News

3650 Articles

Hello, Halloween Hackfest!

September 19, 2023 by 1 Comment

Halloween is possibly the hackiest of holidays. Think about it: when else do you get to add animatronic eyes to everyday objects, or break out the CNC machine to cut into squashes? Labor day? Nope. Proximity-sensing jump-scare devices for Christmas? We think not. But for Halloween, you can let your imagination run wild!

Jump Scare Tombstone by [Mark]
We’re happy to announce that DigiKey and Arduino have teamed up for this year’s Hackaday Halloween Contest. Bring us your best costume, your scariest spook, your insane home decorations, your wildest pumpkin, or your most kid-pleasing feat!

We’ll be rewarding the top three with a $150 gift certificate courtesy of DigiKey, plus some Arduino Halloween treats if you use a product from the Arduino Pro line to make your hair-raising fantasy happen.

We’ve also got five honorable mention categories to inspire you to further feats of fancy.

  • Costume: Halloween is primarily about getting into outrageous costumes and scoring candy. We don’t want to see the candy.
  • Pumpkin: Pumpkin carving could be as simple as taking a knife to a gourd, but that’s not what we’re after. Show us the most insane carving method, or the pumpkin so loaded with electronics that it makes Akihabara look empty in comparison.
  • Kid-Pleaser: Because a costume that makes a kid smile is what Halloween is really all about. But games or elaborate candy dispensers, or anything else that helps the little ones have a good time is fair game here.
  • Hallowed Home: Do people come to your neighborhood just to see your haunted house? Do you spend more on light effects than on licorice? Then show us your masterpiece!
  • Spooky: If your halloween build is simply scary, it belongs here.

Head on over to Hackaday.io for the full details. And get working on your haunts, costumes, and Rube Goldberg treat dispensers today.

2023 Halloween Hackfest

Multispectral Imaging Shows Erased Evidence Of Ancient Star Catalogue

September 18, 2023 by 43 Comments

Ancient Greek astronomer Hipparchus worked to accurately catalog and record the coordinates of celestial objects. But while Hipparchus’ Star Catalogue is known to have existed, the document itself is lost to history. Even so, new evidence has come to light thanks to patient work and multispectral imaging.

Hipparchus’ Star Catalogue is the earliest known attempt to record the positions of celestial bodies (predating Claudius Ptolemy’s work in the second century, which scholars believe was probably substantially based on Hipparchus) but direct evidence of the document is slim. Continue reading “Multispectral Imaging Shows Erased Evidence Of Ancient Star Catalogue”

Helping Robots Learn By Letting Them Fail

September 17, 2023 by 12 Comments

The [MIT Technology Review] has just released its annual list of the top innovators under the age of 35, and there are some interesting people on this list of the annoyingly accomplished at a young age. Like [Lerrel Pinto], an associate professor of computer science at NY University. His work focuses on teaching robots how to do things in the home by failing.

Continue reading “Helping Robots Learn By Letting Them Fail”

Two white Chevy Bolt hatchbacks sit side-by-side, immobilized in the street, their roofs festooned with sensors and an orange cone on their hoods like a snowman's nose pointed toward the sky.

Coning Cars For Fun And Non-Profit

September 15, 2023 by 61 Comments

Self-driving cars are being heralded as the wave of the future, but there have been many hiccups along the way. The newest is activists showing how autonomous vehicles are easy to hack with a simple traffic cone.

As we’ve discussed before, self-driving cars aren’t actually that great at driving, and there are a number of conditions that can cause them to fail safe and stop in the middle of the road. Activist group Safe Street Rebel is exploiting this vulnerability by “coning” Waymo and Cruise vehicles in San Francisco. By placing a traffic cone on the vehicle’s hood in the way of the sensors and cameras used to navigate the streets, the vehicles are rendered inoperable. Continue reading “Coning Cars For Fun And Non-Profit”

This Week In Security: Blastpass, MGM Heist, And Killer Themes

September 15, 2023 by 7 Comments

There’s yet another 0-day exploit chain discovered as part of NSO Group’s Pegasus malware suite. This one is known as BLASTPASS, and it’s a nasty one. There’s no user interaction required, just receiving an iMessage containing a malicious PassKit attachment.

