News

3607 Articles

Time’s Up For Mbed

July 16, 2024 by 18 Comments

In a forum post has come the announcement that mBed, ARM’s accessible microcontroller development platform, is to reach end-of-life in July 2026. This means that the online platform and OS will no longer be supported by ARM, though the latter will remain an open source project. The website will be shuttered, and no new projects can be created after that date using ARM infrastructure.

mBed was originally launched back in 2009, as a competitor to the Arduino IDE for ARM’s chips. Its easy development made it attractive and there were soon an array of boards from different manufacturers supporting it, but perhaps due to its support for only the one architecture, it failed to find success. It’s certainly not the first time a single-architecture microcontroller development platform has been discontinued, we need only look to the Intel Edison for that, but given the success of ARM platforms in general it’s still something of a surprise. Perhaps it’s time to take the press release explanation that other platforms such as Arduino have simply been much more popular.

Will a community form around an open source mBed? Given that it’s been a definite minority among Hackaday projects over the years, while we hope it does, we’re not so sure.

mBed board image: Viswesr, CC BY-SA 3.0.

Nitric Acid Is The Hot New Way To Pick Locks

July 15, 2024 by 60 Comments

Lockpicking is a grand skill to have, and one that’s often presumed to be one of the dark arts of the burglar. However, a new technique has come to the fore in some European contexts. It appears nitric acid is being used to damage locks to allow criminals to gain entry into residential premises.

Germany’s Bild has covered this matter, as has Feuerwehr Magazine. The technique has apparently come to prominence in the last couple of years. Attackers pour the corrosive liquid into the keyway of a typical door lock. This damages the cylinder, and perhaps the pins inside as well. Once the metal has been eaten away and the structure of the lock is sufficiently degraded, it can presumably be forced open quite easily with hand tools. The technique is apparently especially effective in Germany, where locks are typically installed with the pins facing down. This makes it easy for any liquid trickled into the lock to eat away at the pins in the bottom.

German authorities advised people to be on the look out for discoloration around door locks. If seen, it’s important to avoid contact with any corrosive liquid that may have been used on the lock.

It’s a nasty technique that doesn’t just damage locks, but doors as well! Meanwhile, if you’re learning the art of lockpicking, just remember not to practice on any important locks you might actually need. More pictures after the break.

Continue reading “Nitric Acid Is The Hot New Way To Pick Locks”

This Week In Security: Blast-RADIUS, Gitlab, And Plormbing

July 12, 2024 by 6 Comments

The RADIUS authentication scheme, short for “Remote Authentication Dial-In User Service”, has been widely deployed for user authentication in all sorts of scenarios. It’s a bit odd, in that individual users authenticate to a “RADIUS Client”, sometimes called a Network Access Server (NAS). In response to an authentication request, a NAS packages up the authentication details, and sends it to a central RADIUS server for verification. The server then sends back a judgement on the authentication request, and if successful the user is authenticated to the NAS/client.

The scheme was updated to its current form in 1994, back when MD5 was considered a cryptographically good hash. It’s been demonstrated that MD5 has problems, most notably a chosen-prefix collision attack demonstrated in 2007. The basis of this collision attack is that given two arbitrary messages, it is possible to find a pair of values that, when appended to the end of those messages, result in matching md5 hashes for each combined message. It turns out this is directly applicable to RADIUS.
Continue reading “This Week In Security: Blast-RADIUS, Gitlab, And Plormbing”

Embedded Python: MicroPython Is Amazing

July 11, 2024 by 105 Comments

In case you haven’t heard, about a month ago MicroPython has celebrated its 11th birthday. I was lucky that I was able to start hacking with it soon after pyboards have shipped – the first tech talk I remember giving was about MicroPython, and that talk was how I got into the hackerspace I subsequently spent years in. Since then, MicroPython been a staple in my projects, workshops, and hacking forays.

If you’re friends with Python or you’re willing to learn, you might just enjoy it a lot too. What’s more, MicroPython is an invaluable addition to a hacker’s toolkit, and I’d like to show you why. Continue reading “Embedded Python: MicroPython Is Amazing”

Ticketmaster SafeTix Reverse-Engineered

July 11, 2024 by 49 Comments

Ticketmaster is having a rough time lately. Recently, a hacker named [Conduition] managed to reverse-engineer their new “safe” electronic ticket system. Of course, they also had the recent breach where more than half a billion accounts had personal and financial data leaked without any indication of whether or not the data was fully encrypted. But we’re going to focus on the former, as it’s more technically interesting.

Ticketmaster’s stated goals for the new SafeTix system — which requires the use of a smartphone app — was to reduce fraud and ticket scalping. Essentially, you purchase a ticket using their app, and some data is downloaded to your phone which generates a rotating barcode every 15 seconds. When [Conduition] arrived at the venue, cell and WiFi service was totally swamped by everyone trying to load their barcode tickets. After many worried minutes (and presumably a few choice words) [Conduition] managed to get a cell signal long enough to update the barcode, and was able to enter, albeit with a large contingent of similarly annoyed fans trying to enter with their legally purchased tickets.

Continue reading “Ticketmaster SafeTix Reverse-Engineered”

Exploded view of a mini PC built into a keyboard.

Keyboard Contains Entire Mini PC, Just BYOD

July 8, 2024 by 52 Comments

When we talk about keyboards that do it all, we usually mean either big ones with lots of keys and doodads like rotary encoders and displays, or small ones with lots of layers (and usually a few doodads, too). But this — this is something else entirely. Chinese PC maker Linglong have crammed an entire mini PC into a keyboard that’s small enough to fit in your back pocket. Oh, and it folds, too. All you need is a display.

Why do you need a display? Why not include one, if you’re going to wedge everything else in there? Well, the company envisions its users pairing it with a VR or AR glasses. But we can see use cases far beyond ownership of special spectacles, of course.

For instance, office work. Linglong says this key-puter (you read it here first) will last up to ten hours for light use, and nearly six hours for watching movies, but heavy use will have you down to four hours, which really isn’t that bad.

Spec-wise, it looks pretty good, with an AMD Ryzen 7 and either 16 or 32 GB of memory and a half- or full-terabyte hard drive. The whole thing is around 4 x 6″ (15 x 10cm), presumably in the folded orientation, and weighs less than two pounds (800 g). The projected cost is $400-500 depending on specs.

Unfortunately, this little key-puter isn’t available just yet. There are just 200 units available for Beta testing, and no, we don’t have one!

Main and thumbnail images via Linglong

New Battery Has No Anode

July 7, 2024 by 29 Comments

Conventional batteries have anodes and cathodes, but a new design from the University of Chicago and the University of California San Diego lacks an anode. While this has been done before, according to the University, this is the first time a solid-state sodium battery has successfully used this architecture.

Sodium is abundant compared to lithium, so batteries that use sodium are attractive. According to the University of Chicago’s news release:

Anode-free batteries remove the anode and store the ions on an electrochemical deposition of alkali metal directly on the current collector. This approach enables higher cell voltage, lower cell cost, and increased energy density…

Continue reading “New Battery Has No Anode”