It’s a bit of a truism that bigger sensors lead to better pictures when it comes to photography. Of course everyone who isn’t a photographer knows that moar megapixles is moar better. So, when [Gigawipf], aka [Yannick Richter] wanted to make a camera, he knew he had to go big or go home. So big he went: a medium format camera with a whopping 3.2 gigapixel resolution.

Now, getting a hold of a sensor like that is not easy, and [Yannick] didn’t even try. The hack starts by tearing down a couple of recent-model Kodak scanners from eBay to get at those sweet CCD line sensors. Yes, this is that classic hack: the scanner camera. Then it’s off to the oscilloscope and the datasheet for some serious reverse-engineering to figure out how to talk to these things. Protocol analysis starts about 4 minutes in of the embedded video, and is worth watching even if you have no interest in photography.

As for what the line sensor will be talking to, why, it’s nothing other than a Rasberry Pi 5, interfacing through a custom PCB that also holds the stepper driver. Remember this is a line sensor camera: the sensor needs to be scanned across the image plane inside the camera, line by line, just as it is in the scanner. He’s using off-the-shelf linear rails to do that job. Technically we suppose you could use a mirror to optically scan the image across a fixed sensor, but scanner cameras have traditionally done it this way and [Yannick] is keeping with tradition. Why not? It works.

Since these images are going to be huge an SD card in the Pi doesn’t cut it, so this is perhaps the only camera out there with an NVMe SSD. The raw data would be 19 GB per image, and though he’s post-processing on the fly to PNG they’re still big pictures. There probably aren’t too many cameras sporting 8″ touchscreens out there, either, but since the back of the thing is so large, why not? There’s still a CSI camera inside, too, but in this case it’s being used as a digital viewfinder. (Most of us would have made that the camera.) The scanner cam is, of course, far too slow to generate its own previews. The preview camera actually goes onto the same 3D-printed mount as the line sensor, putting it onto the same focal plane as the sensor. Yes, the real-time previews are used to focus the camera.

In many ways, this is the nicest scanner camera we’ve ever featured, but that’s perhaps to be expected: there have been a lot of innovations to facilitate this build since scanner cams were common. Even the 3D printed and aluminum case is professional looking. Of course a big sensor needs a big lens, and after deciding projector lenses weren’t going to cut it, [Yannick] sprung for Pantax 6×7 system lenses, which are made for medium format cameras like this one. Well, not exactly like this one– these lenses were first made for film cameras in the 60s. Still, they offer a huge image, high-quality optics, and manual focus and aperture controls in a format that was easy to 3D-print a mount for.

Is it the most practical camera? Maybe not. Is it an impressive hack? Yes. We’ve always had a soft-spot for scanner cameras, and a in a recent double-ccd camera hack, we were lamenting in the comments that nobody was doing it anymore. So we’re very grateful to [Manawyrm] for sending in the tip.

youtube.com/embed/KSvjJGbFCws?…

hackaday.com/2025/11/07/medium…

The humble 555 timer has its origins back in the early 1970s as the NE555, a bipolar integrated circuit. Over the years it has spawned a range of derivatives, including dual versions, and ones using CMOS technology. Have these enhancements improved the performance of the chip significantly? [MagicWolfi] has been pushing the envelope in an effort to see just how fast an astable 555 can be.

The Microchip MIC1555 may be the newest of the bunch, a 5-pin CMOS SOT-23 which has lost the frequency control and discharge pins of the original. It’s scarcely less versatile though, and it’s a fine candidate for an oscillator to push. We see it at a range of values for the capacitor and resistor in an astable configuration, each of which is tested across the supply voltage range. It’s rated as having a maximum frequency of 5 MHz, but with a zero Ohm resistor and only the parasitic capacitance of an open circuit, it reaches the giddy heights of 9.75 MHz. If we’re honest we find this surprising, but on reflection the chip would never be a first choice for super-fast operation.

We like it that someone’s managed to tie in the 555 to the contest, and given that it still has a few days to run at the time of writing, we’re hoping some of you might be inspired to enter one of your own.

hackaday.com/2025/11/07/2025-c…

Hackaday Editors Tom Nardi and Al Williams spent the weekend at Supercon and had to catch up on all the great hacks. Listen in as they talk about their favorites. Plus, stick around to the end to hear about some of the highlights from their time in Pasadena.

