The Weirdest Hack

February 5, 2022 by Elliot Williams 31 Comments

I was on the FLOSS podcast (for the Episode of the Beast no less!) and we were talking all about Hackaday. One of the hosts, secretly Hackaday’s own Jonathan Bennett in disguise, asked me what the weirdest hack I’d ever seen on Hackaday was. Weird?!?!

I was caught like a deer in headlights. None of our hacks are weird! Or maybe all of them are? I dunno, it certainly depends on your perspective. Is it weird to build a box that makes periodic meowing noises to hid in a friend’s closet? Is it weird to design new and interesting wheels for acrobats to roll themselves around in? Is it weird to want a rainbow-colored USB DIP switch? Is it weird that these are all posts from the last week?

OK, maybe we are a little bit weird. But that’s the way we like it. Keep it weird and wonderful, Hackaday. You’ve got enough normal stuff to do eight hours a day!

Copyright, What You Need To Know

February 4, 2022 by Jenny List 54 Comments

Last week brought the story of a group of crypto enthusiasts who paid well over the going rate for a rare sci-fi book, then proposed encoding scans of all its pages in a blockchain before making and selling NFTs of them. To guarantee their rarity the book was then to be burned. Aside from the questionable imagery surrounding book burning in general, one of the sources of mirth in the story was their mistaken idea that in buying a copy of a rare book they had also acquired its copyright rather than simply paying too much for a book.

It’s an excuse for a good laugh, but it’s also an opportunity to talk about copyright as it affects our community. I’m not a lawyer and I’m not here to give legal advice. Instead this is based on the working knowledge gathered over decades working in the content publishing industries. Continue reading “Copyright, What You Need To Know” →

Code Wrong: Expand Your Mind

January 29, 2022 by Elliot Williams 24 Comments

The really nice thing about doing something the “wrong” way is that there’s just so much variety! If you’re doing something the right way, the fastest way, or the optimal way, well, there’s just one way. But if you’re going to do it wrong, you’ve got a lot more design room.

Case in point: esoteric programming languages. The variety is stunning. There are languages intended to be unreadable, or to sound like Shakespearean sonnets, or cooking recipes, or hair-rock ballads. Some of the earliest esoteric languages were just jokes: compilations of all of the hassles of “real” programming languages of the time, but yet made to function. Some represent instructions as a grid of colored pixels. Some represent the code in a fashion that’s tantamount to encryption, and the only way to program them is by brute forcing the code space. Others, including the notorious Brainf*ck are actually not half as bad as their rap — it’s a very direct implementation of a Turing machine.

So you have a set of languages that are designed to be maximally unlike each other, or traditional programming languages, and yet still be able to do the work of instructing a computer to do what you want. And if you squint your eyes just right, and look at as many of them all together as you can, what emerges out of this blobby intersection of oddball languages is the essence of computing. Each language tries to be as wrong as possible, so what they have in common can only be the unavoidable core of coding.

While it might be interesting to compare an contrast Java and C++, or Python, nearly every serious programming language has so much in common that it’s just not as instructive. They are all doing it mostly right, and that means that they’re mostly about the human factors. Yawn. To really figure out what’s fundamental to computing, you have to get it wrong.

Shelf Actualization

January 28, 2022 by Al Williams 54 Comments

If you are old enough, you may remember that, for a time, almost every year was the year that home video was going to take off. Except it never was, until VHS tape machines appeared. We saw something similar with personal computers. Nowadays, we keep hearing about the home robot, but it never seems to fully materialize or catch on. If you think about it, it could be a problem of expectations.

What we all want is C3PO or Rosie the Robot that can do all the things we don’t want to do. What we usually get is something far less than that. You either get something hideously expensive that does a few tasks or something cheap that is little more than a toy.

Labrador Systems is trying to hit the middle ground. While no one would confuse their Caddie and Retriever robots with C3PO, they are useful but also simple, presumably to keep the cost down which are expected to cost about $1,500. The robots have been described as “self-driving shelves.” You can watch a video about the devices below.

Continue reading “Shelf Actualization” →

Hackers, Fingerprints, Laptops, And Stickers

January 22, 2022 by Elliot Williams 76 Comments

A discussion ensued about our crazy hacker ways the other night. I jokingly suggested that with as many stickers as we each had on our trusty companion machines, they might literally be as unique as a fingerprint. Cut straight to nerds talking too much math.

First off, you could wonder about the chances of two random hackers having the same sticker on their laptop. Say, for argument’s sake, that globally there are 2,000 stickers per year that are cool enough to put on a laptop. (None of us will see them all.) If a laptop lasts five years, that’s a pool of 10,000 stickers to draw from. If you’ve only got one sticker per laptop, that’s pretty slim odds, even when the laptops are of the same vintage.

