News

3616 Articles

Better Farming Through Electricity

January 26, 2022 by 28 Comments

Chinese researchers are reporting that applying an electric field to pea plants increased yields. This process — known as electroculture — has been tested multiple times, but in each case there are irregularities in the scientific process, so there is still an opportunity for controlled research to produce meaningful data.

This recent research used two plots of peas planted from the same pods. The plants were tended identically except one plot was stimulated by an electric field. The yield on the stimulated plot was about 20% more than the control plot.

The actual paper is paywalled in the journal Nature Food, but the idea seems simple enough. If you search for the topic, you’ll find there have been other studies with similar findings. There are also anecdotal reports of electrical plant stimulation going back to 1746.

Continue reading “Better Farming Through Electricity”

Flying Sausage Rescues Pooch, Drone Pilots Save The Day

January 21, 2022 by 8 Comments

When we write about drone stories from the United Kingdom, they often have a slightly depressing air to them as we relate tales of unverified air proximity reports closing airports or bungled official investigations that would make the Keystone Kops look like competent professionals.

But here’s a drone story from this rainswept isle sure to put a smile on the face of multirotor enthusiasts worldwide, as Denmead Drone Search And Rescue, an organisation who locate missing pets using drones, enticed lost dog Millie from a soon-to-be-engulfed tidal mudflat by the simple expedient of dangling a sausage from a drone for the mutt to follow (Facebook).

Lest you believe that Hackaday have lost their marbles and this isn’t worthy of our normal high standards, let us remind you that this is not our first flying sausage story. Behind the cute-puppy and flying meat product jokes though, there’s a serious side. Drones have received such a bad press over recent years that a good news story concerning them is rare indeed, and this one has garnered significant coverage in the general media. Maybe it’s too late to reverse some of the reputational damage from the Gatwick fiasco, but at this point any such coverage is good news.

For anyone wondering what lies behind this, let us take you back to Christmas 2018.

This Week In Security: NetUSB, HTTP.sys, And 2013’s CVE Is Back

January 21, 2022 by 2 Comments

Let’s imagine a worst case situation for home routers. It would have to start with a port unintentionally opened to the internet, ideally in a popular brand, like Netgear. For fun, let’s say it’s actually a third-party kernel module, that is in multiple router brands. This module would then need a trivial vulnerability, say an integer overflow on the buffer size for incoming packets. This flaw would mean that the incoming data would write past the end of the buffer, overwriting whatever kernel data is there. So far, this exactly describes the NetUSB flaw, CVE-2021-45608.

Because red teams don’t get their every wish, there is a catch. While the overflow is exceptionally easy to pull off, there isn’t much wiggle room on where the data gets written. There’s no remote code execution Proof of Concept (PoC) yet, and [Max Van Amerongen], who discovered the flaw, says it would be difficult but probably not impossible to pull off. All of this said, it’s a good idea to check your router for open ports, particularly non-standard port numbers. If you have a USB port on your router, check for updates.

Windows HTTP.sys Problem

A serious problem has been announced in Windows Server 2019 and Windows 10, with some versions vulnerable in their default configurations. The problem is in how Windows handles HTTP Trailer packets, which contain extra information at the end of normal HTTP transfers. There is a PoC available that demonstrates a crash. It appears that an additional information leak vulnerability would have to be combined with this one to produce a true exploit. This seems to be a different take on CVE-2021-31166, essentially exploiting the same weakness, and working around the incomplete fix. This issue was fixed in the January patch set for Windows, so make sure you’re covered. Continue reading “This Week In Security: NetUSB, HTTP.sys, And 2013’s CVE Is Back”

Congratulations Winners Of The 555 Timer Contest!

January 20, 2022 by 25 Comments

Sometimes the best inspiration is limitation. The 555 timer does “one thing” — compares a voltage to a couple thresholds and outputs a signal accordingly. It’s two comparators, a voltage ladder, and a flip-flop. And yet, it’s the most sold single chip of all time, celebrating its 50th birthday this year! So when Hackaday runs a 555 Timer Contest, hackers of all stripes come out with their best work to show their love for the Little DIP That Could.

The Winners

Far and away the favorite entry was the Giant 555 Timer by [Rudraksha Vegad]. Every one of our judges rated it in the top five, and it took top honors twice. On its face, this is a simple “giant 555 in a box” build, but have a look under the hood. Each sub-module that makes up the 555 — comparators, flip-flop, and amplifier — are made from salvaged discrete parts in actual breadboard fashion, soldered to brass nails hammered into wood. As an end product, it’s a nice piece of woodworking, but as a process of creation, it’s a masterwork in understanding the 555 at its deepest level. We should all make one!

