A multifactor authentication device showing TOTP codes

An ESP32 MultiFactor TOTP Generator

March 7, 2024 by Dave Rowntree 20 Comments

MFA, or multifactor authentication, is a standard security feature these days. However, it can be a drag to constantly reach into one’s pocket, scroll to Google Authenticator (other MFA applications are available!), and find the correct TOTP code to log in to a site for a short while. [Allan Oricil] felt this pain point, so they took the problem by the horns and created a desktop MFA TOTP generator to make life just that little bit easier.

TOTP, which stands for Time-based One-Time Password, is a security measure that uses a device or application to provide unique codes that expire after a short time. Two-factor authentication requires a physical item (something you have), such as a key or swipe card, and knowledge of a fact (something you know), like a password, rather than relying on a single factor. This approach ensures a higher level of security. [Allan]’s project is a physical thing one would use with a password or key file.

Continue reading “An ESP32 MultiFactor TOTP Generator” →

The Juggler: In Rust

March 4, 2024 by Dave Rowntree 12 Comments

Back on the theme of learning to program by taking on a meaningful project — we have another raytracing demo — this time using Rust on the Raspberry Pi. [Unfastener] saw our previous article about writing a simple raytracer in spectrum BASIC and got inspired to try something similar. The plan was to recreate the famous juggler 3D demo, from the early days of 3D rendering on the Amiga.

The juggler story starts with an Amiga programmer called [Eric Graham] who created ssg, the first ray tracer application on a personal computer. A demo was shown to Commodore, who didn’t believe it was done on their platform, but a quick follow-up with the actual software used soon quelled their doubts. Once convinced, they purchased the rights to the demo for a couple of thousand dollars (in 1986 money, mind you) to use in promotional materials. [Eric] developed ssg into the popular Sculpt 3D, which became available also on Mac and Windows platforms, and kick-started a whole industry of personal 3D modelling and ray tracing.

Anyway, back to the point. [Unfastener] needed to get up the considerable Rust learning curve, and the best way to do that is to let someone else take care of some of the awkward details of dealing with GUI, and just concentrate on the application. To that end, they use the softbuffer and winit Rust crates that deal with the (important, yet frankly uninteresting) details of building frame buffers and pushing the pixels out to the window manager in a cross-platform way. Vecmath takes care of — you guessed it — the vector math. There’s no point reinventing that wheel either. Whilst [Unfastener] mentions the original Amiga demo took about an hour per frame to render, this implementation runs in real-time. To that end, the code performs a timed pre-render to determine the most acceptable resolution to get an acceptable frame rate, achieving a respectable 30 or so frames per second on a Pi 5, with the older Pis needing to drop the resolution a little. This goes to show how efficient Rust code can be and, how capable the new Pi is. How far we have come.

We saw another interesting rust-based raytracer a while back, which is kinda fun. We’ve also covered rust in other applications a few times, like inside the Linux kernel. Finally here’s our guide to getting started with rust, in case you need any more motivation to have a crack at this upcoming language.

DOOM Runs On Husqvarna’s Robot Lawnmower

March 1, 2024 by Lewin Day 26 Comments

DOOM has been ported to a lot of platforms — to the point where the joke is kind of getting old now. Evidence of that is available in the fact that brands are now getting in on the action. Yes, as reported by The Register, you can now officially play DOOM on your Husqvarna’s Automower.

Nice, right? Speedrun it on this interface.

We had to check if this was some kind of joke; indeed, the April release date had us looking at the calendar. However, it seems to be legit. You’ll be able to download a version of DOOM via the Husqvarna Automower Connect App, and play it on the tiny screen of your robot lawnmower. Hilariously, due to the size of the game, Husqvarna notes it “may take up to a week before the game is playable” due to the time it takes the mower to download it, along with a necessary software update.

Controls are simple. The knob on the robot is used for turning left and right, while pressing start lets you run forward. Firing weapons is done by pressing the control knob.

We’ve seen some quality ports before, including an arcade port that was particularly cool. Really, though, at this stage, you have to work harder to impress. Show us DOOM running on a Minuteman launch console or something. Continue reading “DOOM Runs On Husqvarna’s Robot Lawnmower” →

An image showing the new KiCad feature that allows you to easily generate schematic labels from IC symbol pin names

KiCad 8 Makes Your Life Better Without Caveats

February 26, 2024 by Arya Voronova 60 Comments

A few days ago, KiCad 8 was released, and it’s a straight upgrade to any PCB designer’s quality of life. There’s a blog post as usual, and, this year, there’s also a FOSDEM talk from [Wayne Stambaugh] talking about the changes that we now all get to benefit from. Having gone through both of these, our impression is that KiCad 8 developers went over the entire suite, asking: “this is cool, but could we make it better”? The end result is indeed a massive improvement in a thousand different ways, from small to fundamental, and all of them seem to be direct upgrades from the KiCad 7 experience.

