Hackaday Podcast 135: Three Rocket Hacks, All The Game Boy Gates, And Depth Sounding From A Rowboat

September 10, 2021 by Tom Nardi 11 Comments

Hackaday editors Mike Szczys and Tom Nardi go over the best stories and hacks from the previous week, covering everything from sidestepping rockets to homebrew OLED displays. We’ll cover an incredible attempt to really emulate the Nintendo Game Boy, low-cost injection molding of rubbery parts, a tube full of hypersonic shockwaves, and how a hacked depth finder and a rowboat can help chart those local rivers and lakes that usually don’t get any bathymetric love. Plus, even though he’s on vacation this week, Elliot has left us with a ruddy mysterious song to try and identify.

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (52 MB)

Continue reading “Hackaday Podcast 135: Three Rocket Hacks, All The Game Boy Gates, And Depth Sounding From A Rowboat” →

This Week In Security: Ghoscript In Imagemagick, Solarwinds, And DHCP Shenanigans

September 10, 2021 by Jonathan Bennett 3 Comments

A PoC was just published for a potentially serious flaw in the Ghostscript interpreter. Ghostscript can load Postscript, PDF, and SVG, and it has a feature from Postscript that has been a continual security issue: the %pipe% command. This command requests the interpreter to spawn a new process — It’s RCE as part of the spec. This is obviously a problem for untrusted images and documents, and Ghostscript has fixed security vulnerabilities around this mis-feature several times over the years.

This particular vulnerability was discovered by [Emil Lerner], and described at ZeroNights X. That talk is available, but in Russian. The issue seems to be a bypass of sorts, where the pipe command appears to be working in the /tmp/ directory, but a simple semicolon allows for an arbitrary command to be executed. Now why is this a big deal? Because ImageMagick uses Ghostscript to open SVG images by default on some distributions, and ImageMagick is often used for automatically resizing and converting images for web sites. In [Emil]’s presentation, he uses this flaw as part of an attack chain against three different companies.

I was unable to reproduce the flaw on my Fedora install, but I haven’t found any notice of it being fixed in the Ghostscript or Imagemagick changelogs either. It’s unclear if this problem has already been fixed, or if this is a true 0-day for some platforms. Either way, expect attackers to start trying to make use of it.

Continue reading “This Week In Security: Ghoscript In Imagemagick, Solarwinds, And DHCP Shenanigans” →

Teardown: Impassa SCW9057G-433 Alarm System

September 9, 2021 by Tom Nardi 15 Comments

This series of monthly teardowns was started in early 2018 as an experiment, and since you fine folks keep reading them, I keep making them. But in truth, finding a new and interesting gadget every month can sometimes be a chore. Which is why I’m always so thankful when a reader actually sends something in that they’d like to see taken apart, as it absolves me from having to make the decision myself. Of course it also means I can’t be blamed if you don’t like it, so keep that in mind as well.

Coming our way from the tropical paradise of Eastern Pennsylvania, this month’s subject is an ADT branded Impassa SCW9057G-433 alarm system that was apparently pulled off the wall when our kind patron was moving house. As you might have guessed from the model number, this unit uses 433 MHz to communicate with various sensors and devices throughout the home, and also includes a 3G cellular connection that allows it to contact the alarm monitoring service even if the phone line has been cut.

Diagram of Impassa home security setup — The alarm can connect to a wide array of 433 MHz devices.

From how many of these are on eBay, and the research I’ve done on some home alarm system forums, it appears that you can actually pick one of these up on the second-hand market and spin your own whole-house alarm system without going through a monitoring company like ADT. The extensive documentation from Impassa covers how to wire and configure the device, and as long as the system isn’t locked when you get it, it seems like wiping the configuration and starting from scratch isn’t a problem.

If it’s possible to put together your own homebrew alarm system with one of these units at the core, then it seems the least we can do is take it apart and see what kind of potentially modifiable goodies are waiting under that shiny plastic exterior.

Continue reading “Teardown: Impassa SCW9057G-433 Alarm System” →

Books You Should Read: Bil Herd’s Back Into The Storm

September 8, 2021 by Jenny List 27 Comments

It’s a morning ritual that we guess most of you share with us; before whatever work a new day will bring to sit down with a coffee and catch up with the tech news of the moment on Hackaday and other sites. Most of us don’t do many exciting things in our everyday lives, so reading about the coolest projects and the most fascinating new developments provides us with interest and motivation. Imagine just for a moment then that by a twist of fate you found yourself taking a job at the epicentre of the tech that is changing the world, producing the objects of desire and pushing the boundaries, the place you’d give anything to work at.

This is the premise behind our Hackaday colleague Bil Herd’s autobiographical chronicle of time in the mid 1980s during which he worked at Commodore, maker of some of the most iconic home computers of the day. We follow him through the three years from 1983 to 1986 as hardware lead on the “TED” series of computers including the Commodore 16 and Plus/4, and then the Commodore 128, a dual-processor powerhouse which was arguably the last of the big-selling 8-bit home computers.

