Hackaday Links Column Banner

Hackaday Links: December 29, 2019

The retrocomputing crowd will go to great lengths to recreate the computers of yesteryear, and no matter which species of computer is being restored, getting it just right is a badge of honor in the community. The case and keyboard obviously playing a big part in that look, so when a crowdfunding campaign to create new keycaps for the C64 was announced, Commodore fans jumped to fund it. Sadly, more than four years later, the promised keycaps haven’t been delivered. One disappointed backer, Jim Drew, decided he was sick of waiting, so he delved into the world of keycaps injection molding and started his own competing campaign. Jim details his adventures in his Kickstarter Indiegogo campaign, which makes for good reading even if you’re not into Commodore refurbishment. Here’s hoping Jim has better luck than the competition did.

Looking for anonymity in our increasingly surveilled world? You’re not alone, and in fact, we predict facial recognition spoofing products and methods will be a growth industry in the new decade. Aside from the obvious – and often illegal – approach of wearing a mask that blocks most of the features machine learning algorithms use to quantify your face, one now has another option, in the form of a colorful pattern that makes you invisible to the YOLOv2 algorithm. The pattern, which looks like a soft-focus crowd scene rendered in Mardi Gras colors, won’t make the algorithm think you’re someone else, but it will prevent you from being classified as a person. It won’t work with any other AI algorithm, but it’s still an interesting phenomenon.

We saw a great hack come this week about using an RTL-SDR to track down a water leak. Clayton’s water bill suddenly skyrocketed, and he wanted to track down the source. Luckily, his water meter uses the encoder receive-transmit (ERT) protocol on the 900 MHz ISM band to report his usage, so he threw an SDR dongle and rtlamr at the problem. After logging his data, massaging it a bit with some Python code, and graphing water consumption over time, he found that water was being used even when nobody was home. That helped him find the culprit – leaky flap valves in the toilets resulting in a slow drip that ran up the bill. There were probably other ways to attack the problem, but we like this approach just fine.

Are your flex PCBs making you cry? Friend of Hackaday Drew Fustini sent us a tip on teardrop pads to reduce the mechanical stress on traces when the board flexes. The trouble is that KiCad can’t natively create teardrop pads. Thankfully an action plugin makes teardrops a snap. Drew goes into a bit of detail on how the plugin works and shows the results of some test PCBs he made with them. It’s a nice trick to keep in mind for your flexible design work.

2019: As The Hardware World Turns

Well, this is it. The end of the decade. In a few days the 2010s will be behind us, and a lot of very smug people will start making jokes on social media about how we’re back in the “Roaring 20s” again. Only this time around there’s a lot more plastic, and drastically less bathtub gin. It’s still unclear as to how much jazz will be involved.

Around this time we always say the same thing, but once again it bears repeating: it’s been a fantastic year for Hackaday. Of course, we had our usual honor of featuring literally thousands of incredible creations from the hacking and making community. But beyond that, we also bore witness to some fascinating tech trends, moments that could legitimately be called historic, and a fair number of blunders which won’t soon be forgotten. In fact, this year we’ve covered a wider breadth of topics than ever before, and judging by the record setting numbers we’ve seen in response, it seems you’ve been just as excited to read it as we were to write it.

To close out the year, let’s take a look at a few of the most popular and interesting stories of 2019. It’s been a wild ride, and we can’t wait to do it all over again in 2020.

Continue reading “2019: As The Hardware World Turns”

Ask Hackaday: Drone Swarms Replace Fireworks; Where Are The Hackers?

Your mom always warned you that those fireworks could put an eye out. However, the hottest new thing in fireworks displays is not pyrotechnic at all. Instead, a swarm of coordinated drones take to the sky with different lighting effects. This makes some pretty amazing shows possible, granting full control of direction, color, and luminosity of each light source in a mid-air display. It also has the side benefit of being safer — could this be the beginning of the end for fireworks accident videos blazing their way across social media platforms?

For an idea of what’s possible with drone swarm displays, check out the amazing pictures found on this site (machine translation) that show off the 3D effects quite well. Note that although it appears the camera is moving during many of these, the swam itself could be rotated relative to a stationary viewer for a similar effect.

What I couldn’t find was much going on here in the hobby space. Granted, in the United States, restrictive drone laws might hamper your ability to do things like this. But it seems that in a purely technical terms this wouldn’t be super hard to do — at least for simple designs. Besides, there must be some way to do this in US airspace since drone performances have been at the Super Bowl, Los Angeles, New York, Miami, and Folsom, CA.

So if the regulations were sorted, what would it take to build a swarm of your own performing drones?

Continue reading “Ask Hackaday: Drone Swarms Replace Fireworks; Where Are The Hackers?”

Linux Fu: WSL Tricks Blur The Windows/Linux Line

We have to admit, we have an odd fascination with WSL — the Windows subsystem for Linux. On the one hand, it gives us more options on Windows 10 for running the software we love. On the other hand, we wonder why we aren’t just running Linux. Sometimes it is because our cool laptop doesn’t work well on Linux. Other times we are using someone else’s computer that we aren’t allowed to reload or dual boot. Still, as long as we have to use Windows, we are glad to have WSL. A recent blog post by [Hanselman] shows some very cool tricks for using WSL that make it even better.

