Hackaday

Old hardware tends to get less support as the years go by, from both manufacturers and the open-source community alike. And yet, every now and then, we hear about fresh attention for an ancient device. Consider the ancient SoundBlaster sound card that first hit the market 31 years ago. [Mark] noticed that a recent update squashed a new bug on an old piece of gear.

Jump over to the Linux kernel archive, and you’ll find a pull request for v6.16-rc3 from [Takashi Iwai]. The update featured fixes for a number of sound devices, but one stands out amongst the rest. It’s the SoundBlaster AWE32 ISA sound card, with [Iwai] noting “we still got a bug report after 25 years.” The bug in question appears to have been reported in 2023 by a user running Fedora 39 on a 120 MHz Pentium-based machine.

The fixes themselves are not particularly interesting. They merely concern minutiae about the DMA modes used with the old hardware. The new updates ensure that DMA modes cannot be changed while the AWE32 is playing a PCM audio stream, and that DMA setups are disabled when changing modes. This helps avoid system lockups and/or ugly noises emanating from the output of the soundcard.

It’s incredibly unlikely this update will affect you, unless you’re one of a handful of users still using an ISA soundcard in 2025. Still, if you are — and good on you — you’ll be pleased someone still cares about your user experience. Meanwhile, if you’re aware of any other obscure old-school driver updates going on out there, don’t hesitate to let us know on the tips line. Want to relive your ISA card’s glory days? Plug it into USB.

Image credit: Gona.eu, CC BY-SA 3.0

[Thanks to Meek Mark for the tip!]

From Blog – Hackaday via this RSS feed

The Ceran discs, freshly cut from the old stovetop and awaiting polishing. (Credit: Huygens Optics)

Ceran is a name brand for a type of glass ceramic that has a very low coefficient of thermal expansion (CTE). This is useful for stovetops, but it is also a highly desirable property for optical glass. The natural question: Can an old ceramic stovetop be upcycled into something visually striking? This is the topic of the most recent video in [Huygens Optics]’s series on glass ceramics.

Interestingly, by baking sections of the Ceran glass ceramic for 10 minutes at 961 °C, the CTE can be lowered by another five times, from 0.5 ppm / °C to a mere 0.1 ppm / °C. Following baking, you need a lot of grinding and polishing to remove any warping, existing textures, and printing. After polishing with 220 grit by hand for a few minutes, most of these issues were fixed, but for subsequent polishing, you want to use a machine to get the required nanometer-level precision, as well as to survive the six to eight hours of polishing.

Following this final polishing, the discs were ground into mirrors for a Newtonian telescope. This raised a small issue of the Ceran being only 4 mm thick, which requires doubling up two of the discs using a very thin layer of epoxy. After careful drilling, dodging cracked glass, and more polishing, this produced the world’s first ceramic stovetop upcycled into a telescope. We think it was the first, anyway. All that’s left is to coat the discs with a more reflective coating and install them into a telescope frame, but even in their raw state, they show the potential of this kind of material.

If you decide to try this, and you’ve already cut up your stove, you might as well attack some kitchen bowls, too.

From Blog – Hackaday via this RSS feed

If you’re unfamiliar with Beyblades, they’re a simple toy. They consist of spinning tops, which are designed to “fight” in arenas by knocking each other around. While the off-the-shelf models are deemed safe enough for children to play with, [Jon Bringus] decided to take the danger level up a few notches with some custom launchers of his own design.

[Jon]’s project started with some of the early metal Beyblades, which are traditionally launched with a small geared ripcord device. He soon realized he could up the action by doing one simple thing—spinning the tops far faster than the manufacturer ever intended. More rotational speed equals more kinetic energy equals more legal liability fun, or so the equation goes.

The design for [Jon’s] “WMD Launcher” is straightforward enough—he combined a lawnmower pull starter with a 12:1 geartrain to turn the Beyblades at truly ludicrous speeds. It’s basic engineering — a couple of 3D-printed gears do the job — but the results are hilarious. The tops begin to emit loud noises as they turn in combat, and some move so fast and erratically that they won’t even stay inside the arena. Protective eyewear is virtually mandatory. Files are on Printables for those eager to build one at home.

Yes, ruining a game of Beyblades is as simple as building an irresponsibly fast launcher. You needn’t even use some fancy brushless motor to hurt yourself — just a little gearing is enough to cause havoc. We’ve featured similar work on this topic before, too. Video after the break.

From Blog – Hackaday via this RSS feed

This week, we announced the winners for the previous Pet Hacks contest and rang in our new contest: The One Hertz Challenge. So that’s got me in a contesty mood, and I thought I’d share a little bit of soap-box philosophizing and inside baseball all at once.

The trick to creating a good contest theme, at least for the creative Hackaday crowd, is putting on the right limitation. Maybe you have to fit the circuit within a square-inch, power it only with a coin cell, or use the antiquated and nearly useless 555 timer IC. (Yes, that was a joke!)

There are two basic reactions when you try to constrain a hacker. Some instantly try to break out of the constraint, and their minds starts to fly in all of the directions that lead out of the box, and oftentimes, something cool comes out of it. The other type accepts the constraint and dives in deep to work within it, meditating deeply on all the possibilities that lie within the 555.

Of course, we try to accommodate both modes, and the jury is still out as to which ends up better in the end. For the Coin Cell challenge, for instance, we had a coin-cell-powered spot welder and car jumpstarter, but we also had some cool circuits that would run nearly forever on a single battery; working against and with the constraints.

Which type of hacker are you? (And while we’re still in the mood, what contest themes would you like to see for 2026?)

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!

From Blog – Hackaday via this RSS feed

Although we might all fundamentally recognize that gaming consoles are just specialized computers, we generally treat them, culturally and physically, differently than we do desktops or laptops. But there was a time in the not-too-distant past where the line between home computer and video game console was a lot more blurred than it is today. Even before Microsoft entered the scene, companies like Atari and Commodore were building both types of computer, often with overlapping hardware and capabilities. But they weren’t the only games in town. This video takes a look at the Bally Home Computer System, which was a predecessor of many of the more recognized computers and gaming systems of the 80s.