If you’re still thinking about entering the Component Abuse Contest, you’re just about out of time. Need some inspiration? Tom and Al talk about a few choice entries, and discuss how pushing parts out of their comfort zone can come in handy. Do you make your own PCBs? With vias? If you have a good enough laser, you could. Or maybe you’d rather have a $10 Linux server? Just manage your expectations. The guys both admit they aren’t mechanical geniuses and, unlike [4St4r], aren’t very good at guessing sounds either. They round up with some 3D printing projects and a collection of quick hacks.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

html5-player.libsyn.com/embed/…

Download in DRM-free MP3 no PDP-1, 3D Printer, or lasers needed to listen.

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

• iTunes
• Spotify
• Stitcher
• RSS
• YouTube
• Check out our Libsyn landing page

Episode 344 Show Notes:

News:

• Component Abuse Challenge

What’s that Sound?

• Congratulate [4St4r] for guessing last week’s sound. Want a Hackaday Podcast T-shirt? Try your luck next week.

Interesting Hacks of the Week:

• Is This The Last PCB You’ll Ever Buy?
• 2025 Component Abuse Challenge: Weigh With A TL074
• Repurposing Dodgy Android TV Boxes As Linux Boxes
• Reproduced And Recovered: The First Chinese Keyboard-based MingKwai Typewriter
• Print In Place Pump Pushes Limits Of Printing
• 3D Printering: Liquid-Filled Filament Was Not On Our Bingo Card

Quick Hacks:

• Tom’s Picks:
  
  • CardFlix: NFC Cards For Kid-Friendly Streaming Magic
  • Print-and-Clamp: Rubber Band PCB Stand Slides Into Duty
  • SolidWorks Certification… With FreeCAD?

  
  

• Al’s Picks:
  
  • Multitasking On The Humble Z80 CPU
  • Simple Device Can Freeze Wi-Fi Camera Feeds
  • 2025 Component Abuse Challenge: An Input Is Now An Output

  
  

Supercon 9:

• Crafting the Final Frontier Keynote
• Announcing The 2025 Hackaday Superconference Communicator Badge

hackaday.com/2025/11/07/hackad…

If you had an array of high power addressable LEDs, how would you project them onto a wall? Perhaps you’d use a Fresnel lens, or maybe an individual lens on the top of each. [Joo] faced this problem when making a lighting effect using just such an array, and the solution they came up with used both.

The problem facing a would-be LED array projector is that should the lens be too good, it will project the individual points of light from the LEDs themselves, when a more diffuse point is required. Thus the Fresnel required the aid of a separate array of lenses, resin printed in one in clear plastic. From this we get some useful tips on how to do this for best lens quality, and while the result is not quite optically perfect, it’s certainly good enough for the job in hand.

The linked Printables page comes with all you need to make the parts, and you too can have your own projected LED effect. Now we want one, too! Perhaps we really need our own Wrencher signal instead.

hackaday.com/2025/11/07/an-led…

There’s another ransomware story this week, but this one comes with a special twist. If you’ve followed this column for long, you’re aware that ransomware has evolved beyond just encrypting files. Perhaps we owe a tiny bit of gratitude to ransomware gangs for convincing everyone that backups are important. The downside to companies getting their backups in order is that these criminals are turning to other means to extort payment from victims. Namely, exfiltrating files and releasing them to the public if the victim doesn’t pay up. And this is the situation in which the Akira ransomware actors claim to have Apache’s OpenOffice project.

There’s just one catch. Akira is threatening to release 23 GB of stolen documents, which include employee information — and the Apache Software Foundation says those documents don’t exist. OpenOffice hasn’t received a demand and can’t find any evidence of a breach. It seems likely that Akira has hit some company, but not part of the Apache Software Foundation. Possibly someone that heavily uses OpenOffice, or even provides some level of support for that application. There is one more wrinkle here.

Since Apache OpenOffice is an open source software project, none of our contributors are paid employees for the project or the foundation…

First off, there are plenty of open source projects that have employee contributors, and it’s quite odd to imply otherwise. But second, for something as important as an office suite, this is a rather startling statement: there are no paid employees working on the OpenOffice code base.

