News

3621 Articles

Have Some Candy While I Steal Your Cycles

September 27, 2017 by 46 Comments

Distributed computing is an excellent idea. We have a huge network of computers, many of them always on, why not take advantage of that when the user isn’t? The application that probably comes to mind is Folding@home, which lets you donate your unused computer time to help crunch the numbers for disease research. Everyone wins!

But what if your CPU cycles are being used for profit without your knowledge? Over the weekend this turned out to be the case with Showtime on-demand sites which mined Monero coins while the users was pacified by video playback. The video is a sweet treat while the cost of your electric bill is nudged up ever so slightly.

It’s an interesting hack as even if the user notices the CPU maxing out they’ll likely dismiss it as the horsepower necessary to decode the HD video stream. In this case, both Showtime and the web analytics company whose Javascript contained the mining software denied responsibility. But earlier this month Pirate Bay was found to be voluntarily testing out in-browser mining as a way to make up for dwindling ad revenue.

This is a clever tactic, but comes perilously close to being malicious when done without the user’s permission or knowledge. We wonder if those ubiquitous warnings about cookie usage will at times include notifications about currency mining on the side? Have you seen or tried out any of this Javascript mining? Let us know in the comments below.

Photo by Todd Bakken

Sector67 Hackerspace Rocked By Explosion At New Location

September 26, 2017 by 32 Comments

Madison, WI hackerspace Sector67 is in a period of transition as they move from their current rented location to a new property that will be their permanent home a half mile away. Last Wednesday (September 20, 2017) an unfortunate propane explosion in the new building led to the injury of Chris Meyer, the founder and director of the hackerspace.

The structure has been stabilized and renovation is continuing, but Chris was seriously burned and will be in the hospital for at least a month with a much longer road to complete recovery. It is fortunate that nobody else was injured.

This accident comes at a time when Sector67 essentially has two spaces to maintain; the existing space is still running, but many of the members are focused on the construction of the new space. The building needs significant work before the move can take place. Currently the roof is being raised so that the building can go from one awkward-height story to two normal stories, doubling the size. An expiring lease and imminent demolition of the current location by developers means the clock is still ticking on the move, and this explosion means Sector67 will have to work even harder, and without the presence and constant effort of the person who has been leading the project.

A GoFundMe campaign for Sector67 has been started and is well on its way towards helping Chris and Sector67.

3D Printing Aluminum With Nanoparticles

September 25, 2017 by 20 Comments

We love our 3D printers. But sometimes we really wish we could print in metal. While metal printing is still out of reach for most of us, HRL Labs announced a powdered aluminum printing process that they claim is a breakthrough because it allows printing (and welding) of high-strength aluminum alloys that previously were unprintable and unweldable.

The key is treating the metal with special zirconium-based nanoparticles. The nanoparticles act as nucleation sites that allow the aluminum to form the correct microstructure. The full paper on the process appears in Nature.

Continue reading “3D Printing Aluminum With Nanoparticles”

FPGA Clocks For Software Developers (or Anyone)

September 21, 2017 by 18 Comments

It used to be that designing hardware required schematics and designing software required code. Sure, a lot of people could jump back and forth, but it was clearly a different discipline. Today, a lot of substantial digital design occurs using a hardware description language (HDL) like Verilog or VHDL. These look like software, but as we’ve pointed out many times, it isn’t really the same. [Zipcpu] has a really clear blog post that explains how it is different and why.

[Zipcpu] notes something we’ve seen all too often on the web. Some neophytes will write sequential code using Verilog or VHDL as if it was a conventional programming language. Code like that may even simulate. However, the resulting hardware will — at best — be very inefficient and at worst will not even work.

Continue reading “FPGA Clocks For Software Developers (or Anyone)”

OptionsBleed – Apache Bleeds In Uncommon Configuration

September 19, 2017 by 8 Comments

[Hanno Böck] recently uncovered a vulnerability in Apache webserver, affecting Apache HTTP Server 2.2.x through 2.2.34 and 2.4.x through 2.4.27. This bug only affects Apache servers with a certain configuration in .htaccess file. Dubbed Optionsbleed, this vulnerability is a use after free error in Apache HTTP that causes a corrupted Allow header to be replied by the webserver in response to HTTP OPTIONS requests. This can leak pieces of arbitrary memory from the server process that may contain sensitive information. The memory pieces change after multiple requests, so for a vulnerable host an arbitrary number of memory chunks can be leaked.

Unlike the famous Heartbleed bug in the past, Optionsbleed leaks only small chunks of memory and more importantly only affects a small number of hosts by default. Nevertheless, shared hosting environments that allow for .htaccess file changes can be quite sensitive to it, as a rogue .htaccess file from one user can potentially bleed info for the whole server. Scanning the Alexa Top 1 Million revealed 466 hosts with corrupted Allow headers, so it seems the impact is not huge so far.

The bug appears if a webmaster tries to use the “Limit” directive with an invalid HTTP method. We decided to test this behaviour with a simple .htaccess file like this:

Continue reading “OptionsBleed – Apache Bleeds In Uncommon Configuration”

Hackaday’s London Meetup Was A Corker

September 18, 2017 by 15 Comments

Upstairs at the Marquis Cornwallis pub in central London, around 75 Hackadayers convened, ate well, drank well, and were generally merry. Nearly everyone in attendance brought a hack with them, which meant that there was a lot to see in addition to all that socializing to be done.

I spoke with a huge number of people who all said the same thing: that it was fantastic to put faces to the names of the writers, hackers, and other readers. As a writer, I finally got to meet in person some of the people who’ve produced some of my favorite hacks, in addition to most that were totally new to me. I can’t say how often I heard “Oh you’re the person behind that project. I loved that one.” A real sense of the Hackaday community was on display. Continue reading “Hackaday’s London Meetup Was A Corker”

Sparky, The Electric Boat

September 15, 2017 by 13 Comments

They say the two best days of a boat owner’s life are the day that they buy the boat and the day they sell it. If you built your boat from scratch though, you might have a few more good days than that. [Paul] at [ElkinsDIY] is no stranger to building boats, but his other creations are a little too heavy for him to easily lift, so his latest is a fully electric, handmade boat that comes in at under 30 pounds and is sure to provide him with many more great days.

While the weight of the boat itself is an improvement over his older designs, this doesn’t include the weight of the batteries and the motor. To increase buoyancy to float this extra weight he made the boat slightly longer. A tiller provides steering and a trolling motor is used for propulsion. As of this video, the boat has a slight leak, but [Paul] plans to shore this up as he hammers out the kinks.

The boat is very manageable for one person and looks like a blast for cruising around the local lakes. Since it’s built with common tools and materials virtually anyone should be able to build something similar, even if you don’t have this specific type of plastic on hand.  And, while this one might not do well in heavy wind or seas, it’s possible to build a small one-person boat that can cross entire oceans.

Continue reading “Sparky, The Electric Boat”