Sound chips from back in the day were capable of much more than a few beeps and boops, and [InazumaDenki] proves it in a video recreating recognizable real-world sounds with the AY-3-8910, a chip that was in everything from arcade games to home computers. Results are a bit mixed but it’s surprising how versatile a vintage sound chip that first came out in the late 70s is capable of, with the right configuration.
Recreating a sound begins by analyzing a spectrograph.
Chips like the AY-3-8910 work at a low level, and rely on being driven with the right inputs to generate something useful. It can generate up to three independent square-wave tones, but with the right approach and setup that’s enough to get outputs of varying recognizability for a pedestrian signal, bird call, jackhammer, and referee’s whistle.

To recreate a sound [InazumaDenki] begins by analyzing a recording with a spectrogram, which is a visual representation of frequency changes over time. Because real-world sounds consist of more than just one frequency (and the AY-3-8910 can only do three at once), this is how [InazumaDenki] chooses what frequencies to play, and when. The limitations make it an imperfect reproduction, but as you can hear for yourself, it can certainly be enough to do the job.

How does one go about actually programming the AY-3-8910? Happily there’s a handy Arduino AY3891x library by [Andreas Taylor] that makes it about as simple as can be to explore this part’s capabilities for yourself.

If you think retro-styled sound synthesis might fit into your next project, keep in mind that just about any modern microcontrollers has more than enough capability to do things like 80s-style speech synthesis entirely in software.

youtube.com/embed/9UH4yG8BpEQ?…

hackaday.com/2024/11/07/hear-a…

È stata scoperta una vulnerabilità critica (CVE-2024-20445) in una serie di telefoni IP Cisco che consente agli aggressori remoti di accedere a informazioni sensibili. I modelli interessati includono il telefono da tavolo 9800, il telefono IP 7800 e 8800 e il videotelefono 8875.sec.cloudapps.cisco.com/securi…nvd.nist.gov/vuln/detail/CVE-2…

Il problema è legato all’errata memorizzazione dei dati nell’interfaccia web dei dispositivi che utilizzano il protocollo SIP, che porta all’esposizione di informazioni sensibili (CWE-200) quando la funzione Accesso Web è abilitata. Gli aggressori possono sfruttare questa vulnerabilità semplicemente visitando l’indirizzo IP di un dispositivo vulnerabile.

Un attacco riuscito potrebbe potenzialmente ottenere l’accesso a informazioni come le registrazioni delle chiamate, compromettendo la privacy dell’utente. È importante notare che l’accesso Web è disabilitato per impostazione predefinita, il che riduce leggermente il rischio. Tuttavia, una volta attivata, la vulnerabilità diventa sfruttabile.

Cisco ha confermato il problema e ha rilasciato aggiornamenti per risolvere la vulnerabilità. Sfortunatamente, è impossibile aggirare il problema se non aggiornando il software. Tutti gli utenti che hanno abilitato l’accesso Web devono disabilitare questa funzione o aggiornare immediatamente il software.

Al momento della pubblicazione, la vulnerabilità colpisce Cisco Desk Phone 9800, IP Phone 7800 e 8800 (escluso Wireless IP Phone 8821) e Video Phone 8875. Per proteggere i propri dati, si consiglia agli utenti di verificare se la funzione Accesso Web è abilitata e, se necessario, disabilitalo o installa gli aggiornamenti.

L'articolo Scoperta Vulnerabilità Critica nei Telefoni Cisco: A Rischio i Dati Sensibili di Migliaia di Utenti proviene da il blog della sicurezza informatica.

If there’s an enduring image of how large steel structures used to be made, it’s probably the hot riveting process. You’ve probably seen grainy old black-and-white films of a riveting gang — universally men in bib overalls with no more safety equipment than a cigarette, heating rivets to red heat in a forge and tossing them up to the riveters with a pair of tongs. There, the rivet is caught with a metal funnel or even a gloved hand, slipped into a waiting hole in a flange connecting a beam to a column, and beaten into submission by a pair of men with pneumatic hammers.

Dirty, hot, and dangerous though the work was, hot riveted joints were a practical and proven way to join members together in steel structures, and chances are good that any commercial building that dates from before the 1960s or so has at least some riveted joints. But times change and technology marches on, and riveted joints largely fell out of fashion in the construction trades in favor of bolted connections. Riveting crews of three or more men were replaced by a single ironworker making hundreds of predictable and precisely tensioned connections, resulting in better joints at lower costs.

Bolted joints being torqued to specs with an electric wrench might not have the flair of red-hot rivets flying around the job site, but they certainly have a lot of engineering behind them. And as it turns out, the secret to turning bolting into a one-person job is mostly in the bolt itself.

A Desk With a View

My first exposure to tension control bolts started with getting really lucky at work. Back in the early 2000s my department relocated, and somehow I managed to get a desk with an actual window. Being able to look out at the world was amazing, but then one day the company started building an addition right outside my window. That was a mixed bag for me; true, I’d lose my view as the six-story structure was built, but in the meantime, I’d get to watch its construction from the comfort of my desk.