At the time, Bally as a company was much more widely known in the pinball industry, but they seemed to have a bit of foresight that the computers used in arcades would eventually transition to the home in some way. The premise of this console was to essentially start out as a video game system that could expand into a much more full-featured computer with add-ons. In addition to game cartridges it came with a BASIC interpreter cartridge which could be used for programming. It was also based on the Z80 microprocessor which was used in other popular PCs of the time, so in theory it could have been a commercial success but it was never able to find itself at the top of the PC pack.

Although it maintains a bit of a cult following, it’s a limited system even by the standards of the day, as the video’s creator [Vintage Geek] demonstrates. The controllers are fairly cumbersome, and programming in BASIC is extremely tedious without a full keyboard available. But it did make clever use of the technology at the time even if it was never a commercial success. Its graphics capabilities were ahead of other competing systems and would inspire subsequent designs in later systems. It’s also not the last time that a video game system that was a commercial failure would develop a following lasting far longer than anyone would have predicted.

From Blog – Hackaday via this RSS feed

For whatever reason, certain pieces of technology can have a difficult time interacting with the physical world. Anyone who has ever used a printer or copier can attest to this, as can anyone whose robot vacuum failed to detect certain types of non-vacuumable waste in their path, making a simple problem much worse. Farm equipment often falls into this category as well, where often complex machinery needs an inordinate amount of maintenance and repair just to operate normally. Wood chippers specifically seem to always get jammed or not work at all, so [Homemade Inventions] took a shot at building one on their own.

To build this screw-based wood chipper, the first thing to fabricate is the screw mechanism itself. A number of circles of thick steel were cut out and then shaped into pieces resembling large lock washers. These were then installed on a shaft and welded end-to-end, creating the helical screw mechanism. With the “threads” of the screw sharpened it is placed into a cylinder with a port cut out to feed the wood into. Powering the screw is a 3 kW electric motor paired with a custom 7:1 gearbox, spinning the screw at around 200 rpm. With that, [Homemade Inventions] has been able to easily chip branches up to 5 centimeters thick, and theorizes that it could chip branches even thicker than that.

Of course, wood chippers are among the more dangerous tools that are easily available to anyone with enough money to buy one or enough skill to build one, along with chainsaws, angle grinders, and table saws, so make sure to take appropriate safety precautions when using or building any of these things. Of course, knowing the dangers of these tools have led to people attempting to make safer versions like this self-propelled chainsaw mill or the semi-controversial table saw safety standard.

Thanks to [Keith] for the tip!

From Blog – Hackaday via this RSS feed

Whatever your day job, many of us would love to jump behind the controls of a dump truck for a lark. In the real world, that takes training and expertise and the opportunity is denied to many of us. However, you can live out those dreams on your desk with this 3D-printed build from [ProfessorBoots.]

The build exists as two separate parts—the tractor, and the trailer. The tractor is effectively a fairly straightforward custom RC build, albeit with a few additional features to make it fit for purpose. It’s got six wheels as befitting a proper semi, and it has a nifty retractable magnetic hitch mechanism. This lets it hook up to various trailers and unhitch from them as desired, all from a press on the remote. The hitch also has provision for power and control lines that control whatever trailer happens to be attached.

As for the trailer, it’s a side-dumper that can drop its load to the left or right as desired. The dumping is controlled via a linear actuator using a small DC motor and a threaded rod. A servo controls a sliding locking mechanism which determines whether the truck dumps to the left or right as the linear actuator rises up.

The design video covers the 3D printed design as well as some great action shots of the dump truck doing its thing. We’ve featured some builds from [ProfessorBoots] before, too, like this neat 3D-printed forklift . Video after the break.

From Blog – Hackaday via this RSS feed

Some of the largest objects in the night sky to view through a telescope are galaxies and supernova remnants, often many times larger in size than the moon but generally much less bright. Even so, they take up a mere fraction of the night sky, with even the largest planets in our solar system only taking up a few arcseconds and stars appearing as point sources. There are more things to look at in the sky than there are telescopes, regardless of size, so it might almost seem like an impossible task to see everything. Yet that’s what this new telescope in Chile aims to do.

The Vera C. Rubin Observatory plans to image the entire sky every few nights over a period lasting for ten years. This will allow astronomers to see the many ways the cosmos change with more data than has ever been available to them. The field of view of the telescope is about 3.5 degrees in diameter, so it needs to move often and quickly in order to take these images. At first glance the telescope looks like any other large, visible light telescope on the tops of the Andes, Mauna Kea, or the Canary Islands. But it has a huge motor to move it, as well as a large sensor which generates a 3200-megapixel image every 30 seconds.

In many ways the observatory’s telescope an imaging technology is only the first part of the project. A number of machine learning algorithms and other software solutions have been created to help astronomers sift through the huge amount of data the telescope is generating and find new irregularities in the data, from asteroids to supernovae. First light for the telescope was this month, June 2025, and some of the first images can be seen here. There have been a number of interesting astronomical observations underway lately even excluding the JWST. Take a look at this solar telescope which uses a new algorithm to take much higher resolution images than ever before.

From Blog – Hackaday via this RSS feed

You know what the worst thing about the Steam Deck is? Being able to play your games on the go. Wouldn’t it be better if it was a screenless brick that lived under your TV? Well, maybe not, but at least one person thought so, because [Interfacing Linux] has created the GeekDeck, a Steam OS console of sorts in this video embedded below.

The hack is as simple as can be: he took a GEEKOM A5, a minicomputer with very similar specs to the Steam Deck, and managed to load SteamOS onto it. We were expecting that to be a trial that took most of the video’s runtime, but no! Everything just… sorta worked. It booted to a live environment and installed like any other Linux. Which was unexpected, but Steam has released SteamOS for PC.

In case you weren’t aware, SteamOS is an immutable distribution based on Arch Linux. Arch of course has all the drivers to run on… well, any modern PC, but it’s the immutable part that we were expecting to cause problems. Immutable distributions are locked down in a similar manner to Mac OS (everything but /home/ is typically read-only, even to the superuser) and SteamOS doesn’t ship with package manager that can get around this, like rpm-ostree in Fedora’s Silverblue ecosystem. Actually, if you don’t have a hardware package that matches the SteamDeck to the same degree this GEEKOM does, Bazzite might be a good bet– it’s based on Siverblue and was made to be SteamOS for PC, before Steam let you download their OS to try on your PC.

