Data Visualization And Aggregation: Time Series Databases, Grafana And More

If there’s one thing that characterizes the Information Age that we find ourselves in today, it is streams of data. However, without proper ways to aggregate and transform this data into information, it’ll either vanish into the ether or become binary blobs gathering virtual dust on a storage device somewhere. Dealing with these streams of data is thus essential, whether it’s in business (e.g. stock markets), IT (e.g. services status), weather forecasting, or simply keeping tracking of the climate and status of devices inside a domicile.

The first step of aggregating data seems simple, but rather than just writing it to a storage device until it runs out of space like a poorly managed system log, the goal here isn’t merely to record, but also to make it searchable. After all, for information transformation we need to be able to efficiently search and annotate this data, which requires keeping track of context and using data structures that lend themselves to this.

For such data aggregation and subsequent visualization of information on flashy dashboards that people like to flaunt, there are a few mainstream options, with among ‘smart home’ users options like InfluxDB and Grafana often popping up, but these are far from the only options, and depending on the environment there are much more relevant solutions.

Continue reading “Data Visualization And Aggregation: Time Series Databases, Grafana And More”

Hackaday Links Column Banner

Hackaday Links: June 29, 2025

In today’s episode of “AI Is Why We Can’t Have Nice Things,” we feature the Hertz Corporation and its new AI-powered rental car damage scanners. Gone are the days when an overworked human in a snappy windbreaker would give your rental return a once-over with the old Mark Ones to make sure you hadn’t messed the car up too badly. Instead, Hertz is fielding up to 100 of these “MRI scanners for cars.” The “damage discovery tool” uses cameras to capture images of the car and compares them to a model that’s apparently been trained on nothing but showroom cars. Redditors who’ve had the displeasure of being subjected to this thing report being charged egregiously high damage fees for non-existent damage. To add insult to injury, if renters want to appeal those charges, they have to argue with a chatbot first, one that offers no path to speaking with a human. While this is likely to be quite a tidy profit center for Hertz, their customers still have a vote here, and backlash will likely lead the company to adjust the model to be a bit more lenient, if not outright scrapping the system.

Continue reading “Hackaday Links: June 29, 2025”

Hackaday Podcast Episode 326: A DIY Pockels Cell, Funny Materials To 3D Print With, And Pwning A Nissan Leaf

Time for another European flavoured Hackaday Podcast this week, as Elliot Williams is joined by Jenny List, two writers sweltering in the humidity of a Central European summer. Both of our fans and air conditioners made enough noise to be picked up on the microphone when they were turned on, so we’re suffering for your entertainment.

The big Hackaday news stories of the week are twofold, firstly a cat-themed set of winners for the 2025 Pet Hacks contest, and then the announcement of a fresh competition: the 2025 Hackaday One Hertz Challenge. Get your once-a-second projects ready!

This week gave us a nice pile of interesting hacks, including some next-level work growing and machining the crystal for a home-made Pockels cell light valve, an upcoming technique for glass 3D prints, and enough vulnerabilities to make any Nissan Leaf owner nervous. We note that mechanical 7-segment displays are an arena showing excellent hacks, and we’re here for it.

Meanwhile among the quick hacks a filament made of PLA with a PETG core caught Elliot’s eye, while Jenny was impressed with a beautifully-made paper tape punch. Finally in the can’t miss section, The latest in Dan Maloney’s Mining and Refining series looks at drilling and blasting. Such an explosive piece should come last, but wait! There’s more! Al Williams gives us a potted history of satellite phones, and explains why you don’t carry an Iridium in your pocket.

Or download it your own fine self. MP3 for free!

Continue reading “Hackaday Podcast Episode 326: A DIY Pockels Cell, Funny Materials To 3D Print With, And Pwning A Nissan Leaf”

This Week In Security: MegaOWNed, Store Danger, And FileFix

Earlier this year, I was required to move my server to a different datacenter. The tech that helped handle the logistics suggested I assign one of my public IPs to the server’s Baseboard Management Controller (BMC) port, so I could access the controls there if something went sideways. I passed on the offer, and not only because IPv4 addresses are a scarce commodity these days. No, I’ve never trusted a server’s built-in BMC. For reasons like this MegaOWN of MegaRAC, courtesy of a CVSS 10.0 CVE, under active exploitation in the wild.

