Fun And Failure

September 7, 2024 by Elliot Williams 20 Comments

My sister is a beekeeper, or maybe a meta-beekeper. She ends up making more money by breeding and selling new queen bees to other beekeepers than she does by selling honey, but that doesn’t mean that she doesn’t also process the sweet stuff from time to time. She got a free steam-heated oscillating hot knife, used for cutting the waxy caps off of the tops of the cells before spinning the combs down to extract honey, and she thought it might be easier to use than her trusty hand-held electric hot knife.

The oscillating knife, which was built something like a century ago, hadn’t been used in decades. All of the grease had turned to glue, and the large v-belt wheel that made it go was hard to turn by hand, and the motor was missing anyway. So she gave it to my father and me as a project. How could we resist?

We found the original manual on the Internet, which said that it would run from any 1/2 hp motor, or could be optionally driven by a takeoff wheel from a tractor – unfortunately not an option in my sister’s honey house. But we did find a 3/4 hp bench grinder at Harbor Freight that conveniently fit inside the case, and bought the smallest v-belt pulley wheel that would fit the grinder’s arbor. We thought we were geniuses, but when we hooked it all up, it just stalled.

We spent more than a few hours taking the mechanism apart. It was basically an eccentric shaft with a bearing on the end, and the bearing ran back and forth in the groove of a sliding mechanism that the knife blade attached to. As mentioned above, everything was gunked, so we took it all apart. The bearing was seized, so we freed that up by getting the sand out of the balls. The bearing couldn’t move freely in the slide either, but we filed that down until it just moved freely without noticeable play. We added grease from this century, and reassembled it. It turned fine by hand.

But with the belt and motor attached, the mechanism still had just enough friction to stall out the motor. Of course we wrapped some rope around the shaft and pull-started it, and it made a hell of a racket, nearly vibrated itself off the table, and we could see that the marvelous zinc-coated frame that held it all together was racking under the tension. It would require a wholly new housing to be viable, and we hadn’t even figured out a source of steam to heat the knife.

In short, it was more trouble than it was worth. So we packed up the bench grinder in the original container, and returned it no-worse-for-wear to the Freight. But frankly, we had a fantastic time playing around with a noble machine from a long-gone past. We got it “working” even if that state was unworkable, and we were only out the cost of the small v-belt pulley. Who says all of your projects have to be a success to be fun?

Hackaday Podcast Episode 287: Raspberry Pi Woes, Blacker Than Black, And Printing With Klipper

September 6, 2024 by Al Williams No comments

Elliot Williams is back from vacation, and he and Al Williams got together to talk about the best Hackaday posts from the last week. Of course, the Raspberry Pi RP2350 problem generated a bit of discussion.

On a lighter note, they saw laser lawn care, rooting WiFi devices, and some very black material made from wood. Need more current-sinking capability from a 555? They talked about that, too, along with a keyboard you use with your feet.

The guys had a lot to say about Klipper, why you might want to move your 3D printer to it, and the FCC’s stance on ham radio antennas in restricted neighborhoods. Oh, and don’t forget to play “What’s that Sound?”

DRM? Who’s got time for that? Download our legally unencumbered MP3.

Continue reading “Hackaday Podcast Episode 287: Raspberry Pi Woes, Blacker Than Black, And Printing With Klipper” →

This Week In Security: EUCLEAK, Revival Hijack, And More

September 6, 2024 by Jonathan Bennett 5 Comments

[Thomas Roche] of NinjaLab is out with EUCLEAK, (pdf) a physical attack against Infineon security microcontrollers, and the security tokens that contain them. The name is a portmanteau of Euclidean and leak. And no surprise, it’s a data leak in some implementations of the Extended Euclidean Algorithm (EEA), a component of an Elliptical Curve Digital Signature Algorithm (ECDSA).

OK, time to step back. Infineon microcontrollers are the digital smart parts inside popular security tokens like the Yubikey 5, some Java smart cards, and even the Infineon TPMs. These devices all serve a similar purpose. They store one or more secret keys, and are guaranteed to never disclose those keys. Instead, they use their secret keys to do cryptographic functions, like ECDSA signatures, and output the result. There’s even a special set of tests, the Common Criteria, that are intended to backstop these guarantees. What’s interesting is that an otherwise excellent product like the Yubikey 5, that passes all these auditing and certification processes, is still vulnerable.

The actual attack is to perform ECDSA signatures while monitoring the physical chip with an electromagnetic probe. This tiny directional antenna can pick up on EM noise generated by the microprocessor. That EM noise leaks timing information about the internal state of the cryptography, and the secret key can be derived as a result.

This process does require physical access to the token for several minutes. To get useful readings, the plastic case around the security token does need to be disassembled to get the probe close enough to pick up signals. From there it’s at least an hour of post-processing to actually get the key. And most of these security tokens intentionally make the disassembly process rather difficult. The point isn’t that it’s impossible to open up, but that it’s impossible not to notice that your token has been tampered with. Continue reading “This Week In Security: EUCLEAK, Revival Hijack, And More” →

If Wood Isn’t The Biomass Answer, What Is?

September 5, 2024 by Jenny List 120 Comments

As we slowly wean ourselves away from our centuries-long love affair with fossil fuels in an attempt to reduce CO₂ emissions and combat global warming, there has been a rapid expansion across a broad range of clean energy technologies. Whether it’s a set of solar panels on your roof, a wind farm stretching across the horizon, or even a nuclear plant, it’s clear that we’ll be seeing more green power installations springing up.