We have two CVEs issued so far. CVE-2023-41064 is a classic buffer overflow in ImageIO, the Apple framework for universal file format read and write. Then CVE-2023-41061 is a problem in the iOS Wallet implementation. Release 16.6.1 of the mobile OS addresses these issues, and updates have rolled out for macOS 11, 12, and 13.

It’s worth noting that Apple’s Lockdown mode does seem to block this particular exploit chain. Citizen Lab suggests that high-risk users of Apple hardware enable Lockdown Mode for that extra measure of security. Continue reading “This Week In Security: Blastpass, MGM Heist, And Killer Themes”

How Three Letters Brought Down UK Air Traffic Control

September 13, 2023 by 51 Comments

The UK bank holiday weekend at the end of August is a national holiday in which it sometimes seems the entire country ups sticks and makes for somewhere with a beach. This year though, many of them couldn’t, because the country’s NATS air traffic system went down and stranded many to grumble in the heat of a crowded terminal. At the time it was blamed on faulty flight data, but news now emerges that the data which brought down an entire country’s air traffic control may have not been faulty at all.

Armed with the official incident report and publicly available flight data, Internet sleuths theorize that the trouble was due to one particular flight: French Bee flight 731 from Los Angeles to Paris. The flight itself was unremarkable, but the data which sent the NATS computers into a tailspin came from two of its waypoints — Devil’s Lake Wisconsin and Deauville Normandy — having the same DVL identifier. Given the vast distance between the two points, the system believed it was looking at a faulty route, and refused to process it. A backup system automatically stepped in to try and reconcile the data, but it made the same determination as the primary software, so the whole system apparently ground to a halt.

It’s important to note that there was nothing wrong with the flight plan entered in by the French Bee pilots, and that early stories blaming faulty data were themselves at fault. However we are guessing that air traffic software developers worldwide are currently scrambling to check their code for this particular bug. We’re fortunate indeed that safety wasn’t compromised and only inconvenience was the major outcome.

Air traffic control doesn’t feature here too often, but we’ve previously looked at a much earlier system.

Header image: John Evans, CC BY-SA 2.0.

Logic Analyzers: Capabilities And Limitations

September 12, 2023 by 12 Comments

Last time, we’ve used a logic analyzer to investigate the ID_SD and ID_SC pins on a Raspberry Pi, which turned out to be regular I2C, and then we hacked hotplug into the Raspberry Pi camera code with an external MCU. Such an exercise makes logic analyzers look easy, and that’s because they are! If you have a logic analyzer, you’ll find that a whole bunch of hacks become available to you.

In this article, let’s figure out places where you can use a logic analyzer, and places where you can’t. We’ll start with the first limitation of logic analyzers – capture speed. For instance, here’s a cool thing you can buy on Aliexpress – a wristband from TTGO that looks like a usual fitness tracker, but has an ESP32 in it, together with an IMU, an RTC, and an IPS screen! The seller also has an FFC-connectable devboard for programming this wristband over UART, plus vibromotor and heartrate sensor expansion modules.

You can run C, MicroPython, Rust, JavaScript, or whatever else – just remember to bring your own power saving, because the battery is super small. I intended to run MicroPython on it, however, and have stumbled upon a problem – the ST7735-controller display just wouldn’t work with the st7735.py library I found; my image would be misaligned and inverted.

The specifications didn’t provide much other than “ST7735, 80×160”. Recap – the original code uses an Arduino (C++) ST7735 library and works well, and we have a MicroPython ST7735 library that doesn’t. In addition to that, I was having trouble getting a generic Arduino ST7735 library to work, too. Usually, such a problem is caused by the initialization commands being slightly different, and the reason for that is simple – ST7735 is just the name of the controller IC used on the LCD panel.

Each display in existence has specifics that go beyond the controller – the pixels of the panel could be wired up to the controller in a bunch of different ways, with varying offsets and connection types, and the panel might need different LCD charge pump requirements – say, depending on the panel’s properties, you might need to write 0x10 into a certain register of the ST7735, or you will need 0x40. Get one or more of these registers wrong, and you’ll end up with a misaligned image on your display at best, or no output at worst. Continue reading “Logic Analyzers: Capabilities And Limitations”