News

3609 Articles

Breaking: USPS Halts Inbound Packages From China And Hong Kong Posts

February 5, 2025 by 104 Comments

Update: The USPS has now resumed acceptance of inbound packages from China. According to the updated Service Alert, they are currently working with Customs and Border Protection to “implement an efficient collection mechanism for the new China tariffs.’

Some troubling news hit overnight as the United States Post Office announced via a terse “Service Alert” that they would suspend acceptance of inbound parcels from China and Hong Kong Posts, effective immediately.

The Alert calls it a temporary suspension, but gives no timeline on when service will be restored. While details are still coming together, it seems likely that this suspension is part of the Trump administration’s Chinese tariff package, which went into effect at midnight.

Specifically, the administration looks to close the “de minimis” exemption — a loophole which allowed packages valued under $800 USD to pass through customs without having to pay any duties or fees. Those packages will now not only be subject to the overall 10% tax imposed by the new tariff package, but will now have to be formally processed through customs, potentially tacking on even more taxes and fees.

The end result is that not only will your next order of parts from AliExpress be more expensive, but it’s likely to take even longer to arrive at your door. Of course, this should come as no surprise. At the end of the day, this is precisely what the administration aims to accomplish with the new tariffs — if purchasing goods from overseas is suddenly a less attractive option than it was previously, it will be a boon to domestic suppliers. That said, some components will be imported from China regardless of who you order them from, so those prices are still going to increase.

Other carriers such as FedEx and UPS will also have to follow these new rules, but at the time of this writing, neither service had released a statement about how they intend to comply.

Freedesktop And Alpine Linux Looking For New Hosting

February 4, 2025 by 37 Comments

A well-known secret in the world of open source software is that many projects rely on donated hosting for everything from their websites to testing infrastructure. When the company providing said hosting can no longer do so for whatever reason, it leaves the project scrambling for a replacement. This is what just happened for Alpine Linux, as detailed on their blog.

XKCD's dependency model
Modern-day infrastructure, as visualized by XKCD. (Credit: Randall Munroe)

Previously Equinix Metal provided the hosting, but as they are shutting down their bare-metal services, the project now has to find an alternative. As described in the blog post, this affects in particular storage services, continuous integration, and development servers.

As if that wasn’t bad enough, Equinix was also providing hosting for the Freedesktop.org project. In a post on their GitLab, [Benjamin Tissoires] thanks the company for supporting them as long as they have, and details the project’s current hosting needs.

As the home of X.org and Wayland (and many more), the value of Freedesktop.org to the average user requires no explanation. For its part, Alpine Linux is popular in virtualization, with Docker images very commonly using it as a base. This raises the uncomfortable question of why such popular open source projects have to depend on charity when so many companies use them, often commercially.

We hope that these projects can find a new home, and maybe raise enough money from their users to afford such hosting themselves. The issue of funding (F)OSS projects is something that regularly pops up, such as the question of whether FOSS bounties for features are helpful or harmful.

Bicycle Adds Reliability With Second Chain

February 3, 2025 by 71 Comments

Ignoring the International Cycling Union‘s mostly arbitrary rules for what a bicycle is “supposed” to look like (at least if you want to race), there are actually reasons that the bicycling world has standardized around a few common parts and designs. Especially regarding the drivetrain, almost all bikes use a chain, a freewheel, and a derailleur if there are gears to shift because these parts are cheap, reliable, and easy to repair. But if you’re off grid in a place like Africa, even the most reliable bikes won’t quite cut it. That’s why a group called World Bicycle Relief designed and built the Buffalo bicycle, and the latest adds a second gear with a unique freewheel.

Bicycling YouTuber [Berm Peak] takes us through the design of this bike in his latest video which is also linked below. The original Buffalo bicycle was extremely rugged and durable, with a rear rack designed to carry up to 200 pounds and everything on the bike able to be repaired with little more than an adjustable wrench. The new freewheel adds a second gear to the bike which makes it easier to use it in hilly terrain, but rather than add a complicated and hard-to-repair derailleur the freewheel adds a second chain instead, and the rider can shift between the two gears by pedaling backwards slightly and then re-engaging the pedals.

Of course a few compromises had to be made here. While the new freewheel is nearly as rugged as the old one, it’s slightly more complex. However, they can be changed quite easily with simple tools and are small, affordable, and easy to ship as well. The bike also had to abandon the original coaster brake, but the new rim brakes are a style that are also easy to repair and also meant that the bike got a wheel upgrade as well. Bicycles like these are incredibly important in places where cars are rare or unaffordable, or where large infrastructure needed to support them is unreliable or nonexistent. We’ve seen other examples of bicycles like these being put to work in places like India as well.

Thanks to [Keith] for the tip!

Continue reading “Bicycle Adds Reliability With Second Chain”

A guy's leg encased in a 3D printer showing a fresh printed tattoo

Do, Dare Or Don’t? Getting Inked By A 3D Printer

February 2, 2025 by 19 Comments

This unusual tattoo hack by [Emily The Engineer] is not for the weak of heart, but let’s be frank: we kind of know her for that. And she gives out a warning, albeit at a good 10 minutes in, to not do this at home. What she’s about to do takes creativity and tech obsession to the next level: to transform a 3D printer into a functional tattoo machine. Therefore, [Emily] ingeniously modified one of her standard 3D printers to operate two-dimensionally, swapped its plastic extruder for a tattoo gun, and, yes, even managed to persuade a willing participant to try it out.