Anyway, you can do it. Should you? Well, based on the performance shown in the video, not if you want to run triple-A games locally. This little box is no more powerful than the SteamDeck, after all. It’s not a full gaming rig. Still, it was neat to see SteamOS off of the ‘deck and in the wild.

Usually we see hacks that use the guts of the SteamDeck guts with other operating systems, not the other way around. Like the Bento Box AR machine we liked so much it was actuallyfeatured twice. The SteamDeck makes for a respectable SBC, if you can find a broken one. If not, apparently a Chinese MiniPC will work just as well.

From Blog – Hackaday via this RSS feed

Most standing desks on the market use electric motors or hand cranks to raise and lower the deck. However, [Matthias Wandel] found a Kloud standing desk that used an altogether different set up. He set about figuring out how it worked in the old-fashioned way—by pulling it apart.

The Kloud desk relies on pneumatics rather than electrical actuators to move up and down. Inside the desk sits a small tank that can be pressurized with a hand-cranked mechanism. A lever can then be used to release pressure from this tank into a pair of pneumatic cylinders that drive the top of the desk upwards. The two cylinders are kept moving in sync by a tensioned metal ribbon that ties the two sides together. The mechanism is not unlike a gas lift chair—holding the lever and pushing down lets the desk move back down. Once he’s explained the basic mechanism, [Matthias] gets into the good stuff—pulling apart the leg actuator mechanism to show us what’s going on inside in greater detail.

If you’ve ever thought about building your own standing desk, this might be a video worth watching. We’ve featured some other great pneumatics projects before, too. Video after the break.

From Blog – Hackaday via this RSS feed

These days, so much of what we see online is delivered by social media algorithms. The operations of these algorithms are opaque to us; commentators forever speculate as to whether they just show us what they think we want to see, or whether they try to guide our thinking and habits in a given direction. The Digital Poison device  from [Lucretia], [Auxence] and [Ramon] aims to twist and bend the algorithm to other ends.

The concept is simple enough. The device consists of a Raspberry Pi 5 operating on a Wi-Fi network. The Pi is set up with scripts to endlessly play one or more select YouTube videos on a loop. The videos aren’t to be watched by anyone; the device merely streams them to rack up play counts and send data to YouTube’s recommendation algorithm. The idea is that as the device plays certain videos, it will skew what YouTube recommends to users sharing the same WiFi network based on perceived viewer behavior.

To achieve subtle influence, the device is built inside an unobtrusive container. The idea being that it could be quietly connected to a given WiFi network to stream endlessly, in turn subtly influencing the view habits of other users on the same network.

It’s difficult to say how well this concept would work in practice. In many cases, sites like YouTube have robust user tracking that feeds into recommendation algorithms. Activity from a random user signed into the same network might not have much of an influence. However, conceptually, it’s quite interesting, and the developers have investigated ways to log the devices operation and compare it to recommendations fed to users on the network. Privacy provisions make this difficult, but it may be possible to pursue further research in this area. Files are on Github for the curious.

Ultimately, algorithms will always be a controversial thing as long as the public can’t see how they work or what they do. If you’re working on any projects of your own in this space, don’t hesitate to let us know!

[Thanks to Asher for the tip!]

From Blog – Hackaday via this RSS feed

Time for another European flavoured Hackaday Podcast this week, as Elliot Williams is joined by Jenny List, two writers sweltering in the humidity of a Central European summer. Both of our fans and air conditioners made enough noise to be picked up on the microphone when they were turned on, so we’re suffering for your entertainment.

The big Hackaday news stories of the week are twofold, firstly a cat-themed set of winners for the 2025 Pet Hacks contest, and then the announcement of a fresh competition: the 2025 Hackaday One Hertz Challenge. Get your once-a-second projects ready!

This week gave us a nice pile of interesting hacks, including some next-level work growing and machining the crystal for a home-made Pockels cell light valve, an pcoming technique for glass 3D prints, and enough vulnerabilities to make any Nissan Leaf owner nervous. We note that mechanical 7-segment displays are an arena showing excellent hacks, and we’re here for it.

Meanwhile among the quick hacks a filament made of PLA with a PETG core caught Elliot’s eye, while Jenny was impressed with a beautifully-made paper tape punch. Finally in the can’t miss section, The latest in Dan Maloney’s Mining and Refining series looks at drilling and blasting. Such an explosive piece should come last, but wait! There’s more! Al Williams gives us a potted history of satellite phones, and explains why you don’t carry an Iridium in your pocket.

Or download it your own fine self. MP3 for free!

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

iTunesSpotifyStitcherRSSYouTubeCheck out our Libsyn landing page

Episode 325 Show Notes:

News:

Announcing The 2025 Pet Hacks WinnersAnnouncing The 2025 Hackaday One Hertz Challenge

What’s that Sound?

Big congrats to [Ring Saturn] getting the Cassini reference.

Interesting Hacks of the Week:

Hack Turns Nissan Leaf Into Giant RC CarMechanical 7-Segment Display Combines Servos And LegoModern Tech Meets Retro 7-SegmentHead To Print Head: CNC Vs FDM3D Print Glass, Using Accessible TechniquesHomebrew Pockels Cell Is Worth The WaitBento Is An All-In-One Computer Designed To Be Useful

Quick Hacks:

Elliot’s Picks: Static Electricity RemembersPLA With PETG Core Filament Put To The TestPong In Discrete ComponentsIs Box Turtle The Open Source AMS We’ve Been Waiting For?Jenny’s Picks: Building A Custom Paper Tape Punch MachineCasting Time: Exploded Watch In ResinConverting An E-Paper Photo Frame Into Weather MapAll You Need To Know About Photographic Lenses

Can’t-Miss Articles:

Mining And Refining: Drilling And BlastingEulogy For The Satellite Phone Investigating the Iridium Satellite NetworkAdventures with Iridium

From Blog – Hackaday via this RSS feed

Most humans with two ears have a pretty good sense of directional hearing. However, you can build equipment to localize audio sources, too. That’s precisely what [Sam], [Ezra], and [Ari] did for their final project for the ECE4760 class at Cornell this past Spring. It’s an audio localizer!

