Set Phone to… Hyperspectral
While our eyes are miraculous little devices, they aren’t very sensitive outside of the normal old red, green, and blue spectra. The camera in your phone is far more sensitive, and scientists want to use those sensors in place of expensive hyperspectral ones. Researchers at Purdue have a cunning plan: use a calibration card.
The idea is to take a snap of the special card and use it to understand the camera’s exact response to different colors in the current lighting conditions. Once calibrated to the card, they can detect differences as small as 1.6 nanometers in light wavelengths. That’s on par with commercial hyperspectral sensors, according to the post.
You may wonder why you would care. Sensors like this are useful for medical diagnostic equipment, analysis of artwork, monitoring air quality, and more. Apparently, high-end whisky has a distinctive color profile, so you can now use your phone to tell if you are getting the cheap stuff or not.
We also imagine you might find a use for this in phone-based spectrometers. There is plenty to see in the hyperspectral world.
Active Directory nel mirino! Come i criminal hacker rubano NTDS.dit
Active Directory (AD) contiene le chiavi digitali dell’organizzazione: l’accesso non autorizzato a questo servizio espone informazioni sensibili e credenziali che possono condurre a una compromissione totale del dominio.
Tra gli asset più critici c’è il file NTDS.dit, che memorizza l’insieme dei dati di dominio e gli hash delle password. Questo articolo ricostruisce un caso reale in cui attori ostili hanno ottenuto privilegi elevati, hanno estratto NTDS.dit e hanno tentato la sua esfiltrazione eludendo controlli comuni.
Il valore strategico di NTDS.dit
In un ambiente Windows dominato da Active Directory, il file NTDS.dit (NT Directory Services Directory Information Tree) rappresenta il database centrale del dominio: contiene account utente, policy di gruppo, oggetti computer e — elemento cruciale — gli hash delle password di tutti gli account, compresi quelli con privilegi di Domain Administrator.
Il furto di questo file permette ad un attaccante, una volta in possesso dell’hive di sistema (SYSTEM) per decrittare il contenuto, di estrarre gli hash, attaccarli offline e impersonare qualunque identità all’interno del dominio. In pratica si ottiene la “mappa” dell’identità digitale dell’organizzazione.
Gli aggressori, riporta la ricerca di Trellix, dopo aver acquisito privilegi amministrativi su un host, sfruttano spesso strumenti nativi (ad esempio vssadmin) per creare Volume Shadow Copy e aggirare i lock sui file, copiando così NTDS.dit senza interrompere i processi AD. Successivamente riparano il file con esentutl e ricavano credenziali con utilità come SecretsDump, Mimikatz o anche con semplici comandi di copia. Queste operazioni possono risultare sorprendentemente silenziose per molte difese tradizionali, motivo per cui il rilevamento basato sul comportamento di rete è fondamentale.
Sequenza dell’attacco: estrazione e esfiltrazione di NTDS.dit
L’analisi del caso mostra una catena di azioni tipica: accesso iniziale, raccolta di hash, uso di hash per autenticarsi, movimento laterale e quindi estrazione di NTDS.dit insieme all’hive di registro SYSTEM, indispensabile per ottenere la Boot Key necessaria alla decrittazione.
Fasi principali illustrate:
- Raccolta degli hash — Gli avversari ottengono hash delle password tramite metodi come DCSync o estraendoli dalla memoria del processo
lsass.exe(ad esempio con Mimikatz), operazione che richiede privilegi elevati sull’host compromesso. - Autenticazione tramite hash rubati — Con la tecnica “Pass the Hash” (MITRE ID: T1550.002) è possibile autenticarsi come l’utente compromesso, sfruttando NTLM o algoritmi AES (es.
/ntlm,/aes128,/aes256) per connettersi a risorse di rete o avviare processi remoti. - Espansione della compromissione — Le credenziali ottenute vengono usate per eseguire strumenti come PSExec e raggiungere altri sistemi, ampliando la superficie d’attacco e ripetendo il ciclo di furto credenziali e movimento laterale.
- Dump ed esfiltrazione di NTDS.dit e SYSTEM — Per copiare NTDS.dit pur con AD attivo, gli aggressori possono:
- creare una snapshot del volume tramite Volume Shadow Copy Service (VSS) e prelevare il file dalla copia;
- utilizzare utility PowerShell (es. Invoke-NinjaCopy o simili) per copiare file in uso;
- sfruttare strumenti di sistema come
NTDSUtil.exeoDSDBUtil.exeper esportare dati.
Dalla snapshot gli attaccanti prelevano NTDS.dit e l’hive SYSTEM, li posizionano in una cartella di staging, li verificano con editor esadecimali o strumenti di parsing AD e quindi li archiviano per l’esfiltrazione verso server esterni.
Raccomandazioni operative
Dall’analisi emergono indicazioni concrete per la mitigazione: monitorare e bloccare movimenti SMB e trasferimenti di file inconsueti, controllare e limitare l’uso di strumenti di amministrazione remota come PsExec, rafforzare la protezione degli account con privilegi elevati e abilitare controlli per rilevare creazioni di Volume Shadow Copy e altre tecniche note per aggirare i lock sui file.
