In the early 00s there was a tiny moment before the widespread adoption of mobile broadband, after the adoption of home WiFi, and yet before the widespread use of encryption. For this brief time a unique practice arose called wardriving — where people would drive around, document, and use these open wireless networks.

Although the pursuit has diminished with the rise of mobile broadband and WPA encryption, there are still a few use cases for the types of hardware a wardriver would have used. [arduinocelentano] recently built a Wi-Fi strength monitor in this style but with a unique theme.

The Silly Space Invaders Dashboard (SSID) uses an ESP8266 to periodically scan for WiFi networks and makes a record of all of the ones it discovers. From there it takes a look at the signal strength that it receives and groups them into a few classes. For each class it assigns a Space Invaders-themed sprite corresponding to signal strength, with the strongest ranked at the top for quick and easy viewing. There’s even a special sprite to indicate that most illusive of beasts; the open WiFi network. By the way, if you’re wondering why these Invaders don’t look like the baddies from your youth, it’s because the company that owns the rights doesn’t like other people playing with their toys.

During the heyday of wardriving we could only have wished for hardware as powerful, capable, small, and power efficient as what’s in this project. Most of us that partook in the hobby at its peak generally had bulky laptops, possibly some lead-acid batteries, and perhaps one or more wonky antennas to boot. In a way it’s almost a shame that this hobby has largely diminished, although there are still a few out there poking around unsecured networks.

player.vimeo.com/video/1024054…

hackaday.com/2025/07/30/legall…

Over on his YouTube channel the vivacious [Stephen Hawes] tells us that we never need to buy solder stencils again!

A big claim! And he is quick to admit that his printed solder paste isn’t presently quite as precise as solder stencils, but he is reporting good success with his technique so far.

[Stephen] found that he could print PCBs with his fiber laser, populate his boards with his LumenPnP, and reflow with his oven, but… what about paste? [Stephen] tried making stencils, and in his words: “it sucked!” So he asked himself: what if he didn’t need a stencil? He built a Gerber processing, G-code generating, machine-vision implemented… website. The LumenPnP Pasting Utility: https://paste.opulo.io/

The WebAssembly running in the Chrome tab itself connects to the LumenPnP and performs the entire pasting job automatically, with machine-vision fiducial calibration. Automatic alignment with fiducials was critical to the project’s feasibility, and he achieved it using machine-vision from the OpenCV library.

In the video heshows us how to jog the camera to the home fiducial, load the Gerber files, and initialize the job. He’s implemented camera jogging by clicking on the image from the camera to indicate the desired target location, which looks like a very handy feature to have!

Some initial setup just needs to be done once at the beginning to setup your board, additional board prints can then self-calibrate from the fiducials. The Z-index for the dispenser needs to be calibrated, and other job settings include nozzle offset calibration, dispense degrees, retraction degrees, and dwell milliseconds.

If you’re interested in other options for solder stencils be sure to read Solder Stencil Done Three Ways.

youtube.com/embed/_qklxlJc-04?…

hackaday.com/2025/07/30/the-lu…

In the retrocomputing world, [DosDude1] is a name spoken with more than a little respect. He’s back again with a long-awaited hack for PowerPC Macintosh: soldered RAM upgrades!

[DosDude1] is no stranger to soldering his way to more storage– upgrading the SSD on an M4 Mac Mini, or doubling the VRAM on an old GPU. For a PPC Mac, though, it is not enough just to solder more RAM onto the board; if that’s all it was, we’d have been doing it 20 years ago. Once the RAM is in place, you have to have some way to make sure the computer knows the RAM is in place. For a WinTel machine, getting that information to the BIOS can be as easy as plugging in the right resistors.
This is part of the BootROM dump. It’s easy to see why nobody figured this out before.
PowerPC Macintoshes don’t have BIOS, though. Instead, what’s required is a hack to modify the machine’s BootROM, and write an edited version back into the motherboard’s EEPROM. No one knew how to make that work, until now. [DosDude1] credits a document discovered by [LightBulbFun] on “Boot Flash System Configuration Block” for the secret sauce to hacking the HEX configuration. For example, adding four more 128 MB DIMMS to max out an iBook G3 was a matter of finding the Hex value for number of soldered chips–apparently it was at offset 0x5C. Change this from 0x01 to 0x02 tells the board to look for all 6 chips. Then it’s a matter of flashing the edited hex dump EEPROM, which can be done with a programmer or the flashrom command under Linux.

