Hackaday Links: May 31, 2020

May 31, 2020 by Dan Maloney 18 Comments

We begin with sad news indeed as we mark the passing of Marcel van Kervinck on Monday. The name might not ring a bell, but his project, the Gigatron TTL computer, certainly will. We did a deep dive on the microprocessor-less computer a while back, and Marcel was a regular at conferences and on the Gigatron forums, supporting users and extending what the computer can do. He was pretty candid about his health issues, and I’ll add that when I approached him a few weeks ago out of the blue about perhaps doing a Hack Chat about Gigatron, he was brutally honest about how little time he had left and that he wouldn’t make it that long. I was blown away by the grace and courage he displayed. His co-conspirator Walter Belger will carry on the Gigatron mission, including joining us for a Hack Chat on June 24. In the meantime, this might be a great time to pick up a Gigatron kit before they’re all sold out and get busy soldering all those delicious through-hole TTL chips.

May of 2020 is the month that never seems to end, and as the world’s focus seems to shift away from the immediate public health aspects of the ongoing COVID-19 pandemic to the long-term economic impact of the response to it, we happened across a very interesting article on just that topic. Mike Robbins from the Circuit Lab has modeled the economic impact of the pandemic using analog circuit simulations. He models people as charges and the flow of people between diseases states as currents; the model has capacitors to store the charge and allow him to measure voltages and filters that model the time delays needed for public policy changes to be adopted. It’s a fascinating mashup of engineering and policy. You can play with the model online, tweak parameters, and see what you come up with.

One of the things that the above model makes clear is that waiting to fully reopen the economy until a vaccine is ready is a long and dangerous game. But there has at least been some progress on that front, as Massachusetts biotech firm Moderna announced success in Phase 1 clinical trials of its novel mRNA vaccine against SARS-CoV-2. It’s important to temper expectations here; Phase 1 trials are only the beginning of human testing, aimed at determining the highest treatment dose that won’t cause serious side effects. Phase 2 and Phase 3 trials are much more involved, so there’s a long way to go before the vaccine, mRNA-1273, is ready for use. If you need to brush up on how these new vaccines work, check out our handy guide to mRNA vaccines.

In happier news, the “moar memory” version of the Raspberry Pi 4 is now on sale. Eben Upton announced that the 8GB version of the Pi 4 is now available for $75. The upgrade was apparently delayed by the lack of an 8GB LPDDR SDRAM chip in a package that would work in the Pi manufacturing process. They’ve also released a beta of a 64-bit version of the Raspberry Pi OS, if you’re interested in a bleeding-edge flex.

And finally, for those who missed the first wave of the computer revolution and never had a blinkenlight machine, you can at least partially scratch that itch with this Internet-connected Altair 8800. Jesse Downing has written a queueing system that allows users to connect to the machine via ssh and use Microsoft BASIC 5.0 on CP/M. Need to see those glorious front panels lights do their thing? Jesse has kindly set up a live stream for that, with an overlay of the current console output. It’s a great way to relive your misspent youth, or to get a taste of what computing was like when soldering skills were a barrier to entry.

DMCA Vs Hacker

May 30, 2020 by Elliot Williams 46 Comments

This week featured a large kerfuffle over a hack that you probably read about here on Hackaday: [Neutrino] wedged an OLED screen and an ESP32 into a Casio calculator. REACT, an anti-counterfeiting organization, filed DMCA copyright takedowns on Casio’s behalf everywhere, including GitHub and YouTube, and every trace of [Neutrino]’s project was scrubbed from the Internet.

The DMCA is an interesting piece of legislation. It’s been used to prevent people from working on their tractors, from refilling printer ink cartridges, and to silence dissenting opinions, but it’s also what allows us to have the Internet that we know and love, in a sense.

In particular, the “safe harbor” provision absolves online platforms like YouTube and GitHub from liability for content they host, so long as they remove it when someone makes a copyright claim on it. So if a content owner, say Casio, issues a takedown notice for [Neutrino]’s GitHub and YouTube content, they have to comply. If he believes the request to be made in error, [Neutrino] can then file a counter-notice. After ten to fourteen days, presuming no formal legal action has been taken, the content must be reinstated. (See Section 512(g).)

Both the takedown notice and counter-notice are binding legal documents, sworn under oath of perjury. Notices and counter-notices can be used or abused, and copyright law is famously full of grey zones. The nice thing about GitHub is that they publish all DMCA notices and counter-notices they receive, so here it is for you to judge yourself.

