How To Get Into Cars: Handling Mods

March 10, 2020 by Lewin Day 31 Comments

As a budding automotive enthusiast, you finally took the plunge and scored yourself a sweet project car. After going through it from top to toe, you’ve done your basic maintenance and it’s now running like a top. Now you’re getting comfortable, you’ve set your sights on turning your humble ride into a corner carving machine. Here’s a guide to get yourself started.

It’s All About Grip

When it comes to creating a handling monster, the aim is to create a car that sticks to the road like glue, and is controllable when it does break loose. Having a car that handles predictably at the limit is a big help when you’re pushing hard on track, particularly for an inexperienced driver. And, whether you’re hitting the canyons on the weekend or trying to slash your laptimes, it’s always nice to have more grip. Through selecting the right parts and getting the set up right, it’s possible to hone your car’s cornering ability to make it a rewarding experience to drive fast and hard. Continue reading “How To Get Into Cars: Handling Mods” →

Dexter Robot Arm Embraces New Manufacturing With First Micro-Factory

March 9, 2020 by Mike Szczys 32 Comments

Haddington Dynamics, the company behind the Dexter robot arm that won the 2018 Hackaday Prize, has opened its first microfactory to build robot arms for Australia and Southeast Asia.

You may remember that the combination of Dexter’s makeup and capabilities are what let it stand out among robotics projects. The fully-articulated robot arm can be motion trained; it records how you move the arm and can play back with high precision rather than needing to be taught with code. The high-precision is thanks to a clever encoder makeup that leverages the power of FPGAs to amplify the granularity of its optical encodes. And it embraces advanced manufacturing to combine 3D printed and glue-up parts with mass produced gears, belts, bearings, and motors.

It’s a versatile robot arm, for a fraction of the cost of what came before it, with immense potential for customization. And did I mention that it’s open source? Continue reading “Dexter Robot Arm Embraces New Manufacturing With First Micro-Factory” →

PCB Finishes Hack Chat

March 9, 2020 by Dan Maloney 3 Comments

Join us on Wednesday, March 11 at noon Pacific for the PCB Finishes Hack Chat with Mark Hughes and Elijah Gracia!

There’s no way to overestimate the degree to which the invention of the printed circuit board revolutionized electronics. What was once the work of craftspeople weaving circuits together with discrete components, terminal strips, and wiring harnesses could now be accomplished with dedicated machines, making circuit construction an almost human-free process. And it was all made possible by figuring out how to make copper foil stick to a flat board, and how to remove some of it while leaving the rest behind.

Once those traces are formed, however, there’s more work to be done. Bare copper is famously reactive stuff, and oxides soon form that will make the traces difficult to solder later. There are hundreds of different ways to prevent this, and PCB surface finishing has become almost an art form itself. Depending on the requirements for the circuit, traces can be coated with tin, lead, gold, nickel, or any combination of the above, using processes ranging from electroplating to immersion in chemical baths. And the traces aren’t the only finishes; solder resist and silkscreening are both important to the usability and durability of the finished board.

For this Hack Chat, we’ll be talking to Elijah Gracia and Mark Hughes from Royal Circuit Solutions. They’re both intimately familiar with the full range of PCB coatings and treatments, and they’ll help us make sense of the alphabet soup: HASL, OSP, ENIG, IAg, LPI, and the rest. We’ll learn what the different finishes do, which to choose under what circumstances, and perhaps even learn a bit about how to make our homebrew boards look a little more professional and perform a bit better.

Our Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, March 11 at 12:00 PM Pacific time. If time zones have got you down, we have a handy time zone converter.

Click that speech bubble to the right, and you’ll be taken directly to the Hack Chat group on Hackaday.io. You don’t have to wait until Wednesday; join whenever you want and you can see what the community is talking about.

Hackaday Links: March 8, 2020

March 8, 2020 by Dan Maloney 16 Comments

A lot of annoying little hacks are needed to keep our integer-based calendar in sync with a floating-point universe, and the big one, leap day, passed us by this week. Aside from the ignominy of adding a day to what’s already the worst month of the year, leap day has a tendency to call out programmers who take shortcuts with their code. Matt Johnson-Pint has compiled a list of 2020 leap day bugs that cropped up, ranging from cell phones showing the wrong date on February 29 to an automated streetlight system in Denmark going wonky for the day. The highest-profile issue may have been system crashes of Robinhood, the online stock trading platform. Robinhood disagrees that the issues were caused by leap day code issues, saying that it was a simple case of too many users and not enough servers. That seems likely given last week’s coronavirus-fueled trading frenzy, but let’s see what happens in 2024.

