This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.
A few months ago, I fell down the internet rabbit hole known as Ted Munk’s typewriter site. I don’t remember if I just saw this Brother EP43 typewriter for sale and searched for information about them, or went looking for one after reading about them. Either way, the result is the same — I gained a typewriter.
Now I’m not really a typewriter collector or anything, and this is my first word processor typewriter. When it arrived from Goodwill, I anxiously popped four ‘C’ cells in and hoped for the best. It made a print head noise, so that was a good sign. But almost immediately after that, there was a BANG! and then a puff of smoke wafted out from the innards. My tiny typewriter was toast. Continue reading “Clacker Hacker: Popping A Cap In A Brother EP43 Thermal Typewriter”→
Despite the popularity of social media, for communication that actually matters, e-mail reigns supreme. Crucial to the smooth operation of businesses worldwide, it’s prized for its reliability. Google is one of the world’s largest e-mail providers, both with its consumer-targeted Gmail product as well as G Suite for business customers [Jeffrey Paul] is a user of the latter, and was surprised to find that URLs in incoming emails were being modified by the service when fetched via the Internet Message Access Protocol (IMAP) used by external email readers.
This change appears to make it impossible for IMAP users to see the original email without logging into the web interface, it breaks verification of the cryptographic signatures, and it came as a surprise.
Security Matters
A test email sent to verify the edits made by Google’s servers. Top, the original email, bottom, what was received.
For a subset of users, it appears Google is modifying URLs in the body of emails to instead go through their own link-checking and redirect service. This involves actually editing the body of the email before it reaches the user. This means that even those using external clients to fetch email over IMAP are affected, with no way to access the original raw email they were sent.
The security implications are serious enough that many doubted the initial story, suspecting that the editing was only happening within the Gmail app or through the web client. However, a source claiming to work for Google confirmed that the new feature is being rolled out to G Suite customers, and can be switched off if so desired. Reaching out to Google for comment, we were directed to their help page on the topic.
The stated aim is to prevent phishing, with Google’s redirect service including a link checker to warn users who are traveling to potentially dangerous sites. For many though, this explanation doesn’t pass muster. Forcing users to head to a Google server to view the original URL they were sent is to many an egregious breach of privacy, and a security concern to boot. It allows the search giant to further extend its tendrils of click tracking into even private email conversations. For some, the implications are worse. Cryptographically signed messages, such as those using PGP or GPG, are broken by the tool; as the content of the email body is modified in the process, the message no longer checks out with respect to the original signature. Of course, this is the value of signing your messages — it becomes much easier to detect such alterations between what was sent and what was received.
Inadequate Disclosure
Understandably, many were up in arms that the company would implement such a measure with no consultation or warning ahead of time. The content of an email is sacrosanct, in many respects, and tampering with it in any form will always be condemned by the security conscious. If the feature is a choice for the user, and can be turned off at will, then it’s a useful tool for those that want it. But this discovery was a surprise to many, making it hard to believe it was adequately disclosed before roll-out. The question unfolded in the FAQ screenshot above hints at this being part of Google’s A/B test and not applied to all accounts. Features being tested on your email account should be disclosed yet they are not.
Protecting innocent users against phishing attacks is a laudable aim, and we can imagine many business owners enabling such a feature to avoid phishing attacks. It’s another case where privacy is willingly traded for the idea of security. While the uproar is limited due to the specific nature of the implementation thus far, we would expect further desertion of Google’s email services by the tech savvy if such practices were to spread to the mainstream Gmail product. Regardless of what happens next, it’s important to remember that the email you read may not be the one you were sent, and act accordingly.
Update 30/10/2020: It has since come to light that for G Suite users with Advanced Protection enabled, it may not be possible to disable this feature at all.
There’s a laundry list of ways that humans are polluting the earth, and even though it might not look like it from the surface, the oceans seem to bear the brunt of our waste. Some research suggests that plastic doesn’t fully degrade as it ages, but instead breaks down into smaller and smaller bits that will be somewhere the in environment for such a long time it could be characterized in layman’s terms as forever.
