Hackaday Podcast 192: Supercon Was Awesome, How To Grind ICs And Make Your Own Telescope

This week, Editor-in-Chief Elliot Williams and Managing Editor Tom Nardi are still flying high on their post-Supercon buzz (and are a bit jet lagged) this week. We’ll start with some of the highlights from our long-awaited Pasadena meetup, and talk a bit about the winner of this year’s Hackaday Prize. Talk will then shift over to shaved down NES chips, radioactive Dungeons and Dragons gameplay, an impressive 3D printed telescope being developed by the community, and the end of the Slingbox. Stick around for a double dose of Dan Maloney, as we go over his twin treatises on dosimetry and the search for extraterrestrial life.

Download it, burn it on a floppy, and you’ll have it forever!

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Continue reading “Hackaday Podcast 192: Supercon Was Awesome, How To Grind ICs And Make Your Own Telescope”

This Week In Security: Microsoft Patches, Typosquatting Continues, And Code Signing For All

The pair of Outlook vulnerabilities we’ve been tracking have finally been patched, along with another handful of fixes this Patch Tuesday, a total of six being 0-day exploits. The third vulnerability was also a 0-day, discovered by the Google Threat Analysis Group. This one resulted in arbitrary code execution when a Windows client connected to a malicious server.

A pair of escalation of privilege flaws were fixed, one being yet another print spooler issue, and the other part of a key handling service. The final zero-day fixed was a mark-of-the-web bypass, that being the tag that gets added to file metadata to indicate it’s a download from the internet. If you deliver malware inside an ISO or marked read-only in a zip file, it doesn’t show the warning when executing.

Will Typosquat For Bitcoin

A trend that doesn’t show signs of slowing down is Typosquatting, the simple malware distribution strategy of uploading tainted packages using misspelled variations of legitimate package names. The latest such scheme, discovered by researchers at Phylum, delivered a crypto-stealer in Python packages. These packages were hosted on PyPi, under names like baeutifulsoup4 and cryptograpyh. The packages install a JavaScript file that runs in the background of the browser, and monitors for a cryptocurrency address on the clipboard. When detected, the intended address is swapped for an attacker-controlled address. Continue reading “This Week In Security: Microsoft Patches, Typosquatting Continues, And Code Signing For All”

The Importance Of Physical Models: How Not To Shoot Yourself In The Foot Or Anywhere Else

We take shortcuts all the time with our physical models. We rarely consider that wire has any resistance, for example, or that batteries have a source impedance. That’s fine up until the point that it isn’t. Take the case of the Navy’s Grumman F11F Tiger aircraft. The supersonic aircraft was impressive, although it suffered from some fatal flaws. But it also has the distinction of being the first plane ever to shoot itself down.

So here’s the simple math. A plane traveling Mach 1 is moving about 1,200 km/h — the exact number depends on a few things like your altitude and the humidity. Let’s say about 333 m/s. Bullets from a 20 mm gun, on the other hand, move at more than 1000 m/second. So when the bullet leaves the plane it would take the plane over three seconds to catch up with it, by which time it has moved ever further away, right?

Continue reading “The Importance Of Physical Models: How Not To Shoot Yourself In The Foot Or Anywhere Else”

Retrotechtacular: Programming By Card

The recent Supercon 6 badge, if you haven’t seen it, was an old-fashioned type computer with a blinky light front panel. It was reminiscent of an Altair 8800, a PDP-11, or DG Nova. However, even back in the day, only a few people really programmed a computer with switches. Typically, you might use the switches to toggle in a first-level bootloader that would then load a better bootloader from some kind of storage like magnetic or paper tape. Most people didn’t really use the switches.

What most people did do, however, was punch cards.  Technically, Hollerith cards, although we mostly just called them cards, punched cards, or IBM cards. There were a lot of different machines you could use to punch cards, but none were as popular, I would guess, as the IBM 029. Certainly, the models in the series were overwhelmingly what people used to punch cards.

For the uninitiated, a card was about the size of an old-fashioned dollar bill — the ones in style when Herman Hollerith invented them. The card was made of material not quite as thick as a standard file folder and was divided into 80 columns and 12 rows. Later cards had more columns, but those never really caught on to the same scale as the classic 80-column card. Continue reading “Retrotechtacular: Programming By Card”

Illustrated Kristina with an IBM Model M keyboard floating between her hands.

Keebin’ With Kristina: The One With The Pumpkin Keyboard

Oh, the places plastic has taken us. One of the arguably better inventions might be the fake carve-able pumpkin, which is more or less guaranteed not to shrivel up and rot on your porch, though it might get smashed by wily teenagers along with its organic brethren next door.

Though they will be around much longer, the fake kind lend themselves to all kinds of creations, including this one from [BunkEbear] which was “a nightmare” to build. Yeah, we bet it was along the lines of [Aaron Rasmussen]’s spherical keyboard, except inside out, since that one’s concave.

This tasty keyboard is modeled after the Malling-Hansen writing ball, which is arguably the first commercial typewriter and dates to 1865. [BunkEbear]’s pumpkin version features the 54-key layout, plus two additional for Shift and Escape to suit modern needs. Since the inside of the pumpkin is pretty small, [BunkEbear] wired all the connections close together on the protoboard, and used JST extension cables between the Glorious Panda switches themselves and the Arduino Pro Micro.

Continue reading “Keebin’ With Kristina: The One With The Pumpkin Keyboard”

Four M.2 cards of different sizes on a desk surface

M.2 For Hackers – Cards

Last time, I’ve explained everything you could want to know if you wanted to put an M.2 socket onto your board. Today, let’s build M.2 cards! There’s a myriad of M.2 sockets out there that are just asking for a special card to be inserted into it, and perhaps, it’s going to be your creation that fits.

Why Build Cards?

Laptops and other x86 mainboards often come with M.2 slots. Do you have a free B-key slot? You can put a RP2040 and bunch of sensors on a B-key PCB as an experimental platform carried safely inside your laptop. Would you like to do some more advanced FPGA experiments? Here’s a miniscule FPGA board that fits inside your laptop and lets you play with PCIe on this same laptop – the entire setup having a super low footprint. Are you looking for an extra PCIe link because you’re reusing your laptop as a home server? Again, your WiFi slot will provide you with that. Want to get some PCIe out of a SteamDeck? Building a M-key 2230 card seems to be your only hope! Continue reading “M.2 For Hackers – Cards”

Dosimetry: Measuring Radiation

Thanks to stints as an X-ray technician in my early 20s followed by work in various biology labs into my early 40s, I’ve been classified as an “occupationally exposed worker” with regard to ionizing radiation for a lot of my life. And while the jobs I’ve done under that umbrella have been vastly different, they’ve all had some common ground. One is the required annual radiation safety training classes. Since the physics never changed and the regulations rarely did, these sessions would inevitably bore everyone to tears, which was a pity because it always felt like something I should be paying very close attention to, like the safety briefings flight attendants give but everyone ignores.

The other thing in common was the need to keep track of how much radiation my colleagues and I were exposed to. Aside from the obvious health and safety implications for us personally, there were legal and regulatory considerations for the various institutions involved, which explained the ritual of finding your name on a printout and signing off on the dose measured by your dosimeter for the month.

Dosimetry has come a long way since I was actively considered occupationally exposed, and even further from the times when very little was known about the effects of radiation on living tissue. What the early pioneers of radiochemistry learned about the dangers of exposure was hard-won indeed, but gave us the insights needed to develop dosimetric methods and tools that make working with radiation far safer than it ever was.

Continue reading “Dosimetry: Measuring Radiation”