Real hackers have 20-50 stickers per laptop — at least in our sample of “real hackers”. Here, the Birthday Paradox kicks in and helps us out. Each additional sticker provides another shot at matching, and an extra shot at being matched. So while you and I are unlikely to have the same birthday, in a room full of 42 people, it’s 90% likely that someone will have their birthday matched. With eight of us in the room, that’s 240 stickers that could match each other. (9999 / 10000) ^ (240 * 210 / 2) = about an eight percent chance of no match, so a better than 90% chance that we’d have at least one matching sticker.

But that doesn’t answer the original question: are our be-stickered laptops unique, like fingerprints or snowflakes? There, you have to match each and every sticker on the laptop — a virtually impossible task, and while there were eight of us in the room, that’s just not enough to get any real juice from the Birthday Paradox. (1/10,000) ^ 30 = something with -120 in the exponent. More than all the atoms in the universe, much less hackers in a room, whether you take things to the eighth power or not.

I hear you mumbling “network effects”. We’ve all gone to the same conferences, and we have similar taste in stickers, and maybe we even trade with each other. Think six degrees of separation type stuff. Indeed, this was true in our room. A few of us had the same stickers because we gave them to each other. We had a lot more matches than you’d expect, even though we were all unique.

So while the math for these network effects is over my head, I think it says something deeper about our trusty boxen, their stickers, and their hackers. Each sticker also comes with a memory, and our collected memories make us unique like our laptops. But matching stickers are also more than pure Birthday Paradoxes, they represent the shared history of friends.

Wear your laptop stickers with pride!

Hacking Is Hacking

January 15, 2022 by Elliot Williams 5 Comments

Tom Nardi and I had a good laugh this week on the Podcast when he compared the ECU hacks that enabled turning a VW with steering assist into a self-driver to a hack last week that modified a water cooler to fill a particular cup. But it’s actually no joke — some of the very same techniques are used in both efforts, although the outcome of one is life-and-death, and the other is just some spilled ice-cold water.

This reminded me of Travis Goodspeed’s now-classic talk “In Praise of Junk Hacking” from way back in 2016. For background, this was a time when IoT devices and their security were in their relative infancy, and some members of the security community were throwing shade on the dissection of “mere” commercial crap. (Looked back on from today, where every other member of a Botnet is an IP camera, that argument didn’t age well.)

Travis’ response was that hacking on junk lets us focus on the process — the hack itself — rather than getting distracted by the outcome. Emotions run high when a security flaw affects millions of individuals, but when it’s a Tamagotchi or a pocket calculator, well, it doesn’t really matter, so you focus on the actual techniques. And as Travis points out, many of these techniques learned on junk will be useful when it counts. He learned about methods to defeat address-space randomization, for instance, from an old hack on the TI-85 calculator, which garbage-collected the variables that needed to be overwritten.

So I had junk hacking in the back of my mind when I was re-watching Hash Salehi’s great talk on his work reverse engineering smart meters. Funnily enough, he started off his reverse engineering journey eleven years ago with work on a robot vacuum cleaner’s LIDAR module. Junk hacking, for sure, but the same techniques taught him to work on devices that are significantly more serious. And in the craziest of Hackaday synergies, he even hat-tipped Travis’ talk in his video! Hacking is hacking!

The Year Of Owning It

January 8, 2022 by Elliot Williams 41 Comments

Talking over the year in review on the Podcast, Tom Nardi and I were brainstorming what we thought was the single overarching trend in 2021, and we came up with many different topics: victories in the right to repair, increasingly dystopian service contracts, a flourishing of cyberdecks, and even greater prevalence of reverse engineering style hacks. And then we realized: they are all different faces of the same beast — people just want to own the devices that they own.

Like Dr. Jekyll and Mr. Hyde, our modern Internet-connected-everythings have two sides. On one side, we get so much additional functionality from having everything on the net. But on the other, if your car is always connected, it gives Toyota a means to make you pay a monthly fee to use a car fob, and if you have to use Cricut’s free online service to upload designs to the cutter, they can suddenly decide to start charging you. It allows Samsung to not only spy on whatever you’re currently watching on your smart TV, but to also brick it if they want to. More and more, we don’t actually own (in the sense of control) the devices that we own (in the sense of having purchased).

We don’t have to take it lying down. On the one hand, consumer protest made Cricut walk back their plans, and may do the same with Toyota. We can achieve a lot, collectively, by just talking about our grievances, and letting the firms in question know how we feel — naturally also with our wallets. But as hackers and all-around techie types, we can do even more. When something is broken because of a bad service, we can often fix it with firmware or by standing up our own version of the service. We can pwn them.

But there’s even more to the cyberdeck and the extreme DIY movements of the last few years than just the defense against lock-in or the liberating of hardware. There’s also the pride of truly owning something because you made it. Not just owning it because you bought it, or owning it because you control it, but owning it because you understand it and because you gave birth to it.

Whichever way you’re into owning your own, I think that’s the single overarching trend of 2021 — both on the positive and proactive side and the negative and reactive. Talking about it, reverse engineering it, or building it yourself, 2021 was the year of owning it.