It’s an intertwined set of narratives peppered with personal anecdotes; of the slightly crazy high-pressure world of consumer videogames and computing, the fine details of designing a range of 8-bit machines, and a fascinating insight into how the culture at Commodore changed in the period following the departure of its founder Jack Tramiel.

Continue reading “Books You Should Read: Bil Herd’s Back Into The Storm” →

New Engines Could Propel The B-52 Beyond Its 100th Birthday

September 7, 2021 by Lewin Day 87 Comments

First taking to the skies in April 1952, and introduced into the US Air Force in 1955, the B-52 Stratofortress has since become a mainstay of American air power. Originally developed as a nuclear bomber to carry out the critical deterrence role, changing realities saw it delivering solely conventional munitions in actual operations.

Of 744 B-52s originally built, 76 remain in service with the Air Force and Air Force Reserve. This fleet is set to go on flying beyond the type’s 100th birthday, into 2050 and beyond. To reach that milestone, a new engine package will be key to keeping these birds in the air.

Continue reading “New Engines Could Propel The B-52 Beyond Its 100th Birthday” →

Industrial Design Hack Chat

September 7, 2021 by Dan Maloney 9 Comments

Join us on Wednesday, September 8 at noon Pacific for the Industrial Design Hack Chat with Eric Strebel!

At Hackaday, we celebrate all kinds of hardware hacks, and we try not to judge based on appearance. After all, every product starts out on the breadboard, or as a prototype built with hot glue and tape. What’s important is getting it to work, at least at first. But there comes a time when you’ve got to think about how to make your project look like something people want to use, how to position controls and displays in a logical and attractive way, and how to make sure your thing can actually be built.

Turning a project into a product is the job of an industrial designer. Pretty much everything you use, from the toothbrush by your sink to the car you drive to work in bears the marks of industrial design, some more successfully than others. Eric Strebel has been doing industrial design for years, and he keeps feeding us a steady diet of design tips and tricks through his popular YouTube channel. He’ll stop by the Hack Chat to get a little more in-depth on industrial design principles, and how you can make your projects look as good as they work.

Our Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, September 8 at 12:00 PM Pacific time. If time zones have you tied up, we have a handy time zone converter.

Hackaday Links: September 5, 2021

September 5, 2021 by Dan Maloney 7 Comments

Good news from Jezero crater as the Mars rover Perseverance manages to accomplish for the first time what it was sent to do: collect and cache core samples from rocks. Space buffs will no doubt recall that Perseverance’s first attempt at core sampling didn’t go as planned — the rock that planetary scientists selected ended up being too soft, and the percussive coring bit just turned the core sample into powder. The latest attempt went exactly as planned: the cylindrical coring bit made a perfect cut, the core slipped into the sample tube nested inside the coring bit, and the core broke off cleanly inside the sample tube when it was cammed off-axis. Operators were able to provide visible proof that the core sample was retained this time using the Mastcam-Z instrument, which clearly shows the core in the sample tube. What’s neat is that they then performed a “percuss to ingest” maneuver, where the coring bit and sample tube are vibrated briefly, so that the core sample and any dust grains left around the sealing rim slide down into the sample tube. The next step is to transfer the sample tube to the belly of the rover where it’ll be hermetically sealed after some basic analysis.

Did any Android users perhaps oversleep this week? If you did, you’re not alone — lots of users of the Google Clock app reported that their preset alarms didn’t go off. Whether it was an actual issue caused by an update or some kind of glitch is unclear, but it clearly didn’t affect everyone; my phone mercilessly reminded me when 6:00 AM came around every day last week. But it apparently tripped up some users, to the point where one reported losing his job because of being late for work. Not to be judgmental, but it seems to me that if your job is so sensitive to you being late, it might make sense to have a backup alarm clock of some sort. We all seem to be a little too trusting that our phones are going to “just work,” and when they don’t, we’re surprised and appalled.

There seem to be two kinds of people in the world — those who hate roller coasters, and those who love them. I’m firmly in the latter camp, and will gladly give any coaster, no matter how extreme, a try. There have been a few that I later regretted, of course, but by and large, the feeling of being right on the edge of bodily harm is pretty cool. Crossing over the edge, though, is far less enjoyable, as the owners of an extreme coaster in Japan are learning. The Dodon-pa coaster at the Fuji-Q Highland amusement park is capable of hitting 112 miles (180 km) per hour and has racked up a sizable collection of injuries over the last ten months, including cervical and thoracic spine fractures. The ride is currently closed for a safety overhaul; one has to wonder what they’re doing to assess what the problem areas of the ride are. Perhaps they’re sending crash test dummies on endless rides to gather data, a sight we’d like to see.

And finally, you may have thought that phone phreaking was a thing of the past; in a lot of ways, you’d be right. But there’s still a lot to be learned about how POTS networks were put together, and this phone switch identification guide should be a big help to any phone geeks out there. Be ready to roll old school here — nothing but a plain text file that describes how to probe the switch that a phone is connected just by listening to things like dial tones and ring sounds. What’s nice is that it describes why the switches sound the way they do, so you get a lot of juicy technical insights into how switches work.