This Week In Security: The X DDoS, The ESP32 Basementdoor, And The CamelCase RCE

March 14, 2025 by Jonathan Bennett 9 Comments

We would be remiss if we didn’t address the X Distributed Denial of Service (DDoS) attack that’s been happening this week. It seems like everyone is is trying to make political hay out of the DDoS, but we’re going to set that aside as much as possible and talk about the technical details. Elon made an early statement that X was down due to a cyberattack, with the source IPs tracing back to “the Ukraine area”.

The latest reporting seems to conclude that this was indeed a DDoS, and a threat group named “Dark Storm” has taken credit for the attack. Dark Storm does not seem to be of Ukrainian origin or affiliation.

We’re going to try to read the tea leaves just a bit, but remember that about the only thing we know for sure is that X was unreachable for many users several times this week. This is completely consistent with the suspected DDoS attack. The quirk of modern DDoS attacks is that the IP addresses on the packets are never trustworthy.

There are two broad tactics used for large-scale DDoS attacks, sometimes used simultaneously. The first is the simple botnet. Computers, routers, servers, and cameras around the world have been infected with malware, and then remote controlled to create massive botnets. Those botnets usually come equipped with a DDoS function, allowing the botnet runner to task all the bots with sending traffic to the DDoS victim IPs. That traffic may be UDP packets with spoofed or legitimate source IPs, or it may be TCP Synchronization requests, with spoofed source IPs.

The other common approach is the reflection or amplification attack. This is where a public server can be manipulated into sending unsolicited traffic to a victim IP. It’s usually DNS, where a short message request can return a much larger response. And because DNS uses UDP, it’s trivial to convince the DNS server to send that larger response to a victim’s address, amplifying the attack.

Put these two techniques together, and you have a botnet sending spoofed requests to servers, that unintentionally send the DDoS traffic on to the target. And suddenly it’s understandable why it’s so difficult to nail down attribution for this sort of attack. It may very well be that a botnet with a heavy Ukrainian presence was involved in the attack, which at the same time doesn’t preclude Dark Storm as the originator. The tea leaves are still murky on this one.

Continue reading “This Week In Security: The X DDoS, The ESP32 Basementdoor, And The CamelCase RCE” →

Linux Fu: Use The Source (Command), Luke

March 13, 2025 by Al Williams 12 Comments

You can argue if bash is a good programming language or not, but you can’t argue that it is a programming language. However, there are a few oddities about it that make it different from most other languages you probably know. For one thing, variables are dynamically scoped. Second, you can easily change variables in an upper scope. This leads to a problem when you want to do something like reset your path:

#!/bin/bash
#: This does NOT work
PATH=/usr/bin:/bin

Well, actually, it does work; it just doesn’t work the way you imagine it might. The key is to realize that when you execute our script (say, resetpath), a new copy of bash runs. It inherits all the variables from your shell. Now the script sets PATH for the new copy of bash. Anything else you run in that script will see your change. But when the script exits, the new copy of bash is gone and the old copy sees the same old PATH it always did.

Continue reading “Linux Fu: Use The Source (Command), Luke” →

Hackaday Europe 2025: Speaker Schedule And Official Event Page

March 13, 2025 by Tom Nardi No comments

Hackaday Europe 2025 is just days away, and we’ve got the finalized speaker schedule hot off the digital press. We’re also pleased to announce that the event page is now officially live, where you can find all the vital information about the weekend’s festivities in one place.

Whether you’ll be joining the fun in Berlin, or watching the live stream from home, we’ve got a fantastic lineup of speakers this year who are eager to tell us all about the projects that have been keeping them up at night recently:

Continue reading “Hackaday Europe 2025: Speaker Schedule And Official Event Page” →

FLOSS Weekly Episode 824: Gratuitous Navel Gazing

March 12, 2025 by Jonathan Bennett 2 Comments

This week, Jonathan Bennett chats with Doc Searls about SCaLE and Personal AI! What’s the vision of an AI that consumers run themselves, what form factor might that take, and how do we get there?

Continue reading “FLOSS Weekly Episode 824: Gratuitous Navel Gazing” →

Illustrated Kristina with an IBM Model M keyboard floating between her hands.

Keebin’ With Kristina: The One With The Batwing Typewriter

March 11, 2025 by Kristina Panos 8 Comments

[Alex] of YouTube channel [EastMakes] wrote into tell me about his fantastic QWERTY ‘hexpansion’ board for the 2024 EMF Tildagon badge, and [Alex], I’m super glad you did. The system works!

Let’s back up a bit. Essentially, the idea is to have a badge that can be used beyond a single camp, with the creation of expansion boards being the other main attraction. Our own [Jenny List] covered the badge in detail back in June 2024 when she got her hands on one.

A pair of hands holds the 2024 EMF Tildagon badge with a QWERTY keyboard Hexpansion built by [EastMakes]. — Image by [EastMakes] via YouTube

[Alex] started by importing the Tildagon into Fusion360 and designing a way for the keyboard to attach to it physically. He then modeled the keyboard after the Blackberry types that can be found on Ali using the official EMF buttons established in earlier badges.

This QWERTY hexpansion is based on the RP2040, which is soldered around back and visible through the 3D-printed backplate. In order for the 90°-oriented board to align with the… not-90° connector, [Alex] built a little meander into the PCB.

The default OS on the Tildagon doesn’t know natively what to do with the serial messages from the keyboard, so [Alex] wrote an application that reads them in and decodes them. Be sure to check out the build and walk-through video after the break.

Continue reading “Keebin’ With Kristina: The One With The Batwing Typewriter” →

Conservationists Are Flying Microlites To Teach Birds How To Migrate

March 10, 2025 by Lewin Day 17 Comments

When it comes to what birds have and what humans don’t, your mind might first land on the ability to fly. However, birds are also pretty good at navigating from the air… assuming, that is, they know where they’re trying to go in the first place.

In recent decades, conservationists have been trying to reintroduce the northern bald ibis to central Europe. There’s just one problem—when the birds first died out on the continent, so did their handed-down knowledge of their traditional migration route. Somehow, the new generation had to be taught where to go.

Continue reading “Conservationists Are Flying Microlites To Teach Birds How To Migrate” →

Hackaday Links: March 9, 2025

March 9, 2025 by Dan Maloney 9 Comments

It’s been a busy week in space news, and very little of it was good. We’ll start with the one winner of the week, Firefly’s Blue Ghost Mission 1, which landed successfully on the Moon’s surface on March 2. The lander is part of NASA’s Commercial Lunar Payload Services program and carries ten scientific payloads, including a GPS/GNSS receiver that successfully tracked signals from Earth-orbiting satellites. All of the scientific payloads have completed their missions, which is good because the lander isn’t designed to withstand the long, cold lunar night only a few days away. The landing makes Firefly the first commercial outfit to successfully soft-land something on the Moon, and being the first at anything is always a big deal.

Continue reading “Hackaday Links: March 9, 2025” →