Because of the perjury ramifications, we can’t say that the folks at REACT who filed the takedown knowingly submitted a bogus request in bad faith — that would be accusing them of breaking federal law — but we can certainly say that it looks like they’re far off base here. They’re certainly not coders.

The good news is that the code is back up on GitHub, but oddly enough the video describing the hack is still missing on YouTube.

But here’s how this looks for Casio and REACT: they saw something that was unflattering to a product of theirs — that it could be used for cheating in school — and they sent in the legal attack squad. If that’s the case, that’s rotten.

Spacing Out: All The Orbital News You’re Missing

May 30, 2020 by Jenny List 19 Comments

We keep finding more great space stories than we can cover, so here’s a speed-run through the broader picture of the moment as it applies to space flight.

The big news this week was the first launch of a manned SpaceX Crew Dragon capsule to the ISS. I was excited because the pass en route to the space station was scheduled to be visible from the UK at dusk, and on Wednesday evening I perched atop a nearby hill staring intently at the horizon. Except it had been cancelled due to bad weather. The next launch window is planned for today and you can watch it live.

Meanwhile, fashion is the other piece of this manned-launch’s appeal. Their sharply-designed spacesuits have attracted a lot of attention, moving on from the bulky functional Michelin Man aesthetic of previous NASA and Roscosmos garments for a positively futuristic look that wouldn’t be out of place in Star Trek. Never mind that the two astronauts are more seasoned space dog than catwalk model, they still look pretty cool to us. Against the backdrop of a political upheaval at the top of NASA, this first crewed orbital mission from American soil since the retirement of the Shuttle has assumed an importance much greater than might be expected from a run-of-the-mill spaceflight.

While we’re on the subject of the ISS, it’s worth noting that we’re approaching twenty years since the first crew took up residence there, and it has been continuously crewed ever since as an off-planet outpost. This is an astounding achievement for all the engineers, scientists, and crews involved, and though space launches perhaps don’t have the magic they had five decades ago it’s still an awe-inspiring sight to see a man-made object big enough to discern its shape pass over in the night sky. We understand that current plans are to retain the station until at least 2030, so it’s a sight that should remain with us for a while longer.

Closer to Earth are a couple of tests for relative newcomers to the skies. When Richard Branson’s Virgin group isn’t trying to boot millionaires off the planet through its Virgin Galactic operation, it’s aiming to cheaply fling small satellites into orbit from a rocket-toting airborne Boeing 747 with its Virgin Orbit subsidiary. Their first test launch sadly didn’t make it to space, once the rocket had flawlessly launched from the airliner it suffered a fault and the mission had to be aborted. Getting into space is hard.

The second test was never intended to make it into space, but is no less noteworthy. The British company Skyrora have performed a successful ground test of their Skylark L rocket, aiming for a first launch next year and for offering low-earth orbit services by 2023. This is significant because it will be the first British launch since the ill-fated Black Arrow launch in 1971, and with their Scottish launch site the first ever from British soil. If you’ve seen Skyrora mentioned here before, it is because they were behind the retrieval of the Black Arrow wreckage from the Aussie outback that we mentioned when we wrote about that programme.

Looking forward to the coming week, especially today’s rescheduled SpaceX launch. This time however, I’ll check the weather conditions before climbing any hills.

Books You Should Read: The Design Of Everyday Things

May 29, 2020 by Sonya Vasquez 27 Comments

With everything from APIs to Raspberry Pis making it even easier for us to create and share objects shaped by personal whim, it’s high time that Don Norman’s sage design advice falls on not just the design student, but the hardware hacker and DIY enthusiast too. Grab yourself a coffee and a free weekend, and settle into the psychology of people-struggling-how-to-use-that-widget-they-just-purchased in The Design of Everyday Things: Revised and Expanded Edition.

Who’s to blame for a door that opens with a pull when everything about how it looks says it should open with a push? In Don Norman’s world, it’s not you; its the designer. Enter a world where blame is inverted and mistakes can be critically categorized. Norman takes us example by example showing us how common items in the world poorly serve the needs of their user, mainly because the designer simply ignores key aspects of our humanity. This book is a crisp, concise overview of human psychology when applied to engaging with things combined with a language of ideas to help us apply this psychology to better interactions. (And it reads like butter!)