The project is a real-time audio localizer built on a Raspberry Pi Pico. The Pico is hooked up to three MEMS microphones which are continuously sampled at a rate of 50 kHz thanks to the Pico’s nifty DMA features. Data from each microphone is streamed into a rolling buffer, with peaks triggering the software on the Pico to run correlations between channels to determine the time differences between the signal hitting each microphone. Based on this, it’s possible to estimate the location of the sound source relative to the three microphones.

The team goes into great deal on the project’s development, and does a grand job of explaining the mathematics and digital signal processing involved in this feat. Particularly nice is the heatmap output from the device which gives a clear visual indication of how the sound is being localized with the three microphones.

We’ve seen similar work before, too, like this project built to track down fireworks launches. Video after the break.

From Blog – Hackaday via this RSS feed

Earlier this year, I was required to move my server to a different datacenter. The tech that helped handle the logistics suggested I assign one of my public IPs to the server’s Baseboard Management Controller (BMC) port, so I could access the controls there if something went sideways. I passed on the offer, and not only because IPv4 addresses are a scarce commodity these days. No, I’ve never trusted a server’s built-in BMC. For reasons like this MegaOWN of MegaRAC, courtesy of a CVSS 10.0 CVE, under active exploitation in the wild.

This vulnerability was discovered by Eclypsium back in March and it’s a pretty simple authentication bypass, exploited by setting an X-Server-Addr header to the device IP address and adding an extra colon symbol to that string. Send this along inside an HTTP request, and it’s automatically allowed without authentication. This was assigned CVE-2024-54085, and for servers with the BMC accessible from the Internet, it scores that scorching 10.0 CVSS.

We’re talking about this now, because CISA has added this CVE to the official list of vulnerabilities known to be exploited in the wild. And it’s hardly surprising, as this is a near-trivial vulnerability to exploit, and it’s not particularly challenging to find web interfaces for the MegaRAC devices using tools like Shodan and others.

There’s a particularly ugly scenario that’s likely to play out here: Embedded malware. This vulnerability could be chained with others, and the OS running on the BMC itself could be permanently modified. It would be very difficult to disinfect and then verify the integrity of one of these embedded systems, short of physically removing and replacing the flash chip. And malware running from this very advantageous position very nearly have the keys to the kingdom, particularly if the architecture connects the BMC controller over the PCIe bus, which includes Direct Memory Access.

This brings us to the really bad news. These devices are everywhere. The list of hardware that ships with the MegaRAC Redfish UI includes select units from “AMD, Ampere Computing, ASRock, ARM, Fujitsu, Gigabyte, Huawei, Nvidia, Supermicro, and Qualcomm”. Some of these vendors have released patches. But at this point, any of the vulnerable devices on the Internet, still unpatched, should probably be considered compromised.

Patching Isn’t Enough

To drive the point home that a compromised embedded device is hard to fully disinfect, we have the report from [Max van der Horst] at Disclosing.observer, detailing backdoors discovered in verious devices, even after the patch was applied.

These tend to hide in PHP code with innocent-looking filenames, or in an Nginx config. This report covers a scan of Citrix hosts, where 2,491 backdoors were discovered, which is far more than had been previously identified. Installing the patch doesn’t always mitigate the compromise.

VSCode

Many of us have found VSCode to be an outstanding IDE, and the fact that it’s Open Source and cross-platform makes it perfect for programmers around the world. Except for the telemetry, which is built into the official Microsoft builds. It’s Open Source, so the natural reaction from the community is to rebuild the source, and offer builds that don’t have telemetry included. We have fun names like VSCodium and Cursor for these rebuilds. Kudos to Microsoft for making VSCode Open Source so this is possible.

There is, however, a catch, in the form of the extension marketplace. Only official VSCode builds are allowed to pull extensions from the marketplace. As would be expected, the community has risen to the challenge, and one of the marketplace alternatives is Open VSX. And this week, we have the story of how a bug in the Open VSX publishing code could have been a really big problem.

When developers are happy with their work, and are ready to cut a release, how does that actually work? Basically every project uses some degree of automation to make releases happen. For highly automated projects, it’s just a single manual action — a kick-off of a Continuous Integration (CI) run — that builds and publishes the new release. Open VSX supports this sort of approach, and in fact runs a nightly GitHub Action to iterate through the list of extensions, and pull any updates that are advertised.

VS Code extensions are Node.js projects, and are built using npm. So the workflow clones the repository, and runs npm install to generate the installable packages. Running npm install does carry the danger that arbitrary code runs inside the build scripts. How bad would it be for malicious code to run inside this nightly update action, on the Open VSX GitHub repository?

A super-admin token was available as an environment variable inside this GitHub Action, that if exfiltrated would allow complete takeover of the Open VSX repository and unfettered access to the software contained therein. There’s no evidence that this vulnerability was found or exploited, and OpenVSX and Koi Security worked together to mitigate it, with the patch landing about a month and a half after first disclosure.

FileFix

There’s a new social engineering attack on the web, FileFix. It’s a very simple, nearly dumb idea. By that I mean, a reader of this column would almost certainly never fall for it, because FileFix asks the user to do something really unusual. You get an email or land on a bad website, and it appears present a document for you. To access this doc, just follow the steps. Copy this path, open your File Explorer, and paste the path. Easy! The website even gives you a button to click to launch file explorer.

That button actually launches a file upload dialog, but that’s not even the clever part. This attack takes advantage of two quirks. The first is that Javascript can inject arbitrary strings into the paste buffer, and the second is that system commands can be run from the Windows Explorer bar. So yes, copy that string, and paste it into the bar, and it can execute a command. So while it’s a dumb attack, and asks the user to do something very weird, it’s also a very clever intersection between a couple of quirky behaviors, and users will absolutely fall for this.

eMMC Data Extraction

The embedded MultiMediaCard (eMMC) is a popular option for flash storage on embedded devices. And Zero Day Initiative has a fascinating look into what it takes to pull data from an eMMC chip in-situ. An 8-leg EEPROM is pretty simple to desolder or probe, but the ball grid array of an eMMC is beyond the reach of mere mortals. If you’re soldering skills aren’t up to the task, there’s still hope to get that data off. The only connections needed are power, reference voltage, clock, a command line, and the data lines. If you can figure out connection points for all of those, you can probably power the chip and talk to it.