Not only does waste of all kinds make its way to the oceans by rivers or simply by outright dumping, but commercial fishing gear is estimated to comprise around 10% of the waste in the great blue seas, and one of the four nonprofits help guide this year’s Hackaday Prize is looking to eliminate some of that waste and ensure it doesn’t cause other problems for marine life. This was the challenge for the Conservation X Labs dream team, three people who were each awarded a $6,000 micro-grant to work full time for two months on the problem.
It isn’t about simply collecting waste in the ocean, but rather about limiting the time that potentially harmful but necessary fishing equipment is in the water in the first place. For this two-month challenge, this team focused on long lines used by professional fishing operations to attach buoys to gear like lobster pots or crab traps. These ropes are a danger to large ocean animals such as whales when they get tangled in them and, if the lines detach from the traps, the traps themselves continue to trap and kill marine life for as long as they are lost underwater. This “ghost gear” is harmful in many different ways, and reducing its time in the water or “soak time” was the goal for the project.
Let’s take a closer look at their work after the break, and we can also see the video report they filed as the project wrapped up.
These days, we have LED light bulbs that will last a decade. But it wasn’t so long ago that incandescent lamps were all we had, and they burned out after several months. Thomas Edison’s early light bulbs used bamboo filaments that burned out very quickly. An inventor and draftsman named Lewis Latimer improved Edison’s filament by encasing it in cardboard, earning himself a patent the process.
Lewis had a hard early life, but he succeeded in spite of the odds and his lack of formal education. He was a respected draftsman who earned several patents and worked directly with Alexander Graham Bell and Thomas Edison. Although Lewis didn’t invent the light bulb, he definitely made it better and longer-lasting. Continue reading “Lewis Latimer Drafted The Future Of Electric Light”→
Phones used to be phones. Then we got cordless phones which were part phone and part radio. Then we got cell phones. But with smartphones, we have a phone that is both a radio and a computer. Tiny battery operated computers are typically a bit anemic, but as technology marches forward, those tiny computers grew to the point that they outpace desktop machines from a few years ago. That means more and more phones are incorporating technology we used to reserve for desktop computers and servers. Case in point: Xiaomi now has a smartphone that sports a RAM drive. Is this really necessary?
While people like to say you can never be too rich or too thin, memory can never be too big or too fast. Unfortunately, that’s always been a zero-sum game. Fast memory tends to be lower-density while large capacity memory tends to be slower. The fastest common memory is static RAM, but that requires a lot of area on a chip per bit and also consumes a lot of power. That’s why most computers and devices use dynamic RAM for main storage. Since each bit is little more than a capacitor, the density is good and power requirements are reasonable. The downside? Internally, the memory needs a rewrite when read or periodically before the tiny capacitors discharge.
Although dynamic RAM density is high, flash memory still serves as the “disk drive” for most phones. It is dense, cheap, and — unlike RAM — holds data with no power. The downside is the interface to it is cumbersome and relatively slow despite new standards to improve throughput. There’s virtually no way the type of flash memory used in a typical phone will ever match the access speeds you can get with RAM.
So, are our phones held back by the speed of the flash? Are they calling out for a new paradigm that taps the speed of RAM whenever possible? Let’s unpack this issue.
From our lofty perch atop the food chain it’s easy to make the assumption that we humans are the last word in intelligence. A quick glance at social media or a chat with a random stranger at the store should be enough to convince you that human intelligence isn’t all it’s cracked up to be, or at least that it’s not evenly distributed. But regardless, we are pretty smart, thanks to those big, powerful brains stuffed into our skulls.
We’re far from the only smart species on the planet, though. Fellow primates and other mammals clearly have intelligence, and we’ve seen amazingly complex behaviors from animals in just about every taxonomic rank. But it’s the birds who probably stuff the most functionality into their limited neural hardware, with tool use, including the ability to make new tools, being common, along with long-distance navigation, superb binocular vision, and of course the ability to rapidly maneuver in three-dimensions while flying.
