Hackaday Columns

4112 Articles

This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.

Hackaday Links Column Banner

Hackaday Links: April 14, 2024

April 14, 2024 by 10 Comments

The Great American Eclipse v2.0 has come and gone, sadly without our traveling to the path of totality as planned; family stuff. We did get a report from friends in Texas that it was just as spectacular there as expected, with the bonus of seeing a solar flare off the southwest limb of the disk at totality. Many people reported seeing the same thing, which makes us a bit jealous — OK, a lot jealous. Of course, this presented an opportunity to the “Well, ackchyually” crowd to point out that there were no solar flares or coronal mass ejections at the time, so what people saw wasn’t an exquisitely timed and well-positioned solar flare but rather a well-timed and exquisitely positioned solar prominence. Glad we cleared that up. Either way, people in the path of totality saw the Sun belching out gigatons of plasma while we had to settle for 27% totality.

Continue reading “Hackaday Links: April 14, 2024”

Hackaday Podcast Episode 266: A Writer’s Deck, Patching Your Battleship, And Fact-Checking The Eclipse

April 12, 2024 by No comments

Before Elliot Williams jumps on a train for Hackaday Europe, there was just enough time to meet up virtually with Tom Nardi to discuss their favorite hacks and stories from the previous week. This episode’s topics include the potential benefits of having a dual-gantry 3D printer, using microcontrollers to build bespoke note taking gadgets, the exciting world of rock tumbling, and the proper care and maintenance required to keep your World War II battleship in shape. They’ll also go over some old school keyboard technologies, DIP chip repairs, and documenting celestial events with your home solar array. By the end you’ll hear about the real-world challenges of putting artificial intelligence to work, and how you can safely put high-power lithium batteries to work in your projects without setting your house on fire.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download for off-line listening.

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast Episode 266: A Writer’s Deck, Patching Your Battleship, And Fact-Checking The Eclipse”

This Week In Security: BatBadBut, DLink, And Your TV Too

April 12, 2024 by 23 Comments

So first up, we have BatBadBut, a pun based on the vulnerability being “about batch files and bad, but not the worst.” It’s a weird interaction between how Windows uses cmd.exe to execute batch files and how argument splitting and character escaping normally works. And what is apparently a documentation flaw in the Windows API.

When starting a process, even on Windows, the new executable is handed a set of arguments to parse. In Linux and friends, that is a pre-split list of arguments, the argv array. On Windows, it’s a single string, left up to the program to handle. The convention is to follow the same behavior as Linux, but the cmd.exe binary is a bit different. It uses the carrot ^ symbol instead of the backslash \ to escape special symbols, among other differences. The Rust devs took a look and decided that there are some cases where a given string just can’t be made safe for cmd.exe, and opted to just throw an error when a string met this criteria.

And that brings us to the big questions. Who’s fault is it, and how bad is it? I think there’s some shared blame here. The Microsoft documentation on CreateProcess() strongly suggests that it won’t execute a batch file without cmd.exe being explicitly called. On the other hand, This is established behavior, and scripting languages on Windows have to play the game by Microsoft’s rules. And the possible problem space is fairly narrow: Calling a batch file with untrusted arguments.

Almost all of the languages with this quirk have either released patches or documentation updates about the issue. There is a notable outlier, as the Java language will not receive a fix, not deeming it a vulnerability. It’s rather ironic, given that Java is probably the most likely language to actually find this problem in the wild. Continue reading “This Week In Security: BatBadBut, DLink, And Your TV Too”

FLOSS Weekly Episode 778: OctoPrint — People Are Amazing At Breaking Things

April 10, 2024 by 7 Comments

This week Jonathan Bennett and Katherine Druckman sit down with Gina Häußge to talk OctoPrint! It’s one of our favorite ways to babysit our 3D printers, and the project has come a long way in the last 12 years! It’s a labor of love, primarily led by Gina, who has managed to turn it into a full time job. Listen in to hear that story and more, including how to run an Open Source project without losing your sanity, why plugins are great, and how to avoid adding a special services employee as a co-maintainer!

Continue reading “FLOSS Weekly Episode 778: OctoPrint — People Are Amazing At Breaking Things”

Ultimate Power: Lithium-Ion Packs Need Some Extra Circuitry

April 8, 2024 by 19 Comments

A LiIon pack might just be exactly what you need for powering a device of yours. Whether it’s a laptop, or a robot, or a custom e-scooter, a CPAP machine, there’s likely a LiIon cell configuration that would work perfectly for your needs. Last time, we talked quite a bit about the parameters you should know about when working with existing LiIon packs or building a new one – configurations, voltage notations, capacity and internal resistance, and things to watch out for if you’re just itching to put some cells together.