Continue reading “KiCad 8 Makes Your Life Better Without Caveats” →

Filters Are In Bloom

February 22, 2024 by Al Williams 3 Comments

If you are a fan of set theory, you might agree there are two sets of people who write computer programs: those who know what a Bloom filter is and those who don’t. How could you efficiently test to see if someone is one set or another? Well, you could use a Bloom filter. [SamWho] takes us through the whole thing in general terms that you could apply in any situation.

The Bloom filter does perform a trade-off for its speed. It is subject to false positives but not false negatives. That is, if a Bloom filter algorithm tells you that X is not part of a set, it is correct. But if it tells you it is, you may have to investigate more to see if that’s true.

If it can’t tell you that something is definitely in a set, why bother? Usually, when you use a Bloom filter, you want to reduce searching through a huge amount of data. The example in the post talks about having a 20-megabyte database of “bad” URLs. You want to warn users if they enter one, but downloading that database is prohibitive. But a Bloom filter could be as small as 1.8 megabytes. However, there would be a 1 in 1000 chance of a false positive.

Increase the database size to 3.59 megabytes, and you can reduce false positives to one in a million. Presumably, if you got a positive, you could accept the risk it is false, or you could do more work to search further.

Imagine, for example, a web cache device or program. Many web pages are loaded one time and never again. If you cache all of them, you’ll waste a lot of time and push other things out of the cache. But if you test a page URL with a Bloom filter, you can improve things quite a bit. If the URL may exist in the Bloom filter, then you’ve probably seen it before, so you might want to cache it.

If it says you haven’t, you can add it to the filter so if it is ever accessed again, it will cache. Sure, sometimes a page will show a false positive. So what? You’ll just cache the page on the first time, which is what you did before, anyway. If that happens only 0.1% of the time, you still win.

In simple terms, the Bloom filter hashes each item using three different algorithms and sets bits in an array based on the result. To test an item, you compute the same hashes and see if any of the corresponding bits are set to zero. If so, the item can’t be in the set. Of course, there’s no assurance that all three bits being set means the set contains the item. Those three bits might be set for totally different items.

Why does increasing the number of bits help? The post answers that and looks at other optimizations like a different number of hash functions and counting.

The post does a great job of explaining the filter but if you want a more concrete example in C, you might want to read this post next. Or search for code in your favorite language. We’ve talked about Python string handling with Bloom filters before. We’ve even seen a proposal to add them to the transit bus.

Steampipe: All SQL All The Time

February 19, 2024 by Al Williams 23 Comments

Although modern Linux has slightly shifted, the old Unix mantra was: everything’s a file. With Steampipe, a better saying might be: everything’s a SQL table. The official tagline is “select * from cloud” which also works. The open-source program relies on plugins, and there are currently 140 sources ranging from GitHub to Google Sheets and more.

There are command line interfaces for the major platforms. You can also add the system to PostgresSQL or SQLite for even more SQL goodness. Continue reading “Steampipe: All SQL All The Time” →

The Latest Windows 11 Release Might Not Work On Your Oldest Machines

February 16, 2024 by Lewin Day 76 Comments

Everybody knows you can’t install Windows XP on a 386, or Windows 95 on an original IBM PC. But for Windows 11, the goalposts seem to be changing with newer releases of the existing OS. As covered by The Register, it appears the latest Windows 11 24H2 update might be incompatible with older machines.

It’s all down to the POPCNT CPU instruction. As shared on Twitter by [TheBobPony], the instruction appears in a number of Windows 11 system files, including kernel and USB XHCI drivers. Thus, it appears that any CPU not able to run this instruction will not be able to boot Windows 11. POPCNT was first included in AMD’s Barcelona architecture in 2007, and Intel’s Core processors in 2008. It’s an instruction for counting set bits in a word.

Ultimately, the effect is that computers with older CPUs will no longer be able to run the latest version of Windows 11. It could be as simple as Microsoft engineers enabling more modern CPU instructions at compilation time. However, given affected hardware is more than 15 years old, it’s perhaps likely that Microsoft is perfectly willing to cut these machines off from using the latest versions of its main operating system. We’ve talked about this phenomenon before, too.

In any case, keep a close eye on Windows update if you’re running super-old hardware. Let us know if you’ll be affected in the comments.

Thanks to [Stephen Walters] for the tip!