NPM Typosquat Sophistication

There’s another NPM typosquatting campaign, which is barely news at this point. This one is newsworthy because these malicious packages use multiple layers of obfuscation, and lived on NPM for over four months. They use a clever bit of social engineering during package installation, in the form of a fake CAPTCHA prompt. The idea is that it makes the user less suspicious of the package, and also gives a legitimate reason for network access. But in reality, requiring user interaction defeats any automated analysis efforts.

The first layer of obfuscation consists of an eval() call with a bunch of decoder functions and an ugly encoded string. The result from that set of functions is URL-encoded and needed decoding, followed by an XOR with a key value. And finally, the executable function that finally emerges uses switch/case statements and hard-to-read values. It’s just a web to work through.

The payload behavior is boring in comparison, looking for any credentials on the system and uploading them to a remote server. It also checks for interesting browser cookies and passwords in the password manager, and any authentication tokens it can find.

WordPress Plugin Problems

[István Márton] at Wordfence has the story on a pair of WordPress plugins with severe vulnerabilities, effecting a whopping 500,000 sites combined. Up first is AI Engine, with 100,000 installs. This plugin has an unauthenticated URL endpoint that can expose a bearer token, which then allows access to the MCP endpoint, and arbitrary control of users. The good news here is that the plugin is not vulnerable by default, and requires the “No-Auth URL” setting to be configured to be vulnerable.

The other plugin is Post SMTP, with 400,000 installs. It replaces WordPress’s PHP email handling, and one of the features is the ability to view those emails from the logs. The problem was that before 3.6.1, viewing those email logs didn’t require any permissions. At first blush, that may seem like a medium severity problem, but WordPress is often configured to allow for password resets via emailed links, which means instant account takeover. Both issues have been fixed, and releases are available.

React Native CLI and Metro

A combination of the React Native CLI package and the Metro development server exposed React Native developers to a nasty 9.8 CVSS Remote Code Execution (RCE) CVE. The first element of this vulnerability is the fact that when Metro opens ports for hosting development work, it doesn’t bind to localhost, but listens on all interfaces by default.

When a new Reactive Native project is created without using a framework, some boilerplate code is run as part of the initialization. The end result is that /open-url handler is added to the project, and this handler calls open() with an outside string from the URL. It’s not hard to imagine how this can be abused for arbitrary code injection.

KASLR

Let’s talk about address randomization. Specifically, Kernel Address Space Layout Randomization (KASLR). It’s one of the defenses against turning an arbitrary memory write into a working exploit. If an attacker can’t predict where kernel objects will be in memory, twiddling bits is more likely to crash the system than result in code execution. It’s great in theory. The problem is that it doesn’t necessarily exist in reality.

That’s the story from [Seth Jenkins] at Google’s Project Zero, who was looking for ways to crack Pixel phones. It turns out that memory hotplugging is supported by Linux on Android, and that potential hotplug memory needs a lot of room in the linear memory map. So much room that it’s impractical to also randomize that layout. So while we still technically have KASLR protecting the kernel from attacks, there’s a really big gotcha in the form of the linear memory map.

Bits and Bytes

If you want a really deep dive into how BLE works, and how to investigate an existing BLE connection with an SDR, [Clément Ballabriga] from Lexfo has the scoop. It is significantly more complicated than you might expect, particularly since BLE uses frequency hopping, and a wide enough range of frequencies that your SDR almost certainly can’t capture them all at once. That means breaking a tiny part of the signal security, in order to accurately predict the frequency hops.

Cisco’s Unified Contact Center Express (UCCX) has several vulnerabilities that allows an attacker to run code as root. One vulnerability is in handling arbitrary file uploads by the Java Remote Method Invocation system. Another is an authentication bypass that can be exploited by coercing the target system to use a malicious remote server as part of the authentication process. Fixes are available, and so far it doesn’t look like these flaws have been used in the wild.

And finally, there’s the November Android security bulletin, that fixes CVE-2025-48593, a logic error in security updates in apexd.cpp that can lead to escalation of privilege.

