Sector67 Hackerspace Rocked By Explosion At New Location

September 26, 2017 by Bob Baddeley 32 Comments

Madison, WI hackerspace Sector67 is in a period of transition as they move from their current rented location to a new property that will be their permanent home a half mile away. Last Wednesday (September 20, 2017) an unfortunate propane explosion in the new building led to the injury of Chris Meyer, the founder and director of the hackerspace.

The structure has been stabilized and renovation is continuing, but Chris was seriously burned and will be in the hospital for at least a month with a much longer road to complete recovery. It is fortunate that nobody else was injured.

This accident comes at a time when Sector67 essentially has two spaces to maintain; the existing space is still running, but many of the members are focused on the construction of the new space. The building needs significant work before the move can take place. Currently the roof is being raised so that the building can go from one awkward-height story to two normal stories, doubling the size. An expiring lease and imminent demolition of the current location by developers means the clock is still ticking on the move, and this explosion means Sector67 will have to work even harder, and without the presence and constant effort of the person who has been leading the project.

A GoFundMe campaign for Sector67 has been started and is well on its way towards helping Chris and Sector67.

3D Printing Aluminum With Nanoparticles

September 25, 2017 by Al Williams 20 Comments

We love our 3D printers. But sometimes we really wish we could print in metal. While metal printing is still out of reach for most of us, HRL Labs announced a powdered aluminum printing process that they claim is a breakthrough because it allows printing (and welding) of high-strength aluminum alloys that previously were unprintable and unweldable.

The key is treating the metal with special zirconium-based nanoparticles. The nanoparticles act as nucleation sites that allow the aluminum to form the correct microstructure. The full paper on the process appears in Nature.

Continue reading “3D Printing Aluminum With Nanoparticles” →

FPGA Clocks For Software Developers (or Anyone)

September 21, 2017 by Al Williams 18 Comments

It used to be that designing hardware required schematics and designing software required code. Sure, a lot of people could jump back and forth, but it was clearly a different discipline. Today, a lot of substantial digital design occurs using a hardware description language (HDL) like Verilog or VHDL. These look like software, but as we’ve pointed out many times, it isn’t really the same. [Zipcpu] has a really clear blog post that explains how it is different and why.

[Zipcpu] notes something we’ve seen all too often on the web. Some neophytes will write sequential code using Verilog or VHDL as if it was a conventional programming language. Code like that may even simulate. However, the resulting hardware will — at best — be very inefficient and at worst will not even work.

Continue reading “FPGA Clocks For Software Developers (or Anyone)” →

OptionsBleed – Apache Bleeds In Uncommon Configuration

September 19, 2017 by Pedro Umbelino 8 Comments

[Hanno Böck] recently uncovered a vulnerability in Apache webserver, affecting Apache HTTP Server 2.2.x through 2.2.34 and 2.4.x through 2.4.27. This bug only affects Apache servers with a certain configuration in .htaccess file. Dubbed Optionsbleed, this vulnerability is a use after free error in Apache HTTP that causes a corrupted Allow header to be replied by the webserver in response to HTTP OPTIONS requests. This can leak pieces of arbitrary memory from the server process that may contain sensitive information. The memory pieces change after multiple requests, so for a vulnerable host an arbitrary number of memory chunks can be leaked.

Unlike the famous Heartbleed bug in the past, Optionsbleed leaks only small chunks of memory and more importantly only affects a small number of hosts by default. Nevertheless, shared hosting environments that allow for .htaccess file changes can be quite sensitive to it, as a rogue .htaccess file from one user can potentially bleed info for the whole server. Scanning the Alexa Top 1 Million revealed 466 hosts with corrupted Allow headers, so it seems the impact is not huge so far.

The bug appears if a webmaster tries to use the “Limit” directive with an invalid HTTP method. We decided to test this behaviour with a simple .htaccess file like this:

Continue reading “OptionsBleed – Apache Bleeds In Uncommon Configuration” →

Hackaday’s London Meetup Was A Corker

September 18, 2017 by Elliot Williams 15 Comments

Upstairs at the Marquis Cornwallis pub in central London, around 75 Hackadayers convened, ate well, drank well, and were generally merry. Nearly everyone in attendance brought a hack with them, which meant that there was a lot to see in addition to all that socializing to be done.