The Menorah555 is a simple design with some very nice tricks up its sleeve. Perhaps the cutest of which is pulling the central candle out and lighting the others with it — a trick that involves a supercapacitor and reed switches. Each of the candle lighting circuits, however, use a 555 timer both for its intended purpose of providing a timed power-on reset pulse, and another 555 is used as a simple flip-flop. It’s a slick design, and a great user interaction.

The Cyclotone Mechanical Punk Console Sequencer is a rotating tower of circuit sculpture and noisemakers. This one looks great, is amazingly well documented in the video series, and uses a billion clever little tricks along the way. The 555’s role? Each of the four levels is the classic Atari Punk Console circuit.

All three of these projects win a $150 shopping spree at Digi-Key. That’s a lot of timers!

Continue reading “Congratulations Winners Of The 555 Timer Contest!”

SGX Deprecation Prevents PC Playback Of 4K Blu-ray Discs

January 18, 2022 by 72 Comments

This week Techspot reported that DRM-laden Ultra HD Blu-ray Discs won’t play anymore on computers using the latest Intel Core processors. You may have skimmed right past it, but the table on page 51 of the latest 12th Generation Intel Core Processor data sheet (184 page PDF) informs us that the Intel Software Guard Extensions (SGX) have been deprecated. These extensions are required for DRM processing on these discs, hence the problem. The SGX extensions were introduced with the sixth generation of Intel Core Skylake processors in 2015, the same year as Ultra HD Blu-ray, aka 4K Blu-ray. But there have been numerous vulnerabilities discovered in the intervening years. Not only Intel, but AMD has had similar issues as we wrote about in October.

This problem only applies to 4K Blu-ray discs with DRM. Presumably any 4K discs without DRM will still play, and of course you can still play the DRM discs on older Intel processors. Do you have a collection of DRM 4K Blu-ray discs, and if so, do you play them via your computer or a stand-alone player?

New Part News: Raspberry Pi Cuts Out The Middleman

January 17, 2022 by 36 Comments

Raspberry Pi has just announced that they’ll be selling their RP2040 microcontroller chips by the reel, directly to you, at a decent discount.

About a year ago, Raspberry Pi released its first piece of custom silicon, the RP2040 microcontroller. They’ve have been selling these chips in bulk to selected customers directly, but have decided to open up the same deals to the general public. If you’re looking for 500 chips or more, you can cut out the middleman and save some serious dough.

Because the RP2040 was a clean-slate design, it uses a relatively modern production process that yields many more processors per silicon wafer, and it has been essentially spared from the chip crisis of 2020-2021. According to CEO Eben Upton, they’ve sold 1.5 million in a year, and have wafers in stock for 20 million more. You do the math, but unless you’re predicting the chip shortage to last in excess of 12 years, they’re looking good.

Thirty Seconds At 100 Megakelvins

January 16, 2022 by 28 Comments

Back in Dec 2020 we wrote about the Korea Superconducting Tokamak Advanced Research (KSTAR) magnetic fusion reactor’s record-breaking feat of heating hydrogen plasma up to 100 megakelvins for 20 seconds. Last month it broke its own record, extending that to 30 seconds. The target of the program is 300 seconds by 2026. There is a bit of competition going, as KSTAR’s Chinese partner in the International Thermonuclear Experimental Reactor (ITER), the Experimental Advanced Superconducting Tokamak (EAST) did a run a week later reaching 70 million degrees for 1056 seconds. It should be noted that KSTAR is reaching these temperatures by heating ions in the plasma, while EAST takes a different approach acting on the electrons.

The news reports seem to be using Celsius and Kelvins interchangeably, but at millions of degrees, that’s probably much smaller than measurement error. These various milestones are but stepping stones along the path to create a demonstration large fusion reactor, the goal of the global ITER mega-project. Currently China, the EU including Switzerland and the UK, India, Japan, Russia, South Korea, and the United States are members of ITER, and Australia, Canada, Kazakhstan, and Thailand are participants. The ITER demonstration reactor is being constructed at the Cadarache facility located 60 km northeast of Marseille, France, and is on track for commissioning phase to begin in 2025, going operational ten years later.