I’ve seen this flaw conflated with CVE-2025-38593, a Bluetooth vulnerability recently fixed in the Linux kernel. This is a medium severity race condition in the kernel that can lead to a double-free and a system crash. There doesn’t seem to be a way to turn this into an RCE, as is reflected by its CVSS of 4.7.

hackaday.com/2025/11/07/this-w…

Dear Friend of Press Freedom,

Rümeysa Öztürk has been facing deportation for 227 days for co-writing an op-ed the government didn’t like, and the government hasn’t stopped targeting journalists for deportation. Read on for news from Illinois, our latest public records lawsuit, and how you can take action to protect journalism.

Enforce ICE restraining orders now

A federal judge in Chicago yesterday entered an order to stop federal immigration officers from targeting journalists and peaceful protesters, affirming journalists’ right to cover protests and their aftermath without being assaulted or arrested.

Judge Sara Ellis entered her ruling — which extended a similar prior order against Immigration and Customs Enforcement — in dramatic fashion, quoting everyone from Chicago journalist and poet Carl Sandburg to the Founding Fathers. But the real question is whether she’ll enforce the order when the feds violate it, as they surely will. After all, they violated the prior order repeatedly and egregiously.

Federal judges can fine and jail people who violate their orders. But they rarely use those powers, especially against the government. That needs to change when state thugs are tearing up the First Amendment on Chicago’s streets. We suspect Sandburg would agree.

Journalist Raven Geary of Unraveled Press summed it up at a press conference after the hearing: “If people think a reporter can’t be this opinionated, let them think that. I know what’s right and what’s wrong. I don’t feel an ounce of shame saying that this is wrong.”

Congratulations to Geary and the rest of the journalists and press organizations in Chicago and Los Angeles that are standing against those wrongs by taking the government to court and winning. Listen to Geary’s remarks here.

Journalists speak out about abductions from Gaza aid flotillas

We partnered with Defending Rights & Dissent to platform three U.S. journalists who were abducted from humanitarian flotillas bound for Gaza and detained by Israel.

They discussed the inaction from their own government in the aftermath of their abduction, shared their experiences while detained, and reflected on what drove them to take this risk while so many reporters are self-censoring.

We’ll have a write-up of the event soon, but it deserves to be seen in full. Watch it here.

FPF takes ICE to court over dangerous secrecy

We filed yet another Freedom of Information Act lawsuit this week — this time to uncover records on ICE’s efforts to curtail congressional access to immigration facilities.

“ICE loves to demand our papers but it seems they don’t like it as much when we demand theirs,” attorney Ginger Quintero-McCall of Free Information Group said.

If you are a FOIA lawyer who is interested in working with us pro bono or for a reduced fee on FOIA litigation, please email lauren@freedom.press.

Read more about our latest lawsuit here.

If Big Tech can’t withstand jawboning, how can individual journalists?

Last week, Sen. Ted Cruz convened yet another congressional hearing on Biden-era “jawboning” of Big Tech companies. The message: Government officials leaning on these multibillion-dollar conglomerates to influence the views they platform was akin to censorship.

Sure, the Biden administration’s conduct is worth scrutinizing and learning from. But if you accept the premise that gigantic tech companies are susceptible to soft pressure from a censorial government, doesn’t it go without saying that so are individual journalists who lack anything close to those resources?

We wrote about the numerous instances of “jawboning” of individual reporters during the current administration that Senate Republicans failed to address at their hearing. Read more here.

Tell lawmakers from both parties to oppose Tim Burke prosecution

Conservatives are outraged at Tucker Carlson for throwing softballs to neo-Nazi Nick Fuentes. But the Trump administration is continuing its predecessor’s prosecution of journalist Tim Burke for exposing Tucker Carlson whitewashing another antisemite — Ye, formerly known as Kanye West.

Lawmakers shouldn’t stand for this hypocrisy, regardless of political party. Tell them to speak up with our action center.

What we’re reading

FBI investigating recent incident involving feds in Evanston, tries to block city from releasing records (Evanston RoundTable). Apparently obstructing transparency at the federal level is no longer enough and the government now wants to meddle with municipal police departments’ responses to public records requests.

To preserve records, Homeland Security now relies on officials to take screenshots (The New York Times). The new policy “drastically increases the likelihood the agency isn’t complying with the Federal Records Act,” FPF’s Lauren Harper told the Times.

When your local reporter needs the same protection as a war correspondent (Poynter). Foreign war correspondents get “hostile environment training, security consultants, trauma counselors and legal teams. … Local newsrooms covering militarized federal operations in their own communities? Sometimes all we have is Google, group chats and each other.”

