This Week In Security: The UK Wants Your ICloud, Libarchive Wasn’t Ready, And AWS

February 14, 2025 by Jonathan Bennett 15 Comments

There’s a constant tension between governments looking for easier ways to catch criminals, companies looking to actually protect their users’ privacy, and individuals who just want their data to be truly private. The UK government has issued an order that threatens to drastically change this landscape, at least when it comes to Apple’s iCloud backups. The order was issued in secret, and instructed Apple to provide a capability for the UK officials to access iCloud backups that use the Advanced Data Protection (ADP) system. ADP is Apple’s relatively new end-to-end encryption scheme that users can opt-into to make their backups more secure. The key feature here is that with ADP turned on, Apple themselves don’t have access to decrypted user data.

If this order wasn’t onerous enough, it seems to explicitly include all ADP-protected data, regardless of the country of origin. This should ring alarm bells. The UK government is attempting to force a US company to add an encryption backdoor to give them access to US customer data. Cryptographer [Matthew Green] has thoughts on this situation. One of the slightly conspiratorial theories he entertains is that portions of the US government are quietly encouraging this new order because the UK has weaker protections against unreasonable search and seizure of data. The implication here is that those elements in the US would use this newfound UK data access capability to sidestep Fourth Amendment protections of citizens’ data. This doesn’t seem like much of a stretch.

[Matthew] does have a couple of suggestions. The first is passing laws that would make it illegal for a US company to add backdoors to their systems, specifically at the request of foreign nations. We’ve seen first-hand how such backdoors can backfire once accessed by less-friendly forces. In an ironic turn of fate, US agencies have even started recommending that users use end-to-end encrypted services to be safe against such backdoors. Technically, if this capability is added, the only recourse will be to disable iCloud backups altogether. Thankfully Apple has pushed back rather forcefully against this order, threatening to simply turn off ADP for UK users, rather than backdoor the rest of the world. Either way, it’s a scary bit of overreach.

Continue reading “This Week In Security: The UK Wants Your ICloud, Libarchive Wasn’t Ready, And AWS” →

Why AI Usage May Degrade Human Cognition And Blunt Critical Thinking Skills

February 13, 2025 by Maya Posch 98 Comments

Any statement regarding the potential benefits and/or hazards of AI tends to be automatically very divisive and controversial as the world tries to figure out what the technology means to them, and how to make the most money off it in the process. Either meaning Artificial Inference or Artificial Intelligence depending on who you ask, AI has seen itself used mostly as a way to ‘assist’ people. Whether in the form of a chat client to answer casual questions, or to generate articles, images and code, its proponents claim that it’ll make workers more efficient and remove tedium.

In a recent paper published by researchers at Microsoft and Carnegie Mellon University (CMU) the findings from a survey are however that the effect is mostly negative. The general conclusion is that by forcing people to rely on external tools for basic tasks, they become less capable and prepared of doing such things themselves, should the need arise. A related example is provided by Emanuel Maiberg in his commentary on this study when he notes how simple things like memorizing phone numbers and routes within a city are deemed irrelevant, but what if you end up without a working smartphone?

Does so-called generative AI (GAI) turn workers into monkeys who mindlessly regurgitate whatever falls out of the Magic Machine, or is there true potential for removing tedium and increasing productivity?

Continue reading “Why AI Usage May Degrade Human Cognition And Blunt Critical Thinking Skills” →

FLOSS Weekly Episode 820: Please Don’t Add AI Clippy To Thunderbird

February 12, 2025 by Jonathan Bennett 3 Comments

This week, Jonathan Bennett talks Thunderbird with Ryan Sipes! What’s the story with almost becoming part of LibreOffice, How has Thunderbird collected so many donations, and more!

Continue reading “FLOSS Weekly Episode 820: Please Don’t Add AI Clippy To Thunderbird” →

PCB Design Review: M.2 SSD Splitter

February 12, 2025 by Arya Voronova 20 Comments

Today’s PCB design review is a board is from [Wificable]. iI’s a novel dual-SSD laptop adapter board! See, CPUs and chipsets often let you split wide PCIe links into multiple smaller width links. This board relies on a specific laptop with a specific CPU series, and a BIOS mod, to put two M.2 NVMe SSDs into a single SSD slot of a specific series’ laptop.

This board has two crucial factors – mechanical compatibility, and electrical function. Looking into mechanics, it’s a 0.8 mm thick PCB that plugs into a M.2 socket, and it has sockets for two SSDs on it – plenty of bending going on. For electronics, it has a PCIe REFCLK clock buffer, that [Wificable] found on Mouser – a must have for PCIe bifurcation, and a must-work for this board’s core! Apart from that, this is a 4-layer board, it basically has to be for diffpairs to work first-try.

