News

3649 Articles

Not Dead Yet: Microsoft Peripherals Get Licensed To Onward Brands

January 10, 2024 by 33 Comments

After Microsoft announced in April of 2023 that they’d cease selling branded peripherals – including keyboards and mice – as part of its refocusing on Surface computers and accessories, there was an internet-wide outcry about this demise. Yet now it would seem that Microsoft has licensed the manufacturing of these peripherals to Incase, who will be selling a range of ‘Designed By Microsoft’ peripherals starting in 2024. Incase itself is a brand owned by Onward Brands, which is the portfolio manager for Incase and other brands.

Although Microsoft has been selling peripherals since the 1980s (with the Microsoft Mouse appearing in 1983), it seems that we now have to rely on this new company that is said to use the same suppliers as Microsoft did. As for what we can expect to see return with Incase, it’s effectively the same assortment of items that Microsoft was selling at the beginning of 2023, so we will likely not see the return of the Natural 4000 or other peripherals that saw their life cut short before this.

If Incase does manage to relaunch these products this year, which items would you be most interested in purchasing, and how many dozens of those did you manage to stock up on in April when the news broke?

Vulcan Nails First Flight, But Peregrine Falls Short

January 9, 2024 by 24 Comments

For those with an interest in the history of spaceflight, January 8th promised to be a pretty exciting day. Those who tuned into the early morning live stream were looking forward to seeing the first flight of the Vulcan Centaur, a completely new heavy-lift booster developed by United Launch Alliance. But as noteworthy as the inaugural mission of a rocket might be under normal circumstances, this one was particularly special as it was carrying Peregrine — set to be the first American spacecraft to set down on the lunar surface since the end of the Apollo program in 1972.

Experience has taught us that spaceflight is hard, and first attempts at it doubly so. The likelihood of both vehicles performing as expected and accomplishing all of their mission goals was fairly remote to begin with, but you’ve got to start somewhere. Even in the event of a complete failure, valuable data is collected and real-world experience is gained.

Now, more than 24 hours later, we’re starting to get that data back and finding out what did and didn’t work. There’s been some disappointment for sure, but when everything is said and done, the needle definitely moved in the right direction.

Continue reading “Vulcan Nails First Flight, But Peregrine Falls Short”

New Year’s Resolutions

January 6, 2024 by 18 Comments

As we stand here looking at the brand-new year ahead, we find ourselves taking stock, and maybe thinking how we can all be better people in the next year. More exercise, being nicer to your neighbors, consuming more or less of this or that, depending on whether it’s healthy or un. Those are the standard fare. But what’s your hacker new year’s resolution?

Mine, this year, is to branch out into a new microcontroller family, to learn a new toolchain, and maybe to finally dip my toes into Bluetooth Low Energy. Although that last one is admittedly a stretch.

But the former is great resolution material, if you allow me. New programming tooling is always a little unpleasant to set up, but there’s also payoff at the end of the ordeal. It’s a lot like picking up a new exercise – it makes you stronger. Or course, it helps to have an application in mind, the equivalent of that suit you want to be able to fit into at the end of the diet. I’ve got one. I’ve also been out of programming in straight C for a year or so, and I’m faced with a new HAL, so there’s bound to be enough of a challenge to make it worthwhile.

Honestly, I’m looking forward to getting started, but with the usual mix of optimism, over-optimism, and mild dread. It’s the perfect setup for a resolution! What’s yours?

(And yes, the art is from another story, but setting up a good backup regime isn’t a bad resolution either.)

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!

Digital Master Tapes Seek Deck

January 5, 2024 by 16 Comments

As a nerdy kid in the 90s, I spent a fair bit of time watching the computer-themed cartoon Reboot. During the course of making a documentary about the show, [Jacob Weldon] and [Raquel Lin] have uncovered the original digital master tapes of the show.

This is certainly exciting news for fans of the show, but there’s a bit of a wrinkle. These digital masters are all on D-1 digital cassette tapes which the studio doesn’t have a player for anymore. The dynamic duo are on the hunt for a Bosch BTS-D1 to be able to recapture some of this video for their own film while also heavily hinting to the studio that a new box set from the masters would be well-received.

As the first CGI TV series, Reboot has a special place in the evolution of entertainment, and while it was a technical marvel for its time, it was solid enough to last for four seasons and win numerous awards before meeting a cliffhanger ending. If you’re an expert in D-1 or have a deck to lend or sell, be sure to email the creators.

Feeling nostalgic for the electromechanical era? Why not check out some hidden lyrics on Digital Compact Cassettes (DCC) or encoding video to Digital Audio Tapes (DAT)?