Solder, flash, reboot– RAM. That’s not the only upgrade in this clamshell. This wasn’t G4 from the factory!
While a few extra hundred MB of RAM isn’t exactly bringing this machine into the 21st century, it is a great quality-of-life upgrade to make old budget hardware match the best of the era. This isn’t magic: if you’re increasing the density, rather than filling up footprints as [DosDude1] demonstrates, you’ve got to make sure the board has got address lines to spare or there’s a way to bodge them in. (128 MB was the max for this one.) The footprints obviously have to match, too, and so do the specs. You’re not going to be putting extra gigabytes of DDR5 into a machine designed with OS9 in mind, but then, you probably don’t need to. It’s already got more than 640 KB, after all, and that’s enough for anybody.

Found via r/VintageApple on Reddit.

hackaday.com/2025/07/30/solder…

We’ve been loving the variety of entries to the 2025 One-Hertz Challenge. Many a clock has been entered, to be sure, but also some projects that step well outside simple timekeeping. Case in point, this AM transmitter from [oldradiofixer.]

The software-only transmitter uses an ATTiny85 processor to output an AM radio signal in the broadcast band. It transmits a simple melody that you can tune in on any old radio you might have lying around the house. Achieving this was simple. [oldradiofixer] set up the cheap microcontroller to toggle pin PB0 at 1 MHz to create an RF carrier. Further code then turns the 1MHz carrier on and off at varying rates to play the four notes—G#, A, G#, and E—of the Twilight Zone theme. This is set up to repeat every second—hence, it’s a perfectly valid entry to the 2025 One-Hertz Challenge!

It’s a simple project, but one that demonstrates the basics of AM radio transmission quite well. The microcontroller may not put out a powerful transmission, but it’s funny to think just how easy it is to generate a broadcast AM signal with a bit of software and a length of wire hanging off one pin. Video after the break.

youtube.com/embed/yi7hemwG_6A?…

hackaday.com/2025/07/30/2025-o…

[Remy van Elst] found an obsolete bike navigation system, the Navman Bike 1000, in a thrift store for €10. The device was a rebadged Mio Cyclo 200 from 2015. Can a decade-old GPS be useful? Well, the answer depends on a little reverse engineering.

There were some newer maps available, but they wouldn’t download using the official software. Out comes WireShark and mitmproxy. That allowed [Remy] to eavesdrop on what was going on between the box and its home server. From there he could intercept the downloaded software image, which in turn yielded to scrutiny. There was one executable, but since the device mounted as a drive, he was able to rename that executable and put his own in using the same name.

The device turns out to run Windows CE. It could even run DOOM! Once he was into the box with a file manager, it was fairly straightforward to add newer software and even update the maps using OpenStreetMaps.

This is a great example of how a little ingenuity and open source tools can extend the life of consumer electronics. It isn’t always as easy to find an entry point into some device like this. Then again, sometimes it’s a little easier than maybe it should be.

We’d all but forgotten Windows CE. We see many people using WireShark, but fewer running mitmproxy. It sure is useful.

hackaday.com/2025/07/30/one-ma…

On a Friday afternoon in mid-June, independent journalist Jack Poulson made a curious discovery: An article that we published about the aggressive attempts of a San Francisco-based tech executive named Maury Blackman to censor Poulson’s reporting about his sealed domestic violence arrest had, itself, disappeared from Google search results.

After Poulson alerted us that day, we immediately investigated that weekend. Even when searching for the article’s exact headline – “Anatomy of a censorship campaign: A tech exec’s crusade to stifle journalism” – it didn’t appear on Google search. It did, however, show up atop results on other search engines like DuckDuckGo and Bing. No other articles published by Freedom of the Press Foundation (FPF) seemed to have been suppressed by Google.

