News

3617 Articles

RadioShack To Be Reborn As Online-First Retailer

November 19, 2020 by 103 Comments

The good news is that as of today RadioShack has officially been purchased by Retail Ecommerce Ventures (REV), giving the troubled company a new lease on life. The downside, at least for folks like us, is that there are no immediate plans to return the iconic electronics retailer to its brick-and-mortar roots. As the name implies, REV specializes in online retail, having previously revamped the Internet presence of other bankrupt businesses such as Pier 1 Imports and Dressbarn.

While the press release doesn’t outright preclude the possibility of new physical RadioShack locations, it’s clear that REV believes the future of retail isn’t to be found in your local strip mall. As the US mulls further lockdowns in response to the continuing COVID-19 pandemic, it’s hard to disagree. There will be millions of bored kids and adults looking for something to do during the long winter nights, and an electronic kit or two shipped to their door might be just the thing.

REV says they plan to relaunch the rather dated RadioShack website just in time for the company’s 100th anniversary in 2021. As of this writing the website currently says that sales have been temporarily halted to allow for inventory restructuring, though it’s unclear if this is directly related to the buyout or not. Getting an accurate count of how much merchandise the company still has on hand after shuttering the majority of their physical locations in 2017 certainly sounds like something the new owners would want to do.

Like most of you, we have fond memories of the Golden Age of RadioShack, back before they thought selling phones and TVs was somehow a good idea. To their credit, they did try and rekindle their relationship with hackers and makers by asking the community what they’d want to see in their stores. But we all know how that story ended. While it doesn’t look like this news will get us any closer to having a neighborhood store that stocks resistors, there’s a certain comfort in knowing that RadioShack kits and books will still be around for the next generation.

The Special Fridges Behind The COVID-19 Vaccine, Why It’s Surprisingly Difficult To Be That Cool

November 17, 2020 by 162 Comments

One of the big stories last week was the announcement of results from clinical trials that suggest a new COVID-19 vaccine developed through the joint effort of the American and German companies Pfizer and BioNTech is strongly effective in providing immunity from the virus. In the midst of what is for many countries the second spike of the global pandemic this news has been received with elation as well as becoming the subject of much political manoeuvring.

While we currently have two vaccine candidates with very positive testing results, one of the most interesting things for us is the need to keep doses of the Pfizer/BioNTech vaccine extremely cold until they are administered. Let’s dig into details of the refrigeration problem at hand.

Continue reading “The Special Fridges Behind The COVID-19 Vaccine, Why It’s Surprisingly Difficult To Be That Cool”

Youtube-dl Makes Their Case, Returns To GitHub

November 16, 2020 by 47 Comments

Last month, the GitHub repository for the popular program youtube-dl was taken down in response to a DMCA takedown notice filed by the Recording Industry Association of America (RIAA). The crux of the RIAA complaint was that the tool could be used to download local copies of music streamed from various platforms, a claim they said was supported by the fact that several copyrighted music files were listed as unit tests in the repository.

While many believed this to be an egregious misrepresentation of what the powerful Python program was really used for, the RIAA’s argument was not completely without merit. As such, GitHub was forced to comply with the DMCA takedown until the situation could be clarified. Today we’re happy to report that has happened, and the youtube-dl repository has officially been reinstated.

Represented by the Electronic Frontier Foundation, the current maintainers of youtube-dl made their case to GitHub’s DMCA agent in a letter this afternoon which explained how the tool worked and directly addressed the issue of copyrighted videos being used as test cases in the source code. They maintain that their program does not circumvent any DRM, and that the exchange between the client and server is the same as it would be if the user had viewed the resource with a web browser. Further, they believe that downloading a few seconds worth of copyrighted material for the purpose of testing the software’s functionality is covered under fair use. Even still, they’ve decided to remove all references to the songs in question to avoid any hint at impropriety.

Having worked closely with the youtube-dl developers during this period, GitHub released their own statement to coincide with the EFF letter. They explained that the nature of the RIAA’s original complaint forced their hand, but that they never believed taking down the repository was the right decision. Specifically, they point out the myriad of legitimate reasons that users might want to maintain local copies of streamed media. While GitHub says they are glad that this situation was resolved quickly, they’ll be making several changes to their internal review process to help prevent further frivolous takedowns. Specifically the company says they will work with technical and legal experts to review the source code in question before escalating any further, and that if there’s any ambiguity as to the validity of the claim, they’ll side with the developers.

The Internet was quick to defend youtube-dl after the takedown, and we’re happy to see that GitHub made good on their promises to work with the developers to quickly get the repository back online. While the nature of open source code meant that the community was never in any real danger of losing this important tool, it’s in everyone’s best interest that development of the project can continue in the open.

Vectron Adds Basic And Christmas Tree Control

November 16, 2020 by 9 Comments

Not content to leave things alone, [Nick Bild] has updated his nearly practical breadboard 6502 Vectron project once again by adding Tiny Basic and home tree automation. Instead of using an LCD module like last time, or his custom-built VGA output using 7400-series logic, [Nick] chose to go modern this time and implemented a VGA output using a TinyFPGA BX.