One challenge is how to keep the rest of the system from booting up and getting chatty. There’s a clever idea, to look for a reset pin on the MCU, and just hold that active while you work, keeping the MCU in a reset, and quiet, state. Another fun idea is to just remove the system’s oscillator, as the MCU may depend on it to boot and do anything.

Bits and Bytes

What would you do with 40,000 alarm clocks? That’s the question unintentionally faced by [Ian Kilgore], when he discovered that the loftie wireless alarm clock works over unsecured MQTT. On the plus side, he got Home Automation integration working.

What does it look like, when an attack gets launched against a big cloud vendor? The folks at Cloud-IAM pull the curtain back just a bit, and talk about an issue that almost allowed an enumeration attack to become an effective DDoS. They found the attack and patched their code, which is when it turned into a DDoS race, that Cloud-IAM managed to win.

The Wire secure communication platform recently got a good hard look from the Almond security team. And while the platform seems to have passed with good grades, there are a few quirks around file sharing that you might want to keep in mind. For instance, when a shared file is deleted, the backing files aren’t deleted, just the encryption keys. And the UUID on those files serves as the authentication mechanism, with no additional authentication needed. None of the issues found rise to the level of vulnerabilities, but it’s good to know.

And finally, the Centos Webpanel Control Web Panel has a pair of vulnerabilities that allowed running arbitrary commands prior to authorization. The flaws have been fixed in version 0.9.8.1205, but are trivial enough that this cPanel alternative needs to get patched on systems right away.

From Blog – Hackaday via this RSS feed

Robots can look like all sorts of things, but they’re often more fun if you make them look like some kind of charming animal. That’s precisely what [Ananya], [Laurence] and [Shao] did when they built Cucumber the Robot Dog for their final project in the ECE 4760 class.

Cucumber is controllable over WiFi, which was simple enough to implement by virtue of the fact that it’s based around the Raspberry Pi Pico W. With its custom 3D-printed dog-like body, it’s able to move around on its four wheels driven by DC gear motors, and it can flex its limbs thanks to servos in its various joints. It’s able to follow someone with some autonomy thanks to its ultrasonic sensors, while it can also be driven around manually if so desired. To give it more animal qualities, it can also be posed, or commanded to bark, howl, or growl, with commands issued remotely via a web interface.

The level of sophistication is largely on the level of the robot dogs that were so popular in the early 2000s. One suspects it could be pretty decent at playing soccer, too, with the right hands behind the controls. Video after the break.

From Blog – Hackaday via this RSS feed

We have all suffered from this; the boss wants you to compile a report on the number of paper clips and you’re crawling up the wall with boredom, so naturally your mind strays to other things. You check social media, or maybe the news, and before you know it a while has been wasted. [Neil Chen] came up with a solution, to configure a cheap smart plug with a script to block his diversions of choice.

The idea is simple enough, the plug is in an outlet that requires getting up and walking a distance to access, so to flip that switch you’ve really got to want to do it. Behind it lives a Python script that can be found in a Git Hub repository, and that’s it! We like it for its simplicity and ingenuity, though we’d implore any of you to avoid using it to block Hackaday. Some sites are simply too important to avoid!

Of course, if distraction at work is your problem, perhaps you should simply run something without it.

From Blog – Hackaday via this RSS feed

[Hunter Irving] is a talented hacker with a wicked sense of humor, and he has written in to let us know about his latest project which is to make a GameCube keyboard controller work with Animal Crossing.

This project began simply enough but got very complicated in short order. Initially the goal was to get the GameCube keyboard controller integrated with the game Animal Crossing. The GameCube keyboard controller is a genuine part manufactured and sold by Nintendo but the game Animal Crossing isn’t compatible with this controller. Rather, Animal Crossing has an on-screen keyboard which players can use with a standard controller. [Hunter] found this frustrating to use so he created an adapter which would intercept the keyboard controller protocol and replace it with equivalent “keypresses” from an emulated standard controller.

In this project [Hunter] intercepts the controller protocol and the keyboard protocol with a Raspberry Pi Pico and then forwards them along to an attached GameCube by emulating a standard controller from the Pico. Having got that to work [Hunter] then went on to add a bunch of extra features.

First he designed and 3D-printed a new set of keycaps to match the symbols available in the in-game character set and added support for those. Then he made a keyboard mode for entering musical tunes in the game. Then he integrated a database of cheat codes to unlock most special items available in the game. Then he made it possible to import images (in low-resolution, 32×32 pixels) into the game. Then he made it possible to play (low-resolution) videos in the game. And finally he implemented a game of Snake, in-game! Very cool.

If you already own a GameCube and keyboard controller (or if you wanted to get them) this project would be good fun and doesn’t demand too much extra hardware. Just a Raspberry Pi Pico, two GameCube controller cables, two resistors, and a Schottky diode. And if you’re interested in Animal Crossing you might enjoy getting it to boot Linux!

Thanks very much to [Hunter] for writing in to let us know about this project. Have your own project? Let us know on the tipsline!

From Blog – Hackaday via this RSS feed

[Ralph] is excited about impedance matching, and why not? It is important to match the source and load impedance to get the most power out of a circuit. He’s got a whole series of videos about it. The latest? Matching using a PI network and the venerable Smith Chart.

We like that he makes each video self-contained. It does mean if you watch them all, you get some review, but that’s not a bad thing, really. He also does a great job of outlining simple concepts, such as what a complex conjugate is, that you might have forgotten.

Smith charts almost seem magical, but they are really sort of an analog computer. The color of the line and even the direction of an arrow make a difference, and [Ralph] explains it all very simply.

The example circuit is simple with a 50 MHz signal and a mismatched source and load. Using the steps and watching the examples will make it straightforward, even if you’ve never used a Smith Chart before.

The red lines plot impedance, and the blue lines show conductance and succeptance. Once everything is plotted, you have to find a path between two points on the chart. That Smith was a clever guy.

We looked at part 1 of this series earlier this year, so there are five more to watch since then. If your test gear leaves off the sign of your imaginary component, the Smith Chart can work around that for you.

