Your Data In The Cloud

August 17, 2024 by Elliot Williams 33 Comments

I try not to go off on security rants in the newsletter, but this week I’m unable to hold back. An apparent breach of a data aggregator has resulted in a monster dataset of US, UK, and Canadian citizens names, addresses, and social security numbers. As a number of reports have pointed out, the three billion records in the breach likely contain duplicate individuals, because they include all the addresses where you’ve lived, and there have only been on the order of 450 million US social security numbers issued anyway.

But here’s the deal. Each of these data aggregators, and each of the other companies that keep tons of data on you, are ticking time bombs. Maybe not every one of them gets breached, but there’s certainly enough incentive for the bad guys to try to do so. (They are looking to sell the NPD dataset mentioned above for $3.5 million.)

My gut feeling is that eventually all of the information on everyone will be released. Maybe then it will cease to be interesting to new crops of crooks, because there’s nothing new to learn.

On the other hand, the sheer quantity of identity thefts that this, and future breaches, will unleash on us all is mind-boggling. In the case of legitimate data aggregators like this one, requesting to have had your data out of their dataset appears to have been a viable defense. But for every one legit operator, there are others that simply track you. When they get hacked, you lose.

This breach is likely going to end in a large lawsuit against the company in question, but it almost certainly won’t be big enough to cover the damage to everyone in the affected countries. Is it time that companies that hold large datasets will have to realize that the data is a liability as well as an asset?

How About Privacy and Hackability?

August 3, 2024 by Elliot Williams 32 Comments

Many smart electric meters in the US use the 900 MHz band to broadcast their usage out to meter readers as they walk the neighborhood. [Jeff Sandberg] used an RTL-SDR dongle and some software to integrate this data into his own home automation system, which lets him keep track of his home’s power usage.

Half of the comment section was appalled that the meters broadcast this data in the clear, and these readers thought this data should be encrypted even if the reach is limited to the home-owner’s front yard. But that would have stopped [Jeff] from accessing his own data as well, and that would be a shame. So there’s clearly a tradeoff in play here.

We see this tradeoff in a lot of hardware devices as well – we want to be able to run our firmware on them, but we don’t want criminals to do the same. We want the smart device to work with the cloud service, but to also work with our own home automation system if we have one. And we want to be able to listen in to our smart meters, but don’t necessarily want others to do so.

The solution here is as easy as it is implausible that it will get implemented. If the smart meters transmitted encrypted, each with their own individual password, then everyone would win. The meter reader would have a database of passwords linked to meter serial numbers or addresses, and the home owner could just read it off of a sticker, optimally placed on each unit. Privacy and usability would be preserved.

This issue isn’t just limited to electric meters. Indeed, think of all of the data that is being sent out from or about you, and what percentage of it is not encrypted and should be, but also about what data is sent out encrypted that you could use access to. The solution is to put you in control of the encryption, by selecting a password or having access to one that’s set for you. Because after all, if it’s your data, it should be your data: private and usable.

It’s Not Unusual To Love Hacking

July 13, 2024 by Elliot Williams 22 Comments

Most of what we do here at Hackaday is look out for cool projects and then write them up so that you all know about them. Nothing is better than being really stoked about a clever hack and then being able to share it with tens of thousands of like-minded folks. Sure, it’s our job, but we really do it because we love to share. And it’s clear that you all do too! After all, we write up the hacks that you document for us.

We recently featured a hack where the guy who did the work in question said that he didn’t think it was “worthy of Hackaday”. (Of course, it was!) And I don’t like that sentiment at all, honestly, because a hack that you enjoyed doing is a hack worth sharing, even if just for sharing the joy of doing it, and that came across fully.

Of course we gladly feature the ultra-bravado hacks where the nearly impossible is made real. But there’s equal value in the simple hacks that inspire others to pursue one odd path or another. Or even pieces where there’s no hack involved, but simply the sharing of something cool.

This week, [Arya Voronova] wrote a piece about her experience using MicroPython on embedded devices, and it apparently resonated with a lot of our readers. It’s not a deep-dive into MicroPython, or a mind-bending abuse of the language. Instead, it’s a simple “this is what I love about doing things this way”, and that’s a great perspective that often gets lost when we get deep in the technical weeds.

I had the same realization a few months back at Hackaday Europe. In the lightning talks, most everyone gave talks about cool projects that they are working on, and they’re absolutely worth watching for that. [Jaap Meijers] gave a wonderful talk about making animated QR codes, but it wasn’t about how he invented animated QR codes, because he was just using someone else’s project. Instead, it was about how neat he thought someone else’s work was, and how he really wanted to share it with us. (And now you know too.)

Epic hacks are fantastic, no question. But the simple expression of the love of hacking, whether in words or in the doing, is equally important. Show us your work, but don’t forget to show us your joy along the way.

