Two nearly-identical black and white images of a solar installation on top of a roof in NYC. The left image purports to be from 1909 while the other says it is from 1884. Both show the same ornate building architecture in the background and angle of the panels.

The Mysterious Case Of The Disappearing Inventor

August 19, 2023 by Navarre Bartz 10 Comments

When combing through the history of technological innovation, we often find that pinning down a given inventor of something can be tricky. [Foeke Postma] at Bellingcat shows us that even the Smithsonian can get it wrong when given faulty information.

The mystery in question is the disappearance of inventor [George Cove] from a photograph of his solar panel system from 1909 and its reuse as evidence of the first photovoltaic solar panel by another inventor, [Charles Fritts], around 1884. Questions first arose about this image in 2021, but whether this was an example of photo manipulation was merely speculation at the time.

Continue reading “The Mysterious Case Of The Disappearing Inventor” →

Hackaday Podcast Ep 232: Chaos Communications Camp Placeholder Edition

August 18, 2023 by Elliot Williams 3 Comments

Editor-in-Chief Elliot Williams is off at Chaos Communications Camp, and Assistant Editor Tom Nardi is off on vacation, so there’s no real podcast this week.

If you need something to watch, let us suggest the talks!

Or listen to our pathetic excuses here:

Honestly, you’d be better off not downloading this one.

This Week In Security: TunnelCrack, Mutant, And Not Discord

August 18, 2023 by Jonathan Bennett 10 Comments

Up first is a clever attack against VPNs, using some clever DNS and routing tricks. The technique is known as TunnelCrack (PDF), and every VPN tested was vulnerable to one of the two attacks, on at least one supported platform.
Continue reading “This Week In Security: TunnelCrack, Mutant, And Not Discord” →

Mobile phone reading an NFC tag with information on a garden plant

NFC Puts A Stake In The Ground

August 15, 2023 by Michael Shaub 21 Comments

Sometimes we have a new part or piece of tech that we want to use, and it feels like a solution looking for a problem. Upon first encountering NFC Tags, [nalanj] was looking for an application and thought they might make a great update to old-fashioned plant markers in a garden. Those are usually small and, being outside 24/7, the elements tend to wear away at what little information they hold.

[nalanj] used a freeform data structuring service called Cardinal to set up text information fields for each plant and even photos. Once a template has been created, every entry gets a unique URL that’s perfect for writing to an NFC tag. See the blog post on Cardinal’s site for the whole process, the thought behind the physical design of the NFC tag holder, and a great application of a pause in the 3D print to encapsulate the tags.

NFC tags are super hackable, though, so you don’t have to limit yourself to lookups in a plant database. Heck, you could throw away your door keys.

2023 Hackaday Supercon Tickets On Sale Now!

August 14, 2023 by Elliot Williams 12 Comments

The 2023 Hackaday Superconference isn’t taking place until November, but the time to get your tickets is right now.

Hackaday’s Supercon is far and away the coolest hardware-focused hacker con of the year, and if you’re Hackaday, you absolutely want to be there. Honestly, just the crowd that Supercon brings together is reason enough to attend, but then you throw in the talks, the badge-hacking, the food, and the miscellaneous shenanigans … it’s an event you really don’t want to miss.

We’ll be announcing the speaker and workshop lineups in the upcoming weeks, but as always, we’re opening up a number of True Believer tickets for those of you who know you’ll be coming no matter what. Head on over to Eventbrite now and secure yours before they’re all gone. These usually sell out within the first few hours of being announced, so if you’re reading this right now, don’t hesitate.

Supercon is a small and friendly event, and it will be a long weekend that you’ll be looking back on fondly for the rest of the year. Whether you’ve been every time or whether you have always wanted to see what the hype is about, we can’t wait to see you all there. Come join us!

Blinded With Science

August 12, 2023 by Elliot Williams 62 Comments

So the room-temperature superconductor was a super disappointment, but even though the claims didn’t stand up in the end, the even better news is that real science was done. A paper making extraordinary claims came out, the procedure to make LK-99 was followed in multiple labs around the world, and then it was tested. It didn’t turn out to conduct particularly well at all. After a couple weeks of global superconductor frenzy, everything is back to normal again.

What the heck happened? First of all, the paper itself made extravagant claims about a holy-grail kind of material. There was a very tantalizing image of a black pellet floating in mid air, which certainly seems like magic, even though it’s probably only run-of-the-mill ferromagnetism in the end. But it made for a great photo-op in a news-starved August, and the then-still-Twitterverse took to it by storm. And then the news outlets piled on the hype fest.

If you’re feeling duped by the whole turn of events, you’re not alone. But the warning signs were there from the beginning, if you took the time to look. For me, it was the closing line of the paper: “We believe that our new development will be a brand-new historical event that opens a new era for humankind.”

That’s not the kind of healthy skepticism and cautious conclusion that real science runs best on. Reading the paper, I had almost no understanding of the underlying materials science, but I knew enough about human nature to suspect that the authors had rushed the paper out the door without sufficient scrutiny.

How can we keep from being fooled again? Carl Sagan’s maxim that “extraordinary claims require extraordinary evidence” is a good start. To that, I would add that science moves slowly, and that extraordinary evidence can only accumulate over time. So when you see hype science, simply wait to draw any conclusions. If it is the dawn of a new era, you’ll have a lot of time to figure out what room-temperature superconductivity means to you in the rosy future. And if it’s just a flash in the pan, you won’t have gotten your hopes up.

This Week In Security: It’s Con Season

August 11, 2023 by Jonathan Bennett 8 Comments

It must be Blackhat/DEFCON season. Up first in the storm of named vulnerabilities, we have Downfall. The PDF has the juicy details here. It’s quite similar to the Zenbleed issue from last week, in that it abuses speculative execution to leak data via a hidden register. Unlike Zenbleed, this isn’t direct access, but using cache timing analysis to extract individual bytes using a FLUSH+RELOAD approach.

The key to the vulnerability is the gather instruction, which pulls data from multiple locations in memory, often used to run a followup instruction on multiple bytes of data at once. The gather instruction is complex, takes multiple clock cycles to execute, and uses several tricks to execute faster, including managing buffers to avoid multiple reads. In certain cases, that instruction can be interrupted before it completes, leaving the data in the cache. And this data can be speculatively accessed and the values leaked through timing analysis.

This flaw affects 6th generation Intel Core processors through 11th. Mitigations are already rolling out via a microcode update, but do carry a performance hit for gather instructions. Continue reading “This Week In Security: It’s Con Season” →