Hackaday Columns

4426 Articles

This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.

Hacker Tactic: Pimp Your Probes

August 14, 2024 by 30 Comments

Is your multimeter one of your trusty friends when building up boards, repairing broken gadgets, and reverse-engineering proprietary ones? Is it accompanied by a logic analyzer or an oscilloscope at times?

Having a proper probing setup is crucial for many a task, and the standard multimeter probes just won’t do. As a PCB is slipping under your grip as you’re trying to hold the standard multimeter probes on two points at once, inevitably you will ponder whether you could be doing things differently. Here’s an assortment of probing advice I have accumulated.

Beyond The Norm

There’s the standard advice – keep your board attached firmly to a desk, we’ve seen gadgets like the Stickvise help us in this regard, and a regular lightweight benchtop vise does wonders. Same goes for using fancy needle probes that use gravity to press against testpoints – they might be expensive, but they are seriously cool, within limits, and you can even 3D-print them!

Continue reading “Hacker Tactic: Pimp Your Probes”

Portable Router Build: Picking Your CPU

August 13, 2024 by 23 Comments

I want to introduce you to a project of mine – a portable router build, and with its help, show you how you can build a purpose-built device. You might have seen portable routers for sale, but if you’ve been in the hacking spheres long enough, you might notice there are “coverage gaps”, so to speak. The Pi-hole project is a household staple that keeps being product-ized by shady Kickstarter campaigns, a “mobile hotspot” button is a staple in every self-respecting mobile and desktop OS, and “a reset device for the ISP router” is a whole genre of a hacker project. Sort the projects by “All Time” popularity on Hackaday.io, and near the very top, you will see an OpenVPN &Tor router project – it’s there for a reason, and it got into 2014 Hackaday Prize semifinals for a reason, too.

I own a bunch of devices benefitting from both an Internet connection and also point-to-point connections between them. My internet connection comes sometimes from an LTE uplink, sometimes from an Ethernet cable, and sometimes from an open WiFi network with a portal you need to click through before you can even ping anything. If I want to link my pocket devices into my home network for backups and home automation, I can put a VPN client on my laptop, but a VPN client on my phone kills its battery, and the reasonable way would be to VPN the Internet uplink – somehow, that is a feature I’m not supposed to have, and let’s not even talk about DNSSEC! Whenever I tried to use one of those portable LTE+WiFi[+Ethernet] routers and actively use it for a month or two, I’d encounter serious hardware or firmware bugs – which makes sense, they are a niche product that won’t get as much testing as phones.

Continue reading “Portable Router Build: Picking Your CPU”

Hackaday Links Column Banner

Hackaday Links: August 11, 2024

August 11, 2024 by 8 Comments

“Please say it wasn’t a regex, please say it wasn’t a regex; aww, crap, it was a regex!” That seems to be the conclusion now that Crowdstrike has released a full root-cause analysis of its now-infamous Windows outage that took down 8 million machines with knock-on effects that reverberated through everything from healthcare to airlines. We’ve got to be honest and say that the twelve-page RCA was a little hard to get through, stuffed as it was with enough obfuscatory jargon to turn off even jargon lovers such as us. The gist, though, is that there was a “lack of a specific test for non-wildcard matching criteria,” which pretty much means someone screwed up a regular expression. Outside observers in the developer community have latched onto something more dire, though, as it appears the change that brought down so many machines was never tested on a single machine. That’s a little — OK, a lot — hard to believe, but it seems to be what Crowdstrike is saying. So go ahead and blame the regex, but it sure seems like there were deeper, darker forces at work here.

Continue reading “Hackaday Links: August 11, 2024”

Better Living Through Hackery

August 10, 2024 by 11 Comments

Hackaday’s own [Arya Voronova] has been on a multi-year kick to make technology more personal by making it herself, and has just now started writing about it. Her main point rings especially true in this day and age, where a lot of the tech devices we could use to help us are instead used to spy on us or are designed to literally make us addicted to their services.

The project is at the same time impossible and simple. Of course, you are not going to be able to build a gadget that will bolster all of your (perceived or otherwise) personal weaknesses in one fell swoop. But what if you start looking at them one at a time? What if you start building up the good habits with the help of a fun DIY project?

That’s where [Arya]’s plan might just be brilliant. Because each project is supposed to be small, it forces you to focus on one specific problem, rather than getting demoralized at the impossibility of becoming “better” in some vague overall sense. Any psychologist would tell you that introspection and dividing up complex problems are the first steps. And what motivates a hacker to take the next steps? You got it, the fun of brainstorming, planning, and building a nice concrete DIY project. It’s like the ultimate motivation, Hackaday style.

