Hackaday Columns

4112 Articles

This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.

This Week In Security: CVSS 4, OAuth, And ActiveMQ

November 3, 2023 by 4 Comments

We’ve talked a few times here about the issues with the CVSS system. We’ve seen CVE farming, where a moderate issue, or even a non-issue, gets assigned a ridiculously high CVSS score. There are times a minor problem in a library is a major problem in certain use cases, and not an issue at all in others. And with some of those issues in mind, let’s take a look at the fourth version of the Common Vulnerability Scoring System.

One of the first tweaks to cover is the de-emphasis of the base score. Version 3.1 did have optional metrics that were intended to temper the base score, but this revision has beefed that idea up with Threat Metrics, Environmental Metrics, and Supplemental Metrics. These are an attempt to measure how likely it is that an exploit will actually be used. The various combinations have been given names. Where CVSS-B is just the base metric, CVSS-BT is the base and threat scores together. CVSS-BE is the mix of base and environmental metrics, and CVSS-BTE is the combination of all three.

Another new feature is multiple scores for a given vulnerability. A problem in a library is first considered in a worst-case scenario, and the initial base score is published with those caveats made clear. And then for each downstream program that uses that library, a new base score should be calculated to reflect the reality of that case. Continue reading “This Week In Security: CVSS 4, OAuth, And ActiveMQ”

2000-Year Old Charred Manuscripts Reveal Their Secrets

November 2, 2023 by 38 Comments

Imagine trying to read a 2000-year old scroll from an ancient civilization. Now imagine that scroll is rolled up, and in a delicate, charred, carbonized form, having been engulfed by the fiery eruption of a volcano. The task would seem virtually impossible, and the information in the scroll lost forever. Right?|

As it turns out, new developments are changing that. Modern scanning techniques and machine learning tools have made it possible to read fragments of the heavily-damaged Herculaneum scrolls. Hopes are now that more of the ancient writings will be salvaged, giving us a new insight into the ancient past.

Continue reading “2000-Year Old Charred Manuscripts Reveal Their Secrets”

Fancy Gyroscopes Are Key To Radio-Free Navigation

November 1, 2023 by 49 Comments

Back in the old days, finding out your location on Earth was a pretty involved endeavor. You had to look at stars, use fancy gimballed equipment to track your motion, or simply be able to track your steps really really well. Eventually, GPS would come along and make all that a bit redundant for a lot of use cases. That was all well and good, until it started getting jammed all over the place to frustrate militaries using super-accurate satellite-guided weapons.

Today, there’s a great desire for more accurate navigational methods that don’t require outside communications that can easily be jammed. High-tech gyroscopes have long been a big part of that effort, allowing the construction of inertial navigation systems with greater accuracy than ever before.

Continue reading “Fancy Gyroscopes Are Key To Radio-Free Navigation”

A woman with a black vest and pink shirt with curly hair stands behind a podium in front of a projected presentation. She is speaking and has her hands moving in a vague guesture.

Supercon 2022: Carrie Sundra Discusses Manufacturing On A Shoestring Budget

October 31, 2023 by 2 Comments

Making hardware is hard. This is doubly true when you’re developing a niche hardware device that might have a total production run in the hundreds of units instead of something mass market. [Carrie Sundra] has been through the process several times, and has bestowed her wisdom on how not to screw it up.

The internet is strewn with the remains of unfulfilled crowdfunding campaigns for tantalizing devices that seemed so simple when they showed of the prototype. How does one get something from the workbench into the world without losing their life savings and reputation?

[Sundra] walks us through her process for product development that has seen several products successfully launch without an army of pitchfork-wielding fiber crafters line up at her door. One of the first concepts she stresses is that you should design your products around the mantra, “Once it leaves your shop IT SHOULD NEVER COME BACK.” If you design for user-serviceability from the beginning, you can eliminate most warranty returns and probably make it easier to manufacture your widget to boot. Continue reading “Supercon 2022: Carrie Sundra Discusses Manufacturing On A Shoestring Budget”

Saving Australia’s Ants With Age Of Empires II

October 30, 2023 by 14 Comments

Australia’s native meat ants are struggling. Invasive species of foreign ants have a foothold on the continent, and are increasingly outcompeting their native rivals for territory. Beyond simple encroachment, they pose a hazard to native animals and agriculture.

Scientists at the CSIRO have been investigating the problem, hoping to find a way to halt the invasion. Charged with finding a way to help Australia’s native ants fight back, they turned to one of the most popular battle simulations of all time: Age of Empires II. 

Continue reading “Saving Australia’s Ants With Age Of Empires II”

Hackaday Links Column Banner

Hackaday Links: October 29, 2023

October 29, 2023 by 22 Comments

“As California goes, so goes the nation.” That adage has been true on and off for the last 100 years or so, and it’s true again now that GM’s Cruise self-driving car unit has halted operations across the United States, just a couple of days after California’s DMV suspended its license to conduct driverless tests on state roadways. The nationwide shutdown of testing was undertaken voluntarily by the company and takes their sore beset self-driving taxi fleet off the road in Phoenix, Houston, Austin, Dallas, and Miami, in addition to the California ban, which seemed to be mainly happening in San Francisco. Cruise’s fleet has suffered all manner of indignities over the last few months, from vandalism to “coning” pranks to even being used as rolling hookup spots, and that’s not to mention all the trouble they caused by brigading to the same address or losing games of chicken with a semi and a firetruck. We’re not sure what to make of all this; despite our somewhat snarky commentary on the company’s woes, we take little pleasure in this development other than to the degree it probably increases roadway safety in the former test cities. We really do want to see self-driving cars succeed, at least for certain use cases, but it seems like this is a case of too much, too soon for the technology we currently have at our disposal.

Continue reading “Hackaday Links: October 29, 2023”

Impostor Syndrome: It’s Not Your Fault!

October 28, 2023 by 68 Comments

[Crispernaki] and I have something in common. We both saw this awesome project that made a scroll wheel out of a VHS head back in 2010, and wanted to make one. We both wanted to put our own spin on the gadget, (tee-hee), discovered that it was harder than either of us wanted to commit to, and gave up.

Flash forward about a million Internet years, and [crispernaki] finally made his and wrote it up. The only problem is that it was too easy. In 2010, making USB gadgets was a lot more involved than it is today. (Back then, we had to chisel device descriptors on stone tablets.) Nowadays, the firmware is just a matter of importing the right library, and the hardware is a magnetic rotation sensor breakout board, a magnet, and super glue. Cheap, and easy.

All of this led our hero to feeling insecure. After all, a hack that beat him a dozen years ago turned out to be dead easy today. Maybe it was too easy? Maybe he wasn’t a “real” hacker? These are the signs of impostor syndrome – that feeling that just because you aren’t the world’s best, or climbing the highest mountain, or hacking the hardest project, you’re not worthy.

Well, listen up. Impostors don’t finish projects, and impostors don’t write them up to share with all the rest of us. By actually doing the thing – hacking the hack – all chances of being a fake are ruled out. The proof is sitting there on your desk, in all its Altoids-tin glory.

And it’s not your fault that it was too easy this time around. You can’t do anything to turn back the hands of time, to make the project any harder these days, or to undo the decade of hacker technical progress on the software side, much less change the global economy to make a magnetic sensor unobtainable again. The world improved, you got your hack done, and that’s that. Congratulations! (Now where do I buy some of those on-axis magnets?)

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!