News

3606 Articles

A guy's leg encased in a 3D printer showing a fresh printed tattoo

Do, Dare Or Don’t? Getting Inked By A 3D Printer

February 2, 2025 by 19 Comments

This unusual tattoo hack by [Emily The Engineer] is not for the weak of heart, but let’s be frank: we kind of know her for that. And she gives out a warning, albeit at a good 10 minutes in, to not do this at home. What she’s about to do takes creativity and tech obsession to the next level: to transform a 3D printer into a functional tattoo machine. Therefore, [Emily] ingeniously modified one of her standard 3D printers to operate two-dimensionally, swapped its plastic extruder for a tattoo gun, and, yes, even managed to persuade a willing participant to try it out.

The entire process can be seen in [Emily]’s video below, which humorously yet meticulously documents the journey from Sharpie test runs to actually inking skin. Aside from a lot of tongue-in-cheek trial and error, this project requires a sheer amount of problem-solving. [Emily] employs firmware edits to bypass safety checks, and clever hardware adaptations to ensure smooth transitions between strokes. One impressive upgrade is the emergency solenoid system, a literal panic button to stop the machine mid-tattoo in case of trouble—a critical addition for something with needles involved!

This hack sits on the edge of DIY body modification, raising eyebrows and technical questions alike. If you missed the warning and are now frantically searching for tattoo removal options, know we’ve covered some (but you might be rightfully scared of automating that, too, at this point). If you haven’t lifted a finger while reading this, just do the safe thing: watch [Emily]’s video, and tinker about the subsequent purposes this discovery creates for 3D printing or tattoo art.

Continue reading “Do, Dare Or Don’t? Getting Inked By A 3D Printer”

This Week In Security: DeepSeek’s Oopsie, AI Tarpits, And Apple’s Leaks

January 31, 2025 by 8 Comments

DeepSeek has captured the world’s attention this week, with an unexpected release of the more-open AI model from China, for a reported mere $5 million training cost. While there’s lots of buzz about DeepSeek, here we’re interested in security. And DeepSeek has made waves there, in the form of a ClickHouse database unintentionally opened to the world, discovered by the folks from Wiz research. That database contained chat history and log streams, and API keys and other secrets by extension.

Finding this database wasn’t exactly rocket science — it reminds me of my biggest bug bounty win, which was little more than running a traceroute and a port scan. In this case it was domain and sub domain mapping, and a port scan. The trick here was knowing to try this, and then understanding what the open ports represented. And the ClickHouse database was completely accessible, leaking all sorts of sensitive data. Continue reading “This Week In Security: DeepSeek’s Oopsie, AI Tarpits, And Apple’s Leaks”

Google Open Sources PebbleOS: New Pebble Device In Development

January 28, 2025 by 35 Comments

The Pebble smartwatch was introduced in 2012 as part of a Kickstarter campaign and saw moderate success before the company behind it got bought out by Fitbit. Although a group of enthusiasts kept their Pebble devices alive, including via the alternate Rebble project for online services, it seemed that no new Pebble devices would grace this Earth. However, we now got a flurry of Pebble updates, with Google, the current owner of Fitbit, open sourcing the PebbleOS source, and [Eric Migicovsky] as the original Pebble founder announcing new Pebble watches.

These new Pebble watches would be very much like the original Pebble, though switching from a memory LCD to an e-paper screen but keeping compatibility with the original Pebble watch and its hackability. Currently there’s just a rePebble site where you can sign up for announcements. Over at the Rebble project people are understandably excited, with the PebbleOS source available on GitHub.

A lot of work still remains, of course. The Apache 2.0-licensed PebbleOS source was stripped of everything from fonts to the voice codec and Bluetooth stack, and of course bootstrapping whole new hardware production will require serious investment. Even so, for lovers of smart watches that work with modern-day smartphones, featuring an always-on display and amazing battery life the future has never been more bright.

Thanks to [Will0] for the tip.

The FTC Take Action, Is Time Finally Up For John Deere On Right To Repair?

January 27, 2025 by 44 Comments

Over the last decade we have brought you frequent reports not from the coolest of hackerspaces or the most bleeding edge of engineering in California or China, but from the rolling prairies of the American Midwest. Those endless fields of cropland waving in the breeze have been the theatre for an unlikely battle over right to repair, the result of which should affect us all. The case of FEDERAL TRADE COMMISSION, STATE OF ILLINOIS, and STATE OF MINNESOTA, v. DEERE & COMPANY  relates to the machinery manufacturer’s use of DRM to restrict the repair of its products, and holds the promise to end the practice once and for all.