I spoke with a huge number of people who all said the same thing: that it was fantastic to put faces to the names of the writers, hackers, and other readers. As a writer, I finally got to meet in person some of the people who’ve produced some of my favorite hacks, in addition to most that were totally new to me. I can’t say how often I heard “Oh you’re the person behind that project. I loved that one.” A real sense of the Hackaday community was on display. Continue reading “Hackaday’s London Meetup Was A Corker” →

Sparky, The Electric Boat

September 15, 2017 by Bryan Cockfield 13 Comments

They say the two best days of a boat owner’s life are the day that they buy the boat and the day they sell it. If you built your boat from scratch though, you might have a few more good days than that. [Paul] at [ElkinsDIY] is no stranger to building boats, but his other creations are a little too heavy for him to easily lift, so his latest is a fully electric, handmade boat that comes in at under 30 pounds and is sure to provide him with many more great days.

While the weight of the boat itself is an improvement over his older designs, this doesn’t include the weight of the batteries and the motor. To increase buoyancy to float this extra weight he made the boat slightly longer. A tiller provides steering and a trolling motor is used for propulsion. As of this video, the boat has a slight leak, but [Paul] plans to shore this up as he hammers out the kinks.

The boat is very manageable for one person and looks like a blast for cruising around the local lakes. Since it’s built with common tools and materials virtually anyone should be able to build something similar, even if you don’t have this specific type of plastic on hand. And, while this one might not do well in heavy wind or seas, it’s possible to build a small one-person boat that can cross entire oceans.

Continue reading “Sparky, The Electric Boat” →

Bluetooth Vulnerability Affects All Major OS

September 14, 2017 by Pedro Umbelino 52 Comments

Security researchers from Armis Labs recently published a whitepaper unveiling eight critical 0-day Bluetooth-related vulnerabilities, affecting Linux, Windows, Android and iOS operating systems. These vulnerabilities alone or combined can lead to privileged code execution on a target device. The only requirement is: Bluetooth turned on. No user interaction is necessary to successfully exploit the flaws, the attacker does not need to pair with a target device nor the target device must be paired with some other device.

The research paper, dubbed BlueBorne (what’s a vulnerability, or a bunch, without a cool name nowadays?), details each vulnerability and how it was exploited. BlueBorne is estimated to affect over five billion devices. Some vendors, like Microsoft, have already issued a patch while others, like Samsung, remain silent. Despite the patches, some devices will never receive a BlueBorne patch since they are outside of their support window. Armis estimates this accounts for around 40% of all Bluetooth enabled devices.

A self-replicating worm that would spread and hop from a device to other nearby devices with Bluetooth turned on was mentioned by the researchers as something that could be done with some more work. That immediately reminds us of the BroadPwn vulnerability, in which the researchers implemented what is most likely the first WiFi only worm. Although it is definitely a fun security exercise to code such worm, it’s really a bad, bad idea… Right?…

So who’s affected?

Continue reading “Bluetooth Vulnerability Affects All Major OS” →

Hackaday

News

3662 Articles

Sector67 Hackerspace Rocked By Explosion At New Location

3D Printing Aluminum With Nanoparticles

FPGA Clocks For Software Developers (or Anyone)

OptionsBleed – Apache Bleeds In Uncommon Configuration

Hackaday’s London Meetup Was A Corker

Sparky, The Electric Boat

Bluetooth Vulnerability Affects All Major OS

Search

Never miss a hack

If you missed it

CCA Ethernet Cables: Not Up To Scratch, But Are They Dangerous?

With Affordable Storage Options Dwindling, Where To Store Our Data?

Ask Hackaday: How Much Compute Is Enough?

WheatForce: Learning From CPU Architecture Mistakes

Improving FDM Filament Drying With A Spot Of Vacuum

Our Columns

2026 Hackaday Europe: First Round Of Speakers Announced!

In Space (Probably) Everyone Can Hear You.. Well, You Know

Re-Learning How To Run

Hackaday Podcast Episode 364: Clocks, Cameras, And Free Will

This Week In Security: The Supply Chain Has Problems

Search

Never miss a hack

Subscribe

If you missed it

Our Columns