Hackaday Links: August 29, 2021

August 29, 2021 by Dan Maloney 14 Comments

If you thought that COVID-19 couldn’t possibly impact space travel, think again. The ongoing pandemic is having unexpected consequences for companies like SpaceX, who are worried about liquid oxygen shortages due to increased demand for medical oxygen. Massive amounts of liquid oxygen are used as the oxidizer for each rocket launch, of course, as well as in hospitals, which have giant tanks of liquid oxygen somewhere on site. Whether destined for space or for patient care, liquid oxygen comes from cryogenic separation plants, and SpaceX fears that they would have to delay or even cancel launches if manufacturers can’t keep up with demand and have to prioritize their healthcare customers. We’re actually not sure if this is a concern, though, since there are usually separate supply chains for medical and industrial gasses. Then again, we’d suspect a rocket engine might prefer to breathe ultra-pure LOX too.

Speaking of space, if you want to be an astronaut, perhaps the first skill you need to develop is patience. Not only might your ride not be ready to go when you are, but at least in the EU, you’ve got a long line of applicants in front of you. The European Space Agency announced this week that they’re working through a backlog of 23,000 applications for astronaut positions. About 20% of those will apparently be dropped in the pre-screening process, but the rest will (eventually) get an invitation to a full-day test at one of the ESA’s facilities. We imagine the attrition rate from there increases dramatically; either that or the ESA intends to hire a lot of astronauts.

Back here on Earth, Google this week did what it seems to do a lot of, and killed off one of its popular apps. This time the victim is the Android Auto phone app, although we have to admit the whole thing is confusing. The app allows you to connect your phone to the infotainment system in a compatible late-model car, letting you access all your apps without having to fiddle with your phone while driving. But Google also had an app that offered the same experience directly on the phone, for cars without a compatible display. As far as we can tell, the on-phone app is the only thing that’s going away in Android 12; the app for in-car displays will continue to be supported. Former users of the phone-only app are being encouraged to migrate to Google Assistant’s Driving Mode. Or, you know, you could just drive the car instead.

So your brand-new video card is running hot, and you can’t figure out why. At your wit’s end, you crack open the card’s cover and find the reason — a somewhat suspicious-looking foreign object. That’s what happened to Antony ter Horst and his Nvidia RTX 3090, which had a finger cot wedged inside it. It would appear to have slipped off the finger of some assembly worker, and it was clearly interfering with heat flow inside the card. Antony posted the pictures on reddit, which of course found much humor in the finger cot’s resemblance to another latex object. For our part, it put us in mind of some other stories of foreign objects found in common products — there’s a reason why we always check a loaf of bread before using it.

And finally, in a lot of ways YouTube has become the new “vast wasteland” of useless content. But like television before it, there are occasional gems to be found, especially to those of us who love to learn a little something as we watch. And so when we stumbled upon a video with the title “Hot Tap and Stopple Bypass at Smoky Lake” we had to check it out just to find out what each of those words meant. It turned out to be a great video on pipeline construction methods. The “hot tap” refers to cutting into the pipeline, containing high-pressure diluted bitumen from the shale oil fields near Smoky Lake, Alberta, without interrupting the flow of product. The “stopple” is a device that can be threaded into the pipe to permanently seal it, diverting the flow to a newly installed bypass. The whole process is fascinating, so we thought we’d share. Enjoy.

Continue reading “Hackaday Links: August 29, 2021” →

Ask Hackaday: What Is Amazon Thinking By Entering The Palm-Reading Business?

August 27, 2021 by Kristina Panos 60 Comments

Have you heard about this One? At least three United States senators have, and they want to know what Amazon plans to do with all the biometric data collected by the Amazon One program. It’s their new contactless payment method that uses your unique palm print instead of cards or phones to make purchases, gain access to venues of work and play, and enter or pay in whatever other spaces Amazon can invade down the line. The idea is that one day, we’ll all be able to leave our homes without any form of money or ID of any kind, because we’ll all be stored away in Bezos’ big biometric file cabinet.

