Hackaday Links Column Banner

Hackaday Links: July 21, 2024

When monitors around the world display a “Blue Screen of Death” and you know it’s probably your fault, it’s got to be a terrible, horrible, no good, very bad day at work. That’s likely the situation inside CrowdStrike this weekend, as engineers at the cybersecurity provider struggle to recover from an update rollout that went very, very badly indeed. The rollout, which affected enterprise-level Windows 10 and 11 hosts running their flagship Falcon Sensor product, resulted in machines going into a boot loop or just dropping into restore mode, leaving hapless millions to stare at the dreaded BSOD screen on everything from POS terminals to transit ticketing systems.

Continue reading “Hackaday Links: July 21, 2024”

Hackaday Links Column Banner

Hackaday Links: January 7, 2024

Oh, perfect — now our cars can BSOD. At least that’s how it looks from a forum post showing a Blue Screen of Death on a Ford Mustang Mach E, warning that an over-the-air software update failed, and now the car can’t be driven. The BSOD includes a phone number to reach Ford’s Customer Relationship Center and even presents a wall of text with specific instructions to the wrecker driver for loading the bricked vehicle onto a flatbed. Forum users questioned the photo’s veracity, but there are reports of other drivers getting bricked the same way. And we’ve got to point out that even though this specific bricking happened to an EV, it could just have easily happened to an ICE vehicle too; forum members were particularly prickly about that point. It would be nice if OTA software updates on vehicles could always roll back to the previous driveable state. Still, we suppose that’s not always possible, especially if memory gets corrupted during the update. Maybe the best defense against a bricked vehicle would be to keep a beater around that doesn’t need updates to keep running.

Continue reading “Hackaday Links: January 7, 2024”

Hackaday Links Column Banner

Hackaday Links: November 21, 2021

As the most spendiest time of the year rapidly approaches, it’s good to know that your hard-earned money doesn’t have to go towards gifts that are probably still sitting in the dank holds of container ships sitting at anchor off the coast of California. At least not if you shop the Tindie Cyber Sale that started yesterday and goes through December 5. There’s a lot of cool stuff on sale, so it shouldn’t be too hard to find something; to sweeten the deal, Jasmine tells us that there will be extra deals going live on Black Friday and Cyber Monday. But wait, there’s more — follow Tindie on Twitter for bonus discount codes.

Blue is the old black, which was the new blue? At least when it comes to “Screens of Death” it is, since Microsoft announced the Windows 11 BSOD will revert back from its recent black makeover to the more familiar blue theme. You’ll have to scroll down a bit, perhaps three-quarters of the way through the list of changes. Again, the change seems completely cosmetic and minor, but we’d still love to know what kind of research went into making a decision like this.

From the “One Man’s Trash” department, we have a request for help from reader Mike Drew who picked up a bunch — like, a thousand — old tablet computers. They originally ran Windows but they can run Linux Mint just fine, and while they lack batteries and the back cover, they’re otherwise complete and in usable condition, at least judging by the pictures he shared. These were destined for the landfill, but Mike is willing to send batches of 10 — no single units, please — to anyone who can cover the cost of packaging and shipping. Mike says he’ll be wiping the tablets and installing Mint, and will throw in a couple of battery cables and a simple instruction sheet to get you started. If you’re interested, Mike can be reached at michael.l.drew@gmail.com. Domestic shipping only, please. Here’s hoping you can help a fellow hacker reclaim a room in his house.

Answering the important questions: it turns out that Thanos couldn’t have snapped half of the universe out of existence after all. That conclusion comes from a scientific paper, appearing in the Journal of the Royal Society. While not setting out to answer if a nigh-invulnerable, giant purple supervillain could snap his fingers, it’s pretty intuitive that wearing any kind of gloves, let alone a jewel-encrusted metal gauntlet, makes it hard to snap one’s fingers. But the mechanics of snapping is actually pretty cool, and has implications beyond biomechanics. According to the paper, snapping is actually an example of latch-mediated spring actuation, with examples throughout the plant and animal kingdoms, including the vicious “one-inch punch” of the tiny mantis shrimp. It turns out that a properly executed human finger snap is pretty darn snappy — it takes about seven milliseconds to complete, compared to 150 milliseconds for an eye blink.

And finally, it seems like someone over at Id Software is a bit confused. The story began when a metal guitarist named Dustin Mitchell stumbled across the term “doomscroll” and decided that it would make a great name for a progressive thrash metal band. After diligently filing a trademark application with the US Patent and Trademark Office, he got an email from an attorney for Id saying they were going to challenge the trademark, apparently because they feel like it will cause confusion with their flagship DOOM franchise. It’s hard to see how anyone who lived through the doomscrolling years of 2020 and 2021 is going to be confused by a thrash metal band and a 30-year-old video game, but we suppose that’s not the point when you’re an attorney. Trademark trolls gonna troll, after all.

