Slider

4355 Articles

This Week In Security: Kaspersky Ban, Project Naptime, And More

June 28, 2024 by 11 Comments

The hot news this week is that Kaspersky is banned in the USA. More specifically, Kaspersky products will be banned from sale in the US starting on September 29. This ban will extend to blocking software updates, though it’s unclear how that will actually be accomplished. It’s reasonable to assume that payment processors will block payments to Kaspersky, but will ISPs be required to block traffic that could contain antivirus updates?

WordPress Plugin Backdoor

A Quartet of WordPress plugins have been found to have recently included backdoor code. It’s a collection of five Open Source plugins, seemingly developed by unrelated people. Malicious updates first showed up on June 21st, and it appears that all five plugins are shipping the same malicious code.

Rabbit AI API

The Rabbit R1 was released to less than thunderous applause. The idea is a personal AI device, but the execution has been disappointing, to the point of reviewers suggesting some of the earlier claims were fabricated. Now it seems there’s a serious security issue, in the form of exposed API keys that have *way* too many privileges.

The research seems to be done by the rabbitude group, who found the keys back in May. Of the things allowed by access to the API keys, the most worrying for user privacy was access to every text-to-speech call. Rabbitude states in their June 25 post, that “rabbit inc has known that we have had their elevenlabs (tts) api key for a month, but they have taken no action to rotate the api keys.” On the other hand, rabbit pushed a statement on the 26th, claiming they were just then made aware of the issue, and made the needed key rotations right away.

Continue reading “This Week In Security: Kaspersky Ban, Project Naptime, And More”

The SS United States: The Most Important Ocean Liner We May Soon Lose Forever

June 27, 2024 by 12 Comments

Although it’s often said that the era of ocean liners came to an end by the 1950s with the rise of commercial aviation, reality isn’t quite that clear-cut. Coming out of the troubled 1940s arose a new kind of ocean liner, one using cutting-edge materials and propulsion, with hybrid civil and military use as the default, leading to a range of fascinating design decisions. This was the context in which the SS United States was born, with the beating heart of the US’ fastest battle ships, with light-weight aluminium structures and survivability built into every single aspect of its design.

Outpacing the super-fast Iowa-class battleships with whom it shares a lot of DNA due to its lack of heavy armor and triple 16″ turrets, it easily became the fastest ocean liner, setting speed records that took decades to be beaten by other ocean-going vessels, though no ocean liner ever truly did beat it on speed or comfort. Tricked out in the most tasteful non-flammable 1950s art and decorations imaginable, it would still be the fastest and most comfortable way to cross the Atlantic today. Unfortunately ocean liners are no longer considered a way to travel in this era of commercial aviation, leading to the SS United States and kin finding themselves either scrapped, or stuck in limbo.

In the case of the SS United States, so far it has managed to escape the cutting torch, but while in limbo many of its fittings were sold off at auction, and the conservation group which is in possession of the ship is desperately looking for a way to fund the restoration. Most recently, the owner of the pier where the ship is moored in Philadelphia got the ship’s eviction approved by a judge, leading to very tough choices to be made by September.

Continue reading “The SS United States: The Most Important Ocean Liner We May Soon Lose Forever”

FLOSS Weekly Episode 789: You Can’t Eat The Boards

June 26, 2024 by No comments

This week Jonathan Bennett and Doc Searls chat with Igor Pecovnik and Ricardo Pardini about Armbian, the Debian-based distro tailor made for single-board computers. There’s more than just Raspberry Pi to talk about, with the crew griping about ancient vendor kernels, the less-than-easy ARM boot process, and more!

Continue reading “FLOSS Weekly Episode 789: You Can’t Eat The Boards”

Art of 3D printer in the middle of printing a Hackaday Jolly Wrencher logo

3D Printering: Adaptive Bed Leveling

June 26, 2024 by 23 Comments

Have you ever read about something and thought, “Gee whiz! Why did I never think about that?” That was my reaction to reading about a feature commonly associated with Klipper called adaptive bed leveling or adaptive mesh leveling. Too bad I don’t typically use Klipper, but it all worked out, and I’ll show you how it might work for you.

What Is It?

Time to tram your bed!

Once a luxury, most 3D printers now come with some kind of bed level sensor. The idea is that the printer can probe the bed to determine the shape of the build plate and then adjust the build plate accordingly. So if a particular spot on the bed is 0.5 mm too high, the nozzle can rise 0.5 mm when it is in that area. There are several techniques Marlin firmware uses, including what I usually use: UBL. Some people scan the bed once and hope it won’t change much. Others will do a time-consuming scan before each print.

However, adaptive bed leveling is a bit different. The idea is that the printer only probes the area where the part is going to print. If your print bed is 235 mm x 235 mm but your part is 50 mm square, you could just probe the points under the 50 mm square.