We tossed this one around in the writer’s room back when the Amazon One concept was nothing but a pile of buzzwords and a render or two, but these kiosks are now active in 50+ Whole Foods and Amazon 4-Star locations across the US. Here’s the deal: you can only sign up at a participating store that has a kiosk, because they have to scan your palms into the system. We were worried that the signup kiosk could easily take fingerprint scans at the same time, but according to the gifs in Morning Brew’s review, it just uses another of their point-of-sale palm scanners along with a touch screen and a card reader. But you still have to hover your entire hand over it, so who’s to say that the scan ends where the fingers begin?

Continue reading “Ask Hackaday: What Is Amazon Thinking By Entering The Palm-Reading Business?” →

Hackaday Podcast 133: Caustic Lenses, Not Ice-Cream Automation, Archery Mech Suit, And The Cheapest Robot Arm

August 27, 2021 by Mike Szczys 1 Comment

Hackaday editors Mike Szczys and Elliot Williams wade into a week of wonderful hacks. There’s an acrylic lens that hides images in the network of caustics: the light rays that shine through it. Boston Dynamics is finally showing the good stuff; people wrenching on ‘bots, and all kinds of high-end equipment failure, along with some epic successes. Can you grow better plants by inferring what they need by accurately weighing them? In more turbulent news, a police drone slammed into a Cessna mid-flight, the ISS went for an unexpected spin, and McDonald’s not-ice-cream machines have a whole new layer of drama around them.

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (60 MB or so.)

Continue reading →

This Week In Security: Through The Mouse Hole, Zoom RCE, And Defeating Defender

August 27, 2021 by Jonathan Bennett 9 Comments

Windows security problems due to insecure drivers is nothing new, but this one is kinda special. Plug in a Razer mouse, tell the install dialog you want to install to a non-standard location, and then shift+right click the Explorer window. Choose a powershell, and boom, you now have a SYSTEM shell. It’s not as impressive as an RCE, and it requires hands-on the machine, but it’s beautiful due to the simplicity of it.

The problem is a compound one. First, Windows 10 and 11 automatically downloads and starts the install of Razer Synapse when a Razer device is plugged in. Note it’s not just Razer, any branded app that auto installs like this is possibly vulnerable in the same way. The installation process runs as system, and because it was started automatically, there is no admin account required. The second half of the issue is that the installer itself doesn’t take any precautions to prevent a user from spawning additional processes. There isn’t an obvious way to prevent the launch of Powershell from within the FolderPicker class, so an installer running as SYSTEM would have to go out of its way to drop privileges, to make this a safe process. The real solution is for Microsoft to say no to GUI installers bundled with WHQL signed drivers.
Continue reading “This Week In Security: Through The Mouse Hole, Zoom RCE, And Defeating Defender” →

FM Radio, The Choice Of An Old Generation

August 26, 2021 by Jenny List 123 Comments

Had the pandemic not upended many of this summer’s fun and games, many of my friends would have made a trip to the MCH hacker camp in the Netherlands earlier this month. I had an idea for a game for the event, a friend and I were going to secrete a set of those low-power FM transmitters as numbers stations around the camp for players to find and solve the numerical puzzles they would transmit. I even bought a few cheap FM transmitter modules from China for evaluation, and had some fun sending a chiptune Rick Astley across a housing estate in Northamptonshire.

To me as someone who grew up with FM radio and whose teen years played out to the sounds of BBC Radio 1 FM it made absolute sense to do a puzzle in this way, but it was my personal reminder of advancing years to find that some of my friends differed on the matter. Sure, they thought it was a great idea, but they gently reminded me that the kids don’t listen to any sort of conventional broadcast radio these days, instead they stream their music, so very few of them would have the means for listening to my numbers stations. Even for me it’s something I only use for BBC Radio 4 in the car, and to traverse the remainder of the FM dial is to hear a selection of easy listening, oldies, and classical music. It’s becoming an older person’s medium, and it’s inevitable that like AM before it, it will eventually wane.

