Hackaday Columns

4112 Articles

This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.

Hackaday Podcast Episode 258: So Much Unix, Flipper Flip-out, And The Bus Pirate 5

February 16, 2024 by 2 Comments

Hackaday Editors Elliot Williams and Tom Nardi discuss all the week’s best and most interesting hacks and stories, starting with Canada’s misguided ban on the Flipper Zero for being too spooky. From there they’ll look at the state-of-the-art in the sub-$100 3D printer category, Apple’s latest “Right to Repair” loophole, running UNIX on the NES (and how it’s different from Japan’s Famicom), and the latency of various wireless protocols.

After singing the praises of the new Bus Pirate 5, discussion moves on to embedded Linux on spacecraft, artfully lifting IC pins, and the saga of the blue LED. Finally you’ll hear the how and why behind electrical steel, and marvel at a Mach 10 missile that (luckily) never needed to be used.

Grab a copy for yourself if you want to listen offline.

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast Episode 258: So Much Unix, Flipper Flip-out, And The Bus Pirate 5”

This Week In Security: Filename Not Sanitized, MonikerLink, And Snap Attack!

February 16, 2024 by 7 Comments

Reading through a vulnerability report about ClamAV, I came across a phrase that filled me with dread: “The file name is not sanitized”. It’s a feature, VirusEvent, that can be enabled in the ClamnAV config. And that configuration includes a string formatting function, where the string includes %v and %s, which gets replaced with a detected virus name and the file name from the email. And now you see the problem, I hope: The filename is attacker supplied input.

Where this really gets out of hand is what ClamAV does with this string. execle("/bin/sh", "sh", "-c", buffer_cmd, NULL, env). So let’s talk defensive program design for a minute. When it comes to running a secondary command, there are two general options, system() and the exec*() family of system calls. system() is very simple to use. It pauses execution of the main process and asks the operating system to run a string, just as if the user had typed that command into the shell. While this is very convenient to use, there is a security problem if any of that command string is user-supplied. All it takes is a semicolon or ampersand to break assumptions and inject a command.

To the rescue comes exec(). It’s a bit more complicated to use, requiring the programmer to manually call fork() and wait(). But it’s not running the command via the shell. exec() executes a program directly, totally eliminating the potential for command injection! Except… oops.

Yeah, exec() and related calls don’t offer any security protections when you use them to execute /bin/sh. I suspect the code was written this way to allow running a script without specifying /bin/sh in the config. The official fix was to disable the filename format character, and instead supply it as an environment variable. That certainly works, and that fix is available in 1.0.5, 1.2.2, and 1.3.0.

The real danger here is that we have another case where some hardware appliance manufacturer has used ClamAV for email filtering, and uses this configuration by default. That’s how we get orders from CISA to unplug your hardware, because it’s already compromised. Continue reading “This Week In Security: Filename Not Sanitized, MonikerLink, And Snap Attack!”

Retrotechtacular: Some Days You Just Can’t Get Rid Of A Nuclear Bomb

February 15, 2024 by 19 Comments

It may seem a bit obvious to say so, but when a munition of just about any kind is designed, little thought is typically given to how to dispose of it. After all, if you build something that’s supposed to blow up, that pretty much takes care of the disposal process, right?

But what if you design something that’s supposed to blow up only if things go really, really wrong? Like nuclear weapons, for instance? In that case, you’ll want to disassemble them with the utmost care. This 1993 film, produced by the US Department of Energy, gives a high-level overview of nuclear weapons decommissioning at the Pantex plant in Texas. Fair warning: this film was originally on a VHS tape, one that looks like it sat in a hot attic for quite a few years before being transferred to DVD and thence to YouTube. So the picture quality is lousy, in some points nearly unwatchably so. Then again, given the subject matter that may be a feature rather than a bug.

Continue reading “Retrotechtacular: Some Days You Just Can’t Get Rid Of A Nuclear Bomb”

Linux Fu: Curling C

February 15, 2024 by 11 Comments

Sometimes, it pays to read the man pages of commands you use often. There might be a gem hidden in there that you don’t know about. Case in point: I’ve used curl (technically, cURL, but I’m going to stick with curl) many times to grab data from some website or otherwise make a web request. But what happens if you want to do the same thing from a C program? Well, you could be lazy and just spawn a copy of curl. But it turns out curl has a trick up its sleeve that can help you. If only I’d read the man page sooner!

