Rants

522 Articles

Spectre And Meltdown: Attackers Always Have The Advantage

January 10, 2018 by 45 Comments

While the whole industry is scrambling on Spectre, Meltdown focused most of the spotlight on Intel and there is no shortage of outrage in Internet comments. Like many great discoveries, this one is obvious with the power of hindsight. So much so that the spectrum of reactions have spanned an extreme range. From “It’s so obvious, Intel engineers must be idiots” to “It’s so obvious, Intel engineers must have known! They kept it from us in a conspiracy with the NSA!”

We won’t try to sway those who choose to believe in a conspiracy that’s simultaneously secret and obvious to everyone. However, as evidence of non-obviousness, some very smart people got remarkably close to the Meltdown effect last summer, without getting it all the way. [Trammel Hudson] did some digging and found a paper from the early 1990s (PDF) that warns of the dangers of fetching info into the cache that might cross priviledge boundaries, but it wasn’t weaponized until recently. In short, these are old vulnerabilities, but exploiting them was hard enough that it took twenty years to do it.

Building a new CPU is the work of a large team over several years. But they weren’t all working on the same thing for all that time. Any single feature would have been the work of a small team of engineers over a period of months. During development they fixed many problems we’ll never see. But at the end of the day, they are only human. They can be 99.9% perfect and that won’t be good enough, because once hardware is released into the world: it is open season on that 0.1% the team missed.

The odds are stacked in the attacker’s favor. The team on defense has a handful of people working a few months to protect against all known and yet-to-be discovered attacks. It is a tough match against the attackers coming afterwards: there are a lot more of them, they’re continually refining the state of the art, they have twenty years to work on a problem if they need to, and they only need to find a single flaw to win. In that light, exploits like Spectre and Meltdown will probably always be with us.

Let’s look at some factors that paved the way to Intel’s current embarrassing situation.

Continue reading “Spectre And Meltdown: Attackers Always Have The Advantage”

2017: As The Hardware World Turns

December 27, 2017 by 28 Comments

The year is almost over, and now it’s time to look back on the last fifty-odd weeks. What happened in this year in hacking? 2017 will go down as the beginning of another AI renaissance, although we’re not going to call it that; this year was all about neural nets and machine learning and advancements resulting from the development of self-driving cars and very beefy GPUs. Not since the 80s have we seen more work in ‘AI’ fields. What will it amount to this time around the hype cycle? Find out in a few years.

Biohacking was big this year, and not just because people are installing RFID tags and magnets in their hands. CRISPR is allowing for Star Trek-style genome hacking, and this year saw in vivo experiments to enable and disable individual genes in rat models. Eventually, someone is going to get a Nobel for CRISPR.

We’re going to Mars, and soon — very soon — a SpaceX Falcon Heavy is going to either lob a Tesla Roadster into solar orbit or the Atlantic Ocean. We learned about the BFR that will take dozens of people to Mars in a single launch. Boeing and Lockheed think they can compete with the Elon Musk PR powerhouse. The Bigelow Aerospace inflatable module passed its in-flight test on the ISS, giving the space station a new storage closet. Even in space, amazing stuff is happening this year.

Is that it? Not by a long shot. This year has seen some of the coolest hacks we’ve ever seen, and some of the dumbest security breaches ever. Hackaday is doing awesome. What else did 2017 have? Read on to find out.

Continue reading “2017: As The Hardware World Turns”

Art, Craft, Make, Hack, Whatever

December 22, 2017 by 15 Comments

Anyone who has spent much time reading Hackaday, or in the real world in or around a few hackspaces, will know that ours is a community of diverse interests. In the same place you will find a breathtaking range of skills and interests, people working with software, electronics, textiles, and all conceivable materials and media. And oftentimes in the same person: a bare-metal kernel guru might spend their time in a hackspace making tables from freight pallets rather than coding.

Through it all run a variety of threads, identities if you will, through which the differing flavours of our wider community define themselves. Words like “Hacker” and “Maker” you may identify with, but when I mention words like “Crafter” or “Artist”, perhaps they might meet with some resistance. After all, artists paint things, don’t they, and crafters? They make wooly hats and corn dollies! Continue reading “Art, Craft, Make, Hack, Whatever”

Truly Terrible Dimensioned Drawings

December 14, 2017 by 147 Comments

I’m in the planning stages of a side project for Hackaday right now. It’s nothing too impressive, but this is a project that will involve a lot of electromechanical parts. This project is going to need a lot of panel mount 1/8″ jacks and sockets, vertical mount DIN 5 connectors, pots, switches, and other carefully crafted bits of metal. Mouser and Digikey are great for nearly every other type of electrical component, but when it comes to these sorts of electromechanical components, your best move is usually to look at AliExpress or DealExtreme, finding something close to what you need, and buying a few hundred. Is this the best move for a manufacturable product? No, but we’re only building a few hundred of these things.