There are two angles to this that might detain the casual hacker; first what it will mean from a broadcasting and radio spectrum perspective, and then how it is already influencing some of our projects.

Continue reading “FM Radio, The Choice Of An Old Generation” →

Bar code shown in a 3D plain in Vaporwave Aesthetic

Tech In Plain Sight: Check Digits And Human Error

August 25, 2021 by Al Williams 31 Comments

Computers in working order and with correct software don’t make mistakes. People, however, make plenty of mistakes (including writing bad software or breaking computers). In quality circles, there’s a Japanese term, poka yoke, which roughly means ‘error avoidance’. The idea is to avoid errors by making them too obvious for them to occur. For example, consider a SIM card in your phone. The little diagonal corner means it only goes in one way. If you put it in the wrong way, it is obviously wrong.

To be successful at poka yoke, you have to be able to imagine what a user might do wrong and then come up with some way to make it obvious that it is wrong. There are examples of this all around us and we sometimes don’t even know it. For example, what do your credit card number, your car’s VIN code, and a UPC code on a can of beans have in common?

Continue reading “Tech In Plain Sight: Check Digits And Human Error” →

Keebin’ With Kristina: The One With The Index Typewriters

August 25, 2021 by Kristina Panos 11 Comments

You may have noticed that I neglected to write an introductory paragraph for the last one of these — I was just too excited to get into the keyboards and keyboard accessories, I guess. I can’t promise that I’ll always have something to say up here, but this week I definitely do: thank you for all the tips I’ve received so far! The readers are what make Hackaday great, and this little keyboard roundup column is no exception. Fabulous fodder, folks!

Kamina Chameleon

This is [deʃhipu]’s daily driver. Vroom!

Like any keyboard enthusiast worth their soldering iron, [deʃhipu] keeps trying for the ultimate keyboard — ideally, one that runs CircuitPython and makes a great daily driver for high-speed typing.

The latest version is the Kamina, a one-piece split with a SAMD21 brain that is slim and narrow without being cramped. [deʃhipu] started by splitting the Planck layout, spreading it, adding a number row, and eventually, an extra column of Kailh Chocs on the right hand. One-piece splits are great as long as the split suits your shoulders, because everything stays in place. When you do move it around, both halves move as one and you don’t have to mess with the positioning nearly as much as with a two-piece. And of course, since he designed it himself, it fits.

The really cool thing here is the center module concept. It’s functional, it looks nice, and as long as it doesn’t get in the way of typing, seems ideal. So far, [deʃhipu] has made a couple different versions with joysticks, encoders, and buttons, and is currently working on one with a Home button made for cell phones to take advantage of their built-in optical trackpads.

Esrille NISSE Looks Nice

This is the Esrille NISSE keyboard and it comes in two sizes! Okay, the two sizes don’t look that different, but the key spacing specs say otherwise. To me, this looks like an Alice with a better and ortholinear layout. These bat-wing beauties are new to me, but they’ve been around for a few years now and are probably difficult to stumble upon outside of Japan. Although Esrille doesn’t seem to make any other keyboards, they do make a portable PC built on the Raspberry Pi compute module.

Image via Esrille.

I love me a one-piece split when its done properly, and this one seems to be pretty darn close to perfect. How do I know? You can print out a paper-craft version to try out either of the two sizes. I didn’t take it quite that far, but you can bet that I opened the smaller size’s image in a new tab and put my hands all over the screen to test the layout.

I especially like the thumb clusters and the inside keys on this thing, but I think the innermost thumb keys would be too painful to use, and I would probably just use my index finger. I would totally buy one of these, but they’re a little too expensive, especially since the smaller one costs more. (What’s up with that?) The great news is that the firmware is open-source. Between that and the paper-craft models, a person could probably build their own. Check out [xahlee]’s site for a review and a lot more pictures of the NISSE and similar keebs.

Continue reading “Keebin’ With Kristina: The One With The Index Typewriters” →