The entire process can be seen in [Emily]’s video below, which humorously yet meticulously documents the journey from Sharpie test runs to actually inking skin. Aside from a lot of tongue-in-cheek trial and error, this project requires a sheer amount of problem-solving. [Emily] employs firmware edits to bypass safety checks, and clever hardware adaptations to ensure smooth transitions between strokes. One impressive upgrade is the emergency solenoid system, a literal panic button to stop the machine mid-tattoo in case of trouble—a critical addition for something with needles involved!

This hack sits on the edge of DIY body modification, raising eyebrows and technical questions alike. If you missed the warning and are now frantically searching for tattoo removal options, know we’ve covered some (but you might be rightfully scared of automating that, too, at this point). If you haven’t lifted a finger while reading this, just do the safe thing: watch [Emily]’s video, and tinker about the subsequent purposes this discovery creates for 3D printing or tattoo art.

Continue reading “Do, Dare Or Don’t? Getting Inked By A 3D Printer”

This Week In Security: DeepSeek’s Oopsie, AI Tarpits, And Apple’s Leaks

January 31, 2025 by 8 Comments

DeepSeek has captured the world’s attention this week, with an unexpected release of the more-open AI model from China, for a reported mere $5 million training cost. While there’s lots of buzz about DeepSeek, here we’re interested in security. And DeepSeek has made waves there, in the form of a ClickHouse database unintentionally opened to the world, discovered by the folks from Wiz research. That database contained chat history and log streams, and API keys and other secrets by extension.

Finding this database wasn’t exactly rocket science — it reminds me of my biggest bug bounty win, which was little more than running a traceroute and a port scan. In this case it was domain and sub domain mapping, and a port scan. The trick here was knowing to try this, and then understanding what the open ports represented. And the ClickHouse database was completely accessible, leaking all sorts of sensitive data. Continue reading “This Week In Security: DeepSeek’s Oopsie, AI Tarpits, And Apple’s Leaks”

Google Open Sources PebbleOS: New Pebble Device In Development

January 28, 2025 by 35 Comments

The Pebble smartwatch was introduced in 2012 as part of a Kickstarter campaign and saw moderate success before the company behind it got bought out by Fitbit. Although a group of enthusiasts kept their Pebble devices alive, including via the alternate Rebble project for online services, it seemed that no new Pebble devices would grace this Earth. However, we now got a flurry of Pebble updates, with Google, the current owner of Fitbit, open sourcing the PebbleOS source, and [Eric Migicovsky] as the original Pebble founder announcing new Pebble watches.

These new Pebble watches would be very much like the original Pebble, though switching from a memory LCD to an e-paper screen but keeping compatibility with the original Pebble watch and its hackability. Currently there’s just a rePebble site where you can sign up for announcements. Over at the Rebble project people are understandably excited, with the PebbleOS source available on GitHub.

A lot of work still remains, of course. The Apache 2.0-licensed PebbleOS source was stripped of everything from fonts to the voice codec and Bluetooth stack, and of course bootstrapping whole new hardware production will require serious investment. Even so, for lovers of smart watches that work with modern-day smartphones, featuring an always-on display and amazing battery life the future has never been more bright.

Thanks to [Will0] for the tip.

The FTC Take Action, Is Time Finally Up For John Deere On Right To Repair?

January 27, 2025 by 44 Comments

Over the last decade we have brought you frequent reports not from the coolest of hackerspaces or the most bleeding edge of engineering in California or China, but from the rolling prairies of the American Midwest. Those endless fields of cropland waving in the breeze have been the theatre for an unlikely battle over right to repair, the result of which should affect us all. The case of FEDERAL TRADE COMMISSION, STATE OF ILLINOIS, and STATE OF MINNESOTA, v. DEERE & COMPANY  relates to the machinery manufacturer’s use of DRM to restrict the repair of its products, and holds the promise to end the practice once and for all.

This is being written in Europe, where were an average person asked to name a brand that says “America”, they might reach for the familiar; perhaps Disney, McDonalds, or Coca-Cola. These are the flag-bearers of American culture for outsiders, but it’s fair to say that none of them can claim to have built the country. The green and yellow Deere tractors on the other hand represent the current face of a company with nearly two hundred years of farming history, which by virtue of producing some of the first mass-produced plows, had perhaps the greatest individual role in shaping modern American agriculture and thus indirectly the country itself. To say that Deere is woven into the culture of rural America is something of an understatement, agricultural brands like Deere have an enviable customer base, the most loyal of any industry.

Thus while those green and yellow tractors are far from the only case of DRM protected repairability, they have become the symbolic poster child for the issue as a whole. It’s important to understand then how far-reaching it is beyond the concerns of us technology and open-source enthusiasts, and into something much more fundamental. Continue reading “The FTC Take Action, Is Time Finally Up For John Deere On Right To Repair?”