Speaking of annoying time hacks, by the time US readers see this, we will have switched to Daylight Saving Time. Aside from costing everyone a precious hour of sleep, the semiannual clock switch always seems to set off debates about the need for Daylight Saving Time. Psychologists think it’s bad for us, and it has elicited a few bugs over the years. What will this year’s switch hold? Given the way 2020 has been going so far, you’d better buckle up.
Continue reading “Hackaday Links: March 8, 2020” →

From Hacker Hotel 2020: Badges, Sharks, Tentacles, Old-School Hacking, And Much More

March 6, 2020 by Jenny List 9 Comments

The North Sea in a winter storm is a spectacular sight, one of foam-crested waves and squalls driven on the gale. It’s not a place to spend a lot of time if you are a land-lubber, so to cross it twice in a few weeks must mean there is something very much worth seeing on its other side.

More of that exotic cruise ship lifestyle.

But one of the best antidotes to February weather in the European hacker community was Hacker Hotel 2020. Around 350 people came from all the countries of the northwest of the continent to the comfort and hospitality of the Westcord Hotel de Veluwe in the eastern Netherlands, to experience a hacker camp with all the convenience and luxury of a resort hotel rather than a muddy field.

Three days in this environment results in a camp that’s just a bit special, and one that’s very much worth a visit if your range extends this far.

An Upscale Hotel Gets The Hacker Treatment

The Hacker Hotel badge 2020 has many hidden depths

Our small party of Brits arrived a day early, on a damp Thursday morning ready to lend a hand with the set-up. Slowly an upscale business conference centre was transformed into a hacker camp venue, with conference rooms turned into lecture halls, lighting and video equipment in place and 3-phase power cables snaking along the skirting boards. A large hardware hacking area was set up in one wing of the building, then the EventInfra people came in and laid out a hacker-camp-grade wireless and wired network that delivered connectivity everywhere. The contrast between the two worlds is significant, but together they make for a unique experience.

One by one, hackers arrived from all points of the compass, bearing crates of the usual cool stuff. An amateur TV satellite earth station, a brace of oversized delta 3D printers, a coin-pushing game that’s familiar from other camps. And smaller projects; little roving robots, indoor-sized multirotors, and several crates of outdated Chinese photo-frames that it’s said can be hacked to run a Linux distro.

This is the lifeblood of a hacker camp, but of course the signature piece of hardware for any hacker camp is its badge. In this Hacker Hotel 2020 didn’t disappoint, with a beautifully designed Ancient Egyptian-themed badge that concealed an array of puzzles across multiple levels. We’ll cover the badge in detail in a separate piece, but suffice to say that it is something of a tour de force. For now let’s jump into all of people and activities on offer at the con.

Continue reading “From Hacker Hotel 2020: Badges, Sharks, Tentacles, Old-School Hacking, And Much More” →

Hackaday Podcast 057: Dismantled LCD Panels, Unexpected Dynamometer, A Flappy POV, And Dastardly Encryption

March 6, 2020 by Mike Szczys 4 Comments

Hackaday editors Mike Szczys and Elliot Williams are onto an LCD and motors kick this week. Two different LCD screen teardowns caught our eye as one lets you stare into the void while using your iMac and the other tries to convince us to be not afraid of de-laminating the LCD stackup. On the motors front, it’s all about using magnets and coils in slightly different ways; there’s a bike generator that uses a planar alternator design, a dynamometer for testing motor power that itself is built from a motor, and a flex-PCB persistence of vision display that’s a motor/display hybrid. We round out the episode with talk of the newly revealed espionage saga that was Crypto AG, and riveting discussion of calculators, both real and virtual.

Take a look at the links below if you want to follow along, and as always tell us what you think about this episode in the comments!

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (60 MB or so.)

Continue reading “Hackaday Podcast 057: Dismantled LCD Panels, Unexpected Dynamometer, A Flappy POV, And Dastardly Encryption” →

This Week In Security: Let’s Encrypt Revocation, Ghostcat, And The RIDLer

March 6, 2020 by Jonathan Bennett 7 Comments

Let’s Encrypt recently celebrated their one billionth certificate. That’s over 190 million websites currently secured, and thirteen full-time staff. The annual budget for Lets Encrypt is an eye-watering $3.3+ million, covered by sponsors like Mozilla, Google, Facebook, and the EFF.