This is being written in Europe, where were an average person asked to name a brand that says “America”, they might reach for the familiar; perhaps Disney, McDonalds, or Coca-Cola. These are the flag-bearers of American culture for outsiders, but it’s fair to say that none of them can claim to have built the country. The green and yellow Deere tractors on the other hand represent the current face of a company with nearly two hundred years of farming history, which by virtue of producing some of the first mass-produced plows, had perhaps the greatest individual role in shaping modern American agriculture and thus indirectly the country itself. To say that Deere is woven into the culture of rural America is something of an understatement, agricultural brands like Deere have an enviable customer base, the most loyal of any industry.

Thus while those green and yellow tractors are far from the only case of DRM protected repairability, they have become the symbolic poster child for the issue as a whole. It’s important to understand then how far-reaching it is beyond the concerns of us technology and open-source enthusiasts, and into something much more fundamental. Continue reading “The FTC Take Action, Is Time Finally Up For John Deere On Right To Repair?”

Schematic of quantum measurement basis on whiteboard

Shedding Light On Quantum Measurement With Calcite

January 26, 2025 by 19 Comments

Have you ever struggled with the concept of quantum measurement, feeling it’s unnecessarily abstract? You’re not alone. Enter this guide by [Mithuna] from Looking Glass Universe, where she circles back on the concept of  measurement basis in quantum mechanics using a rather simple piece of calcite crystal. We wrote about similar endeavours in reflection on Shanni Prutchi’s talk at the Hackaday SuperConference in 2015. If that memory got a bit dusty in your mind, here’s a quick course to make things click again.

In essence, calcite splits a beam of light into two dots based on polarization. By aligning filters and rotating angles, you can observe how light behaves when forced into ‘choices’. The dots you see are a direct representation of the light’s polarization states. Now this isn’t just a neat trick for photons; it’s a practical window into the probability-driven nature of quantum systems.

Even with just one photon passing through per second, the calcite setup demonstrates how light ‘chooses’ a path, revealing the probabilistic essence of quantum mechanics. Using common materials (laser pointers, polarizing filters, and calcite), anyone can reproduce this experiment at home.

If this sparks curiosity, explore Hackaday’s archives for quantum mechanics. Or just find yourself a good slice of calcite online, steal the laser pointer from your cat’s toy bin, and get going!

Continue reading “Shedding Light On Quantum Measurement With Calcite”

Sony Ends Blu-Ray, MD And MiniDV Media Production

January 24, 2025 by 30 Comments

With the slow demise of physical media the past years, companies are gradually closing shop on producing everything from the physical media itself to their players and recorders. For Sony this seems to have now escalated to where it’ll be shuttering its recordable optical media storage operations, after more than 18 years of producing recordable Blu-ray discs. As noted by [Toms Hardware] this also includes minidisc (MD) media and MiniDV cassettes.

We previously reported on Sony ending the production of recordable Blu-ray media for consumers, which now seems to have expanded to Sony’s remaining storage media. It also raises the likelihood that Sony’s next game console (likely PlayStation 6) will not feature any optical drive at all as Blu-ray loses importance. While MiniDV likely was only interesting to those of us still lugging one of those MiniDV camcorders around, the loss of MD production may be felt quite strongly in the indie music scene, where MD is experiencing somewhat of a revival alongside cassette tapes and vinyl records.

Although it would appear that physical media is now effectively dead in favor of streaming services, it might be too soon to mark its demise.

This Week In Security: ClamAV, The AMD Leak, And The Unencrypted Power Grid

January 24, 2025 by 11 Comments

Cisco’s ClamAV has a heap-based buffer overflow in its OLE2 file scanning. That’s a big deal, because ClamAV is used to scan file attachments on incoming emails. All it takes to trigger the vulnerability is to send a malicious file through an email system that uses ClamAV.

The exact vulnerability is a string termination check that can fail to trigger, leading to a buffer over-read. That’s a lot better than a buffer overflow while writing to memory. That detail is why this vulnerability is strictly a Denial of Service problem. The memory read results in process termination, presumably a segfault for reading protected memory. There are Proof of Concepts (PoCs) available, but so far no reports of the vulnerability being used in the wild.
Continue reading “This Week In Security: ClamAV, The AMD Leak, And The Unencrypted Power Grid”