YouTube quietly erased more than 700 videos documenting Israeli human rights violations (The Intercept). “It is outrageous that YouTube is furthering the Trump administration’s agenda to remove evidence of human rights violations and war crimes from public view,” said Katherine Gallagher of the Center for Constitutional Rights.

Plea to televise Charlie Kirk trial renews Senate talk of cameras in courtrooms (Courthouse News Service). It’s past time for cameras in courtrooms nationwide. None of the studies have ever substantiated whatever harms critics have claimed transparency would cause. Hopefully, the Kirk trial will make this a bipartisan issue.

When storytelling is called ‘terrorism’: How my friend and fellow journalist was targeted by ICE (The Barbed Wire). “The government is attempting to lay a foundation for dissenting political beliefs as grounds for terrorism. And people like Ya’akub — non-white [or] non-Christian — have been made its primary examples. Both journalists; like Mario Guevara … and civilians.”

freedom.press/issues/time-to-e…

Last week, Sen. Ted Cruz convened yet another congressional hearing on Biden-era “jawboning” of Big Tech companies. The message: Government officials leaning on these multibillion-dollar conglomerates to influence the views they platform was akin to censorship. Officials may not have formally ordered the companies to self-censor, but they didn’t have to – businesspeople know it’s in their economic interests to stay on the administration’s good side.

They’re not entirely wrong. Public officials are entitled to express their opinions about private speech, but it’s a different story when they lead speakers to believe they have no choice but to appease the government. At the same time the Biden administration was making asks of social platforms, the former president and other Democrats (and Republicans) pushed for repealing Section 230 of the Communications Decency Act, the law that allows social media to exist.

It’s unlikely that the Biden administration intended its rhetoric around Section 230 to intimidate social media platforms into censorship. That said, it’s certainly possible companies made content decisions they otherwise wouldn’t have when requested by a government looking to legislate them out of existence. It’s something worth exploring and learning from.

But if you accept the premise — as I do — that gigantic tech companies with billions in the bank and armies of lawyers are susceptible to soft pressure from a censorial government, doesn’t it go without saying that so are individual journalists who lack anything close to those resources?

If it’s jawboning when Biden officials suggest Facebook take down anti-vaccine posts, isn’t it “jawboning” when a North Carolina GOP official tells ProPublica to kill a story, touting connections to the Trump administration? When the president calls for reporters to be fired for doing basic journalism, like reporting on leaks? When the White House and Pentagon condition access on helping them further official narratives? A good-faith conversation about jawboning can’t just ignore all of that.

Here are some more incidents Cruz and his colleagues have not held hearings about:

• A Department of Homeland Security official publicly accused a Chicago Tribune reporter of “interference” for the act of reporting where immigration enforcement was occurring. Journalism, in the government’s telling, constituted obstruction of justice. That certainly could lead others to tread cautiously when exercising their constitutional right to document law enforcement actions.
• Director of National Intelligence Tulsi Gabbard attacked Washington Post reporter Ellen Nakashima by name, suggesting her reporting methods — which is to say, calling government officials — were improper and reflected a media establishment “desperate to sabotage POTUS’s successful agenda.” Might that dissuade reporters from seeking comment from sources, or sources from providing such comment to reporters?
• When a journalist suggested people contact her on the encrypted messaging app Signal, an adviser to Defense Secretary Pete Hegseth said she should be banned from Pentagon coverage. The Pentagon then attempted to exclude her from Hegseth’s trip to Singapore. Putting aside the irony of Hegseth’s team taking issue with Signal usage, it’s fair to assume journalists are less likely to suggest sources lawfully contact them via secure technologies if doing so leads to government threats and retaliation.
• Bill Essayli, a U.S. attorney in California, publicly called a reporter “a joke, not a journalist” for commenting on law enforcement policies for shooting at moving vehicles. Obviously, remarks from prosecutors carry unique weight and have significant potential to chill speech, particularly when prosecutors make clear that they don’t view a journalist as worthy of the First Amendment’s protections for their profession.

Sources wanting to expose wrongdoing ... will think twice about talking to journalists who are known targets of an out-of-control administration.