A cynic might ask if we need to rewind the counter by the three million certificates Let’s Encrypt recently announced they are revoking as a result of a temporary security bug. That bug was in the handling of the Certificate Authority Authorization (CAA) security extension. CAA is a recent addition to the X.509 standard. A domain owner opts in by setting a CAA field in their DNS records, specifying a particular CA that is authorized to issue certificates for their domain. It’s absolutely required that when a CA issues a new certificate, it checks for a CAA record, and must refuse to issue the certificate if a different authority is listed in the CAA record.

The CAA specification specifies eight hours as the maximum time to cache the CAA check. Let’s Encrypt uses a similar automated process to determine domain ownership, and considers those results to be valid for 30 days. There is a corner case where the Let’s Encrypt validation is still valid, but the CAA check needs to be re-performed. For certificates that cover multiple domains, that check would need to be performed for each domain before the certificate can be issued. Rather validating each domain’s CAA record, the Let’s Encrypt validation system was checking one of those domain names multiple times. The problem was caught and fixed on the 28th.

The original announcement gave administrators 36 hours to manually renew their affected certificates. While just over half of the three million target certificates have been revoked, an additional grace period has been extended for the over a million certs that are still in use. Just to be clear, there aren’t over a million bad certificates in the wild, and in fact, only 445 certificates were minted that should have been prevented by a proper CAA check.

Ghostcat

Apache Tomcat, the open source Java-based HTTP server, has had a vulnerability for something like 13 years. AJP, the Apache JServ Protocol, is a binary protocol designed for server-to-server communication. An example use case would be an Apache HTTP server running on the same host as Tomcat. Apache would serve static files, and use AJP to proxy dynamic requests to the Tomcat server.

Ghostcat, CVE-2020-1938, is essentially a default configuration issue. AJP was never designed to be exposed to untrusted clients, but the default Tomcat configuration enables the AJP connector and binds it to all interfaces. An attacker can craft an AJP request that allows them to read the raw contents of webapp files. This means database credentials, configuration files, and more. If the application is configured to allow file uploads, and that upload location is in the folder accessible to the attacker, the result is a full remote code execution exploit chain for any attacker.

The official recommendation is to disable AJP if you’re not using it, or bind it to localhost if you must use it. At this point, it’s negligence to leave ports exposed to the internet that aren’t being used.

Have I Been P0wned

You may remember our coverage of [Troy Hunt] over at haveibeenpwned.com. He had made the decision to sell HIBP, as a result of the strain of running the project solo for years. In a recent blog post, [Troy] reveals the one thing more exhausting that running HIBP: trying to sell it. After a potential buyer was chosen, and the deal was nearly sealed, the potential buyer went through a restructuring. At the end of the day, the purchase no longer made sense for either party, and they both walked away, leaving HIBP independent. It sounds like the process was stressful enough that HIBP will remain a independent entity for the foreseeable future.

You Were Warned

Remember the Microsoft Exchange vulnerability from last week? Attack tools have been written, and the internet-wide scans have begun.

Ridl Me This, Chrome

We’ve seen an abundance of speculative execution vulnerabilities over the last couple of years. While these problems are technically interesting, there has been a bit of a shortage of real-world attacks that leverage those vulnerabilities. Well, thanks to a post over at Google’s Project Zero, that dearth has come to an end. This attack is a sandbox escape, meaning it requires a vulnerability in the Chrome JS engine to be able to pull it off.

To understand how Ridl plays into this picture, we have to talk about how the Chrome sandbox works. Each renderer thread runs with essentially zero system privileges, and sends requests through Mojo, an inter-process communication system. Mojo uses a 128 bit numbering system to both identify and secure those IPC endpoints.

Once an attacker has taken over the unprivileged sandbox process, the next step is to figure out the port name of an un-sandboxed Mojo port. The trick is to get that privileged process to access its Mojo port name repeatedly, and then capture an access using Ridl. Once the port is known, the attacker has essentially escaped the sandbox.

The whole read is interesting, and serves as a great example of the sorts of attacks enabled by speculative execution leaks.

Hackaday

Hackaday Columns

4556 Articles