The baseball home run distance challenge for crazy engineers is really heating up, with the two main (only?) competitors joining forces. [Shane] of [Stuff Made Here] and [Destin] of [Smarter Every Day] did a deep dive into [Shane]’s latest powder charged baseball bat, designed to hit a ball 600+ feet.
[Shane] built two new versions of his bat this time, using the lessons he learned from his previous V1 and V2 explosive bats. It still uses blank cartridges, but this time the max capacity was increased from three to four cartridges. For V3 a section of the bat was removed, and replaced with a four-bar linkage, which allowed the entire front of the bat to move. The linkage integrated a chamber for four blank cartridges that could be loaded almost like a double barrel shotgun and closed with a satisfying snap. Unfortunately the mass of the moving section was too much for the welds, and the entire front broke off on the first test, so the design was scrapped.
V4 returned to the piston concept of the initial version, except V4 contains two parallel pistons, in a metal bat, with a larger hitting surface. With two cartridges it worked well, but parts started breaking with three and four, and required multiple design updates to fix. [Destin] covered the physics of the project and took some really cool high speed video. He and [Jeremy Fielding] hold the current distance record of 617 ft with their crazy Mad Batter. Unfortunately on [Shane]’s final distance attempt the bat broke again, and the ball was lost in a field with tall grass beyond the 600-foot mark, so they could not confirm if the record was actually broken.
We’ve said it before, but we cast a wary eye at any superlative claims that come our way. “World’s fastest” or “world’s first” claims always seem to be quickly debunked, but when the claim of “World’s Smallest Benchy” is backed up by a tugboat that two dozen E. coli would have a hard time finding space on, we’re pretty comfortable with it.
Of course the diminutive benchmark was not printed just for the sake of it, but rather as part of a demonstration of what’s possible with “microswimmers”, synthetic particles which are designed to move about freely in microscopic regimes. As described in a paper by [Rachel P. Doherty] et al from the Soft Matter Physics lab at Leiden University, microswimmers with sizes on the order of 10 to 20 μm can be constructed repeatably, and can include a small area of platinum catalyst. The catalyst is the engine of the microswimmer; hydrogen peroxide in the environment decomposes on the catalyst surface and provides a propulsive force.
Artificial microswimmers have been around for a while, but most are made with chemical or evaporative methods which result in simple shapes like rods and spheres. The current work describes much more complex shapes — the Benchy was a bit of a flex, since the more useful microswimmers were simple helices, which essentially screw themselves into the surrounding fluid. The printing method was based on two-photon polymerization (2PP), a non-linear optical process that polymerizes a resin when two photons are simultaneously absorbed.
The idea that a powered machine so small could be designed and manufactured is pretty cool. We’d love to see how control mechanisms could be added to the prints — microfluidics, perhaps?
The Mandelbrot set is a curious mathematical oddity that, while interesting in its own right, is also a useful tool for benchmarking various types of computers. Its constant computing requirement when zooming in and out on the function, combined with the fact that it can be zoomed indefinitely, means that it takes some quality hardware and software to display it properly. [Thanassis] has made this a pet project of his, running Mandelbrot set visualizations in different ways on many different hardware platforms.
This particular one is based on an STM32 board called the Blue Pill, which [Thanassis] chose because he hadn’t yet done a continuous Mandelbrot zoom on a microcontroller yet. The display is handled by a tiny 16K IPS color screen, and some clever memory tricks had to come into play in order to get smooth video output since the STM has only 20 kB available. The integer multiplication is also tricky on a platform this small while keeping the continuous zoom function, so it’s limited to fixed point multiplication.
Even with the limitations of the platform, he is still able to achieve nearly double-digit FPS rates with this one. If you want to play around with graphics like this on an STM platform, [Thanassis] has released all of the source code on his GitHub page, but if you’d like to see more Mandelbrot manipulation you can check out one of his older projects where he built a similar project on an FPGA.
Microsoft has just announced a way to disable JScript in Internet Explorer. This would have been very useful a few years ago, to proactively prevent problems found in the now-ancient JScript engine, which ran their own slightly different version of standard JavaScript. Even though IE is no longer under active development, it still receives security updates. JScript, on the other hand, is basically done. If you’re one of the 1.06% that still use IE, then go flip the switch to protect yourself from additional JScript vulnerabilities.
Zerologon and Samba?
Samba is an open source re-implemenation of Microsoft’s SMB protocol. There’s a clever term that describes the reality of this situation: “Bug for bug compatibility”. Remember Zerologon, the flaw where a security token’s generation could be manipulated to vastly reduce the key space? Samba follows the specification, and therefore suffers from the same issue, though it seems to be unusual to actually run Samba in a vulnerable configuration.
Despite the popularity of social media, for communication that actually matters, e-mail reigns supreme. Crucial to the smooth operation of businesses worldwide, it’s prized for its reliability. Google is one of the world’s largest e-mail providers, both with its consumer-targeted Gmail product as well as G Suite for business customers [Jeffrey Paul] is a user of the latter, and was surprised to find that URLs in incoming emails were being modified by the service when fetched via the Internet Message Access Protocol (IMAP) used by external email readers.
