Hackaday Columns

4618 Articles

This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.

Hack The Cloud!

April 24, 2021 by 33 Comments

The obvious rants against software or services “in the cloud” are that you don’t own it, your data isn’t on your own hard drive, or that, when the interwebs are down, you just can’t get your work done. But the one that really grinds my gears is that, at least for many cloud services, you just can’t play around with them. Why does that matter? Well, as a hacker type, of course, I like to fool around, but more deeply, I feel that this invitation to play around is what’s going to grow up the next generation of hackers. Openness matters not just for now, but also for the future.

Of course, it’s unfair to pin all of this on the cloud. There are plenty of services with nice open APIs that let you play around with their systems as much as you want — witness the abundance of amusing things you can do with Twitter or Twitch. Still, every day seems to bring another formerly-open API that gets bought up by some wealthy company and shut down. I built a nice “is it going to rain today” display out of a meter-long WS2812 strip and an ESP8266, but Dark Sky API got bought up by Apple and is going dark soon (tee-hee!) leaving me thinking of how I’m going to get easy weather data in the next few months.

Whisper your tip in our earOr take my e-mail annunciator. I wrote a little script that, when I have new mail that’s work related or from my wife (read: important), it displays the subject line on a VFD that I have perched on my monitor. This works with Gmail, which I have to use for work, because they support IMAP so at least I can do cool things with the mail once it reaches my server. But can I do anything with Google Groups, which we use for the Hackaday Tip Line? Fat chance!

So there’s good “cloud” and there’s bad “cloud”. Good cloud is open cloud. Good cloud invites you to play, to innovate, and to come up with the right solutions for yourself. Good cloud gives you access to your data. Good cloud is hackable cloud. Let’s see more of that.

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!

Hackaday Podcast 115: AI Is Bad At Linux Terminal, Puppeting Pico In Python, 3D Scanning Comes Up Short

April 23, 2021 by 2 Comments

Hackaday editors Mike Szczys and Elliot Williams pull back the curtain on a week of excellent hacks. We saw an awesome use of RGB LEDs as a data channel on a drone, and the secrets of an IP camera’s OS laid bare with some neat reverse engineering tools. There’s an AI project for the Linux terminal that guesses at the commands you actually want to run. And after considering how far autopilot has come in the aerospace industry, we jump into a look at the gotchas you’ll find when working with models of 3D scanned objects.

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (~60 MB)

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 115: AI Is Bad At Linux Terminal, Puppeting Pico In Python, 3D Scanning Comes Up Short”

This Week In Security: NAME:WRECK, Signal Hacks Back, Updates, And More

April 23, 2021 by 9 Comments

NAME:WRECK is a collection of vulnerabilities in DNS implementations, discovered by Forescout and JSOF Research. This body of research can be seen as a continuation of Ripple20 and AMNESIA:33, as it builds on a class of vulnerability discovered in other network stacks, problems with DNS message compression.

Their PDF Whitepaper contains a brief primer on the DNS message format, which is useful for understanding the class of problem. In such a message, a DNS name is encoded with a length-value scheme, with each full name ending in a null byte. So in a DNS Request, Hackaday.com would get represented as [0x08]Hackaday[0x03]com[0x00]. The dots get replaced by these length values, and it makes for an easily parsable format.

Very early on, it was decided that continually repeating the same host names in a DNS message was wasteful of space, so a compression scheme was devised. DNS compression takes advantage of the maximum host/domain length of 63 characters. This max size means that the binary representation of that length value will never contain “1”s in the first two digits. Since it can never be used, length values starting with a binary “11” are used to point to a previously occurring domain name. The 14 bits that follow this two bit flag are known as a compression pointer, and represent a byte offset from the beginning of the message. The DNS message parser pulls the intended value from that location, and then continues parsing.

The problems found were generally based around improper validation. For example, the NetX stack doesn’t check whether the compression pointer points at itself. This scenario leads to a tight infinite loop, a classic DoS attack. Other systems don’t properly validate the location being referenced, leading to data copy past the allocated buffer, leading to remote code execution (RCE). FreeBSD has this issue, but because it’s tied to DHCP packets, the vulnerability can only be exploited by a device on the local network. While looking for message compression issues, they also found a handful of vulnerabilities in DNS response parsing that aren’t directly related to compression. The most notable here being an RCE in Seimens’ Nucleus Net stack. Continue reading “This Week In Security: NAME:WRECK, Signal Hacks Back, Updates, And More”

Hands-On With PineCube: An Open IP Camera Begging For Better Kernel Support

April 22, 2021 by 27 Comments

When the PineCube was announced by the Pine64 project in 2020, it created a fair bit of interest. Most of this was due to the appeal of a single-board computer (SBC) in a network-based (IP) camera form factor with integrated camera module, for a mere $29.99. Add an enclosure to it, and you would have a neat little package combining a 5 MP camera module with 100 Mbit Ethernet and WiFi. As a bonus, the system could be powered either via an optional battery pack as well as passive PoE, in addition to MicroUSB.

