Understand Your Tools: Finger Exercises

April 6, 2024 by Elliot Williams 12 Comments

A dip meter is basically a coil of wire that, when you excite it, you can use to tell if something inside that coil is resonating along. This lets you measure unknown radio circuits to figure out their resonant frequency, for instance. This week, we featured a clever way to make a dip meter with a nanoVNA, which is an odd hack simply because a dip meter used to be a common spare-parts DIY device, while a vector network analyzer used to cost more than a house.

Times have changed, and for the better. Nowadays, any radio amateur can pick up a VNA for less than the cost of all but the cheesiest of walkie talkies, putting formerly exotic test equipment in the hands of untrained mortals. But what good is a fancy-pants tool if you don’t know how to use it? Our own Jenny List faced exactly this problem when she picked up a nanoVNA, and her first steps are worth following along with if you find yourself in her shoes.

All of this reminded me of an excellent series by Mike Szczys, “Scope Noob”, where he chronicled his forays into learning how to use an oscilloscope by running all of the basic functions by working through a bunch of test measurements that he already knew the answer to.

It strikes me that we could use something like this for nearly every piece of measuring equipment. Something more than just an instruction manual that walks you through what all the dials do. Something that takes you through a bunch of example projects and shows you how to use the tool in question through a handful of projects. Because these days, access to many formerly exotic pieces of measuring gear has enabled many folks to have gear they never would have had before – and all that’s missing is knowing how to drive them.

Fictional Computers: The Three Body Problem

April 5, 2024 by Al Williams 54 Comments

If you intend to see the Netflix series “The Three Body Problem” or you want to read the Hugo-winning story from Chinese author [Cixin Liu], then you should probably bookmark this post and stop reading immediately. There will be some mild spoilers. You have been warned.

While the show does have some moments that will make your science brain cringe, there is one scene that shows a computer that could actually be built. Would it be practical? Probably not in real life, but in the context provided by the show, it was perfectly feasible. It could have, however, been done a little better, but the idea was — like many great ideas — both deceptively simple and amazingly profound. The computer was made of human beings. I’m not talking like Dune’s mentats — humans with super brains augmented by drugs or technology. This is something very different.

Background

This is your last chance. There are spoilers ahead, although I’ll try to leave out as much as I can. In the story, top scientists receive a mysterious headset that allows them to experience totally immersive holodeck-style virtual reality. When they put the headset on, they are in what appears to be a game. The game puts you in a historical location — the court of Henry VIII or Ghengis Kahn. However, this Earth has three suns. The planet is sometimes in a nicely habitable zone and sometimes is not. The periods when the planet is uninhabitable might have everything bursting into flames or freezing, or there might not be sufficient gravity to hold them on the planet’s surface. (Although I’ll admit, I found that one hard to grasp.)

Apparently, the inhabitants of this quasi-Earth can hibernate through the “chaotic eras” and wait for the next “stable era” that lasts a long time. The problem, as you probably know, is that there is no general closed-form solution for the three-body problem. Of course, there are approximations and special cases, but it isn’t easy to make long-term predictions about the state of three bodies, even with modern computers.

Continue reading “Fictional Computers: The Three Body Problem” →

Hackaday Podcast Episode 265: Behind The Epic SSH Hack, 1980s Cyber Butler, The Story Of Season 7

April 5, 2024 by Kristina Panos No comments

This week, Editor-in-Chief Elliot Williams and Kristina Panos convened once again to give the lowdown on this week’s best hacks. First up in the news — it’s giga-sunset time for Gigaset IoT devices, which simultaneously became paperweights on March 29th. And all that Flipper Zero panic? It has spread to Australia, but still remains exactly that: panic.

Then it’s on to What’s That Sound. Kristina failed again, although she was in the right neighborhood. Can you get it? Can you figure it out? Can you guess what’s making that sound? If you can, and your number comes up, you get a special Hackaday Podcast t-shirt.

Then it’s on to the hacks, beginning with the terrifying news of an xz backdoor. From there, we marvel at a 1980s ‘butler in a box’ — a voice-activated home automation system — and at the idea of LoRa transmissions without a radio. Finally, we discuss why you don’t want to piss off Trekkies, and whether AI has any place in tech support.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Download and savor at your leisure.