Halfway Between Inspiration And Engineering

July 6, 2024 by Elliot Williams 7 Comments

We see a lot of hacks where the path to success is pretty obvious, if maybe strewn with all sorts of complications, land-mines, and time-sinks. Then we get other hacks that are just totally out-of-the-box. Maybe the work itself isn’t so impressive, or even “correct” by engineering standards, but the inner idea that’s so crazy it just might work shines through.

This week, for instance, we saw an adaptive backlight LED TV modification that no engineer would ever design. Whether it was just the easiest way out, or used up parts on hand, [Mousa] cracked the problem of assigning brightnesses to the LED backlights by taking a tiny screen, playing the same movie on it, pointing it at an array of light sensors, and driving the LEDs inside his big TV off of that. No image processing, no computation, just light hitting LDRs. It’s mad, and it involves many, many wires, but it gets the job done.

Similarly, we saw an answer to the wet-3D-filament problem that’s as simple as it could possibly be: basically a tube with heated, dry air running through it that the filament must pass through on it’s way to the hot end. We’ve seen plenty of engineered solutions to damp filament, ranging from an ounce of prevention in the form of various desiccant storage options, to a pound of cure – putting the spools in the oven to bake out. We’re sure that drying filament inline isn’t the right way to do it, but we’re glad to see it work. The idea is there when you need it.

Not that there’s anything wrong with the engineering mindset. Quite the contrary: most often taking things one reasonable step at a time, quantifying up all the unknowns, and thinking through the path of least resistance gets you to the finish line of your project faster. But we still have to admire the off-the-wall hacks, where the way that makes the most sense isn’t always the most beautiful way to go. It’s a good week on Hackaday when we get both types of projects in even doses.

Danger Is My Middle Name

June 29, 2024 by Elliot Williams 75 Comments

Last week, [Al Williams] wrote up a his experience with a book that provided almost too much detailed information on how to build a DIY x-ray machine for his (then) young soul to bear. He almost had to build it! Where the “almost” is probably both a bummer because he didn’t have an x-ray machine as a kid, but also a great good because it was a super dangerous build, of a typical sort for the 1950s in which it was published.

Part of me really loves the matter-of-factness with which “A Boy’s First Book of Linear Accelerators” tells you how you (yes you!) can build a 500 kV van der Graff generator. But at the same time, modern me does find the lack of safety precautions in many of these mid-century books to be a little bit spooky. Contrast this with modern books where sometimes I get the feeling that the publisher’s legal team won’t let us read about folding paper airplanes for fear of getting cut.

A number of us have built dangerous projects in our lives, and many of us have gotten away with it. Part of the reason that many of us are still here is that we understood the dangers, but I would be lying if I said that I always fully understood them. But thinking about the dangers is still our first and best line of defense. Humility about how well you understand all of the dangers of a certain project is also very healthy – if you go into it keeping an eye out for the unknown unknowns, you’re in better shape.

Safety isn’t avoiding danger, but rather minimizing it. When we publish dangerous hacks, we really try to at least highlight the most important hazards so that you know what to look out for. And over the years, I’ve learned a ton of interesting safety tricks from the comments and fellow hackers alike. My ideal, then, is the spirit of the 1950s x-ray book, which encourages you to get the hack built, but modernized so that it tells you where the dangers lie and how to handle them. If you’re shooting electrons, shouldn’t the book also tell you how to stay out of the way?

Thanks For The Great Comments!

June 22, 2024 by Elliot Williams 41 Comments

Every once in a while, there’s a Hackaday article where the comments are hands-down the best part of a post. This happened this week with Al Williams’ Ask Hackaday: How Do You Make Front Panels?. I guess it’s not so surprising that the comments were full of awesome answers – it was an “Ask Hackaday” after all. But you all delivered!

A technique that I had never considered came up a few times: instead of engraving the front of an opaque panel, like one made of aluminum or something, instead if you’re able to make the panel out of acrylic, you can paint the back side, laser or engrave into it, and then paint over with a contrast color. Very clever!

Simply printing the panel out onto paper and laminating it got a number of votes, and for those who are 3D printing the enclosure anyway, simply embossing the letters into the surface had a number of fans. The trick here is in getting some contrast into the letters, and most suggested changing filament. All I know is that I’ve tried to do it by painting the insides of the letters white, and it’s too fiddly for me.

But my absolute favorite enclosure design technique got mentioned a number of times: cardboard-aided design. Certainly for simple or disposable projects, there’s nothing faster than just cutting up some cardboard and taping it into the box of your desires. I’ll often do this to get the sizes and locations of components right – it’s only really a temporary solution. Although some folks have had success with treating the cardboard with a glue wash, paint, or simply wrapping it in packing tape to make it significantly more robust. Myself, if it ends up being a long-term project, I’ll usually transfer the cardboard design to 3DP or cut out thin plywood.

I got sidetracked here, though. What I really wanted to say was “thanks!” to everyone who submitted their awesome comments to Al’s article. We’ve had some truly hateful folks filling the comment section with trash lately, and I’d almost given up hope. But then along comes an article like this and restores my faith. Thanks, Hackaday!