First Things

The simplest use of curl is to just name a URL on the command line. For example, consider this session:

$ curl http://www.hackaday.com 
<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>

This isn’t so useful because it is a 301 response (to send you to the https server, in this case). The -L option will make curl go get the page instead of the redirect. Try:

$ curl -L http://www.hackaday.com

Continue reading “Linux Fu: Curling C”

Inputs Of Interest: The Svalboard Could Be Your Salvation

February 14, 2024 by 12 Comments

You know, sometimes dreams really do come true. When I told you about the DataHand keyboard almost four years ago, I never imagined I’d ever get to lay my hands on anything even remotely like it, between the original price point and the fact that they really, really hold their value. But thanks to [Morgan Venable], creator of the Svalboard, I can finally tell you what it’s like to type with your digits directionalized.

If you don’t recall, the DataHand was touted to be a total revolution in typing for RSI sufferers. It debuted in 1993 for a hefty price tag of about $1,500 — pretty far out of reach of the average consumer, but well within the budgets of the IT departments of companies who really wanted to keep their workers working. You want minimum finger travel? It doesn’t get more minimal than this concept of a d-pad plus the regular down action for each finger.

The Svalboard aims to be the new and improved solution for something that barely exists anymore, but still has a devoted following. Although the DataHand was built on a gantry and adjustable using knobs, the smallest fit possible on the thing is still rather big. Conversely, the Svalboard is fully customizable to suit any size hand and fingertip.

Continue reading “Inputs Of Interest: The Svalboard Could Be Your Salvation”

Ethernet For Hackers: The Very Basics

February 12, 2024 by 92 Comments

Ethernet is ubiquitous, fast, and simple. You only need two diffpairs (four wires) to establish a 100Mbit link, the hardware is everywhere, you can do Ethernet over long distances easily, and tons of the microcontrollers and SoCs support it, too. Overall, it’s a technology you will be glad to know about, and there’s hundreds of scenarios where you could use it.

If you need to establish a high-bandwidth connection between two Linux boards in your project, or maybe a Linux board and a powerful MCU, maybe make a network between microcontrollers, Ethernet’s your friend. It also scales wonderfully – there’s so much tech around Ethernet, that finding cables, connectors or ICs tends to be dead easy. Plus, the world of Ethernet is huge beyond belief. Ethernet as most of us know it is actually just the consumer-facing versions of Ethernet, and there’s a quite a few fascinating industrial and automotive Ethernet standards that flip many of our Ethernet assumptions upside down.

Now, you might be missing out on some benefits of Ethernet, or perhaps misunderstanding how Ethernet works at all. What does it mean when a microcontroller datasheet says “has Ethernet interface”? If you see five pins on an SBC and the manufacturer refers to them as “Ethernet”, what do you even do with them? Why does the Raspberry Pi 4 SoC support Ethernet but still requires an extra chip, and what even is GMII? Continue reading “Ethernet For Hackers: The Very Basics”

Hackaday Links Column Banner

Hackaday Links: February 11, 2024

February 11, 2024 by 4 Comments

Apple’s Vision Pro augmented reality goggles made a big splash in the news this week, and try as we might to resist the urge to dunk on them, early adopters spotted in the wild are making it way too easy. Granted, we’re not sure how many of these people are actually early adopters as opposed to paid influencers, but there was still quite a bit of silliness to be had, most of it on X/Twitter. We’d love to say that peak idiocy was achieved by those who showed themselves behind the wheels of their Teslas while wearing their goggles, with one aiming for an early adopter perfecta, but alas, most of these stories appear to be at least partially contrived. Some people were spotted doing their best to get themselves killed, others were content to just look foolish, especially since we’ve heard that the virtual keyboard is currently too slow for anything but hunt-and-peck typing, which Casey Niestat seemed to confirm with his field testing. After seeing all this, we’re still unsure why someone would strap $4,000 worth of peripheral-vision-restricting and easily fenced hardware to their heads, but hey — different strokes. And for those of you wondering why these things are so expensive, we’ve got you covered.

Continue reading “Hackaday Links: February 11, 2024”