From Blog – Hackaday via this RSS feed

[Ruud], the creator of [Capturing Dust], started his latest video with what most of us would consider a solved problem: the dust collection system for his shop already had a three-stage centrifugal dust separator with more than 99.7% efficiency. This wasn’t quite as efficient as it could be, though, so [Ruud]’s latest upgrade shrinks the size of the third stage while increasing efficiency to within a rounding error of 99.9%.The old separation system had two stages to remove large and medium particles, and a third stage to remove fine particles. The last stage was made out of 100 mm acrylic tubing and 3D-printed parts, but [Ruud] planned to try replacing it with two parallel centrifugal separators made out of 70 mm tubing. Before he could do that, however, he redesigned the filter module to make it easier to weigh, allowing him to determine how much sawdust made it through the extractors. He also attached a U-tube manometer (a somewhat confusing name to hear on YouTube) to measure pressure loss across the extractor.The new third stage used impellers to induce rotational airflow, then directed it against the circular walls around an air outlet. The first design used a low-profile collection bin, but this wasn’t keeping the dust out of the air stream well enough, so [Ruud] switched to using plastic jars. Initially, this didn’t perform as well as the old system, but a few airflow adjustments brought the efficiency up to 99.879%. In [Ruud]’s case, this meant that of 1.3 kilograms of fine sawdust, only 1.5 grams of dust made it through the separator to the filter, which is certainly impressive in our opinion. The design for this upgraded separator is available on GitHub.[Ruud] based his design off of another 3D-printed dust separator, but adapted it to European fittings. Of course, the dust extractor is only one part of the problem; you’ll still need a dust routing system.

Thanks to [Keith Olson] for the tip!

From Blog – Hackaday via this RSS feed

For as versatile and inexpensive as switch-mode power supplies are at all kinds of different tasks, they’re not always the ideal choice for every DC-DC circuit. Although they can do almost any job in this arena, they tend to have high parts counts, higher complexity, and higher cost than some alternatives. [Jasper] set out to test some alternative linear chargers called low dropout regulators (LDOs) for small-scale charging of lithium ion capacitors against those more traditional switch-mode options.

The application here is specifically very small solar cells in outdoor applications, which are charging lithium ion capacitors instead of batteries. These capacitors have a number of benefits over batteries including a higher number of discharge-recharge cycles and a greater tolerance of temperature extremes, so they can be better off in outdoor installations like these. [Jasper]’s findings with using these generally hold that it’s a better value to install a slightly larger solar cell and use the LDO regulator rather than using a smaller cell and a more expensive switch-mode regulator. The key, though, is to size the LDO so that the voltage of the input is very close to the voltage of the output, which will minimize losses.

With unlimited time or money, good design can become less of an issue. In this case, however, saving a few percentage points in efficiency may not be worth the added cost and complexity of a slightly more efficient circuit, especially if the application will be scaled up for mass production. If switched mode really is required for some specific application, though, be sure to design one that’s not terribly noisy.

From Blog – Hackaday via this RSS feed

In theory, writing a Linux device driver shouldn’t be that hard, but it is harder than it looks. However, using libusb, you can easily deal with USB devices from user space, which, for many purposes, is fine.  [Crescentrose] didn’t know anything about writing user-space USB drivers until they wrote one and documented it for us. Oh, the code is in Rust, for which there aren’t as many examples.

The device in question was a USB hub with some extra lights and gadgets. So the real issue, it seems to us, wasn’t the code, but figuring out the protocol and the USB stack. The post covers that, too, explaining configurations, interfaces, and endpoints.

There are other ancillary topics, too, like setting up udev. This lets you load things when a USB device (or something else) plugs in.

Of course, you came for the main code. The Rust program is fairly straightforward once you have the preliminaries out of the way. The libusb library helps a lot. By the end, the code kicks off some threads, handles interrupts, and does other device-driver-like things.

So if you like Rust and you ever thought about a user space device driver for a USB device, this is your chance to see it done. It didn’t take years. However, you can do a lot in user space.

From Blog – Hackaday via this RSS feed

It’s about time! Or maybe it’s about time’s reciprocal: frequency. Whichever way you see it, Hackaday is pleased to announce, just this very second, the 2025 One Hertz Challenge over on Hackaday.io. If you’ve got a device that does something once per second, we’ve got the contest for you. And don’t delay, because the top three winners will each receive a $150 gift certificate from this contest’s sponsor: DigiKey.

What will you do once per second? And how will you do it? Therein lies the contest! We brainstormed up a few honorable mention categories to get your creative juices flowing.

Timelords: How precisely can you get that heartbeat? This category is for those who prefer to see a lot of zeroes after the decimal point.Ridiculous: This category is for the least likely thing to do once per second. Accuracy is great, but absurdity is king here. Have Rube Goldberg dreams? Now you get to live them out.Clockwork: It’s hard to mention time without thinking of timepieces. This category is for the clockmakers among you. If your clock ticks at a rate of one hertz, and you’re willing to show us the mechanism, you’re in.Could Have Used a 555: We knew you were going to say it anyway, so we made it an honorable mention category. If your One Hertz project gets its timing from the venerable triple-five, it belongs here.

We love contests with silly constraints, because you all tend to rise to the challenge. At the same time, the door is wide open to your creativity. To enter, all you have to do is document your project over on Hackaday.io and pull down the “Contests” tab to One Hertz to enter. New projects are awesome, but if you’ve got an oldie-but-goodie, you can enter it as well. (Heck, maybe use this contest as your inspiration to spruce it up a bit?)

Time waits for no one, and you have until August 19th at 9:00 AM Pacific time to get your entry in. We can’t wait to see what you come up with.

From Blog – Hackaday via this RSS feed

Here’s a fun build. Over on their YouTube channel our hacker [Atasoy] shows us how to make a custom floral keyboard keycap using resin.

We begin by using an existing keycap as a pattern to make a mold. We plug the keycap with all-purpose adhesive paste so that we can attach it to a small sheet of Plexiglas, which ensures the floor of our mold is flat. Then a side frame is fashioned from 100 micron thick acetate which is held together by sticky tape. Hot glue is used to secure the acetate side frame to the Plexiglas floor, keeping the keycap centered. RTV2 molding silicone is used to make the keycap mold. After 24 hours the silicone mold is ready.

Then we go through a similar process to make the mold for the back of the keycap. Modeling clay is pushed into the back of the keycap. Then silicone is carefully pushed into the keycap, and 24 hours later the back silicone mold is also ready.