Continue reading “Hackaday Podcast Episode 265: Behind The Epic SSH Hack, 1980s Cyber Butler, The Story Of Season 7” →

This Week In Security: XZ, ATT, And Letters Of Marque

April 5, 2024 by Jonathan Bennett 11 Comments

The xz backdoor is naturally still the top story of the week. If you need a refresher, see our previous coverage. As expected, some very talented reverse engineers have gone to work on the code, and we have a much better idea of what the injected payload does.

One of the first findings to note is that the backdoor doesn’t allow a user to log in over SSH. Instead, when an SSH request is signed with the right authentication key, one of the certificate fields is decoded and executed via a system() call. And this makes perfect sense. An SSH login leaves an audit trail, while this backdoor is obviously intended to be silent and secret.

It’s interesting to note that this code made use of both autotools macros, and the GNU ifunc, or Indirect FUNCtions. That’s the nifty feature where a binary can include different versions of a function, each optimized for a different processor instruction set. The right version of the function gets called at runtime. Or in this case, the malicious version of that function gets hooked in to execution by a malicious library. Continue reading “This Week In Security: XZ, ATT, And Letters Of Marque” →

Ultimate Power: Lithium-Ion Batteries In Series

April 4, 2024 by Arya Voronova 52 Comments

At some point, the 3.6 V of a single lithium ion battery just won’t do, and you’ll absolutely want to stack LiIon cells in series. When you need high power, you’ve either got to increase voltage or current, and currents above say 10 A require significantly beefed up components. This is how you’re able to charge your laptop from your USB-C powerbank, for instance.

Or maybe you just need higher voltages, and don’t feel like using a step-up converter, which brings along with it some level of inefficiency. Whatever your reasons, it’s time to put some cells into series. Continue reading “Ultimate Power: Lithium-Ion Batteries In Series” →

FLOSS Weekly Episode 777: Asterisk — Wait, Faxes?

April 3, 2024 by Jonathan Bennett 9 Comments

This week Jonathan Bennett and David Ruggles sit down with Joshua Colp to talk about Asterisk! That’s the Open Source phone system software you already interact with without realizing it. It started as a side project to run the phones for Linux Support Services, and it turned out working on phone systems was more fun than supporting Linux. The project grew, and in the years since has landed at Sangoma, where Joshua holds the title of Asterisk Project Lead.

Asterisk is used in call centers, business phone systems, and telecom appliances around the world. But how does it handle faxes, WebRTC, and stopping spam calls? Just kidding on that last one, still an unsolved problem.

Continue reading “FLOSS Weekly Episode 777: Asterisk — Wait, Faxes?” →

PCB Design Review: Tinysparrow, A Module For CAN Hacking Needs

April 3, 2024 by Arya Voronova 22 Comments

I enjoy seeing modules that can make designing other devices easier, and when I did a call for design reviews, [enp6s0] has submitted one such board to us. It’s a module called TinySparrow (GitHub), that helps you build your own vehicle ECUs and any other CAN-enabled things. With a microcontroller, plenty of GPIOs, a linear regulator and a CAN transceiver already onboard, this board has more than enough kick for anyone in hobbyist-range automotive space – and it’s surprisingly tiny!

You could build a lot of things around this module – a CAN bus analyzer or sniffer, a custom peripheral for car dashes, or even a full-blown ECU. You can even design any hardware for a robot or a piece of industrial technology that uses CAN for its backbone – we’ve all seen a few of those! It’s a great board, but it uses six layers. We’ll see if we can do something about that here.

Modules like TinySparrow will make your PCBs cheaper while ordering, too! Thanks to the carefully routed microcontroller and the CAN transmitter, whatever board you design around this chip definitely wouldn’t need six layers like this one does – and, unlike designing your own board, you can use someone’s well-tested and tailored libraries and reference circuits!

With TinySparrow, you save a lot of time, effort and money whenever you want to design a car or industrial accessory. After looking at the board files, my proposal for helping today’s board is – like last time – to make its production cheaper, so that more people can get this board into their hands if the creator ever does try and manufacture it. I also have some tips to make future improvements on this design easier, and make it more friendly for its userbase.

Continue reading “PCB Design Review: Tinysparrow, A Module For CAN Hacking Needs” →