Now, you might be at the edge your seat, wondering what kind of configuration do you need? What target voltage would be best for your task? What’s the physical arrangement of the pack that you can afford? What are the safety considerations? And, given those, what kind of electronics do you need?

Picking The Pack Configuration

Pack configurations are well described by XsYp:X serial stages, each stage having Y cells in parallel. It’s important that every stage is the same as all the others in as many parameters as possible – unbalanced stages will bring you trouble.

To get the pack’s nominal voltage, you multiply X (number of stages) by 3.7 V, because this is where your pack will spend most of its time. For example, a 3s pack will have 11.1 V nominal voltage. Check your cell’s datasheet – it tends to have all sorts of nice graphs, so you can calculate the nominal voltage more exactly for the kind of current you’d expect to draw. For instance, the specific cells I use in a device of mine, will spend most of their time at 3.5 V, so I need to adjust my voltage expectations to 10.5 V accordingly if I’m to stack a few of them together.

Now, where do you want to fit your pack? This will determine the voltage. If you want to quickly power a device that expects 12 V, the 10.5 V to 11.1 V of a 3s config should work wonders. If your device detects undervoltage at 10.5V, however, you might want to consider adding one more stage.

How much current do you want to draw? For the cells you are using, open their spec sheet yet again, take the max current draw per cell, derate it by like 50%, and see how many cells you need to add to match your current draw. Then, add parallel cells as needed to get the capacity you desire and fit the physical footprint you’re aiming for. Continue reading “Ultimate Power: Lithium-Ion Packs Need Some Extra Circuitry”

Hackaday Links Column Banner

Hackaday Links: April 7, 2024

April 7, 2024 by 12 Comments

Folks with a bit of knowledge about network security commonly use virtual private networks (VPNs) when out and about. Whether you’re connecting to public WiFi or somebody passes you a questionable Ethernet cable at a hacker con, it’s nice to have a secure endpoint to tunnel all of your traffic. As a secondary bonus, connecting through a VPN can obscure your physical location. It’s that second feature that has a bunch of people jumping on the VPN bandwagon as they try to dodge the recent porn age checks that have gone into effect in a number of states. According to a recent article in PopSci, one particular VPN provider saw a 275% jump in demand on the same day that PornHub cut off access to users in Texas. While the debate over underage users accessing adult content is far outside of our wheelhouse, anything that gets more users connecting to the Internet via encrypted means is arguably a net positive.

If you wanted somebody from the Geek Squad to set up that VPN so you can get back on PornHub to work securely from the local coffee shop, you might be out of luck. Reports have been coming in that Best Buy’s mobile nerd division is seeing sweeping layoffs. Geeks were told to stay home on Tuesday and await a call from corporate, at which point many got the surprising news that they no longer had a job. The /r/GeekSquad subreddit has been a rallying point for staff who got the axe, with the user [jaym026] posting what we assume is an AI-generated inspirational speech from Optimus Prime. Of course, it sucks for anyone to lose their job, especially with the way things are these days. Still, we’re willing to bet almost none of those affected will look back on the day they were let go from an increasingly irrelevant brick-and-mortar electronics store as a low point in their professional careers.

Continue reading “Hackaday Links: April 7, 2024”

Understand Your Tools: Finger Exercises

April 6, 2024 by 12 Comments

A dip meter is basically a coil of wire that, when you excite it, you can use to tell if something inside that coil is resonating along. This lets you measure unknown radio circuits to figure out their resonant frequency, for instance. This week, we featured a clever way to make a dip meter with a nanoVNA, which is an odd hack simply because a dip meter used to be a common spare-parts DIY device, while a vector network analyzer used to cost more than a house.

Times have changed, and for the better. Nowadays, any radio amateur can pick up a VNA for less than the cost of all but the cheesiest of walkie talkies, putting formerly exotic test equipment in the hands of untrained mortals. But what good is a fancy-pants tool if you don’t know how to use it? Our own Jenny List faced exactly this problem when she picked up a nanoVNA, and her first steps are worth following along with if you find yourself in her shoes.

All of this reminded me of an excellent series by Mike Szczys, “Scope Noob”, where he chronicled his forays into learning how to use an oscilloscope by running all of the basic functions by working through a bunch of test measurements that he already knew the answer to.

It strikes me that we could use something like this for nearly every piece of measuring equipment. Something more than just an instruction manual that walks you through what all the dials do. Something that takes you through a bunch of example projects and shows you how to use the tool in question through a handful of projects. Because these days, access to many formerly exotic pieces of measuring gear has enabled many folks to have gear they never would have had before – and all that’s missing is knowing how to drive them.

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!