A Google search conducted by FPF on June 17 of the exact headline didn’t return the article. Other FPF articles appeared normally.

(Screenshot)

The article removed from Google search reported on a sweeping, persistent effort by Blackman or his apparent representatives to silence reporting by Poulson and his nonprofit Tech Inquiry.

The censorship campaign started after Poulson reported in 2023 about the executive’s 2021 arrest on suspicion of domestic violence against his then-25-year-old girlfriend in San Francisco. Blackman, 53 at the time, was never charged or convicted, and the alleged victim recanted her statements. A California court sealed the arrest report in 2022.

Shortly after the publication of Poulson’s article, Blackman resigned as CEO of Premise Data Corp., a surveillance technology firm with U.S. military contracts.

When Blackman was still Premise’s CEO, the company hired a private investigation and security service firm, and filed legal requests in an attempt to unmask Poulson’s confidential sources. Someone claiming to represent Blackman submitted fraudulent Digital Millennium Copyright Act takedown requests targeting Poulson’s article. Blackman’s attorneys also roped the San Francisco city attorney into an intimidation campaign against Poulson and Substack, which hosts his newsletter.

These tactics all failed.

But that wasn’t all. Blackman also filed a baseless defamation lawsuit against Poulson, his website hosts, and Tech Inquiry that was later dismissed on First Amendment grounds under California’s anti-SLAPP statute (SLAPP, a strategic lawsuit against public participation, refers to legal actions brought to chill speech). Blackman is appealing the dismissal.

And in April, Blackman even filed a lawsuit against the city of San Francisco for allegedly releasing the arrest report. One of the exhibits to a later filing included a May 2024 letter sent by Blackman’s lawyer to an individual that he thought was Poulson’s source, threatening legal action and demanding a $7.5 million settlement payment.

How Google search was exploited

There are several well-known tactics used to suppress or remove results from Google search. Copyright claims (legitimate and frivolous), court orders (real, forged, or otherwise fishy), and warning letters from government agencies have all been used to disappear search results from Google, sometimes as the result of the work of shady reputation management companies.

Our article, however, was vanished from Google search using a novel maneuver that apparently hasn’t been publicly well documented before: a sustained and coordinated abuse of Google’s “Refresh Outdated Content” tool. (In 2023, in response to a public support request flagging the abuse of the tool to de-index pages, Google’s search liaison said that the company would look into it further, but provided no additional information. The request has since been locked and the replies disabled.)

Google’s “Refresh Outdated Content” tool

(Screenshot)

This tool is supposed to allow those who are not a site’s owner to request the removal from search results of web pages that are no longer live (returning a “404 error”), or to request an update in search of web pages that display outdated or obsolete information in returned results.

However, a malicious actor could, until recently, disappear a legitimate article by submitting a removal request for a URL that resembled the target article but led to a “404 error.” By altering the capitalization of a URL slug, a malicious actor apparently could take advantage of a case-insensitivity bug in Google’s automated system of content removal.

That is exactly what happened to our article about the censorship campaign against Poulson. Someone reported an invalid variation of the article’s URL and requested its removal from Google search results. When Google’s crawler encountered the “404 error” following the report, it not only de-indexed the reported URL but also erroneously removed the live, valid article, possibly alongside every other variant of the URL, from search results.

Each time our original article was re-indexed by Google, someone submitted a new removal request for a slightly modified, oddly-capitalized version of the URL’s slug, triggering the same process, and so on. This cycle allowed the person or people submitting the reports to continuously suppress our article from search visibility — resulting in a game of digital Whac-A-Mole.

Nine removal requests targeting the same article on FPF’s site between May 7 and June 23, 2025.

(Screenshot/Google Search Console)

Once we identified the pattern, we took action by canceling the active removal requests in our Google Search Console and manually re-indexing the article so it would reappear in Google search results.

