Off-the-shelf stock parts are the blocks from which we build mechanical projects. And while plenty of parts have dedicated uses, I enjoy reusing them in ways that challenge what they were originally meant for while respecting the constraints of their construction. Building off of my piece from last time, I’d like to add to your mechanical hacking palette with four more ways we can re-use some familiar off-the-shelf parts. Continue reading “The BSides: More Curious Uses Of Off-the-shelf Parts”
Microsoft’s Threat Intelligence group has announced a new naming scheme for threat actors. It sounds great, naming groups after weather phenomenon, based on the groups motivations or nation of origin. Then each discreet group is given an additional adjective. That’s where things get interesting.
It seems like the adjectives were chosen at random, giving rise for some suitably impressive names, like Ghost Blizzard, Ruby Sleet, or Granite Typhoon. Some of the other names sound like they should be desserts: Caramel Tsunami, Peach Sandstorm, Aqua Blizzard, or Raspberry Typhoon. But then there the really special names, like Wine Tempest and Zigzag Hail. But the absolute winner is Spandex Tempest. No word yet on whether researchers managed to keep a straight face when approving that name.
A pair of Chrome browser releases have been minted in the past week, both to address vulnerabilities that are actively being exploited. Up first was CVE-2022-2033, type confusion in the V8 JS engine. That flaw was reported by Google’s Threat Analysis Group, presumably discovered in the wild, and the fix was pushed as stable on the 14th.
Then, on th 18th, yet another released rolled out to fix CVE-2023-2136, also reported by the TAG, also being exploited in the wild. It seems likely that both of these 0-days were found in the same exploitation campaign. We look forward to hearing the details on this one. Continue reading “This Week In Security: Spandex Tempest, Supply Chain Chain, And NTP”
This edition’s community build comes from the Yes They Could, But Should They Have? file. Well, I ultimately say yes, this is intriguing. Redditor [dj_edit] looked at the venerable Model M and thought, this buckling-spring masterpiece can yet be improved upon. Yeah! Well, to each their own. I must say that it does sound great, especially with the solenoid feedback enabled via rotary encoder. Just check out the typing test.
To be clear, this is essentially a new keyboard that fits inside a Model M case, but that alone is quite a feat, especially if you consider the curvature of the backplate. Because of this hurdle, [dj_edit] went with 1 mm FR4 for the switch PCB, which is a nice compromise of sturdiness and flexibility.
Underneath those stunning reproduction keycaps are Kailh box white switches, which are pretty chonky-sounding on their own. But turn on that sweet solenoid action and you really get noisy.
Those box whites are sitting in hot-swap sockets, a design decision that kind of made things difficult because of the curvature. [dj_edit] ended up using an acrylic plate that gets bent to match the curvature by the switches themselves.
Continue reading “Keebin’ With Kristina: The One With The Music Typewriter”
The first round of the 2023 Hackaday Prize closes next Tuesday, March April 25th. If you’ve got an educational project – whether that’s a robot technique you just need to share, or an instructional radio build – you’ve got this weekend left to get your project into shape, whip up a Hackaday.io page in support, and enter. The top 10 projects get a $500 prize award, and a chance to win the big prizes in the final round. You want to get your project in now.
We’ve already seen some great entries into this first round of the Prize. Ranging from a trainer robot for First Robotics teams, through a complete learn-electronics kit on a PCB, building radios in High Schools, and all the way to an LED-and-lightpipe map to help teachers and students with their geography lessons, we’ve got a broad range of educational projects so far.
But there is still room for your project! And with the deadline closing in, your best bet at the $500 prize money relies on you burning a bit of the midnight oil this weekend, but Hackaday glory awaits those who do.
The Vintage Computer Festival East took place last weekend at the InfoAge Science and History Museum in New Jersey, and by any metric you care to use, it was a phenomenal success. Everyone you spoke with, from the the exhibitors and attendees, to the veteran volunteers who put this incredible show together, all said the same thing: they’d never seen a turnout like this before.
Of course, such success is not without cost. The exhibit rooms were so packed that moving through them was a challenge, the line to get food or browse the consignment area occasionally stretched outside the building, and at one point the event’s electronic payment system buckled under the pressure.
Yet even the folks who waited the better part of an hour to rummage through boxes of dusty treasures, only to find themselves left standing with armfuls of heavy gear they couldn’t pay for until the technical issues were resolved couldn’t really complain. I should know, I was one of them. It would be like going to a concert and getting upset that the music was too loud — the event was advertised as a festival, and that’s exactly what it was.
No matter where you went, you’d find throngs of excited people who were eager to chat about the golden age of computing. So even if you were stuck in a long line, or had to step outside of the exhibit area to get some fresh air, you were always in excellent company. Seeing such a large and diverse number of people come out for what’s ultimately a niche event was exceptionally gratifying. At the end of the day, if the price we have to pay for this kind of community response is a few long lines and tight squeezes, it’s well worth it.
Each time I cover an event like this for Hackaday, I do so with the caveat that there’s really no substitute for being there in person. No matter how many articles you read and YouTube recaps you watch, you’ll never be able to see all the things you would have had you been able to walk the show floor yourself. It’s a bit like exploring the Moon or Mars: remotely controlled robots are capable of capturing terabytes of data and beaming it back to Earth, but even still, there’s the potential to learn so much more by putting boots on the ground.
The same is true of VCF East 2023 — what I bring you here is just the tip of the iceberg in terms of what was on display at this year’s event. On the other hand, you have the advantage of being able to peruse these images without having to stand in line. Is it worth the trade? Only you can be the judge of that. But for my money, I’ll gladly get back in line when VCF East 2024 rolls around.
Continue reading “Vintage Computer Festival East Was A Retro Madhouse”
Linux users have a lot of software to be proud of. However, there is the occasional Windows program that does something you’d really like to do and it just won’t run. This is especially true of low-level system programs. If you want to poke around your CPU and memory, for example, there are tons of programs for that under Windows. There are a few for Linux, but they aren’t always as complete or handy. Recently, I had half the memory in my main desktop fail and I wanted to poke around in the system. In particular, I wanted to read the information encoded in the memory chips configuration EEPROM. Should be easy, right? You’d think.
One nice tool a lot of Windows users have is CPU-Z. Of course, it doesn’t run on Linux, but there is a really nice imitator called CPU-X. You can probably install it from your repositories. However, the GitHub page is a nice stop if for no other reason than to enjoy the user name [TheTumultuousUnicornOfDarkness]. The program has a gtk or an ncurses interface. You don’t need to run it as root, but if you press the “start daemon” button and authenticate, you can see some extra information, including a tab for memory.
It’s been clear for a long time that the world has to move away from fossil energy sources. Decades ago, this seemed impractical, when renewable energy was hugely expensive, and we were yet to see much impact on the ground from climate change. Meanwhile, prices for solar and wind installations have come down immensely, which helps a lot.
However, there’s a new problem. Power grids across the US simply can’t keep up with the rapid pace of new renewable installations. It’s a frustrating issue, but not an insurmountable one.
Continue reading “New Renewable Energy Projects Are Overwhelming US Grids”