This does several things. For a given number of points, there is less motion, so it should be faster. Also, for the same number of points, you will have a much denser mesh and, thus, a better idea of what the bed is at any given point. You could even reduce the number of points based on the size of the part you are printing.

When you think about it, it is a dead simple idea. What’s not to love? For most print jobs, you’ll have less work for the printer, faster prints, and a denser mesh. But how do you do it?

Continue reading “3D Printering: Adaptive Bed Leveling”

The Amstrad E-m@iler, The Right Product With The Wrong Business Model

June 25, 2024 by 29 Comments

One of the joys of the UK’s Electromagnetic Field hacker camp lies in the junk table, where trash turns to treasure in the blink of an eye. This year I returned relatively unscathed from my few days rifling through the tables,but I did snag a few pieces. One of them is a wired telephone, which would be a fairly unremarkable find were it not for its flip-up LCD screen and QWERTY keyboard.

My prize is a 2002 Amstrad E-m@iler Plus, one of a series of internet-equipped telephones from the British budget electronics company. The device itself and the story behind it make for a fascinating tale of a dotcom-era Internet flop, and a piece of hardware that could almost tempt today’s hackers.

You’ve Heard Of The Dotcom Boom, But Have You Heard Of The Hardware?

In the late 1990s, everything was about the Internet, but seemingly few outside the kind of people who read Hackaday really understood what it was really about. I’ve written before on these page about how hype blinded the CD-ROM industry to the shortcomings of its technology, but while that had in reality only gripped the publishing business, the Internet hype which followed had everyone in its thrall. You’re probably familiar with the story of the dotcom boom and crash as startup companies raised millions on shaky foundations before folding when they couldn’t deliver, but in parallel with that there was also a parallel world for hardware. The future was going to be connected, but on what and whose hardware would that connection happen? Continue reading “The Amstrad E-m@iler, The Right Product With The Wrong Business Model”

The Book That Could Have Killed Me

June 24, 2024 by 88 Comments

It is funny how sometimes things you think are bad turn out to be good in retrospect. Like many of us, when I was a kid, I was fascinated by science of all kinds. As I got older, I focused a bit more, but that would come later. Living in a small town, there weren’t many recent science and technology books, so you tended to read through the same ones over and over. One day, my library got a copy of the relatively recent book “The Amateur Scientist,” which was a collection of [C. L. Stong’s] Scientific American columns of the same name. [Stong] was an electrical engineer with wide interests, and those columns were amazing. The book only had a snapshot of projects, but they were awesome. The magazine, of course, had even more projects, most of which were outside my budget and even more of them outside my skill set at the time.

If you clicked on the links, you probably went down a very deep rabbit hole, so… welcome back. The book was published in 1960, but the projects were mostly from the 1950s. The 57 projects ranged from building a telescope — the original topic of the column before [Stong] took it over — to using a bathtub to study aerodynamics of model airplanes.

X-Rays

[Harry’s] first radiograph. Not bad!
However, there were two projects that fascinated me and — lucky for me — I never got even close to completing. One was for building an X-ray machine. An amateur named [Harry Simmons] had described his setup complaining that in 23 years he’d never met anyone else who had X-rays as a hobby. Oddly, in those days, it wasn’t a problem that the magazine published his home address.

You needed a few items. An Oudin coil, sort of like a Tesla coil in an autotransformer configuration, generated the necessary high voltage. In fact, it was the Ouidn coil that started the whole thing. [Harry] was using it to power a UV light to test minerals for flourescence. Out of idle curiosity, he replaced the UV bulb with an 01 radio tube. These old tubes had a magnesium coating — a getter — that absorbs stray gas left inside the tube.

Continue reading “The Book That Could Have Killed Me”

Hackaday Links Column Banner

Hackaday Links: June 23, 2024

June 23, 2024 by 9 Comments

When a ransomware attack targets something like a hospital, it quickly becomes a high-profile event that understandably results in public outrage. Hospitals are supposed to be backstops for society, a place to go when it all goes wrong, and paralyzing their operations for monetary gain by taking over their information systems is just beyond the pale. Tactically, though, it makes sense; their unique position in society seems to make it more likely that they’ll pay up.

Which is why the ongoing cyberattack against car dealerships is a little perplexing — can you think of a less sympathetic victim apart from perhaps the Internal Revenue Service? Then again, we’re not in the ransomware business, so maybe this attack makes good financial sense. And really, judging by the business model of the primary target of these attacks, a company called CDK Global, it was probably a smart move. We had no idea that there was such a thing as a “Dealer Management System” that takes care of everything from financing to service, and that shutting down one company’s system could cripple an entire industry, but there it is.

Continue reading “Hackaday Links: June 23, 2024”