News

3612 Articles

Hackaday Podcast 227: Open Source Software, Decoupling Caps, DIY VR

July 14, 2023 by 1 Comment

Elliot Williams and Tom Nardi start this week’s episode by addressing the ongoing Red Hat drama and the trend towards “renting” software. The discussion then shifts to homebrew VR gear, a particularly impressive solar-powered speaker, and some promising developments in the world of low-cost thermal cameras. Stay tuned to hear about color-changing breadboards, an unofficial logo for repairable hardware, and five lines of Bash that aim to unseat the entrenched power of Slack. Finally, we’ll take the first steps in an epic deep-dive into the world of DisplayPort, and take a journey of the imagination aboard an experimental nuclear ocean liner.

Check out the complete show notes below, and as always, let us know what you think in the comments.

Or download the episode directly in glorious DRM-free MP3.

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 227: Open Source Software, Decoupling Caps, DIY VR”

SuSE Take On Red Hat, Forking RHEL

July 12, 2023 by 18 Comments

One of the Linux stories of the moment has come from Red Hat, with their ongoing efforts to make accessing the source of their Red Hat Enterprise Linux product a paid-for only process. This has caused consternation and annoyance alike, from the open source community angry at any liberties taken with the GPL, and from the community of RHEL users and customers concerned as to what it might mean for them.

Now a new player has entered the fray in the form of SuSe, who have announced the creation of an RHEL fork with the intention of maintaining a freely-available Red Hat compatible operating system distribution.

This is good news for all who use Red Hat derived software and we expect the likes of Rocky Linux will be taking a close look at it, but it’s also a canny move from the European company as they no doubt hope to tempt away some of those commercial Red Hat customers with a promise of stability and their existing experience supporting Red Hat users through their mixed Linux support packages. We hope they’ll continue to maintain their relationship with the open source world, and that the prospect of their actions unleashing a new commercial challenge causes Red Hat to move away from the brink a little.

Need some of the backstory? We’ve got you covered.

The perfect header for this story comes via atzerok, CC BY-SA 2.0.

A Controller For More Than Thumbs

July 7, 2023 by 4 Comments

As virtual reality continues to make headway into the modern zeitgeist, it is still lacking in a few key ways. There’s not yet an accepted standard for correlating body motion to movement within a game, with most of the mainstream VR offerings sidestepping this problem by requiring the user to operate some sort of handheld controller to navigate the virtual world. And besides a brief Kinect fad from the 2010s, there hasn’t been too much innovation in this area. But computers have continued to increase in capabilities and algorithms for tracking movement have improved, so [Fletcher Heisler] aka [Everything Is Hacked] leveraged these modern tools into a full-body controller configurable for any video game.

This project builds heavily on a previous project by [Fletcher] which took body position information and turned it into keyboard input, leveraging OpenCV and posture detection software to map keys to specific body positions. It only needed slight modification to work for gaming with regards to the ability to hold down keys or mash buttons, but essentially works by mapping certain keystrokes from the previous project to commands in games. In addition to that step he also added support for multiplayer by splitting the image captured by the camera into two halves so it can keep track of two people simultaneously.

Continue reading “A Controller For More Than Thumbs”

Hackaday Podcast 226: Ice, Snow, And Cooling Paint In July

July 7, 2023 by 3 Comments

This week, Editor-in-Chief Elliot Williams and Al Williams shoot the breeze about all things Hackaday. We start off with some fond remembrances of Don Lancaster, a legendary hardware hacker who passed away last month. There’s also news about the Hackaday Prize (the tool competition) and a rant about fast computers and slow software, a topic that drew many comments this week.

In the What’s That Sound event, Al proves he’s more of a Star Trek fan than a videogamer. But there were plenty of correct answers, but only one winner: [Wybrandus]. There’s always next week, so keep playing!

Elliot may be dreaming of cooler weather since he talks about ice sculptures, snow measurements, and a paint that can make things cooler. We don’t know what Al is dreaming about, but he is worried about his fuses, and the ins and out of open source licensing.

Along the way, you’ll hear about personal vehicles, sky cameras, and zapping weeds with extreme solar power. As usual, there is an eclectic mix of other posts. What has the Hackaday crew been up to? Field trips! Hear about Dan Maloney’s visit to the SNOTEL network to measure snowfall and a report from Al and Bil Herd’s trip to the Vintage Computer Festival Southwest.

What to read along? The links below will get you started. Don’t forget to tell us what you think in the comments!

Or, download a copy for posterity to file away in your archive.

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 226: Ice, Snow, And Cooling Paint In July”

This Week In Security: Bogus CVEs, Bogus PoCs, And Maybe A Bogus Breach

July 7, 2023 by 3 Comments

It appears we have something of a problem. It’s not really a new problem, and shouldn’t be too surprising, but it did pop up again this week: bogus CVEs. Starting out in the security field? What’s the best way to jump-start a career? Getting a CVE find to your name certainly can’t hurt. And as a result, you get very junior security researchers looking for and reporting novel security vulnerabilities of sometimes dubious quality. Sometimes that process looks a lot like slinging reports against the wall to see what sticks. Things brings us to an odd bug report in the OBS Studio project.

A researcher put together a script to look for possible password exposure on Github projects, and it caught a configuration value named “password” in a .ini file, being distributed in the project source. Obvious credential leak in Git source, right? Except for the little detail that it was in the “locale” folder, and the files were named ca-es.ini, ja-jp.ini, and similar. You may be in on the joke by now, but if not, those are translation strings. It wasn’t leaked credentials, it was various translations of the word “password”. This sort of thing happens quite often, and from the viewpoint of a researcher looking at results from an automated tool, it can be challenging to spend enough time with each result to fully understand the code in question. It looks like this case includes a language barrier, making it even harder to clear up the confusion.

Things took a turn for the worse when a CVE was requested. The CVE Numbering Authority (CNA) that processed the request was MITRE, which issued CVE-2023-34585. It was a completely bogus CVE, and thankfully a more complete explanation from OBS was enough to convince the researcher of his error. That, however, brings us back to CVE-2023-36262, which was published this week. It’s yet another CVE, for the same non-issue, and even pointing at the same GitHub issue where the alleged bug is debunked. There’s multiple fails here, but the biggest disappointment is MITRE, for handing out CVEs twice for the same issue. Shout-out to [Netspooky] on Twitter for spotting this one. Continue reading “This Week In Security: Bogus CVEs, Bogus PoCs, And Maybe A Bogus Breach”

Remote Driving Controversial In UK, But It’s Already Here

July 5, 2023 by 46 Comments

The automotive industry is rushing towards autonomous vehicles as a futuristic ideal. They haven’t got the autonomous part sorted just yet. However, as part of this push, the technology to drive vehicles remotely via video link has become mature.

In the United Kingdom, there has been great controversy on whether this should be allowed, particularly for vehicles piloted by individuals outside the country’s borders. That came to a head with a Law Commission repot published earlier this year, but since then, innovative companies have continued to work on remote driving regardless. Let’s dive in to the current state of play.

Continue reading “Remote Driving Controversial In UK, But It’s Already Here”

Cooling Paint You Can Actually Make

July 3, 2023 by 59 Comments

[NightHawkInLight] has been working on radiative sky paint. (Video, embedded below.) That’s a coating that radiates heat in the infrared spectrum at a wavelength that isn’t readily absorbed or reflected by the atmosphere. The result is a passive system that keeps materials a few degrees cooler in direct sunlight than an untreated piece in the shade. That sounds a bit like magic, but apparently the math checks out.

Continue reading “Cooling Paint You Can Actually Make”