I have been browsing my usual Internet haunts in the search for the right bits of stamped brass and injection molded plastic for this project, and have come to a remarkable conclusion. Engineers, apparently, have no idea how to dimension drawings. Drafting has been a core competency for engineers from the dawn of time until AutoCAD was invented, and now we’re finally reaping the reward: It’s now rare to find a usable dimensioned drawing on the Internet.

This post is going to be half rant, half explanation of what is wrong with a few of the dimensioned drawings I’ve found recently. Consider this an example of what not to do.  There is no reason for the state of engineering drawing to be this bad.

Continue reading “Truly Terrible Dimensioned Drawings”

Drone License Plates: An Idea That Won’t Stave Off The Inevitable

November 13, 2017 by 75 Comments

As more and more drones hit the skies, we are beginning to encounter a modest number of problems that promise to balloon if ignored. 825,000 drones above a quarter-kilo in weight were sold in the U.S. in 2016. The question has become, how do we control all these drones?

Continue reading “Drone License Plates: An Idea That Won’t Stave Off The Inevitable”

AI: This Decade’s Worst Buzz Word

September 18, 2017 by 84 Comments

In hacker circles, the “Internet of Things” is often the object of derision. Do we really need the IoT toaster? But there’s one phrase that — while not new — is really starting to annoy me in its current incarnation: AI or Artificial Intelligence.

The problem isn’t the phrase itself. It used to mean a collection of techniques used to make a computer look like it was smart enough to, say, play a game or hold a simulated conversation. Of course, in the movies it means HAL9000. Lately, though, companies have been overselling the concept and otherwise normal people are taking the bait.

The Alexa Effect

Not to pick on Amazon, but all of the home assistants like Alexa and Google Now tout themselves as AI. By the most classic definition, that’s true. AI techniques include matching natural language to predefined templates. That’s really all these devices are doing today. Granted the neural nets that allow for great speech recognition and reproduction are impressive. But they aren’t true intelligence nor are they even necessarily direct analogs of a human brain.

Continue reading “AI: This Decade’s Worst Buzz Word”

What’s The Best Way To Learn Electronics?

September 14, 2017 by 69 Comments

What’s the best way to learn electronics? It’s a pithy question to ask a Hackaday audience, most of whom are at least conversant in the field already. Those who already have learned often have just their own perspective to draw upon—how they themselves learned. Some of you may have taught others. I want to explore what works and what doesn’t.

Hobbyists Learn Differently Than Students

One thing I can say straight off is that students learn differently than people who learn at home. Hobbyists have the advantage of actually being interested, which is a quality a student may not enjoy. People have been teaching themselves electronics since the beginning, with analog projects–Heathkit models, BEAM robots, and ham radio sets–evolving into purely digital projects.

Let’s face it, Arduinos lower the bar like nothing else. There’s a reason why the Blink sketch has become the equivalent to “Hello World”. Dirt cheap and easily configured microcontrollers combined with breakout boards make it easy for anyone to participate.

However, ask any true EE and that person will tell you that following wiring diagrams and plugging in sensor boards from Sparkfun only teaches so much. You don’t bone up on terms like hysteresis or bias by building something from uCs and breakout boards. But do you need to? If you are truly interested in electronics and learn by making those Adafruit or Sparkfun projects, sooner or later you’ll want to make your own breakout boards. You’ll learn how to design your own circuit boards and figure out why things work and why they don’t. I don’t need to tell you the Internet has all the answers a neophyte needs–but the interest has to be there in the first place.

What’s the Best Way to Learn in the Classroom?

There is a product category within robotics kits that consists of “educational rovers” designed to be purchased in group lots by teachers so that each student or small group gets one. These rovers are either pre-built or mostly built—sure, you get to screw in motor mounts, but all the circuit boards are already soldered up for you, surface mount, no less. They come pre-configured for a variety of simple tasks like line following and obstacle avoidance. The Makeblock mBot is an example.

I think it’s part of that whole “learn coding” initiative, where the idea is to minimize the assembly in order to maximize the coding time. Insofar as soldering together a kit of through-hole components teaches about electronics, these bots mostly don’t do it. By all appearances, if there is a best way to learn electronics, this an’t it. However, regardless of what kind of project the teacher puts in front of the student, it still has to generate some sort of passion. What those robots provide is a moment of coolness that ignites the firestorm of interest.

I once led a soldering class that used Blinky Grids by Wayne and Layne as the focus. This is a fantastic kit that guides you through building a small LED matrix. It’s particularly cool because it can be programmed over a computer monitor with light sensors interacting with white and black squares on the company’s web site. When my students finished their grids, they all worked and had unique messages scrolling through. Now, that is a payoff. I’m not saying that any of those folks became hardware hackers as a result of my class, but it beat the hell out of a Christmas tree, am I right?

Getting back to that rover, what must be acknowledged is that the rover itself is the payoff, and that’s only as far as it goes if everyone loses interest. However, a lot of those rovers have expansion possibilities like bolting on another sensor or changing the method of programming–for instance, the mBot has both a graphic programming interface and can also be reflashed with a regular old Arduino bootloader.

Readers, share in comments your own perspective. How did you learn? How would you teach others?