I watched with amazement as the steel frame went up, the ironworkers quickly and efficiently bolting the columns and beams together. One thing I noticed was that bolting seemed to be a one-man job, with a single ironworker tightening the nut with an electric wrench without the need for anyone backing up the head of the bolt on the other side of the connection. This perplexed me; how could the bolt not just spin in the hole?

I got my answer when I saw something fall out of the wrench after the ironworker removed it from the tightened connection. From my perch by the window it looked like the end of a splined shaft, and I could see that one end was obviously sheared off. That’s when I noticed that all the as-yet untightened bolts had the same spline sticking out past the nut, and it all clicked: the spline must fit into a socket inside the wrench coaxial to the socket that tightens the nut, which holds the bolt so the nut can be tightened. What’s more, it was clear that you could use this scheme to automatically torque the connection by designing the spline to shear off at the required torque. Genius!

youtube.com/embed/3atVsn-4M1o?…

Stretch and Snap

While I wasn’t quite right with my analysis, I was pretty close. I only learned much later (like, while researching this article) that the bolts used for structural framing are called tension control bolts, or TCBs, and that there’s a lot of engineering that goes into them. But to understand them, we have to take a look at bolted connections, and find out how they work to keep everything from buildings to bridges from falling down.

We’ve taken an in-depth look at bolted connections before, but for the TL;DR set, the short story is that bolts are essentially really strong springs. When you tighten a nut on a bolt, the bolt stretches a bit, which provides a clamping force on whatever is trapped between the head of the bolt and the nut. The degree of stretching, and therefore the amount of clamping force, depends on the strength of the material used to make the bolt, the size of the bolt, and the amount of torque applied. That’s why most bolted assemblies have a specified torque for all the bolts in the joint.

For structural steel, joints between framing members are carefully designed by structural engineers. A host of calculations go into each joint, resulting in detailed bolting plans. Some joints have a lot of bolts, sometimes 20 or more depending on the application. The hole pattern for each member is determined before any steel is cut, and each framing member usually arrives from the fabricator with the exact number of holes specified in the plan. The plan also specifies which grade of TC bolt is to be used on each joint — more on that below — as well as the diameter and length of each bolt.
Typical tension control bolts. The internal socket on the shear wrench grips the spline feature at the far end to counter the torque applied while tensioning the bolt, then twists it off. Source: LeJeune Bolt
As ironworkers build the frame, they first use a spud wrench to line up the bolt holes in the two members they’re bolting together. A spud wrench is a large open-end or adjustable wrench on a long handle that tapers to a point. The handle is used to drift the bolt holes into alignment while the ironworker inserts a TC bolt into the other holes. The bolts are initially just hand-tightened, but a critical part of the assembly process, called snugging or pre-tensioning, follows.

Snugging is somewhat loosely defined as the tightness achieved “with a few impacts” of an impact wrench, or “the full effort of an ironworker” using a standard spud wrench. Everything about snugging is very subjective, since the number of “ugga-duggas” that count as a few impact wrench blasts varies from user to user, and ironworkers similarly can apply a wide range of force to a wrench. But the idea is to bring the framing members into “firm contact,” which generally amounts to about 10 kps or “kips”, which is 10,000 pounds per square inch (about 70 MPa).

Once all the bolts in the joint are pre-tensioned, final tensioning is performed. The tool I saw those ironworkers using on TC bolts all those years ago goes by many names, with “shear wrench” or “TC gun” being the most generic. It’s also known as a “LeJeune gun” after a major manufacturer of TC bolts and tooling. Some shear wrenches are pneumatically powered, but more are electrically operated, with cordless guns becoming increasingly popular. The final tightening cycle begins by engaging the TC bolt spline with the internal socket and the nut with the outer socket. The outer socket tightens the nut to a specified torque, at which point a slip-clutch shifts power transmission from the outer socket to the inner socket, reversing the direction of rotation in the process. This applies enough torque to the spline to twist it clean off the TC bolt at the weakest point — the narrowed neck between the spline and the threaded section of the bolt. This leaves the bolt properly tensioned and with just the right amount of thread showing.

Tools of the Trade

TC bolts generally come in two grades: A325 and A490. Both are based on ASTM International standards, with A325 bolts covering the tensile range of 120 to 150 kps (830 to 1,040 MPa), and A490 covering 150 to 173 kps (1,040 to 1,190 MPa). Most TC bolts have a rounded head, since there’s no need to grip the bolt from the head end. That provides a smoother surface on the head side of the joint, making it less likely to get damaged during installation. Depending on the application, TC bolts can be treated to prevent corrosion, either with galvanizing or a passivated treatment.

If a TC bolted joint needs to be taken apart, the fact that the spline has already been snapped off presents a problem. To get around this, a special accessory for the wrench known as a reaction bar is used. This is essentially an inner socket sized for the nut and an outer ring with a sturdy torque arm welded to it. The arm jams against and adjacent nut and provides the counter-rotation needed to loosen the nut.

youtube.com/embed/bVvkMvB4Dt8?…

Lot testing is also very important for code compliance. This involves picking random TC bolts from every lot to test on a Skidmore-Wilhelm machine, which hydraulically measures the tension on a bolt. Strict procedures for pretensioning and final tensioning of each bolt are followed, and results are recorded as part of the engineering records of a structure.

hackaday.com/2024/11/07/mechan…

Gli esperti di Kaspersky Lab hanno parlato del nuovomalware SteelFox, che si maschera da programmi popolari come Foxit PDF Editor e AutoCAD Sfrutta la potenza delle macchine infette per estrarre criptovalute e ruba anche dati riservati degli utenti.