Tiny Basic was one of the first versions of Basic released after Bill Gates famous open letter to hobbyists in 1976. While Altair Basic was selling for $150, Tom Pittman wrote Tiny Basic for the 6800 and sold it for only $5 (don’t worry, Tom has since made it free to use). We got a kick out of browsing the Tiny Basic manual and learning that our serial number can be found on the paper tape leader, and that a Teletype will generally receive one more character, at least, after getting the X-OFF control signal.

In the video, you can see [Nick] running a short Basic program and operating his Christmas tree lights from the Vectron, although it’s only on-off control. He suggests that a PCB version is in the works, but he’s having trouble deciding when to quit adding features.  That’s a conundrum we know all too well.

Continue reading “Vectron Adds Basic And Christmas Tree Control”

Wireless Earphones And Getting Them Back After They Fall On Tram Tracks

November 13, 2020 by 34 Comments

Over the past years, the trend has become to ditch anything with wires. This has led to many people dropping wired earphones and headphones for wireless (Bluetooth) versions. Yet along with the freedom from having the wires snagged on something and having earphones painfully torn out of your ears comes the very real risk of having them drop out of your ears to land potentially very inconvenient.

In Japan this has led to a big issue for railway companies, where throngs of commuters will often accidentally drop possessions onto the tracks. Staff members will then use a mechanical claw (‘magic hand’) to fetch them without having to risk their life by jumping down. With small items such as wireless earphones, this is however not so easy. With 947 cases of dropped earphones in the period of July-September in just the Tokyo area, this has led to desperate staff members coming up with new methods of easily retrieving the small gadgets.

Solutions range from putting something sticky like tape at the end of a stick, to modifying vacuum cleaners. Most recently Tokyo railway company JR East has collaborated with Panasonic to develop a vacuum cleaner-like device that is especially designed to easily retrieve such small items from the tracks, according to the Japan Times article.

The embedded video (also found after the break) from a Japanese broadcaster describes the issue in detail, along with tips on how to properly wear earphones so that they’re far less likely to fall out when you’re waiting on the tram or walking down the street. While it’s possible to fetch your dropped wireless earphones from the tracks, having someone step on it right after it falls out of your ear on the street is less easy to recover from.

Continue reading “Wireless Earphones And Getting Them Back After They Fall On Tram Tracks”

This Week In Security: Platypus, Git.bat, TCL TVs, And Lessons From Online Gaming

November 13, 2020 by 9 Comments

Git’s Large File System is a reasonable solution to a bit of a niche problem. How do you handle large binary files that need to go into a git repository? It might be pictures or video that is part of a project’s documentation, or even a demonstration dataset. Git-lfs’s solution is to replace the binary files with a text-based pointer to where the real file is hosted. That’s not important to understanding this vulnerability, though. The problem is that git-lfs will call the main git binary as part of its operation, and when it does so, the full path is not used. On a Unix system, that’s not a problem. The $PATH variable is used to determine where to look for binaries. When git is run, /usr/bin/git is automagically run. On a Windows system, however, executing a binary name without a path will first look in the current directory, and if a matching executable file is not found, only then will the standard locations be checked.

You may already see the problem. If a repository contains a git.exe, git.bat, or another git.* file that Windows thinks is executable, git-lfs will execute that file instead of the intended git binary. This means simply checking out a malicious repository gets you immediate code execution. A standard install of git for Windows, prior to 2.29.2.2, contains the vulnerable plugin by default, so go check that you’re updated!

Then remember that there’s one more wrinkle to this vulnerability. How closely do you check the contents of a git download before you run the next git command? Even with a patched git-lfs version, if you clone a malicious repository, then run any other git command, you still run the local git.* file. The real solution is pushing the local directory higher up the path chain. Continue reading “This Week In Security: Platypus, Git.bat, TCL TVs, And Lessons From Online Gaming”

After Eight-Month Break, Deep Space Network Reconnects With Voyager 2

November 12, 2020 by 48 Comments

When the news broke recently that communications had finally been re-established with Voyager 2, I felt a momentary surge of panic. I’ve literally been following the Voyager missions since the twin space probes launched back in 1977, and I’ve been dreading the inevitable day when the last little bit of plutonium in their radioisotope thermal generators decays to the point that they’re no longer able to talk to us, and they go silent in the abyss of interstellar space. According to these headlines, Voyager 2 had stopped communicating for eight months — could this be a quick nap before the final sleep?

Thankfully, no. It turns out that the recent blackout to our most distant outpost of human engineering was completely expected, and completely Earth-side. Upgrades and maintenance were performed on the Deep Space Network antennas that are needed to talk to Voyager. But that left me with a question: What about the rest of the DSN? Could they have not picked up the slack and kept us in touch with Voyager as it sails through interstellar space? The answer to that is an interesting combination of RF engineering and orbital dynamics.

Continue reading “After Eight-Month Break, Deep Space Network Reconnects With Voyager 2”