This change appears to make it impossible for IMAP users to see the original email without logging into the web interface, it breaks verification of the cryptographic signatures, and it came as a surprise.
Security Matters
A test email sent to verify the edits made by Google’s servers. Top, the original email, bottom, what was received.
For a subset of users, it appears Google is modifying URLs in the body of emails to instead go through their own link-checking and redirect service. This involves actually editing the body of the email before it reaches the user. This means that even those using external clients to fetch email over IMAP are affected, with no way to access the original raw email they were sent.
The security implications are serious enough that many doubted the initial story, suspecting that the editing was only happening within the Gmail app or through the web client. However, a source claiming to work for Google confirmed that the new feature is being rolled out to G Suite customers, and can be switched off if so desired. Reaching out to Google for comment, we were directed to their help page on the topic.
The stated aim is to prevent phishing, with Google’s redirect service including a link checker to warn users who are traveling to potentially dangerous sites. For many though, this explanation doesn’t pass muster. Forcing users to head to a Google server to view the original URL they were sent is to many an egregious breach of privacy, and a security concern to boot. It allows the search giant to further extend its tendrils of click tracking into even private email conversations. For some, the implications are worse. Cryptographically signed messages, such as those using PGP or GPG, are broken by the tool; as the content of the email body is modified in the process, the message no longer checks out with respect to the original signature. Of course, this is the value of signing your messages — it becomes much easier to detect such alterations between what was sent and what was received.
Inadequate Disclosure
Understandably, many were up in arms that the company would implement such a measure with no consultation or warning ahead of time. The content of an email is sacrosanct, in many respects, and tampering with it in any form will always be condemned by the security conscious. If the feature is a choice for the user, and can be turned off at will, then it’s a useful tool for those that want it. But this discovery was a surprise to many, making it hard to believe it was adequately disclosed before roll-out. The question unfolded in the FAQ screenshot above hints at this being part of Google’s A/B test and not applied to all accounts. Features being tested on your email account should be disclosed yet they are not.
Protecting innocent users against phishing attacks is a laudable aim, and we can imagine many business owners enabling such a feature to avoid phishing attacks. It’s another case where privacy is willingly traded for the idea of security. While the uproar is limited due to the specific nature of the implementation thus far, we would expect further desertion of Google’s email services by the tech savvy if such practices were to spread to the mainstream Gmail product. Regardless of what happens next, it’s important to remember that the email you read may not be the one you were sent, and act accordingly.
Update 30/10/2020: It has since come to light that for G Suite users with Advanced Protection enabled, it may not be possible to disable this feature at all.
If you need an oscilloscope, function generator, or other piece of kit for your electronics workbench, there are plenty of modern options. Dropping $4,000 for a modern oscilloscope is nice if you have the money, but if you’d rather put it to better use there are great options that don’t cost a fortune. There are some addons that can turn a smartphone into an oscilloscope but one of the best values out there are older pieces of equipment from the 80s that still work great. You can even upgrade them with some more modern features too, like [NFM] did with this vintage function generator.
This function generator is an HP3325A and it is several decades old, so some work was needed just to restore it to original working condition. The cooling fan and capacitors all needed to be replaced, as well as a few other odds and ends. From there [NFM] set about adding one of the two optional upgrades available for this device, the high voltage output. This allows the function generator to output 40 volts peak-to-peak at 40 milliamps. While he did have an original version from HP, he actually had a self-made design produced that matches the function of the original.
Even if you don’t have this specific function generator, this guide goes into great details about the functioning of older equipment like this. Most of the parts are replaceable and upgrades aren’t completely out of the question like some modern equipment, and with the right care and maintenance these pieces of equipment could last for decades longer.
The form factor got a total overhaul, but there’s bigger changes in this little beastie than are visible at first glance, and we’re going to walk you through most of them. The foremost bonuses are the easy implementation of PCIe and NVMe, making it possible to get data in and out of SSDs ridiculously fast. Combined with optional WiFi/Bluetooth and easily designed Gigabit Ethernet, the CM4 is a connectivity monster.
One of the classic want-to-build-it-with-a-Pi projects is the ultra-fast home NAS. The CM4 makes this finally possible.
If you don’t know the compute modules, they are stripped-down versions of what you probably think of as a Raspberry Pi, which is officially known as the “Model B” form-factor. Aimed at commercial applications, the compute modules lack many of the creature comforts of their bigger siblings, but they trade those for flexibility in design and allow for some extra functionality.
The compute modules aren’t exactly beginner friendly, but we’re positively impressed by how far Team Raspberry has been able to make this module accessible to the intermediate hacker. Most of this is down to the open design of the IO Breakout board that also got released today. With completely open KiCAD design files, if you can edit and order a PCB, and then reflow-solder what arrives in the mail, you can design for the CM4. The benefit is a lighter, cheaper, and yet significantly more customizable platform that packs the power of the Raspberry Pi 4 into a low-profile 40 mm x 55 mm package.
So let’s see what’s new, and then look a little bit into what is necessary to incorporate a compute module into your own design.