Da agosto a ottobre 2024, l’azienda ha registrato oltre 11.000 attacchi SteelFox. Il 20% delle vittime erano in Brasile, l’8% in Cina e un altro 8% in Russia.

SteelFox è distribuito sotto le spoglie di attivatori e crack per vari programmi popolari. In particolare, i ricercatori segnalano falsi attivatori per i prodotti AutoCAD, Foxit PDF Editor e JetBrains. In questo modo, SteelFox viene distribuito tramite forum, tracker torrent e persino GitHub.

Inoltre, per aumentare i ghost nel sistema attaccato, il malware utilizza WinRing0.sys e la tattica BOWWD (Bring your own vulnerabili driver), sfrutta cioè vulnerabilità abbastanza vecchie ( CVE-2020-14979 e CVE-2021-41285 ) in WinRing0.sys.

La comunicazione con il server di gestione avviene utilizzando il meccanismo di pinning del certificato SSL e TLS 1.3, utilizzando un dominio con indirizzo IP dinamico e la libreria Boost.Asio.

Per estrarre la criptovaluta, gli operatori del malware utilizzano una versione modificata del minatore open source XMRig, che è uno dei componenti SteelFox. Gli aggressori sfruttano la potenza dei dispositivi infetti per estrarre criptovaluta (molto probabilmente Monero).

Un altro componente di SteelFox è un infostealer, capace di raccogliere molti dati dal computer della vittima e di inviarli ai suoi operatori. Il malware ruba in particolare dati dai browser (cronologia dei siti visitati, informazioni su conti e carte bancarie), nonché informazioni sui software installati sul sistema e sulle soluzioni antivirus. Il trojan può anche rubare password dalle reti Wi-Fi, informazioni sul sistema, fuso orario e molto altro.

Va notato che gli aggressori possono ad esempio vendere tutte le informazioni raccolte da SteelFox sulla darknet. “Gli aggressori stanno cercando di ottenere il massimo beneficio dalle loro azioni. Sono noti, ad esempio, malware che combinavano le funzionalità di un miner e di un crittografo: gli aggressori guadagnavano denaro dal lavoro del minatore mentre aspettavano un riscatto per decrittografare i dati. SteelFox è un chiaro esempio di come gli aggressori possano tentare di monetizzare sia la potenza di calcolo di un dispositivo che i suoi contenuti”, commenta Dmitry Galov, responsabile di Kaspersky GReAT in Russia.

L'articolo SteelFox: Quando il KeyGen è più rischioso di Acquistare il software stesso proviene da il blog della sicurezza informatica.

If Apple has a reputation for anything other than decent hardware and excellent industrial design, it’s for selling its products at extremely inflated prices. But there are some alternatives if you want the Apple experience on the cheap. Buying their hardware a few years out of date of course is one way to avoid the bulk of the depreciation, but at the extreme end is this working Mac clone that cost just $14.

This build relies on the fact that modern microcontrollers absolutely blow away the computing power available to the average consumer in the 1980s. To emulate the Macintosh 128K, this build uses nothing more powerful than a Raspberry Pi Pico. There’s a little bit more to it than that, though, since this build also replicates the feel of the screen of the era as well. Using a “hat” for the Pi Pico from [Ron’s Computer Videos] lets the Pico’s remaining system resources send the video signal from the emulated Mac out over VGA, meaning that monitors from the late 80s and on can be used with ease. There’s an option for micro SD card storage as well, allowing the retro Mac to have an incredible amount of storage compared to the original.

The emulation of the 80s-era Mac is available on a separate GitHub page for anyone wanting to take a look at that. A VGA monitor is not strictly required, but we do feel that displaying retro computer graphics on 4K OLEDs leaves a little something out of the experience of older machines like this, even if they are emulated. Although this Macintosh replica with a modern e-ink display does an excellent job of recreating the original monochrome displays of early Macs as well.

youtube.com/embed/jYOTAGBqoW0?…

hackaday.com/2024/11/07/the-mo…

Persone che condividono il suono delle loro foreste, che progetto meraviglioso!

Stefan Bohacek

2024-11-05 13:39:47

Ah, yes, this will be very useful today.

"People around the world recorded the sounds of their forests, so you can escape into nature, and unwind wherever you are. Take a breath and soak in the forest sounds as they breathe with life and beauty!"

tree.fm

via graphics.social/@metin/1134301…

#relax

tree.fm – Tune Into Forests From Around The World 🌳🔈

People around the world recorded the sounds of their forests, so you can escape into nature, while in lockdown or unable to travel. Use this site to chill, meditate or do some digital shinrin-yoku.

^www.tree.fm