Software Hacks

903 Articles

Open Source: It’s The Little Things

February 13, 2021 by 108 Comments

I use open source software almost exclusively; at least on the desktop — the phone is another matter, sadly. And I do a lot of stuff with and on computers. Folks outside of the free software scene are still a little surprised when small programs are free to use and modify, but they’re downright skeptical when it comes to the big works of professional software. It’s one thing to write xeyes, but how about something to rival Photoshop, or Altium?

Of course, we all know the answer — mostly. None of the “big” software packages work exactly the same as their closed-source counterparts, often missing a few features here and gaining a few there, or following a different workflow. That’s OK, different closed-source programs work differently as well. I’m not here to argue that GIMP is better than Photoshop, but rather to point out what I really love about open software: it caters to the little guys and gals, the niche users, and the specialists. Or rather, it lets them cater to themselves.

I just started learning FreeCAD for a CNC milling project, and it’s awesome. I’ve used Fusion 360, and although FreeCAD isn’t “the same” as Fusion 360, it has most of the features that I need. But it’s the quirky features that set it apart.

The central workflow is to pick a “workbench” where specific tasks are carried out, and then you take your part to each bench, operate on it, and then move to the next one you need. But the critical bit here is that a good number of the workbenches are contributed to the open project by people who have had particular niche needs. For me, for instance, I’ve done most of my 3D modelling for 3D printing using OpenSCAD, which is kinda niche, but also the language that underpins Thingiverse’s customizer functionality. Does Fusion 360 seamlessly import my OpenSCAD work? Nope. Does FreeCAD? Yup, because some other nerd was in my shoes.

And then I started thinking of the other big free projects. Inkscape has plugins that let you create Gcode to drive CNC mills or strange plotters. Why? Because nerds love eggbots. GIMP has plugins for every imaginable image transformation — things that 99% of graphic artists will never use, and so Adobe has no incentive to incorporate.

Open source lets you scratch your own itch, and share your solution with others. The features of for-pay, closed-source software are driven by the masses: “is this a feature that enough of our customers want?” The features of open-source software are driven by the freaky ideas of nerds just like me. Vive la différence!

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!

Phishing With Morse Code

February 11, 2021 by 13 Comments

All of us have seen our share of phishing emails, but there are a lot more that get caught by secure email gateways and client filters. Threat actors are constantly coming up with new ways to get past these virtual gatekeepers. [BleepingComputer] investigated a new phishing attack that used some old tricks by hiding the malicious script tags as morse code.

The phishing attack targets Microsoft account login credentials with an HTML page posing as an Excel invoice. When opened, it asks the user to re-enter their credentials before viewing the document. Some external scripts are required to render the fake invoice and login window but would be detected if the links were included normally. Instead, the actor encoded the script links using dots and dashes, for example, “.-” equals “a”. A simple function (creatively named “decodeMorse”) is used to decode and inject the scripts when it runs in the victim’s browser.

Of course, this sort of attack is easy to avoid with the basic precautions we are all familiar with, like not opening suspicious attachments and carefully inspecting URLs. The code used in this attack is simple enough to be used in a tutorial on JavaScript arrays, but it was good enough to slip past a few large company’s filters.

Phishing attacks are probably not going to stop anytime soon, so if you’re bored, you could go phishing for phishers, or write some scripts to flood them with fake information.

All The Best Computers From Cambridge Boot To Basic

February 1, 2021 by 77 Comments

The Raspberry Pi is a fine machine that appears in many a retrocomputing project, but its custom Linux distribution lacks one thing. It boots into a GNU/Linux shell or a fully-featured desktop GUI rather than as proper computers should, to a BASIC interpreter. This vexed [Alan Pope], who yearned for his early days of ROM BASIC, so he set out to create a Raspberry Pi 400 that delivers the user straight to BASIC. What follows goes well beyond the Pi, as he takes something of a “State of the BASIC” look at the various available interpreters for the simple-to-code language. Almost every major flavour you could imagine has an interpreter, but as is a appropriate for a computer from Cambridge running an ARM processor, he opts for one that delivers BBC BASIC.

It would certainly be possible to write a bare-metal image that took the user straight to a native ARM BASIC interpreter, but instead he opts for the safer route of running the interpreter on top of a minimalist Linux image. Here he takes the unexpected step of using an Ubuntu distribution rather than Raspberry Pi OS, this is done through familiarity with its quirks. Eventually he settled upon a BBC BASIC interpreter that allowed him to do all the graphical tricks via the SDL library without a hint of X or a compositor, meaning that at last he had a Pi that boots to BASIC. Assuming that it’s an interpreter rather than an emulator it should be significantly faster than the original, but he doesn’t share that information with us.

This isn’t the first boot-to-BASIC machine we’ve shown you.

