Hackaday Podcast 082: DJ CNC, NFC Black Box, Sound Of Keys, And Payin’ For 3D Prints

August 28, 2020 by Mike Szczys 2 Comments

Hackaday editors Elliot Williams and Mike Szczys check in on the best hacks from the past week. All the buzz is the algorithm that can reverse engineer your house keys from the way they sound going into the lock. Cardboard construction goes extreme with an RC car build that’s beyond wizard-level. Speaking of junk builds, there’s a CNC mill tipped on its side grinding out results worlds better than you expect from something made with salvaged CD-ROM drives. And a starburst character display is a clever combination of laser cutting and alternative using UV-cured resin as a diffuser.

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (60 MB or so.)

Continue reading “Hackaday Podcast 082: DJ CNC, NFC Black Box, Sound Of Keys, And Payin’ For 3D Prints” →

This Week In Security: XCode Infections, Freepik, And Crypto Fails

August 28, 2020 by Jonathan Bennett 8 Comments

There is a scenario that keep security gurus up at night: Malware that can detect software compilation and insert itself into the resulting binary. A new Mac malware, XCSSET (PDF), does just that, running whenever Xcode is used to build an application. Not only is there the danger of compiled apps being malicious, the malware also collects data from the developer’s machine. It seems that the malware spreads through infected Xcode projects.

WordPress Plugins

WordPress has a complicated security track record. The core project has had very few serious vulnerabilities over the years. On the other hand, WordPress sites are routinely compromised. How? Generally through vulnerable plugins. Case in point? Advanced Access Manager. It’s a third party WordPress plugin with an estimate 100,000 installations. The problem is that this plugin requires user levels, a deprecated and removed WordPress feature. The missing feature had some unexpected results, like allowing any user to request administrator privileges.

The issue has been fixed in 6.6.2 of the plugin, so if you happen to run the Advanced Access Manager plugin, make sure to get it updated. Beyond that, maybe it’s time to do an audit on your WordPress site. Uninstall unused plugins, and make sure the rest are up to date, along with the WordPress installation itself. Continue reading “This Week In Security: XCode Infections, Freepik, And Crypto Fails” →

VR Technology Helps Bring A Galaxy Far, Far Away To Our TV

August 27, 2020 by Roger Cheng 18 Comments

Virtual reality is usually an isolated individual experience very different from the shared group experience of a movie screen or even a living room TV. But those worlds of entertainment are more closely intertwined than most audiences are aware. Video game engines have been taking a growing role in film and television production behind the scenes, and now they’re stepping out in front of the camera in a big way for making The Mandalorian TV series.

Big in this case is a three-quarters cylindrical LED array 75 ft (23 m) in diameter and 20 ft (6 m) high. But the LEDs covering its walls and ceiling aren’t pointing outwards like some installation for Times Square. This setup, called the Volume, points inward to display background images for camera and crew working within. It’s an immersive LED backdrop and stage environment.

Incorporating projected imagery on stage is a technique going at least as far back as 1933’s King Kong, but it is very limited. Lighting and camera motion has to be very constrained in order to avoid breaking the fragile illusion. More recently, productions have favored green screens replaced with computer imagery in post production. It removed most camera motion and lighting constraints, but costs a lot of money and time. It is also more difficult for actors to perform their roles convincingly against big blank slabs of green. The Volume solves all of those problems by putting computer-generated imagery on set, rendered in real time via video game engine Unreal.

Continue reading “VR Technology Helps Bring A Galaxy Far, Far Away To Our TV” →

3D Printering: The World Of Non-Free 3D Models Is Buyer Beware

August 26, 2020 by Donald Papp 32 Comments

There are more free 3D models online than one can shake a stick at, but what about paid models? Hosting models somewhere and putting a buy button in front of the download is certainly a solved problem, but after spending some time buying and printing a variety of non-free 3D models online, it’s clear that there are shortcomings in the current system.