A few weeks ago I bought two of these boards, as part of a client project, and set out to use it for a custom IP camera implementation. With existing Linux-on-SBC and MIPI (CSI) camera experience on my end ranging from the Raspberry Pi to the Odroid, Orange Pi and Banana Pi boards, I felt fairly confident that I could make it work with minimal fuss.

Unfortunately, my experiences were anything but positive. After spending many hours with the PineCube, I’m not able to recommend it for those seeking an IP camera. There are many reasons for this, which I’ll try to explain in this article.

Continue reading “Hands-On With PineCube: An Open IP Camera Begging For Better Kernel Support”

Hacking An Air Assist For The Ortur Laser

April 21, 2021 by 13 Comments

Getting great results from a laser cutter takes a bit of effort to make sure all of the settings are just right. But even then, if the air between the material and the laser source is full of smoke and debris it will interfere with the laser beam and throw off the results. The solution is to add air assist which continuously clears that area.

Earlier this year I bought an Ortur laser engraver/cutter and have been hacking on it to improve the stock capabilities. last month I talked about putting a board under the machine and making the laser move up and down easily. But I still didn’t have an air assist. Since then I found a great way to add it that will work for many laser cutter setups.

I didn’t design any of these modifications, but I did alter them to fit my particular circumstances. You can find my very simple modifications to other designs on Thingiverse. You’ll also find links to the original designs and you’ll need them for extra parts and instructions, too. It is great to be able to start with work from talented people and build on each other’s ideas.

Continue reading “Hacking An Air Assist For The Ortur Laser”

BMW Pushing Hard For Solid-State Battery Tech; Plans Demo By 2025

April 21, 2021 by 26 Comments

Plenty of development is ongoing in the world of lithium batteries for use in electric vehicles. Automakers are scrapping for every little percentage gain to add a few miles of range over their competitors, with efforts to reduce charging times just as frantic as well.

Of course, the real win would be to succeed in bringing a bigger, game-changing battery to market. Solid state batteries fit the bill, potentially offering far greater performance than their traditional lithium counterparts. BMW think there’s merit in the technology, and have announced they intend to show off a solid-state battery vehicle by 2025.

Continue reading “BMW Pushing Hard For Solid-State Battery Tech; Plans Demo By 2025”

Art of 3D printer in the middle of printing a Hackaday Jolly Wrencher logo

What To Expect From 3D Scanning, And How To Work With It

April 20, 2021 by 19 Comments

3D scanning and 3D printing may sound like a natural match for one another, but they don’t always play together as easily and nicely as one would hope. I’ll explain what one can expect by highlighting three use cases the average hacker encounters, and how well they do (or don’t) work. With this, you’ll have a better idea of how 3D scanning can meet your part design and 3D printing needs.

How Well Some Things (Don’t) Work

Most 3D printing enthusiasts sooner or later become interested in whether 3D scanning can make their lives and projects easier. Here are a three different intersections of 3D scanning, 3D printing, and CAD along with a few words on how well each can be expected to work.

Goal Examples and Details Does it work?
Use scans to make copies of an object.
  • 3D scan something, then 3D print copies.
  • Objects might be functional things like fixtures or appliance parts, or artistic objects like sculptures.
 Mostly yes, but depends on the object
Make a CAD model from a source object.
  • The goal is a 1:1 model, for part engineering purposes.
  • Use 3D scanning instead of creating the object in CAD.
 Not Really
Digitize inconvenient or troublesome shapes.
  • Obtain an accurate model of complex shapes that can’t easily be measured or modeled any other way.
  • Examples: dashboards, sculptures, large objects, objects that are attached to something else or can’t be easily moved, body parts like heads or faces, and objects with many curves.
  • Useful to make sure a 3D printed object will fit into or on something else.
  • Creating a CAD model of a part for engineering purposes is not the goal.
 Yes, but it depends

In all of these cases, one wants a 3D model of an object, and that’s exactly what 3D scanning creates, so what’s the problem? The problem is that not all 3D models are alike and useful for the same things.

Continue reading “What To Expect From 3D Scanning, And How To Work With It”