One of the green power options is biomass, the burning of waste plant matter as a fuel to generate power. It releases CO₂ into the atmosphere, but its carbon neutral green credentials come from that CO₂ being re-absorbed by new plants being grown. It’s an attractive idea in infrastructure terms, because existing coal-fired plants can be converted to the new fuel. Where this is being written in the UK we have a particularly large plant doing this, when I toured Drax power station as a spotty young engineering student in the early 1990s it was our largest coal plant; now it runs on imported wood pellets.

Continue reading “If Wood Isn’t The Biomass Answer, What Is?” →

A Windows Control Panel Retrospective Amidst A Concerning UX Shift

September 3, 2024 by Maya Posch 154 Comments

Once the nerve center of Windows operating systems, the Control Panel and its multitude of applets has its roots in the earliest versions of Windows. From here users could use these configuration applets to control and adjust just about anything in a friendly graphical environment. Despite the lack of any significant criticism from users and with many generations having grown up with its familiar dialogs, it has over the past years been gradually phased out by the monolithic Universal Windows Platform (UWP) based Settings app.

Whereas the Windows control panel features an overview of the various applets – each of which uses Win32 GUI elements like tabs to organize settings – the Settings app is more Web-like, with lots of touch-friendly whitespace, a single navigable menu, kilometers of settings to scroll through and absolutely no way to keep more than one view open at the same time.

Unsurprisingly, this change has not been met with a lot of enthusiasm by the average Windows user, and with Microsoft now officially recommending users migrate over to the Settings app, it seems that before long we may have to say farewell to what used to be an intrinsic part of the Windows operating system since its first iterations. Yet bizarrely, much of the Control Panel functionality doesn’t exist yet in the Settings app, and it remain an open question how much of it can be translated into the Settings app user experience (UX) paradigm at all.

Considering how unusual this kind of control panel used to be beyond quaint touch-centric platforms like Android and iOS, what is Microsoft’s goal here? Have discovered a UX secret that has eluded every other OS developer?

Continue reading “A Windows Control Panel Retrospective Amidst A Concerning UX Shift” →

Is That Antenna Allowed? The Real Deal On The FCCs OTARD Rule

August 30, 2024 by Dan Maloney 111 Comments

The Hackaday comments section is generally a lively place. At its best, it’s an endless wellspring of the combined engineering wisdom of millions of readers which serves to advance the state of the art in hardware hacking for all. At its worst — well, let’s just say that at least it’s not the YouTube comments section.

Unfortunately, there’s also a space between the best and the worst where things can be a bit confusing. A case in point is [Bryan Cockfield]’s recent article on a stealth antenna designed to skirt restrictions placed upon an amateur radio operator by the homeowners’ association (HOA) governing his neighborhood.

Putting aside the general griping about the legal and moral hazards of living under an HOA, as well as the weirdly irrelevant side-quest into the relative combustibility of EVs and ICE cars, there appeared to be a persistent misapprehension about the reality of the US Federal Communications Commission’s “Over-the-Air Reception Devices” rules. Reader [Gamma Raymond] beseeched us to clarify the rules, lest misinformation lead any of our readers into the unforgiving clutches of the “golf cart people” who seem to run many HOAs.

According to the FCC’s own OTARD explainer, the rules of 47 CFR § 1.400 are intended only to prevent “governmental and nongovernmental restrictions on viewers’ ability to receive video programming signals” (emphasis added) from three distinct classes of service: direct satellite broadcasters, broadband radio service providers, and television broadcast services.

Specifically, OTARD prevents restrictions on the installation, maintenance, or use of antennas for these services within limits, such as dish antennas having to be less than a meter in diameter (except in Alaska, where dishes can be any size, because it’s Alaska) and restrictions on where antennas can be placed, for example common areas (such as condominium roofs) versus patios and balconies which are designated as for the exclusive use of a tenant or owner. But importantly, that’s it. There are no carve-outs, either explicit or implied, for any other kind of antennas — amateur radio, scanners, CB, WiFi, Meshtastic, whatever. If it’s not about getting TV into your house in some way, shape, or form, it’s not covered by OTARD.

It goes without saying that we are not lawyers, and this is not to be construed as legal advice. If you want to put a 40′ tower with a giant beam antenna on your condo balcony and take on your HOA by stretching the rules and claiming that slow-scan TV is a “video service,” you’re on your own. But a plain reading of OTARD makes it clear to us what is and is not allowed, and we’re sorry to say there’s no quarter for radio hobbyists in the rules. This just means you’re going to need to be clever about your antennas. Or, you know — move.

Supercon 2024: May The Best Badge Add-Ons Win

August 27, 2024 by Tom Nardi 13 Comments

One of our favorite parts of Hackaday Supercon is seeing all the incredible badge add-ons folks put together. These expansions are made all the more impressive by the fact that they had to design their hardware without any physical access to the badge, and with only a few weeks’ notice. Even under ideal conditions, that’s not a lot of time to get PCBs made, 3D print parts, or write code. If only there was some standard for badge expansions that could speed this process up…

But there is! The Simple Add-On (SAO) standard has been supported by the Supercon badges since 2019, and the 2×3 pin connector has also popped up on badges from various other hacker events such as HOPE and DEF CON. There’s only one problem — to date, the majority of SAOs have been simply decorative, consisting of little more than LEDs connected to the power pins.

This year, we’re looking to redefine what an SAO can be with the Supercon Add-On Contest. Don’t worry, we’re not changing anything about the existing standard — the pinout and connector remains the same. We simply want to challenge hackers and makers to think bigger and bolder.

Thanks to the I2C interface in the SAO header, add-ons can not only communicate with the badge, but with each other as well. We want you to put that capability to use by creating functional SAOs: sensors, displays, buttons, switches, rotary encoders, radios, we want to see it all! Just make sure you submit your six-pin masterpiece to us by the October 15th deadline.

Continue reading “Supercon 2024: May The Best Badge Add-Ons Win” →