But we weren’t the only targets of this de-indexing scheme. After we alerted Poulson about what we had found, he discovered that two of his articles were similarly targeted using the same Refresh Outdated Content tool during the same time frame as ours.

In total, the two Poulson articles were targeted using this method 21 times. Our article was targeted nine times. The attacks on both websites spanned the same period, May 7 to June 23, strongly suggesting that a single actor was behind the campaign and that the campaign was forced to an end once Google introduced its fix.

Google’s ‘rare’ response and fix

When we reached out about the removal of our article, a Google spokesperson confirmed the abuse to us in an emailed statement on June 27. Initially, the company told us that the Refresh Outdated Content tool “helps ensure our search results are up to date,” adding that they are “vigilant in monitoring abuse,” and that they have “relisted pages that were wrongly impacted for this specific issue.”

This vague response did not explain whether Google already knew about the vulnerability of its tool for abuse, and was unclear about whether only our and Poulson’s pages had been re-indexed, or other websites were also impacted by similar attacks.

In a response to another question about whether this vulnerability has been widely exploited and how many other web pages could have been improperly de-indexed as a result of the abuse of this tool, the spokesperson claimed that “the issue only impacted a tiny fraction of websites,” which is a very unhelpful answer given the internet’s 1 billion websites.

Upon pressing Google with another round of detailed questions about our findings, the company was more forthcoming: “Confirming that we’ve rolled out a fix to prevent this type of abuse of the ‘Refresh Outdated Content Tool,’ the spokesperson said, but added that they “won’t be able to share anymore on this.”

While Google did the right thing by fixing this vulnerability, it’s disappointing that the company is unwilling to be more transparent. Google says that it’s committed to maximizing access to information. If that’s true, it has an obligation to the public to be transparent about how its products can be misused in such a basic way to censor speech.

Did Google know about the problem before we alerted it? Is it aware of other methods used to maliciously de-index search results? The company isn’t saying. But at least now that Google has confirmed that they’ve introduced a universal fix to avoid further exploitation of that bug, we can reveal the scheme’s details.

Google allowing those other than sites’ owners to remove pages from Google search results “is obviously a huge problem,” said Jason Kelley, director of activism at the Electronic Frontier Foundation. “The other issue is the lack of transparency from Google. Site owners would probably never find out if this feature was used to impact their search results, and probably never will find out that this had happened to them now that it’s corrected.”

Kelley described the company’s admission of the issue’s existence and taking it seriously as “rare.”

(EFF lawyers represented Poulson in the case.)

‘Legal failure’

Poulson told us it was “humbling” to realize that a 600-word article on the CEO of a surveillance firm could lead to such cascading censorship efforts, including the recent effort to “sabotage Google search results.”

“Blackman’s attempt to use the courts to scrub his felony arrest report and related news articles from the internet was not just a legal failure,” Susan Seager, a First Amendment lawyer who represents Tech Inquiry, told FPF. She added that his libel and privacy lawsuit against Poulson, Tech Inquiry, Substack, and Amazon Web Services “brought even more publicity to his arrest.”

On Tuesday, Poulson, Tech Inquiry, and Substack were awarded close to $400,000 in attorneys’ fees by the San Francisco Superior Court.

Who might be behind it?

Because Google does not document who submits removal requests through the Refresh Outdated Content tool, we have no way of knowing for certain who was behind the attempts to suppress search results featuring articles by us and Poulson.

We reached out to Blackman, who is now the CEO of a reputation management agency, ironically named The Transparency Company. We asked whether he or one of his associates reported our or Poulson’s articles using the Refresh Outdated Content tool or otherwise attempted to have Google de-index or suppress them. He didn’t respond to our requests for comment.

The good news is that all three articles — ours and Poulson’s — are restored on Google search, and Google claims to have fixed this problem. Plus, the new round of censorship inspired a new round of reporting, including the article you’re reading right now and a new article by Poulson, also published today.

Maybe now, anyone attempting to abuse legal or technical tools to censor journalism will learn the hard truth about the Streisand Effect: it will almost inevitably draw more attention, not less.

freedom.press/issues/censorshi…