Header image:  A real BBC Micro BASIC prompt. Thanks [Claire Osborne] for the picture.

13,000 Regular Expressions Make An Editor’s Life Easier

February 1, 2021 by 41 Comments

Being an editor is a job that seems deceptively easy until you are hauled over the coals for letting a textual howler go to print (or website). Most publications have style guides to ensure that their individual voice is preserved, but even the most eagle-eyed will sometimes slip up in their application. At the Guardian newspaper in the UK they have been struggling with this against an ever-evolving style guide that must adapt to fast-moving world events, to the extent that they had a set of regular expressions to deal with commonly-occurring problems. A lot of regular expressions, in fact around 13,000 of them.

Clearly some form of management was required, and  a team of developers set about taming this monster. The result is Typerighter, their server-side document-checker, which can be found in a GitHub repository. Surprisingly for rule management they started with a Google Sheet, a choice which proved unexpectedly robust when working with such a long list even though they later replaced it. The back end doing the job of text matching was written in Scala, and for the front end a plugin was created for their Prosemirror text editor.

For a publication of course this is extremely interesting, but where’s the interest for hackers? The answer lies in any text-processing engine that uses a lot of regular expressions; those of you who have dabbled in this space will know how unwieldy this work can become. Any user of computational linguistic techniques in the pursuit of language processing could probably find much of interest here.

If you’re a bit hazy on regular expressions, how about the episode on them from our long-running Linux-fu series?

Serial Studio: Easily Visualise And Log Serial Data

January 31, 2021 by 28 Comments

Outputting data from a microcontroller over a serial port is convenient and easy, but formatting, visualizing, and analyzing the data can be tedious and frustrating. [Alex Spataru] knows this all too well, having spent too many hours building and debugging custom dashboards. To save himself and others the same frustration in the future, he created Serial Studio, a tool for quickly building dashboards for serial data.

The only input required for Serial Studio to create a dashboard is a simple JSON structure specifying the data’s format, and how it should be grouped and displayed. Originally Serial Studio required all the JSON data to be sent over serial, which is fine for simple data but quickly becomes cumbersome for more complex applications. To solve this, [Alex] added a feature allowing the JSON document with the format information loaded from the computer, while only the data is sent over serial.

Serial Studio includes several visualization options, including raw line graphs, bar/level indicator, dial indicator, the artificial horizon for IMU data, or a map widget. It can also output the formatted data to a CSV file for further analysis in other software. A console window is also included for viewing raw data or debugging purposes. See the usage demo after the break.

We like Serial Studio’s ease of use and adaptability, and we’ll likely use it for our own projects in the future. It is compatible with Linux, Windows, and Mac thanks to the Qt framework, and the code is open-source and available on GitHub.

If you’ve ever watched one of the BPS.Space model rocket launch videos, you’ll know how critical data logging, visualization and analysis is for [Joe Barnard]’s work. Serial Studio is perfect for such applications, and [Alex] used it extensively for simulated satellite competitions at his university. Continue reading “Serial Studio: Easily Visualise And Log Serial Data”

SOUL Wants To Process Your Audio

January 29, 2021 by 14 Comments

Abstraction is the core of nearly all progress in computing. Unless you are fabricating your own semiconductors and drawing wire, we all create with building blocks ranging from components like CPUs, to operating system functions, to specialized libraries. Just as you wouldn’t want to spend your time deblocking disk records or rendering fonts for output devices, you probably shouldn’t have to think too much about audio data. While there are some powerful audio processing libraries out there, a new embeddable language called SOUL (SOUnd Language) is now in version 1.0 and wants to help you create efficient code for processing audio.

The goal of SOUL is to target a runtime that can run on CPUs, but is better on DSPs. The code aims to be secure and real time with no pointers, garbage collection, and other things that typically interfere with audio processing or security.

Continue reading “SOUL Wants To Process Your Audio”

Decoding NOAA Satellite Images In Python

January 27, 2021 by 10 Comments

You’d be forgiven for thinking that receiving data transmissions from orbiting satellites requires a complex array of hardware and software, because for a long time it did. These days we have the benefit of cheap software defined radios (SDRs) that let our computers easily tune into arbitrary frequencies. But what about the software side of things? As [Dmitrii Eliuseev] shows, decoding the data satellites are beaming down to Earth is probably a lot easier than you might think.

Well, at least in this case. The data [Dmitrii] is after happens to be broadcast from a relatively old fleet of satellites operated by the National Oceanic and Atmospheric Administration (NOAA). These birds (NOAA-15, NOAA-18 and NOAA-19) are somewhat unique in that they fly fairly low and utilize a simple analog signal transmitted at 137 MHz. This makes them especially good targets for hobbyists who are just dipping their toes into the world of satellite reception.

Continue reading “Decoding NOAA Satellite Images In Python”