What the problems are and how to address them depends a little on the different ways models get sold, but one thing is clear: poorly-designed 3D models are bad for consumers, and bad for the future of pay-to-download in general. Continue reading “3D Printering: The World Of Non-Free 3D Models Is Buyer Beware” →

Linux-Fu: Your Own Dynamic DNS

August 25, 2020 by Al Williams 14 Comments

It is a problem as old as the Internet. You want to access your computer remotely, but it is behind a router that randomly gets different IP addresses. Or maybe it is your laptop and it winds up in different locations with, again, different IP addresses. There are many ways to solve this problem and some of them are better than others.

A lot of routers can report their IP address to a dynamic DNS server. That used to be great, but now it seems like many of them hound you to upgrade or constantly renew so you can see their ads. Some of them disappear, too. If your router vendor supplies one, that might be a good choice, until you change routers, of course. OpenWRT supports many such services and there are many lists of common services.

However, if you have a single public accessible computer, for example a Web server or even a cloud instance, and you are running your own DNS server, you really don’t need one of those services. I’m going to show you how I do it with an accessible Linux server running Bind. This is a common setup, but if you have a different system you might have to adapt a bit.

There are many ways to set up dynamic DNS if you are willing to have a great deal of structure on both sides. Most of these depend on setting up a secret key to allow for DNS updates and some sort of script that calls nsupdate or having the DHCP server do it. The problem is, I have a lot of client computers and many are set up differently. I wanted a system where the only thing needed on the client side was ssh. All the infrastructure remains on the DNS server.

Continue reading “Linux-Fu: Your Own Dynamic DNS” →

Running A Successful Hacker Camp In A Pandemic: BornHack 2020

August 24, 2020 by Jenny List 10 Comments

You could say 2020 is The Year That Didn’t Happen, or perhaps even The Year That Everything Happened Online. All the international cons and camps have been cancelled, and we’ve spent our time instead seeing our friends in Jitsi, or Zoom.

But there was one camp that wasn’t cancelled. The yearly Danish hacker camp BornHack has gone ahead this year with significantly reduced numbers and amid social distancing, turning it from what is normally one of the smaller and more intimate events into the only real-world event of 2020.

I bought my ticket early in the year and long before COVID-19 became a global pandemic, so on a sunny day in August I found myself in my car with my friend Dani from FizzPop hackerspace in Birmingham taking the ferry for the long drive through the Netherlands and Germany to Denmark.

Continue reading “Running A Successful Hacker Camp In A Pandemic: BornHack 2020” →

CNC On The Desktop Hack Chat

August 24, 2020 by Dan Maloney 6 Comments

Join us on Wednesday, August 26 at noon Pacific for the CNC on the Desktop Hack Chat with Matt Hertel and John Allwine!

Once limited to multi-million dollar machines on the floors of cavernous factories, CNC technology has moved so far downscale in terms of machine size that it’s often easy to lose track of where it pops up. Everything from 3D-printers to laser engravers use computer numeric control to move a tool to some point in three-dimensional space, and do it with unmatched precision and reproducibility.

CNC has gotten so pervasive that chances are pretty good that there’s a CNC machine of some sort pretty close to everyone reading this, with many of those machines being homebrew designs. That’s the backstory of Pocket NC, a company that was literally started in a one-bedroom apartment in 2011 by Matt and Michelle Hertel. After a successful Kickstarter that delivered 100 of their flagship five-axis desktop CNC mills to backers, they geared up for production and now turn out affordable machine tools for the masses. We’ve even seen some very complex parts made on these mills show up in projects we’ve featured.

For this Hack Chat, we’ll be joined by Pocket NC CTO and co-founder Matt Hertel and John Allwine, who recently joined the company as Principal Software Engineer. We’ll discuss not only Pocket NC’s success and future plans, but the desktop CNC landscape in general. Drop by with your questions regarding both the hardware and the software side of CNC, about turning an idea into a business, and where the CNC world and next-generation manufacturing will be heading in the future.

Our Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, August 26 at 12:00 PM Pacific time. If time zones baffle you as much as us, we have a handy time zone converter.

Click that speech bubble to the right, and you’ll be taken directly to the Hack Chat group on Hackaday.io. You don’t have to wait until Wednesday; join whenever you want and you can see what the community is talking about.