Hackaday Links Column Banner

Hackaday Links: July 11, 2021

Well, at least the acronym will stay the same. It looks like black is the new blue for Windows 11, as the BSOD screen gets its first makeover in years. It’s an admittedly minor change, since the on-screen text is virtually identical to the BSOD from recent versions of Windows 10, and the new death-knell even sports the same frowny-face emoji and QR code. Really, the white-on-black color scheme is the only major difference we can see — even the acronym will stay the same. It’s not really that newsworthy, we suppose, although it does make us miss the extremely busy BSODs from back in the Windows NT days.

As the semiconductor shortage continues, manufacturers are getting desperate to procure the parts they need to make their products. And if there’s one thing as certain as death and taxes, it’s that desperation provides opportunity to criminals. A thread over on EEVBlog details an encounter one company had with an alleged scammer, who sent an unsolicited offer to them for a large number of ordinarily hard-to-find microprocessors at a good price. Wisely, the company explored the offer in some depth and found that “Brian” (the representative who contacted them) is actually named Nick Martin and, according to an article on the Electronic Resellers Association International (ERAI) website, is apparently associated with a number of fraudulent operations. Their list of allegedly fraudulent deals made by Mr. Martin stretches back to 2018 and totals over $300,000 of ill-gotten gain.

Last year, friend-of-Hackaday and laser artist Seb Lee-Delisle spent a lot of time and effort getting together an amazing interactive laser light show for the night skies of cities in the UK. Laser Light City, with powerful lasers mounted on the tops of tall buildings, was a smashing success that brought a little cheer into what was an otherwise dreadful time. But we have to admit that the videos and other materials covering Laser Light City left us wanting more — something like that, with a far-flung installation on rooftops and the ability for audience members to control it all from their phone, really needs a deeper “how it works” treatment. Thankfully, Seb has released a video that dives into the nuts and bolts of the show, including a look at ludicrously powerful lasers with beams that can still be seen in broad daylight.

Continue reading “Hackaday Links: July 11, 2021”

DEF CON: BSODomizing In High Definition

A few years ago, [Kingpin] a.k.a. [Joe Grand] (A judge for the 2014 Hackaday Prize) designed the most beautiful electronic prank ever. The BSODomizer is a simple device with a pass-through connection for a VGA display and an infrared receiver. Plug the BSODomizer into an unsuspecting coworker’s monitor, press a button on a remote, and watch Microsoft’s blue screen of death appear. It’s brilliant, devious, and actually a pretty simple device if you pick the right microcontroller.

The original BSODomizer is getting a little long in the tooth. VGA is finally dead. The Propeller chip used to generate the video only generates text, and can’t reproduce Microsoft’s fancy new graphical error screens. HDMI is the future, and FPGAs have never been more accessible. For this year’s DEF CON, [Kingpin] and [Zoz] needed something to impress an audience that is just learning how to solder. They’ve revisited the BSODomizer, and have created the greatest hardware project at this year’s DEF CON.

Continue reading “DEF CON: BSODomizing In High Definition”

Windows 7 And Vista Crash Via SMB Exploit

vista_dx10_bsod

[Laurent Gaffié] has discovered an exploit that affects Windows Vista, Windows 7, and possibly Windows Server 2008 (unconfirmed). This method attacks via the NEGOTIATE PROTOCOL REQUEST which is the first SMB query sent. The vulnerability is present only on Windows versions that include Server Message Block 2.0 and have the protocol enabled. A successful attack requires no local access to the machine and results in a Blue Screen of Death.

[Laurent] has a proof of concept available with his writeup in the form of a python script (please, white hat use only). There is no patch for this vulnerability but disabling the SMB protocol will protect your system until one is available.

Update: According to the Microsoft advisory this vulnerability could lead to code execution, making it a bit worse than we thought. On the bright side, they claim that the final version of Windows 7 is not open to this attack, only Windows Vista and Windows Server 2008.

[via Full Disclosure]

[picture: Inquirer]

BSoDomizer Blue-screens Your Enemies

In case you were wondering what industrious hacker [Joe Grand] was doing when he’s not building stuff for Prototype This!, designing Defcon badges, or testifying before congress, it’s this: The BSoDomizer is a VGA pass through device that displays an image of your choice on the victim’s screen. It can do this either periodically or via an IR trigger. The image of choice is a Windows style Blue Screen of Death. It’s powered by a watch battery. The project site has all the schematics you need plus ASCII goatse imagery; you’ve been warned. Embedded below is a demo of the device. We unfortunately didn’t get to see it when it was originally presented during Defcon 16. Continue reading “BSoDomizer Blue-screens Your Enemies”