Of course, the clock buffer chip is the main active component and the focus of the board, most likely mistakes will happen there – let’s look at the chip first.

Continue reading “PCB Design Review: M.2 SSD Splitter” →

Illustrated Kristina with an IBM Model M keyboard floating between her hands.

Keebin’ With Kristina: The One With The SEGA Pico Keyboard

February 10, 2025 by Kristina Panos 3 Comments

It’s been a minute since I featured a tiny keyboard, and that’s okay. But if you want to get your feet wet in the DIY keyboarding community, making a little macro pad like [Arnov Sharma]’s Paste Pal is a great place to start.

A macro pad with five switches and a small OLED display. — Image by [Arnov Sharma] via Hackaday.IO

This is a follow-up to his original Paste Pal, which only had two buttons for copy and paste plus an OLED display. This updated version does three more things thanks to a total of five blue (!) switches. The selected command shows up on the screen so you know what you’ve done.

Right now, [Arnov] has the Paste Pal set up to do Copy, Paste, Enter, Scroll Up, and Scroll Down, but changing the assignments is as easy as updating a few lines of code.

Paste Pal Mk. II is at heart a Seeed Xiao SAMD21, which in this case is programmed in Arduino. If you want to make things easier on yourself, you could program it in CircuitPython instead, although [Arnov] includes the Arduino code in his excellent build guide.

Continue reading “Keebin’ With Kristina: The One With The SEGA Pico Keyboard” →

Hackaday Links: February 9, 2025

February 9, 2025 by Dan Maloney 15 Comments

January 9 ended up being a very expensive day for a Culver City, California man after he pleaded guilty to recklessly operating a drone during the height of the Pacific Palisades wildfire. We covered this story a bit when it happened (second item), which resulted in the drone striking and damaging the leading edge of a Canadian “Super Scooper” plane that was trying to fight the fire. Peter Tripp Akemann, 56, admitted to taking the opportunity to go to the top of a parking garage in Santa Monica and launching his drone to get a better view of the action to the northwest. Unfortunately, the drone got about 2,500 meters away, far beyond visual range and, as it turns out, directly in the path of the planes refilling their tanks by skimming along the waters off Malibu. The agreement between Akemann and federal prosecutors calls for a guilty plea along with full restitution to the government of Quebec, which owns the damaged plane, plus the costs of repair. Akemann needs to write a check for $65,169 plus perform 150 hours of community service related to the relief effort for the fire’s victims. Expensive, yes, but probably better than the year in federal prison such an offense could have earned him.

Continue reading “Hackaday Links: February 9, 2025” →

Software In Progress

February 8, 2025 by Elliot Williams 75 Comments

Open source software can be fantastic. I run almost exclusively open software, and have for longer than I care to admit. And although I’m not a serious coder by an stretch, I fill out bug reports when I find them, and poke at edge cases to help the people who do the real work.

For 3D modeling, I’ve been bouncing back and forth between OpenSCAD and FreeCAD. OpenSCAD is basic, extensible, and extremely powerful in the way that a programming language is, and consequently it’s reliably bug-free. But it also isn’t exactly user friendly, unless you’re a user who likes to code, in which case it’s marvelous. FreeCAD is much more of a software tool than a programming language, and is a lot more ambitious than OpenSCAD. FreeCAD is also a program in a different stage of development, and given its very broad scope, it has got a lot of bugs.

I kept running into some really serious bugs in a particular function – thickness for what it’s worth – which is known to be glitchy in the FreeCAD community. Indeed, the last time I kicked the tires on thickness, it was almost entirely useless, and there’s been real progress in the past couple years. It works at least sometimes now, on super-simple geometries, and this promise lead me to find out where it still doesn’t work. So I went through the forums to see what I could do to help, and it struck me that some people, mostly those who come to FreeCAD from commercial programs that were essentially finished a decade ago, have different expectations about the state of the software than I do, and are a lot grumpier.

Open source software is working out its bugs in public. Most open source is software in development. It’s growing, and changing, and you can help it grow or just hang on for the ride. Some open-source userland projects are mature enough that they’re pretty much finished, but the vast majority of open-source projects are coding in public and software in progress.

It seems to me that people who expect software to be done already are frustrated by this, and that when we promote super-star open projects like Inkscape or Blender, which are essentially finished, we are doing a disservice to the vast majority of useful, but still in progress applications out there that can get the job done anyway, but might require some workarounds. It’s exactly these projects that need our help and our bug-hunting, but if you go into them with the “finished” mentality, you’re setting yourself up for frustration.