Hackaday Columns

4681 Articles

This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.

Hackaday Podcast 094: Fake Sun, Hacked Super Mario, Minimum Viable Smart Glasses, And 3D Printers Can’t Do That

November 20, 2020 by 3 Comments

Hackaday editors Elliot Williams and Mike Szczys traverse the hackerscape looking for the best the internet had to offer last week. Nintendo has released the new Game & Watch handheld and it’s already been hacked to run custom code. Heading into the darkness of winter, this artificial sun build is one not to miss… and a great way to reuse a junk satellite dish. We’ve found a pair of smartglasses that are just our level of dumb. And Tom Nardi cracks open some consumer electronics to find a familiar single-board computer doing “network security”.

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (~60 MB)

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 094: Fake Sun, Hacked Super Mario, Minimum Viable Smart Glasses, And 3D Printers Can’t Do That”

This Week In Security: SAD DNS, Incident Documentation Done Well, And TCL Responds

November 20, 2020 by 6 Comments

One of the big stories from the past few days is the return of DNS cache poisoning. The new attack has been dubbed SADDNS, and the full PDF whitepaper is now available. When you lookup a website’s IP address in a poisoned cache, you get the wrong IP address.

This can send you somewhere malicious, or worse. The paper points out that DNS has suffered a sort of feature creep, picking up more and more responsibilities. The most notable use of DNS that comes to mind is LetsEncrypt using DNS as the mechanism to prove domain ownership, and issue HTTPS certificates.

DNS Cache poisoning is a relatively old attack, dating from 1993. The first iteration of the attack was simple. An attacker that controlled an authoritative DNS server could include extra DNS results, and those extra results would be cached as if they came from an authoritative server. In 1997 it was realized that the known source port combined with a non-random transaction ID made DNS packet spoofing rather trivial. An attacker simply needs to spoof a DNS response with the appropriate txID, at the appropriate time to trick a requester into thinking it’s valid. Without the extra protections of TCP connections, this was an easy task. The response was to randomize the txID in each connection.

I have to take a moment to talk about one of my favorite gotchas in statistics. The Birthday paradox. The chances that two randomly selected people share a birthday is 1 in 365. How many people have to be in a room together to get a 50% chance of two of them sharing a birthday? If you said 182, then you walked into the paradox. The answer is 23. Why? Because we’re not looking for a specific birthday, we’re just looking for a collision between dates. Each non-matching birthday that walks into the room provides another opportunity for the next one to match.

This is the essence of the DNS birthday attack. An attacker would send a large number of DNS requests, and then immediately send a large number of spoofed responses, guessing random txIDs. Because only one collision is needed to get a poisoned cache, the chances of success go up rapidly. The mitigation was to also randomize the DNS source port, so that spoof attempts had to have both the correct source port and txID in the same attempt. Continue reading “This Week In Security: SAD DNS, Incident Documentation Done Well, And TCL Responds”

Easy IoT Logging Options For The Beginner

November 19, 2020 by 20 Comments

If a temperature sensor takes a measurement in the woods but there’s nobody around to read it, is it hot out? 

If you’ve got a project that’s collecting data, you might have reasons to put it online. Being able to read your data from anywhere has its perks, after all, and it’s key to building smarter interconnected systems, too. Plus, you can tell strangers the humidity in your living room while you’re out at the pub, and they’ll be really impressed.

Taking the leap into the Internet of Things can be daunting however, with plenty of competing services and options from the basic to the industrial-strength available. Today, we’re taking a look at two options for logging data online that are accessible to the beginner. Continue reading “Easy IoT Logging Options For The Beginner”

How To Get Into Cars: Offroading Mods

November 18, 2020 by 44 Comments

While plenty of automotive enthusiasts are all about carving corners at the local track days, it’s a special breed that leaves tarmac behind for the dusty trail ahead. If your chosen ride is of the four-wheelin’ variety, here’s how you can modify it to dominate the dirt and mud.

Handling The Terrain

Building a good offroad rig requires a very different focus than building a car for street performance. A screaming high-performance engine is of no use when your tires are spinning in the air because you’re stuck in deep sand or on top of a pointy rock. Instead, four wheelers are concerned with a whole different set of parameters. Ground clearance is key to getting over obstacles without getting stuck, and good articulation is key to keeping your wheels on the ground and pushing you forward in deep ruts and on crazy angles. You’ll also want plenty of low-down torque, and tyres that can grip up in all conditions without snagging a puncture. It’s a whole different ballgame, so read on!

