Hackaday Columns

4128 Articles

This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.

This Week In Security: F5, Novel Ransomware, Freta, And Database Woes

July 10, 2020 by 5 Comments

The big story of the last week is a problem in F5’s BIG-IP devices. A rather trivial path traversal vulnerability allows an unauthenticated user to call endpoints that are intended to be restricted to authenticated. That attack can apparently be as simple as:

'https://[F5 Host]/tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd.jsp?command=list+auth+user+admin'

A full exploit has been added to the metasploit framework. The timeline on this bug is frighteningly quick, as it’s apparently being actively exploited in the wild. F5 devices are used all over the world, and this vulnerability requires no special configuration, just access to the opened management port. Thankfully F5 devices don’t expose the vulnerable interface to the internet by default, but there are still plenty of ways this can be a problem.

Freta

Microsoft has made a new tool publicly available, Freta. This tool searches for rootkits in uploaded memory snapshots from a Linux VM. The name, appropriately, is taken from the street where Marie Curie was born.

The project’s namesake, Warsaw’s Freta Street, was the birthplace of Marie Curie, a pioneer of battlefield imaging.

The impetus behind the project is the realization that once a malicious actor has compromised a machine, it’s possible to compromise any security software running on that machine. If, instead, one could perform a security x-ray of sorts, then a more reliable conclusion could be reached. Freta takes advantage of the VM model, and the snapshot capability built into modern hypervisors.

Continue reading “This Week In Security: F5, Novel Ransomware, Freta, And Database Woes”

Video: Bil Herds Looks At Mitosis

July 9, 2020 by 27 Comments

I loved my science courses when I was in Junior High School; we leaned to make batteries, how molecules combine to form the world we see around us, and basically I got a picture of where we stood in the  scheme of things, though Quarks had yet to be discovered at the time.

In talking with my son I found out that there wasn’t much budget for Science learning materials in his school system like we had back in my day, he had done very little practical hands-on experiments that I remember so fondly. One of those experiments was to look and draw the stages of mitosis as seen under a Microscope. This was amazing to me back in the day, and cemented the wonder of seeing cell division into my memory to this day, much like when I saw the shadow of one of Jupiter’s moons with my own eyes!

Now I have to stop and tell you that I am not normal, or at least was not considered to be a typical young’un growing up near a river in rural Indiana in the 60’s. I had my own microscope; it quite simply was my pride and joy. I had gotten it while I was in the first or second grade as a present and I loved the thing. It was just horrible to use in its later years as lens displaced, the focus rack became looser if that was possible, and dirt accumulated on the internal lens; and yet I loved it and still have it to this day! As I write this, I realize that it’s the oldest thing that I own. (that and the book that came with it).

Today we have better tools and they’re pretty easy to come by. I want to encourage you to do some science with them. (Don’t just look at your solder joints!) Check out the video about seeing mitosis of onion cells through the microscope, then join me below for more on the topic!

Continue reading “Video: Bil Herds Looks At Mitosis”

Art of 3D printer in the middle of printing a Hackaday Jolly Wrencher logo

3D Printering: Selling Prints, And Solving The Pickup Problem

July 8, 2020 by 23 Comments

After getting a 3D printer up and running, it’s not uncommon for an enterprising hacker to dabble in 3D printing to make a little money on the side. Offering local pickup of orders is a common startup choice since it’s simple and avoids shipping entirely. It’s virtually tailor-made to make a great bootstrapping experiment, but anyone who tries it sooner or later bumps up against a critical but simple-seeming problem: how to get finished prints into a customer’s hands in a sustainable way that is not a hassle for either the provider, or the customer?

It’s very easy to accept a 3D file and get paid online, but the part about actually getting the print into the customer’s hands does not have a one-size-fits-all solution. This is what I call The Pickup Problem, and left unsolved, it can become unsustainable. Let’s look at why local pickup doesn’t always measure up, then examine possible solutions.

The Problems with Local Pickup

Local pickup for delivery of print jobs is great because there is no mucking about with shipping supplies or carriers. Also, many 3D prints when starting out will be relatively low-value jobs that no one is interested in stacking shipping fees onto, anyway.

“Your order is complete. Come to this address to pick up your order.” It is straightforward and hits all the bases, so what’s the problem?

Continue reading “3D Printering: Selling Prints, And Solving The Pickup Problem”

Marian Croak Is The MVP Of VoIP Adoption

July 7, 2020 by 23 Comments

If you’ve ever used FaceTime, Skype, own a Magic Jack, or have donated money after a disaster by sending a text message, then you have Marian Croak to thank. Her leadership and forward thinking changed how Ma Bell used its reach and made all of these things possible.

Marian Croak is a soft-spoken woman and a self-described non-talker, but her actions spoke loudly in support of Internet Protocol (IP) as the future of communication. Humans are always looking for the next best communication medium, the fastest path to understanding each other clearly. We are still making phone calls today, but voice has been joined by text and video as the next best thing to being there. All of it is riding on a versatile network strongly rooted in Marian’s work.

Continue reading “Marian Croak Is The MVP Of VoIP Adoption”

Linux In The Machine Shop Hack Chat

July 6, 2020 by 67 Comments

Join us on Wednesday, July 8 at noon Pacific for the Linux in the Machine Shop Hack Chat with Andy Pugh!

From the time that numeric control started making inroads into machine shops in the middle of the last century until relatively recently, the power of being able to control machine tools with something other than a skilled human hand was evident. Unfortunately, the equipment to do so was expensive, and so NC technology remained firmly in the big shops, where a decent return on investment could be realized.