This vulnerability was discovered by Eclypsium back in March and it’s a pretty simple authentication bypass, exploited by setting an X-Server-Addr header to the device IP address and adding an extra colon symbol to that string. Send this along inside an HTTP request, and it’s automatically allowed without authentication. This was assigned CVE-2024-54085, and for servers with the BMC accessible from the Internet, it scores that scorching 10.0 CVSS.

We’re talking about this now, because CISA has added this CVE to the official list of vulnerabilities known to be exploited in the wild. And it’s hardly surprising, as this is a near-trivial vulnerability to exploit, and it’s not particularly challenging to find web interfaces for the MegaRAC devices using tools like Shodan and others.

There’s a particularly ugly scenario that’s likely to play out here: Embedded malware. This vulnerability could be chained with others, and the OS running on the BMC itself could be permanently modified. It would be very difficult to disinfect and then verify the integrity of one of these embedded systems, short of physically removing and replacing the flash chip. And malware running from this very advantageous position very nearly have the keys to the kingdom, particularly if the architecture connects the BMC controller over the PCIe bus, which includes Direct Memory Access.

This brings us to the really bad news. These devices are everywhere. The list of hardware that ships with the MegaRAC Redfish UI includes select units from “AMD, Ampere Computing, ASRock, ARM, Fujitsu, Gigabyte, Huawei, Nvidia, Supermicro, and Qualcomm”. Some of these vendors have released patches. But at this point, any of the vulnerable devices on the Internet, still unpatched, should probably be considered compromised. Continue reading “This Week In Security: MegaOWNed, Store Danger, And FileFix”

Announcing The 2025 Hackaday One Hertz Challenge

It’s about time! Or maybe it’s about time’s reciprocal: frequency. Whichever way you see it, Hackaday is pleased to announce, just this very second, the 2025 One Hertz Challenge over on Hackaday.io. If you’ve got a device that does something once per second, we’ve got the contest for you. And don’t delay, because the top three winners will each receive a $150 gift certificate from this contest’s sponsor: DigiKey.

What will you do once per second? And how will you do it? Therein lies the contest! We brainstormed up a few honorable mention categories to get your creative juices flowing.

  • Timelords: How precisely can you get that heartbeat? This category is for those who prefer to see a lot of zeroes after the decimal point.
  • Ridiculous: This category is for the least likely thing to do once per second. Accuracy is great, but absurdity is king here. Have Rube Goldberg dreams? Now you get to live them out.
  • Clockwork: It’s hard to mention time without thinking of timepieces. This category is for the clockmakers among you. If your clock ticks at a rate of one hertz, and you’re willing to show us the mechanism, you’re in.
  • Could Have Used a 555: We knew you were going to say it anyway, so we made it an honorable mention category. If your One Hertz project gets its timing from the venerable triple-five, it belongs here.

We love contests with silly constraints, because you all tend to rise to the challenge. At the same time, the door is wide open to your creativity. To enter, all you have to do is document your project over on Hackaday.io and pull down the “Contests” tab to One Hertz to enter. New projects are awesome, but if you’ve got an oldie-but-goodie, you can enter it as well. (Heck, maybe use this contest as your inspiration to spruce it up a bit?)

Time waits for no one, and you have until August 19th at 9:00 AM Pacific time to get your entry in. We can’t wait to see what you come up with.

Field Guide To The North American Weigh Station

A lot of people complain that driving across the United States is boring. Having done the coast-to-coast trip seven times now, I can’t agree. Sure, the stretches through the Corn Belt get a little monotonous, but for someone like me who wants to know how everything works, even endless agriculture is fascinating; I love me some center-pivot irrigation.

One thing that has always attracted my attention while on these long road trips is the weigh stations that pop up along the way, particularly when you transition from one state to another. Maybe it’s just getting a chance to look at something other than wheat, but weigh stations are interesting in their own right because of everything that’s going on in these massive roadside plazas. Gone are the days of a simple pull-off with a mechanical scale that was closed far more often than it was open. Today’s weigh stations are critical infrastructure installations that are bristling with sensors to provide a multi-modal insight into the state of the trucks — and drivers — plying our increasingly crowded highways.

Continue reading “Field Guide To The North American Weigh Station”