Continue reading “How To Get Into Cars: Offroading Mods”

Bare-Metal STM32: From Power-Up To Hello World

November 17, 2020 by 59 Comments

Some may ask why you’d want to program a Cortex-M microcontroller like the STM32 series using nothing but the ARM toolchain and the ST Microelectronics-provided datasheet and reference manual. If your first response to that question wasn’t a panicked dive towards the nearest emergency exit, then it might be that that question has piqued your interest. Why, indeed?

Definitely, one could use any of the existing frameworks to program an STM32 MCU, whether the ST HAL framework, plain CMSIS, or even something more Arduino-flavored. Yet where is the fun in that, when at the end of the day one is still fully dependent on that framework’s documentation and its developers? More succinctly, if the contents of the STM32 reference manuals still look like so much gibberish, does one really understand the platform?

Let’s take a look at how bare-metal STM32 programming works, and make the most basic example run, shall we? Continue reading “Bare-Metal STM32: From Power-Up To Hello World”

Harnessing Your Creativity Hack Chat

November 16, 2020 by No comments

Join us on Wednesday, November 18th at noon Pacific for the Harnessing Your Creativity Hack Chat with Leo Fernekes!

(Note: this Hack Chat was rescheduled from 10/14/2020.)

You’re sitting at your bench, surrounded by the tools of the trade — meters and scopes, power supplies and hand tools, and a well-stocked parts bin. Your breadboard is ready, your fingers are itching to build, and you’ve got everything you need to get started, but — nothing happens. Something is missing, and if you’re like many of us, it’s the one thing you can’t get from eBay or Amazon: the creative spark that makes innovation happen.

Creativity is one of those things that’s difficult to describe, and is often noticed most when it’s absent. Hardware hacking requires great buckets of creativity, and it’s not always possible to count on it being there exactly when it’s called for. It would be great if you could somehow reduce creativity to practice and making it something as easy to source for every project as any other commodity.

While Leo Fernekes hasn’t exactly commoditized creativity, judging from the breadth of projects on his YouTube channel, he’s got a pretty good system for turning ideas into creations. We’ve featured a few of his builds on our pages, like a discrete transistor digital clock, the last continuity tester you’ll ever need, and his somewhat unconventional breadboarding techniques. Leo’s not afraid to fail and share the lessons learned, either.

His projects, though, aren’t the whole story here: it’s his process that we’re going to discuss. Leo joins us for this Hack Chat to poke at the creative process and see what can be done to remain rigorous and systematic in your approach but still make the process creative and flexible. Join us with your questions about finding the inspiration you need to turn parts and skills into finished projects that really innovate.

join-hack-chatOur Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, November 18 at 12:00 PM Pacific time. If time zones baffle you as much as us, we have a handy time zone converter.

Click that speech bubble to the right, and you’ll be taken directly to the Hack Chat group on Hackaday.io. You don’t have to wait until Wednesday; join whenever you want and you can see what the community is talking about.

Continue reading “Harnessing Your Creativity Hack Chat”

Art of 3D printer in the middle of printing a Hackaday Jolly Wrencher logo

3D Printering: The Things Printers (Don’t) Do

November 16, 2020 by 56 Comments

3D printers are amazing things, but if one judges solely by the successes that get showcased online, it can look as through anything at all is possible. Yet in many ways, 3D printers are actually quite limited. Because success looks easy and no one showcases failure, people can end up with lopsided ideas of what is realistic. This isn’t surprising; behind every shining 3D print that pushes the boundaries of the technology, there are misprints and test pieces piled just out of sight.

If you have ever considered getting into 3D printing, or are wondering what kinds of expectations are realistic, read on because I am going to explain where objects come from, and how to recognize whether something is a good (or bad) fit for 3D printing. The important thing to understand is that printers have limitations, and to get a working idea of what those limitations are. The result will be a better understanding of what they can do, and what problems they can reliably solve.

3D Printers Have Limits

I recently had a talk with someone who wanted to know if a 3D printer could help with a problem they had. As I listened to them describe their needs, I realized I had in a way heard it all before many times.

My colleague actually had a fairly good idea of what printers could do, in theory. But they had very little grasp of what printers did not do, and that disconnect left them a bit adrift when it came to practical applications. To help address this gap, here are some tips that can give anyone a working understanding of the things 3D printers do not do well. Continue reading “3D Printering: The Things Printers (Don’t) Do”