Exploring WSL

Did you know you can use WSL to run Linux commands in a Windows command shell? For example, you have a long directory and you want to run grep:

dir c:\archive\* | wsl grep -i hackaday

Of course, from bash you could access the same directory:

ls /mnt/c/archive | grep -i hackaday

Continue reading “Linux Fu: WSL Tricks Blur The Windows/Linux Line”

Hackaday Links Column Banner

Hackaday Links: December 22, 2019

It’s hard to believe it, but the Raspberry Pi has been on the market for only seven years now. The single-board computer has become so entrenched in the hobby electronics scene that it’s hard to imagine life without it, or what we did before it came along. And with the recent announcement that the 30 millionth Raspberry Pi was recently manufactured, now we have some clarity on the scale of its success. Just roll that number around in your head for a bit – that’s one Pi for every nine or so people in the USA. Some of the other facts and figures in the linked article boggle the mind too, like Eben Upton figured they’d only ever sell about 10,000 units, or that the factory in Wales where most Pis are made can assemble 15,000 units a day.

Speaking of manufacturing, have you ever considered what goes into getting a small-scale manufactured product ready for shipping? The good folks over at Gigatron know all about the joys of kitting, and have put together an interesting un-unboxing video for their flagship TTL-only retro computer. It’s a nice riff on the unboxing videos that are somehow popular on YouTube these days, and shows just how much effort they put into getting a Gigatron out the door. All told, it takes about an hour to ship each unit, and the care put into the process is evident. We especially like the part where all the chips are placed into antistatic foam in the same orientation they’ll be on the completed board. Nice touch.

Last time we checked in on the Lulzbot saga, the open source 3D printer manufacturer had been saved from complete liquidation by a company named FAME 3D. Now we’re getting the first solid details about where things go from here. Not only will thirteen of the remaining Lulzbot employees be staying on, but FAME 3D plans to hire 50 new employees to get operations back up as quickly as possible. The catch? The “F” in FAME 3D stands for Fargo, North Dakota, where Fargo Additive Manufacturing Equipment 3D is based. So Lulzbot will be moving north from Loveland, Colorado in the coming months.

For the last few years, adventure travelers making the pilgrimage to Shenzhen to scour the electronics markets have stuffed a copy of Andrew “Bunnie” Huang’s The Essential Guide to Electronics in Shenzhen into their soon-to-be-overflowing backpacks. The book is a goldmine of insider information, stuffed with maps and translation tables critical for navigating a different culture with no local language skills. Bunnie’s book has only been available in dead-tree format and now that all but the last few copies have been sold, he decided to make a web version available for free. We’d have to think a tablet or phone would be a bit harder to use in the heat of negotiation than the nice spiral-bound design of the print copy, but the fact that the insider information will now be widely available probably makes this a net positive.

And finally, if you’ve ever nearly been run over by an EV or hybrid silently backing out of a parking space, you’ll no doubt appreciate attempts to legislate some sort of audible presence to these vehicles. But what exactly should an electric vehicle be made to sound like? Volkswagen has begun to address that question, and while you can certainly read through the fluff in their press release, all you really need to do is listen to the sample. We’ve got to say that they pretty much nailed what a car of the future should sound like. Although they might have missed a real opportunity here.

Hackaday Podcast 047: Prusa Controversy, Bottle Organ Breakdown, PCBs Bending Backwards, And Listen To Your LED

Hackaday editors Mike Szczys and Elliot Williams get together for the 47th and final Hackaday Podcast of 2019. We dive into the removable appendix on Prusa’s new “Buddy” control board, get excited over the world’s largest grid-backup battery, and commiserate about the folly of designing enclosures as an afterthought. There’s some great research into which threaded-inserts perform best for 3D-printed parts, how LEDs everywhere should be broadcasting data, and an acoustic organ that’s one-ups the traditional jug band.

Take a look at the links below if you want to follow along, and as always tell us what you think about this episode in the comments!

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (60 MB or so.)

Continue reading “Hackaday Podcast 047: Prusa Controversy, Bottle Organ Breakdown, PCBs Bending Backwards, And Listen To Your LED”

This Week In Security: Unicode, Truecrypt, And NPM Vulnerabilities

Unicode, the wonderful extension to to ASCII that gives us gems like “✈”, “⌨”, and “☕”, has had some unexpected security ramifications. The most common problems with Unicode are visual security issues, like character confusion between letters. For example, the English “M” (U+004D) is indistinguishable from the Cyrillic “М” (U+041C). Can you tell the difference between IBM.com and IBМ.com?

This bug, discovered by [John Gracey] turns the common problem on its head. Properly referred to as a case mapping collision, it’s the story of different Unicode characters getting mapped to the same upper or lowercase equivalent.

'ß'.toLowerCase() === 'SS'.toLowerCase() // true
// Note the Turkish dotless i
'John@Gıthub.com'.toUpperCase() === 'John@Github.com'.toUpperCase()

GitHub stores all email addresses in their lowercase form. When a user sends a password reset, GitHub’s logic worked like this: Take the email address that requested a password reset, convert to lower case, and look up the account that uses the converted email address. That by itself wouldn’t be a problem, but the reset is then sent to the email address that was requested, not the one on file. In retrospect, this is an obvious flaw, but without the presence of Unicode and the possibility of a case mapping collision, would be a perfectly safe practice.

This flaw seems to have been fixed quite some time ago, but was only recently disclosed. It’s also a novel problem affecting Unicode that we haven’t covered. Interestingly, my research has turned up an almost identical problem at Spotify, back in 2013.
Continue reading “This Week In Security: Unicode, Truecrypt, And NPM Vulnerabilities”