Hackaday editors Elliot Williams and Mike Szczys chew the fat over the coolest of hacks. It’s hard to beat two fascinating old-tech demonstraters; one is a mechanical IBM computer for accurate cheese apportionment, the other an Analog-to-Digital Converter (ADC) built from logic chips. We gawk two very different uses of propeller-based vehicles; one a flying-walker, the other a ground-effect coaster. Big news shared at the top of the show is that Keith Thorne of LIGO is going to present a keynote at Hackaday Remoticon. And we wrap the episode talking about brighter skies from a glut of satellites and what the world would look like if one charging cable truly ruled all smartphones.
Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!
Apache 2.4.50 included a fix for CVE-2021-41773. It has since been discovered that this fix was incomplete, and this version is vulnerable to a permutation of the same vulnerability. 2.4.51 is now available, and should properly fix the vulnerability.
The original exploit used .%2e/ as the magic payload, which is using URL encoding to sneak the extra dot symbol through as part of the path. The new workaround uses .%%32%65/. This looks a bit weird, but makes sense when you decode it. URL encoding uses UTF-8, and so %32 decodes to 2, and %65 to e. Familiar? Yep, it’s just the original vulnerability with a second layer of URL encoding. This has the same requirements as the first iteration, cgi-bin has to be enabled for code execution, and require all denied has to be disabled in the configuration files. Continue reading “This Week In Security: The Apache Fix Miss, Github (Malicious) Actions, And Shooting The Messenger”→
When talking about remote machines, sometimes we mean really remote, beyond the realms of wired networks that can deliver the Internet. In these cases, remote cellular access is often the way to go. Thus far, we’ve explored the hardware and software sides required to control a machine remotely over a cellular connection.
However, things can and do go wrong. When that remote machine goes offline, getting someone on location to reboot it can be prohibitively difficult and expensive. For these situations, what you want is some way to kick things back into gear, ideally automatically. What you’re looking for is a watchdog timer!
On a dark night in 2006 I was bicycle commuting to my office, oblivious to the countless man made objects orbiting in the sky above me at thousands of miles per hour. My attention was instead focused on a northbound car speeding through a freeway underpass at dozens of miles per hour, oblivious to my southbound headlamp. The car swerved into the left turn lane to get to the freeway on-ramp. The problem? I was only a few feet from crossing the entrance to that very on-ramp! As the car rushed through their left turn I was presented with a split second decision: slow, and possibly stop in the middle of the on-ramp, or just go for it and hope for the best.
In Blue: Terrified cyclist. In Red: A speeding car careening around a corner without slowing down.
By law I had the right of way. But this was no time to start discussing right of way with the driver of the vehicle that threatened to turn me into a dark spot on the road. I followed my gut instinct, and my legs burned in compliance as I sped across that on-ramp entrance with all my might. The oncoming car missed my rear wheel by mere feet! What could have ended in disaster and possibly even death had resulted in a near miss.
Terrestrial vehicles generally have laws and regulations that specify and enforce proper behavior. I had every right to expect the oncoming car be observant of their surroundings or to at least slow to a normal speed before making that turn. In contrast, traffic control in Earth orbit conjures up thoughts of bargain-crazed shoppers packed into a big box store on Black Friday.
So is spacecraft traffic in orbit really a free-for-all? If there were stringent rules, how can they be enforced? Before we explore the answers to those questions, let’s examine the problem we’re here to discuss: stuff in space running into other stuff in space.
[Simon Merrett] didn’t know anything about keyboards when he started this project, but he didn’t let that stop him. [Simon] did what any of us would do — figure out what you like, learn enough to be dangerous, and then start fiddling around, taking all that inspiration and making a mashup of influences that suits your needs.
The Aerodox design became a cross between the ErgoDox‘s key layout and the logic and communication of the Redox Wireless, itself a reduced-size version of the ErgoDox. Interestingly, [Simon] chose the ErgoDox’s dimensions and spacing, and not those of the Redox. Like a lot of people out there, I found the ErgoDox to be too big for my hands, mostly in that the thumb cluster is too far away from the mainland. It’s nice to see that it suits some people, though.
[Simon] worked up a custom hot-swap footprint that makes the board reversible, much like the ErgoDox. Each half has an NRF51822 for a brain, and there’s a third one that acts as a receiver. This external NRF board is connected over UART to an Arduino Pro Micro, which acts as the USB HID and runs QMK. It’s an interesting journey for sure, so go dig into the logs.
It seems that few features of a consumer electronic product will generate as much rancour as a mobile phone charger socket. For those of us with Android phones, the world has slowly been moving over the last few years from micro-USB to USB-C, while iPhone users regard their Lightning connector as the ultimate in connectivity. Get a set of different phone owners together and this can become a full-on feud, as micro-USB owners complain that nobody has a handy charging cable any more, USB-C owners become smug bores, and Apple owners do what they’ve always done and pretend that Steve Jobs invented USB. Throwing a flaming torch into this incendiary mix is the European Union, which is proposing to mandate the use of USB-C on all phones sold in its 27 member nations with the aim of reducing considerably the quantity of e-waste generated.
Minor annoyances over having to carry an extra micro-USB cable for an oddball device aside, we can’t find any reason not to applaud this move, because USB-C is a connector born of several decades of USB evolution and brings with it not only the reversible plug but also the enhanced power delivery standards that enable fast charging no matter whose USB-PD charger you are using. Mandating USB-C will put an end to needlessly overpriced proprietary cables, and bring eventual unity to a fractured world. Continue reading “Showdown Time For Non-Standard Chargers In Europe”→
Despite being present in everything that contains water, tritium is not an isotope that many people were that familiar with outside of select (geeky) channels, such as DEF CON with a tritium-containing badge, the always excellent NurdRage’s assembly of a tritium-based atomic battery, or the creation of a tritium-phosphor-based glow-in-the-dark tesseract cube.
Tritium is a hydrogen isotope that shares a lot of characteristics with its two siblings: 1H (protium) and 2H (deuterium), with the main distinction being that tritium (3H) is not a stable isotope, with a half-life of ~12.32 years that sees it decay into 3He. Most naturally occurring tritium on Earth originates from interactions between fast neutrons (>4.0 MeV) from cosmic radiation and atmospheric nitrogen.
Recently tritium has become a politically hot topic on account of the announced release of treated water at the Japanese Fukushima Daiichi nuclear plant. This has raised for many the question of just how much tritium is ‘too much’ and what we’re likely to notice from this treated — but still tritium-containing water — being released into the ocean.