There are plenty more examples — and that doesn’t even get into all the targeting of news outlets, from major broadcast networks to community radio stations. They may have more resources than individual reporters, but they’re nowhere near as well positioned to withstand a major spike in legal bills and insurance premiums as big social media firms (who this administration also jawbones to censor constitutionally protected content).

And hovering over all of this is President Donald Trump himself, whose social media feed doubles as an intimidation campaign against reporters. Our Trump Anti-Press Social Media Tracker documents hundreds of posts targeting not only news outlets but individual journalists. It’s documented over 3,500 posts. Unlike Biden-era “jawboning,” threats like these come from the very top — people in a position to actually carry them out. And unlike Biden’s administration, Trump’s track record makes the threat of government retribution real, not hypothetical.

Trump views excessive criticism of him as “probably illegal.” He has made very clear his desire for journalists to be imprisoned, sued for billions, and assaulted for reasons completely untethered to the Constitution, and has surrounded himself with bootlicking stooges eager to carry out his whims. “Chilling” is an understatement for the effect when a sitting president — particularly an authoritarian one — threatens journalists for doing their job.

It’s not only that these journalists don’t have the resources of Meta, Alphabet, and the like. They also have much more to lose. Tech companies might get some bad PR based on how they handle government takedown requests, but it’s unlikely to significantly impact their bottom line, particularly when news content comprises a small fraction of their business.

But journalists don’t just host news content, they create it. Their whole careers depend on their reputations and the willingness of sources to trust them. Sources wanting to expose wrongdoing, who often talk to journalists at great personal risk and try to keep a low profile, will think twice about talking to journalists who are known targets of an out-of-control administration.

Other news outlets might be reluctant to hire someone who has been singled out by the world’s most powerful person and his lackeys. Editors and publishers — already spooked about publishing articles that might draw a SLAPP suit or worse from Trump — will be doubly hesitant when the article is written by someone already on the administration’s public blacklist.

Unlike Biden’s antics, the Trump administration has cut out the middleman by directly targeting the speech and speakers it doesn’t like. And it wields this power against people with a fraction of the resources to fight back. If that’s not jawboning, what is?

freedom.press/issues/if-big-te…

In Piemonte anche l’accesso alle case popolari, dopo il vergognoso bonus Vesta, diventa terreno di scontro ideologico per l’Assessore regionale alla Casa Maurizio Marrone (Fratelli d’Italia).

Protagonista suo malgrado una donna migrante, a cui il giudice ha riconosciuto di essere stata discriminata da una legge regionale secondo cui, per ottenere un alloggio di edilizia popolare, l’inquilino deve essere titolare di un contratto di lavoro. Ma questo vale solo se straniero.

Di fronte a questa sentenza, Marrone non ha aperto una riflessione sull’ingiustizia della norma che viola le direttive europee sui diritti delle persone con e senza cittadinanza ed è in contrasto con la Costituzione italiana e con ogni principio di umanità, ma ha scelto di attaccare il giudice e rilanciare la retorica della “difesa degli Italiani” – sempre con la maiuscola – trasformando un bisogno sociale primario in uno strumento di propaganda.

Non si tratta di una svista o di una frase sfuggita. È una strategia politica coerente, che punta a dividere, individuare un nemico, far credere che alcuni abbiano più diritto di altri di accedere ai servizi e alle tutele sociali. Non è un incidente: è un progetto politico.

Siamo di fronte a una legge che discrimina in modo esplicito e deliberato chi vive in Piemonte ma non ha cittadinanza italiana. La legge che Marrone difende è fascista nei fatti. A questo punto non serve più chiedergli se lui e il suo partito lo siano o meno: sarebbe come chiedere a chi impone una discriminazione se si considera discriminatorio, e poi usare la sua risposta per stabilire la verità. La realtà si misura nelle scelte, nelle norme, nelle vite che colpiscono. Non nelle etichette che uno si appiccica o evita.

Le istituzioni dovrebbero garantire equità e sostegno, non alimentare divisioni né usare la povertà come terreno di scontro politico.

Come Possibile, anche grazie al lavoro della nostra consigliera regionale Giulia Marro, continueremo a lavorare perché vengano riconosciuti i diritti di tutti e tutte, senza distinzioni arbitrarie.

Piemonte Possibile

L'articolo Sulle case popolari in Piemonte l’assessore Marrone difende una norma discriminatoria proviene da Possibile.