[via Notebookcheck]

Niklaus Wirth with Personal Computer Lilith that he developed in the 1970ies. (Photo: ETH Zurich)

Remembering Niklaus Wirth: Father Of Pascal And Inspiration To Many

January 5, 2024 by 33 Comments

Although perhaps not as much of a household name as other pioneers of last century’s rapid evolution of computer hardware and the software running on them, Niklaus Wirth’s contributions puts him right along with other giants. Being a very familiar face both in his native Switzerland at the ETH Zurich university – as well as at Stanford and other locations around the world where computer history was written – Niklaus not only gave us Pascal and Modula-2, but also inspired countless other languages as well as their developers.

Sadly, Niklaus Wirth passed away on January 1st, 2024, at the age of 89. Until his death, he continued to work on the Oberon programming language, as well as its associated operating system: Oberon System and the multi-process, SMP-capable A2 (Bluebottle) operating system that runs natively on x86, X86_64 and ARM hardware. Leaving behind a legacy that stretches from the 1960s to today, it’s hard to think of any aspect of modern computing that wasn’t in some way influenced or directly improved by Niklaus.

Continue reading “Remembering Niklaus Wirth: Father Of Pascal And Inspiration To Many”

This Week In Security: Bitwarden, Reverse RDP, And Snake

January 5, 2024 by 10 Comments

This week, we finally get the inside scoops on some old stories, starting with the Bitwarden Windows Hello problem from last year. You may remember, Bitwarden has an option to use Windows Hello as a vault unlock option. Unfortunately, the Windows credential API doesn’t actually encrypt credentials in a way that requires an additional Windows Hello verification to unlock. So a derived key gets stored to the credential manager, and can be retrieved through a simple API call. No additional biometrics needed. Even with the Bitwarden vault locked and application closed.

There’s another danger, that doesn’t even require access to the the logged-in machine. On a machine that is joined to a domain, Windows backs up those encryption keys to the Domain Controller. The encrypted vault itself is available on a domain machine over SMB by default. A compromised domain controller could snag a bitwarden vault without ever even running code on the target machine. The good news is that this particular problem with Bitwarden and Windows Hello is now fixed, and has been since version 2023.10.1.

Reverse RDP Exploitation

We normally think about the Remote Desktop Protocol as dangerous to expose to the internet. And it is. Don’t put your RDP service online. But reverse RDP is the idea that it might also be dangerous to connect an RDP client to a malicious server. And of course, multiple RDP implementations have this problem. There’s rdesktop, FreeRDP, and Microsoft’s own mstsc that all have vulnerabilities relating to reverse RDP.

The technical details here aren’t terribly interesting. It’s all variations on the theme of not properly checking remote data from the server, and hence either reading or writing past internal buffers. This results in various forms of information leaks and code executions problems. What’s interesting is the different responses to the findings, and then [Eyal Itkin]’s takeaway about how security researchers should approach vulnerability disclosure.

So first up, Microsoft dismissed a vulnerability as unworthy of servicing. And then proceeded to research it internally, and present it as a novel attack without properly attributing [Eyal] for the original find. rdesktop contained quite a few of these issues, but were able to fix the problem in a handful of months. FreeRDP fixed some issues right away, in what could be described as a whack-a-mole style process, but a patch was cooked up that would actually address the problem at a deeper level: changing an API value from the unsigned size_t to a signed ssize_t. That change took a whopping 2 years to actually make it out to the world in a release. Why so long? Continue reading “This Week In Security: Bitwarden, Reverse RDP, And Snake”

Spying On The ESP32’s GPIO

January 1, 2024 by 8 Comments

The ESP32 has been a go-to microcontroller platform for a while now, thanks to its versatile capabilities, integrated Wi-Fi and Bluetooth connectivity, and low power consumption. It’s ideal for a wide range of projects especially those revolving around IoT, partially because of all of the libraries and tools available for it now. The latest tool from [The Last Outpost Workshop] adds a feature we didn’t know we wanted until now: a webserver showing real-time updates of what all of the GPIO pins are doing.

The live GPIO pin monitoring library sets up the ESP32 to stream information about what all of the pins are doing in real time to a webserver, which displays the information as a helpful graphic. The demonstration in the video below shows and example troubleshooting a situation where the code is correct but there’s a mistake in the wiring, helping to quickly identify the problem and hopefully eliminating a wild goose chase for a bug in the software. The library can be quickly installed using the Arduino IDE and only requires the use of one other library and a few lines of code to get everything up and running.

As far as a debugging tool goes, something like this could save a lot of us a significant amount of time, especially with how easy it is to set up. A real-time look into the pins and their behavior, including those set up for PWM, is invaluable for plenty of situations. Of course if you’re building something like a real-time operating system that needs responses within a very specific interval you may want to look at more in-depth strategies for probing the GPIO.

Thanks to [Bob] for the tip!

Continue reading “Spying On The ESP32’s GPIO”