Hans Forsberg has taken an interest in avian intelligence lately, and to explore just what’s possible he devised a fiendishly clever system to train his local magpie flock to clean up his yard, which he calls “BirdBox”. We recently wrote up his initial training attempts, which honestly bear a strong resemblance to training a machine learning algorithm, which is probably no small coincidence since his professional background is with neural networks. He has several years of work into his birds, and he’ll stop by the Hack Chat to talk about what goes into leveraging animal intelligence, what we can learn about our systems from it, and where BirdBox goes next.
Click that speech bubble to the right, and you’ll be taken directly to the Hack Chat group on Hackaday.io. You don’t have to wait until Wednesday; join whenever you want and you can see what the community is talking about.
Remember subliminal advertising? The idea was that a movie theater operator would splice a single frame showing a bucket of hot buttered popcorn into a movie, which moviegoers would see and process on a subconcious level and rush to the concession stand to buy the tub o’ petrochemical-glazed starch they suddenly craved. It may or may not work on humans, but it appears to work on cars with advanced driver assistance, which can be spoofed by “phantom street signs” flashed on electronic billboards. Security researchers at Ben Gurion University stuck an image of a stop sign into a McDonald’s ad displayed on a large LCD screen by the side of the road. That was enough to convince a Tesla Model X to put on the brakes as it passed by the sign. The phantom images were on the screen anywhere from an eighth of a second to a quarter second, so these aren’t exactly subliminal messages, but it’s still an interesting attack that bears looking into. And while we’re skeptical about the whole subliminal advertising thing in the first place, for some reason we really want a bacon cheeseburger right now.
Score one for the good guys in the battle against patent trolls. Mycroft AI, makers of open-source voice assistants, proudly announced their latest victory against what they claim are patent trolls. This appears to be one of those deals where a bunch of investors get together and buy random patents, and then claim that a company that actually built something infringes on their intellectual property. Mycroft got a letter from one such entity and decided to fight it; they’ve won two battles so far against the alleged trolls and it looks pretty good going forward. They’re not pulling their punches, either, since Mycroft is planning to go after the other parties for legal expenses and punitive damages under the State of Missouri’s patent troll legislation. Here’s hoping this sends a message to IP squatters that it may not be worth the effort and that their time and money are better spent actually creating useful things.
Good news from Mars — The Mole is finally completely buried! We’ve been following the saga of the HP³, or “Heat Flow and Physical Properties Package” aboard NASA’s Mars InSight lander for quite a while. The self-drilling “Mole”, which is essentially the guts of an impact screwdriver inside a streamlined case, has been having trouble dealing with the Martian regolith, which is simultaneously too soft to offer the friction needed to keep the penetrator in its hole, but also too hard to pierce in places where there is a “duricrust” of chemically amalgamated material below the surface. It took a lot of delicate maneuvers with the lander’s robotic arm to get the Mole back on track, and it’s clearly not out of the woods yet — it needs to get down to three meters depth or so to do the full program of science it was designed for.
If watching Martian soil experiments proceed doesn’t scratch your itch for space science, why not try running your own radio astronomy experiments? Sure, you could build your own radio telescope to do that, but you don’t even have to go that far — just log into PICTOR, the free-to-use radio telescope. It’s a 3.2-m parabolic dish antenna located near Athens, Greece that’s geared toward hydrogen line measurements of the galaxy. You can set up an observation run and have the results mailed back to you for later analysis.
And finally, if you’ve never listened to a Nobel laureate give a lecture, here’s your chance. Andrea Ghez, co-winner of the 2020 Nobel Prize in physics for her work on supermassive black holes, will be giving the annual Maria Goeppert Mayer lecture at the University of Chicago. She’ll be talking about exactly what she won the Nobel for: “The Monster at the Heart of Our Galaxy”, the supermassive black hole Sagittarius A*. We suspect the talk was booked before the Nobel announcement, so in normal times the room would likely be packed. But one advantage to the age of social distancing is that everything is online, so you can tune into a livestream of the lecture on October 22.