Fast forward a few decades, and everything that makes the computerized version of NC possible is cheap and easily available. Servos, steppers, drivers, and motion control components can be plugged together into CNC machines that can move a tool to a fixed point in space with incredible accuracy and repeatability. But without CNC software, none of it means a thing.

Enter Linux CNC, the free and open-source CNC package. With support for realtime operation, one-step installations, and a huge range of capabilities provided by a team of volunteer developers and supported by an active community, Linux CNC has democratized the world of CNC machines.

Andy Pugh is a frequent contributor to the Linux CNC codebase and a moderator on the forum. He knows a thing or two about Linux CNC in particular and Linux in the machine shop in general. He’ll stop by the Hack Chat to share his experiences with the Linux CNC project, tell us how Linux can revolutionize the machine shop, and maybe share a few stories from the world of CAD, CAM, and using Linux to make a few chips.

join-hack-chatOur Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, July 8 at 12:00 PM Pacific time. If time zones have you down, we have a handy time zone converter.

Click that speech bubble to the right, and you’ll be taken directly to the Hack Chat group on Hackaday.io. You don’t have to wait until Wednesday; join whenever you want and you can see what the community is talking about.

Continue reading “Linux In The Machine Shop Hack Chat”

Hackaday Links Column Banner

Hackaday Links: July 5, 2020

July 5, 2020 by 8 Comments

Remember all the hubbub over Betelgeuse back in February? For that matter, do you even remember February? If you do, you might recall that the red giant in Orion was steadily dimming, which some took as a portent of an impending supernova. That obviously didn’t happen, but we now seem to have an explanation for the periodic dimming: an enormous dark spot on the star. “Enormous” doesn’t begin to describe this thing, which covers 70% of the face of a star that would extend past Jupiter if it replaced the sun. The dimming was originally thought to be dust being blown off the star as it goes through its death throes, but no evidence could be found for that, while direct observations in the terahertz range showed what amounted to a reduction in surface temperature caused by the enormous star spot. We just think it’s incredibly cool that Betelgeuse is so big that we can actually observe it as a disk rather than a pinpoint of light. At least for now.

F-15c cockpit
F-15a cockpit

If you think you’ve seen some challenging user interfaces, wait till you get a load of the cockpit of an F-15C Eagle. As part of a new series on human interfaces, Ars Technica invited Col. Andrea Themely (USAF-ret.) to give a tour of the fighter she has over 1,100 hours on. Bearing in mind that the Eagle entered service in 1976 and has been continually updated with the latest avionics — compare the video with the steam gauges of the cockpit of an F-15A — its cockpit is still a pretty busy place. As much as possible has been done to reduce pilot load, with controls being grouped by function and the use of color-coding — don’t touch the yellow and black stuff! — and the use of tactile feedback. It’s a fascinating deep dive into a workplace that few of us ever get to see, and we’re looking forward to the rest of the series.

Sad news from Seattle, where the Living Computers: Museum + Labs is closing up shop. The announcement only says they’re closing “for now”, so there’s at least some hope that the museum will be back once the COVID-19 downturn has run its course. We hope they do bounce back; it really was a great museum with a lot of amazing hardware on display. The Vintage Computer Festival PNW was held there in its inaugural year, an event we covered and had high hopes for in the future. We hope for the best for these educational and cultural institutions, but we can’t help but fear a little for their future.

So you suffer a partial amputation of your left hand, leaving you with only your thumb and your palm. That raises an interesting conundrum: you haven’t lost enough to replace the hand with a prosthetic one, but you still don’t have any fingers. That appears to be what happened to Ian Davis, and so he built his own partial prosthetic to replace his fingers. There’s not much backstory on his YouTube channel, but from what we can gather he has gone through several designs, most of which are myomechanical rather than myoelectric. Through a series of complex linkages, he’s able to control not only the opening and closing of the fingers, but also to splay them apart. It’s all in the wrist, as it were — his input gestures all come from flexing and extending his hand relative to his forearm, where the prosthesis is anchored. This results in a pretty powerful grip — much stronger than a myoelectric hand in a head-to-head test. And the coolness factor of his work is just off the scale. We’re looking forward to more from Ian, and hopefully enough background information for a full story on what he has accomplished.

A Reason To Code

July 4, 2020 by 48 Comments

My son is just getting to the age that puts him in the crosshairs of all of the learn-to-code toys. And admittedly, we’ve been looking at some of those Logo-like toys where you can instruct a turtle-bot to make a few moves, and then to repeat them. After all, if breaking down a problem into sub-problems and automating the repetition isn’t the essence of programming, I don’t know what is.

But here’s the deal: I think drawing ‘bots are cooler than he does. If you ask a kid “hey, do you want a car that can draw?” that’s actually pretty low on the robot list. I’m not saying he won’t get into it once he’s got a little bit more coding under his belt and he can start to make it do fun things, but by itself, drawing just isn’t all that impressive. He can draw just fine, thank-you-very-much.

Meanwhile, I was making a robot arm. Or rather, I started up on yet another never-to-be-completed robot arm. (Frankly, I don’t know what I would do with a robot arm.) But at least I started with the gripper and wrist. Now that’s pretty cool for a kid, but the programming is waaaay too complicated. So I pulled the brains out and hooked up the servos to an RC plane remote. Just wiggling the thing around, duct-taped to the table, got him hooked. And this weekend, we’re building a remote controlled cherry-picker arm to put on a pole, because cherries are in season. His idea!

So no coding. He’s a little too young anyway, IMO. But silly little projects like these, stored deep in his subconscious, will give him a reason to program in the future, will make it plainly obvious that knowing how to program is useful. Now all I need is a reason to finish up a robot arm project…

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!