Opening Up to the Language of Design

What’s an affordance, you might ask? Well, simply put, it’s a way that an object can be used by a human. How about a signifier? That’s a communication “signposting” scheme that object uses to suggest to you how it should be used. If that sounds a bit fluffy, just think about the last time you tried to push open a door that needed to be pulled. Something about that door was suggesting that you could push it open, but it couldn’t! It “fooled” you because all the object’s signifiers were telling you otherwise. Continue reading “Books You Should Read: The Design Of Everyday Things” →

Hackaday Podcast 069: Calculator Controversy, Socketing SOIC, Metal On The Moon, And Basking In Bench Tools

May 29, 2020 by Mike Szczys No comments

Hackaday editors Mike Szczys and Elliot Williams march to the beat of the hardware hacking drum as they recount the greatest hacks to hit the ‘net this week. First up: Casio stepped in it with a spurious DMCA takedown notice. There’s a finite matrix of resistors that form a glorious clock now on display at CERN. Will a patio paver solve your 3D printer noise problems? And if you ever build with copper clad, you can’t miss this speedrun of priceless prototyping protips.

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (60 MB or so.)

Continue reading “Hackaday Podcast 069: Calculator Controversy, Socketing SOIC, Metal On The Moon, And Basking In Bench Tools” →

This Week In Security: Leaking Partial Bits, Apple News, And Overzealous Contact Tracing

May 29, 2020 by Jonathan Bennett 11 Comments

Researchers at the NCCGroup have been working on a 5-part explanation of a Windows kernel vulnerability, targeting the Kernel Transaction Manager (KTM). The vulnerability, CVE-2018-8611, is a local privilege escalation bug. There doesn’t seem to be a way to exploit this remotely, but it is an interesting bug, and NCCGroup’s work on it is outstanding.

They start with a bit of background on what the KTM is, and why one might want to use it. Next is a handy guide to reverse engineering Microsoft patches. From there, they describe the race condition and how to actually exploit it. They cover a wide swath in the series, so go check it out.

Left4Dead 2

Just a reminder that bugs show up where you least expect them, [Hunter Stanton] shares his story of finding a code execution bug in the popular Valve game, Left4Dead 2. Since the game’s code isn’t available to look at, he decided to go the route of fuzzing. The specific approach he took was to fuzz the navigation mesh data, part of the data contained in each game map. Letting the Basic Fuzzing Framework (BFF) run for three days turned up a few possible crashes, and the most promising turned out to have code execution potential. [Hunter] submitted the find through Valve’s HackerOne bug bounty program, and landed a cool $10k bounty for his trouble.

While it isn’t directly an RCE, [Hunter] does point out that malicious mesh data could be distributed with downloadable maps on the Steam workshop. Alternatively, it should be possible to set up a fake game server that distributes the trapped map. Continue reading “This Week In Security: Leaking Partial Bits, Apple News, And Overzealous Contact Tracing” →

Hackaday Prize And Conservation X Labs Issue Design Challenges To Address Extinction Crisis

May 28, 2020 by Tom Nardi 3 Comments

When most people think of extinct species, they likely imagine prehistoric creatures such as dinosaurs or woolly mammoths. Extinction is something you read about in history books, nature’s way of removing contestants in the great game of life. It’s a product of a cruel and savage world, and outside of a few remaining fringe cases, something that humanity’s advanced technology has put a stop to.

Unfortunately, the truth is far more complicated than that. The planet is currently going through its sixth major extinction event, and this time, it’s our fault. Humanity might not be willfully destroying the natural habitats of the plants, fish, birds, and other lifeforms that have been eradicated, but we’re responsible for it just the same. Humans are an apex predator unlike any the world has ever seen before, and the only force that can stop us is ourselves.

Founded in 2015, Conservation X Labs is devoted to doing everything it can to end this sixth wave of extinction. Unsatisfied with the pace of traditional conservation, they leverage technology and open innovation to develop unique new ways of combating the damage our species has done to life on this planet. After all, it’s the only one we’ve got.

We’ve partnered with this organization to help develop solutions to some of these problems. This includes an open call challenge that anyone can enter, and a Dream Team program that you can get involved with if you act quickly. Let’s take a look at what Conservation X Labs is all about, and what is involved with the challenges at hand.

Continue reading “Hackaday Prize And Conservation X Labs Issue Design Challenges To Address Extinction Crisis” →