The back mold is then glued to a fresh sheet of Plexiglas and cut to shape with a craft knife. Holes are drilled into the Plexiglas. A mix of artificial grass and UV resin is made to create the floor. Then small dried flowers are cut down to size for placement in the top of the keycap. Throughout the process UV light is used to cure the UV resin as we go along.

Finally we are ready to prepare and pour our epoxy resin, using our two molds. Once the mold sets our new keycap is cut out with a utility knife, then sanded and polished, before being plugged into its keyboard. This was a very labor intensive keycap, but it’s a beautiful result.

If you’re interested in making things with UV resin, we’ve covered that here before. Check out 3D Printering: Print Smoothing Tests With UV Resin and UV Resin Perfects 3D Print, But Not How You Think. Or if you’re interested in epoxy resin, we’ve covered that too! See Epoxy Resin Night Light Is An Amazing Ocean-Themed Build and Degassing Epoxy Resin On The (Very) Cheap.

Thanks to [George Graves] for sending us this one via the tipsline!

From Blog – Hackaday via this RSS feed

A lot of people complain that driving across the United States is boring. Having done the coast-to-coast trip seven times now, I can’t agree. Sure, the stretches through the Corn Belt get a little monotonous, but for someone like me who wants to know how everything works, even endless agriculture is fascinating; I love me some center-pivot irrigation.

One thing that has always attracted my attention while on these long road trips is the weigh stations that pop up along the way, particularly when you transition from one state to another. Maybe it’s just getting a chance to look at something other than wheat, but weigh stations are interesting in their own right because of everything that’s going on in these massive roadside plazas. Gone are the days of a simple pull-off with a mechanical scale that was closed far more often than it was open. Today’s weigh stations are critical infrastructure installations that are bristling with sensors to provide a multi-modal insight into the state of the trucks — and drivers — plying our increasingly crowded highways.

All About the Axles

Before diving into the nuts and bolts of weigh stations, it might be helpful to discuss the rationale behind infrastructure whose main function, at least to the casual observer, seems to be making the truck driver’s job even more challenging, not to mention less profitable. We’ve all probably sped by long lines of semi trucks queued up for the scales alongside a highway, pitying the poor drivers and wondering if the whole endeavor is worth the diesel being wasted.

The answer to that question boils down to one word: axles. In the United States, the maximum legal gross vehicle weight (GVW) for a fully loaded semi truck is typically 40 tons, although permits are issued for overweight vehicles. The typical “18-wheeler” will distribute that load over five axles, which means each axle transmits 16,000 pounds of force into the pavement, assuming an even distribution of weight across the length of the vehicle. Studies conducted in the early 1960s revealed that heavier trucks caused more damage to roadways than lighter passenger vehicles, and that the increase in damage is proportional to the fourth power of axle weight. So, keeping a close eye on truck weights is critical to protecting the highways.

Just how much damage trucks can cause to pavement is pretty alarming. Each axle of a truck creates a compression wave as it rolls along the pavement, as much as a few millimeters deep, depending on road construction and loads. The relentless cycle of compression and expansion results in pavement fatigue and cracks, which let water into the interior of the roadway. In cold weather, freeze-thaw cycles exert tremendous forces on the pavement that can tear it apart in short order. The greater the load on the truck, the more stress it puts on the roadway and the faster it wears out.

The other, perhaps more obvious reason to monitor axles passing over a highway is that they’re critical to truck safety. A truck’s axles have to support huge loads in a dynamic environment, and every component mounted to each axle, including springs, brakes, and wheels, is subject to huge forces that can lead to wear and catastrophic failure. Complete failure of an axle isn’t uncommon, and a driver can be completely unaware that a wheel has detached from a trailer and become an unguided missile bouncing down the highway. Regular inspections of the running gear on trucks and trailers are critical to avoiding these potentially catastrophic occurrences.

Ways to Weigh

The first thing you’ll likely notice when driving past one of the approximately 700 official weigh stations lining the US Interstate highway system is how much space they take up. In contrast to the relatively modest weigh stations of the past, modern weigh stations take up a lot of real estate. Most weigh stations are optimized to get the greatest number of trucks processed as quickly as possible, which means constructing multiple lanes of approach to the scale house, along with lanes that can be used by exempt vehicles to bypass inspection, and turnout lanes and parking areas for closer inspection of select vehicles.

In addition to the physical footprint of the weigh station proper, supporting infrastructure can often be seen miles in advance. Fixed signs are usually the first indication that you’re getting near a weigh station, along with electronic signboards that can be changed remotely to indicate if the weigh station is open or closed. Signs give drivers time to figure out if they need to stop at the weigh station, and to begin the process of getting into the proper lane to negotiate the exit. Most weigh stations also have a net of sensors and cameras mounted to poles and overhead structures well before the weigh station exit. These are monitored by officers in the station to spot any trucks that are trying to avoid inspections.

Overhead view of a median weigh station on I-90 in Haugan, Montana. Traffic from both eastbound and westbound lanes uses left exits to access the scales in the center. There are ample turnouts for parking trucks that fail one test or another. Source: Google Maps.

Most weigh stations in the US are located off the right side of the highway, as left-hand exit ramps are generally more dangerous than right exits. Still, a single weigh station located in the median of the highway can serve traffic from both directions, so the extra risk of accidents from exiting the highway to the left is often outweighed by the savings of not having to build two separate facilities. Either way, the main feature of a weigh station is the scale house, a building with large windows that offer a commanding view of the entire plaza as well as an up-close look at the trucks passing over the scales embedded in the pavement directly adjacent to the structure.

Scales at a weigh station are generally of two types: static scales, and weigh-in-motion (WIM) systems. A static scale is a large platform, called a weighbridge, set into a pit in the inspection lane, with the surface flush with the roadway. The platform floats within the pit, supported by a set of cantilevers that transmit the force exerted by the truck to electronic load cells. The signal from the load cells is cleaned up by signal conditioners before going to analog-to-digital converters and being summed and dampened by a scale controller in the scale house.

