF signals on the cable, with some fascinating results. The first 11 minutes or so of the video are devoted to setting up the hardware and software, although there is some interesting stuff about broadband network architecture right up at the start. The scans are interesting — you can clearly see the 6-MHz quadrature amplitude modulation (QAM) digital channels. We were surprised to learn that these start at just about the FM broadcast band — about 108 MHz. There were a couple of little surprises hiding in the spectrum, like two unmodulated analog TV carriers in one spot, and the fact that there are over 400 virtual channels jammed into 41 6-MHz QAM channels. Broadband indeed.

Continue reading “Hackaday Links: June 26, 2022”

Hackaday Podcast 174: Breaking Into The Nest, The Cheapest 3D Printer, A Spy In Your HDMI, And AI All Over The Place

June 24, 2022 by 2 Comments

Fresh from vacation, Editor-in-Chief Elliot Williams makes his triumphant return to the Hackaday Podcast! He’s joined this week by Managing Editor Tom Nardi, who’s just happy he didn’t have to do the whole thing by himself again. In this episode we’ll talk about tackling BGA components in your custom PCBs, a particularly well executed hack against Google’s Nest Hub, and why you probably don’t really want the world’s cheapest 3D printer. We’ll also take a look at an incredible project to turn the Nokia 1680 into a Linux-powered handheld computer, a first of its kind HDMI firewall, and a robot that’s pretty good at making tacos. Listeners who are into artificial intelligence will be in for quite a treat as well, as is anyone who dreams of elevating the lowly automotive alternator to a more prominent position in the hacker world.

By the way, it seems nobody has figured out the hidden message in last week’s podcast yet. What are you waiting for? One of you out there has to be bored enough to give it a shot.

Direct download, and play it offline. You don’t need no stinkin’ cloud.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 174: Breaking Into The Nest, The Cheapest 3D Printer, A Spy In Your HDMI, And AI All Over The Place”

This Week In Security: IoT In The Hot Tub, App Double Fail, And FreeBSD BadBeacon

June 24, 2022 by 3 Comments

[Eaton Zveare] purchased a Jacuzzi hot tub, and splurged for the SmartTub add-on, which connects the whirlpool to the internet so you can control temperature, lights, etc from afar. He didn’t realize he was about to discover a nightmare of security problems. Because as we all know, in IoT, the S stands for security. In this case, the registration email came from smarttub.io, so it was natural to pull up that URL in a web browser to see what was there. The page presented a login prompt, so [Eaton] punched in the credentials he had just generated. “Unauthorized” Well that’s not surprising, but what was very odd was the flash of a dashboard that appeared just before the authorization complaint. Could that have been real data that was unintentionally sent? A screen recorder answered that question, revealing that there was indeed a table loaded up with valid-looking data.

Digging around in the page’s JavaScript comes up with the login flow. The page uses the Auth0 service to handle logins, and that service sends back an access token. The page sends that access token right back to the Auth0 service to get user privileges. If the logged in user isn’t an admin, the redirect happens. However, we already know that some real data gets loaded. It appears that the limitations to data is all implemented on the client side, and the backend only requires a valid access token for data requests. What would happen if the response from Auth0 were modified? There are a few approaches to accomplish this, but he opted to use Fiddler. Rewrite the response so the front-end believes you’re an admin, and you’re in.

This approach seems to gain admin access to all of the SmartTub admin controls, though [Eaton] didn’t try actually making changes to see if he had write access, too. This was enough to demonstrate the flaw, and making changes would be flirting with that dangerous line that separates research from computer crime. The real problem started when he tried to disclose the vulnerability. SmartTub didn’t have a security contact, but an email to their support email address did elicit a reply asking for details. And after details were supplied, complete radio silence. Exasperated, he finally turned to Auth0, asking them to intervene. Their solution was to pull the plug on one of the two URL endpoints. Finally, after six months of trying to inform Jacuzzi and SmartTub of their severe security issues, both admin portals were secured.

Continue reading “This Week In Security: IoT In The Hot Tub, App Double Fail, And FreeBSD BadBeacon”

Sea Level Rise From Melting Ice Sheets Could Soon Be Locked In

June 23, 2022 by 124 Comments

Where today we talk broadly of climate change and it’s various effects, the conversation was once simpler. We called it “global warming” and fretted about cooking outside in the summer and the sea level rise that would claim so many of our favorite cities.

Scientists are now concerned that sea level rises could be locked in, as ice sheets and glaciers pass “tipping points” beyond which their loss cannot be stopped. Research is ongoing to determine how best we can avoid these points of no return.

Continue reading “Sea Level Rise From Melting Ice Sheets Could Soon Be Locked In”

Linux Fu: Roll With The Checksums

June 22, 2022 by 14 Comments

We are often struck by how often we spend time trying to optimize something when we would be better off just picking a better algorithm. There is the old story about the mathematician Gauss who, when in school, was given busy work to add the integers from 1 to 100. While the other students laboriously added each number, Gauss realized that 100+1 is 101 and 99 + 2 is also 101. Guess what 98 + 3 is? Of course, 101. So you can easily find that there are 50 pairs that add up to 101 and know the answer is 5,050. No matter how fast you can add, you aren’t likely to beat someone who knows that algorithm. So here’s a question: You have a large body of text and you want to search for it. What’s the best way?

Continue reading “Linux Fu: Roll With The Checksums”