And DIY solutions are a perfect match to personal problems. Nothing is so customizable as what you design and build yourself from the ground up. DIY means making exactly what you need, or at least what you think you need. Iteration, improvement, and the usual prototyping cycle applied to personal growth sounds like the ideal combo, because that’s how the tech works, and that’s also how humans work. Of course, even the coolest DIY gadget can’t instantly make you more mindful, for instance, but if it’s a tool that helps you get there, I don’t think you could ask for more.

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!

Hackaday Podcast Episode 283: Blinding Lasers, LEDs, And ETs

August 9, 2024 by 3 Comments

Hackaday Editors Elliot Williams and Al Williams reflect on the fact that, as humans, we have–at most–two eyes and no warp drives. While hacking might not be the world’s most dangerous hobby, you do get to work with dangerous voltages, temperatures, and frickin’ lasers. Light features prominently, as the guys talk about LED data interfaces, and detecting faster-than-light travel.

There’s also a USB sniffer, abusing hot glue, and some nostalgia topics ranging from CRT graphics to Apollo workstations (which have nothing directly to do with NASA). The can’t miss articles this week cover hacking you and how you make the red phone ring in the middle of a nuclear war.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

As always, please download the file to archive in your doomsday bunker.

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast Episode 283: Blinding Lasers, LEDs, And ETs”

This Week In Security: GhostWrite, Localhost, And More

August 9, 2024 by 5 Comments

You may have heard some scary news about RISC-V CPUs. There’s good news, and bad news, and the whole thing is a bit of a cautionary tale. GhostWrite is a devastating vulnerability in a pair of T-Head XuanTie RISC-V CPUs. There are also unexploitable crashes in another T-Head CPU and the QEMU soft core implementation. These findings come courtesy of a group of researchers at the CISPA Helmholtz Center for Information Security in Germany. They took at look at RISC-V cores, and asked the question, do any of these instructions do anything unexpected? The answer, obviously, was “yes”.

Undocumented instructions have been around just about as long as we’ve had Van Neumann architecture processors. The RISC-V ISA put a lampshade on that reality, and calls them “vendor specific custom ISA extensions”. The problem is that vendors are in a hurry, have limited resources, and deadlines wait for no one. So sometimes things make it out the door with problems. To find those problems, CISPA researchers put together a test framework is called RISCVuzz, and it’s all about running each instruction on multiple chips, and watching for oddball behavior. They found a couple of “halt-and-catch-fire” problems, but the real winner (loser) is GhostWrite.

Now, this isn’t a speculative attack like Meltdown or Spectre. It’s more accurate to say that it’s a memory mapping problem. Memory mapping helps the OS keep programs independent of each other by giving them a simplified memory layout, doing the mapping from each program to physical memory in the background. There are instructions that operate using these virtual addresses, and one such is vs128.v. That instruction is intended to manipulate vectors, and use virtual addressing. The problem is that it actually operates directly on physical memory addresses, even bypassing cache. That’s not only memory, but also includes hardware with memory mapped addresses, entirely bypassing the OS. This instruction is the keys to the kingdom. Continue reading “This Week In Security: GhostWrite, Localhost, And More”

Illustrated Kristina with an IBM Model M keyboard floating between her hands.

Keebin’ With Kristina: The One With The KiCad Plugin

August 8, 2024 by 2 Comments

A low-profile split keyboard with a sliding, round track pad on each half.
Image by [fata1err0r81] via reddit
The most striking feature of the Tenshi keyboard has to be those dual track pads. But then you notice that [fata1err0r81] managed to sneak in two extra thumb keys on the left, and that those are tilted for comfort and ease of actuation.

The name Tenshi means ‘angel’ in Japanese, and creator [fata1err0r81] says that the track pads are the halos. Each one slides on a cool 3D-printed track that’s shaped like a half dovetail joint, which you can see it closer in this picture.

Tenshi uses a pair of RP2040 Zeros as controllers and runs QMK firmware. The track pads are 40 mm each and come from Cirque. While the Cirques have been integrated into QMK, the pull request for ZMK has yet to be merged in. And about those angled keys — [fata1err0r81] says they tried risers, but the tilting feels like less effort. Makes total sense to me, but then again I’m used to a whole keyboard full of tilted keys.

Continue reading “Keebin’ With Kristina: The One With The KiCad Plugin”