The weighbridge on a static scale is usually long enough to accommodate an entire semi tractor and trailer, which accurately weighs the entire vehicle in one measurement. The disadvantage is that the entire truck has to come to a complete stop on the weighbridge to take a measurement. Add in the time it takes for the induced motion of the weighbridge to settle, along with the time needed for the driver to make a slow approach to the scale, and each measurement can add up to significant delays for truckers.

Weigh-in-motion sensor. WIM systems measure the force exerted by each axle and calculate a total gross vehicle weight (GVW) for the truck while it passes over the sensor. The spacing between axles is also measured to ensure compliance with state laws. Source: Central Carolina Scales, Inc.

To avoid these issues, weigh-in-motion systems are often used. WIM systems use much the same equipment as the weighbridge on a static scale, although they tend to use piezoelectric sensors rather than traditional strain-gauge load cells, and usually have a platform that’s only big enough to have one axle bear on it at a time. A truck using a WIM scale remains in motion while the force exerted by each axle is measured, allowing the controller to come up with a final GVW as well as weights for each axle. While some WIM systems can measure the weight of a vehicle at highway speed, most weigh stations require trucks to keep their speed pretty slow, under five miles per hour. This is obviously for everyone’s safety, and even though the somewhat stately procession of trucks through a WIM can still plug traffic up, keeping trucks from having to come to a complete stop and set their brakes greatly increases weigh station throughput.

Another advantage of WIM systems is that the spacing between axles can be measured. The speed of the truck through the scale can be measured, usually using a pair of inductive loops embedded in the roadway around the WIM sensors. Knowing the vehicle’s speed through the scale allows the scale controller to calculate the distance between axles. Some states strictly regulate the distance between a trailer’s kingpin, which is where it attaches to the tractor, and the trailer’s first axle. Trailers that are not in compliance can be flagged and directed to a parking area to await a service truck to come by to adjust the spacing of the trailer bogie.

Keep It Moving, Buddy

A PrePass transponder reader and antenna over Interstate 10 near Pearlington, Mississippi. Trucks can bypass a weigh station if their in-cab transponder identifies them as certified. Source: Tony Webster, CC BY-SA 2.0.

Despite the increased throughput of WIM scales, there are often too many trucks trying to use a weigh station at peak times. To reduce congestion further, some states participate in automatic bypass systems. These systems, generically known as PrePass for the specific brand with the greatest market penetration, use in-cab transponders that are interrogated by transmitters mounted over the roadway well in advance of the weigh station. The transponder code is sent to PrePass for authentication, and if the truck ID comes back to a company that has gone through the PrePass certification process, a signal is sent to the transponder telling the driver to bypass the weigh station. The transponder lights a green LED in this case, which stays lit for about 15 minutes, just in case the driver gets stopped by an overzealous trooper who mistakes the truck for a scofflaw.

PrePass transponders are just one aspect of an entire suite of automatic vehicle identification (AVI) systems used in the typical modern weigh station. Most weigh stations are positively bristling with cameras, some of which are dedicated to automatic license plate recognition. These are integrated into the scale controller system and serve to associate WIM data with a specific truck, so violations can be flagged. They also help with the enforcement of traffic laws, as well as locating human traffickers, an increasingly common problem. Weigh stations also often have laser scanners mounted on bridges over the approach lanes to detect unpermitted oversized loads. Image analysis systems are also used to verify the presence and proper operation of required equipment, such a mirrors, lights, and mudflaps. Some weigh stations also have systems that can interrogate the electronic logging device inside the cab to verify that the driver isn’t in violation of hours of service laws, which dictate how long a driver can be on the road before taking breaks.

Sensors Galore

IR cameras watch for heat issues on trucks at a Kentucky weigh station. Heat signatures can be used to detect bad tires, stuck brakes, exhaust problems, and even illicit cargo. Source: Trucking Life with Shawn

Another set of sensors often found in the outer reaches of the weigh station plaza is related to the mechanical status of the truck. Infrared cameras are often used to scan for excessive heat being emitted by an axle, often a sign of worn or damaged brakes. The status of a truck’s tires can also be monitored thanks to Tire Anomaly and Classification Systems (TACS), which use in-road sensors that can analyze the contact patch of each tire while the vehicle is in motion. TACS can detect flat tires, over- and under-inflated tires, tires that are completely missing from an axle, or even mismatched tires. Any of these anomalies can cause a tire to quickly wear out and potentially self-destruct at highway speeds, resulting in catastrophic damage to surrounding traffic.

Trucks with problems are diverted by overhead signboards and direction arrows to inspection lanes. There, trained truck inspectors will closely examine the flagged problem and verify the violation. If the problem is relatively minor, like a tire inflation problem, the driver might be able to fix the issue and get back on the road quickly. Trucks that can’t be made safe immediately might have to wait for mobile service units to come fix the problem, or possibly even be taken off the road completely. Only after the vehicle is rendered road-worthy again can you keep on trucking.

Featured image: “WeighStationSign” by [Wasted Time R]

From Blog – Hackaday via this RSS feed

The Stronghero 3D hybrid PLA PETG filament, with visible PETG core. (Credit: My Tech Fun, YouTube)

Sometimes you see an FDM filament pop up that makes you do a triple-take because it doesn’t seem to make a lot of sense. This is the case with a hybrid PLA/PETG filament by Stronghero 3D  that features a PETG core. This filament also intrigued [Dr. Igor Gaspar] who imported a spool from the US to have a poke at it to see why you’d want to combine these two filament materials.

According to the manufacturer, the PLA outside makes up 60% of the filament, with the rest being the PETG core. The PLA is supposed to shield the PETG from moisture, while adding more strength and weather resistance to the PLA after printing. Another interesting aspect is the multi-color look that this creates, and which [Igor]’s prints totally show. Finding the right temperatures for the bed and extruder was a challenge and took multiple tries with the Bambu Lab P1P including bed adhesion troubles.

As for the actual properties of this filament, the layer adhesion test showed it to be significantly worse than plain PLA or PETG when printed at extruder temperatures from 225 °C to 245 °C. When the shear stress is put on the material instead of the layer adhesion, the results are much better, while torque resistance is better than plain PETG. This is a pattern that repeats across impact and other tests, with PETG more brittle. Thermal deformation  temperature is, unsurprisingly, between both materials, making this filament mostly a curiosity unless its properties work much better for your use case than a non-hybrid filament.

From Blog – Hackaday via this RSS feed