L'articolo Active Directory nel mirino! Come i criminal hacker rubano NTDS.dit proviene da il blog della sicurezza informatica.
This Week in Security: Randomness is Hard, SNMP Shouldn’t Be Public, and GitHub Malware Delivery
Randomness is hard. To be precise, without dedicated hardware, randomness is impossible for a computer. This is actually important to keep in mind when writing software. When there’s not hardware providing true randomness, most rnd implementations use a seed value and a pseudo random number generator (PRNG). A PRNG is a function that takes a seed value, and turns it into a seemingly random value, and also produces a new seed for the next time a random value is needed. This could be as simple as a SHA256 sum, where the hash output is split to become the next seed and the random value.
The PRNG approach does still have a challenge. Where does the initial seed come from? There are a few common, if flawed, approaches, and one of the most common is to use the system clock. It’s not a bulletproof solution, but using the microsecond counter since the last system boot is often good enough, because there are a lot of them to choose from — the entropy is high. With that brief background in mind, let’s talk about what happens in VBScript. The Randomize call is used to seed that initial value, but Randomize has some quirks.
The first is a great feature: calling Randomize a second time with the same seed doesn’t reset the PRNG engine back to the same initial state. And second, when called without a value, Randomize uses the number of system ticks since midnight as the PRNG seed. There are 64 ticks per second, giving five-and-a-half million possible seeds, or 22 bits of entropy. This isn’t great on its own, but Randomize internally typecasts that number of ticks into a narrower value, with a maximum possible of time-based seeds set at 65,536, which is a lot easier to brute-force.
We don’t know the exact application where the researchers at Doyensec found VBScript generating secure tokens, but in their Proof of Concept (PoC) test run, the generated token could be found in four guesses. It’s a terrible security fail for basically any use, and it’s a deceptively easy mistake to make.
GoAnywhere Exploit
The folks at WatchTowr have a report on a blistering 10.0 CVE in the GoAnywhere Managed File Transfer (MFT) product. This vulnerability was first published on September 18, and the WatchTowr crew took a look at it, and had questions. This bug is a deserialization attack that can land even without any authentication. It can result in command injection, and the latest update from GoAnywhere vendor Forta vaguely indicates that it is being used for attacks in the wild. But this is particularly odd: before the vulnerable interface deserializes, it first checks for a valid signature. And WatchTowr researchers couldn’t find a leak of a valid private key. So how was the vulnerability in use in the wild?
Lucky for us, there’s a part two to this story, but not all of the mysteries are explained. This CVE is indeed being exploited in the wild, with the earliest known exploit being September 10th. Since there was a full week between the earliest known compromise and the release of the patch, it seems unfortunate that it took WatchTowr this long to confirm that this vulnerability was actually exploited in the wild.
Cisco and Public SNMP
Two million Cisco systems are at risk from CVE-2025-20352. This is a remotely accessible flaw in the handling of Simple Network Management Protocol traffic. The attack does require valid credentials, but the attack works using SNMPv1, v2, or v3. While SNMPv3 has more secure user credentials, the earlier SNMP versions just used “community strings”, a text based password that was often set to “public”.
This vulnerability seems to lead to either a crash or a Remote Code Exploitation (RCE). It’s not entirely clear how difficult it is to achieve RCE, but it’s noteworthy that RCE here is run as root, a level of access not usually available even to administrators of Cisco equipment. So far there’s no indication that this was used in the wild, but now that some information and a patch is available, it’s likely not going to take long for someone to reverse-engineer the vulnerability and weaponize it.
More Spilled Tea
Remember the Tea Spilling from a couple months ago? The Tea app had an unsecured Firebase database. It turns out that wasn’t an isolated incident. [Mike Oude Reimer] has been working on OpenFirebase, an auditing tool for FireBase installs. And to prove the point, did an audit on 400 of the most popular Android apps from a trio of categories in the play store, and found 150 Firebase servers that granted unintended access of some sort. That’s a bit stunning, that over one in three Android apps have insecure Firebase servers associated with them.
Github Malware Delivery
There’s a malware campaign that has happened in the last couple weeks, based around Search Engine Optimization and GitHub repositories. The instructions peddle malicious commands to users looking for popular software on the Mac, like LastPass and others. I was prepared to write about how Ad Blocking is really a form of security protection, as these campaigns are often delivered via advertising, but this one seems to primarily be based on real search engine placement.
This isn’t the only malware campaign that takes advantage of GitHub’s reputation as a trusted source of software. A phishing campaign was also recently spotted, where spam messages were added as GitHub issues, with the spammers tagging their victims, and offering fake Y Combinator sponsorships. Since the messages were sent via GitHub, most spam blockers treated them as legitimate. This campaign was a bit more clever than most, making use of domain typo-squatting, with the y-comblnator.com domain used as part of the campaign. The goal here being draining the crypto accounts of people sufficiently fooled by the messages.
Bits and Bytes
Is nothing sacred? In addition to GitHub, malware appears to be distributed via Steam, in updates to games. The most recent example was the Block Blasters game, which was on Steam for nearly two months before shipping malicious code.
How can you figure out whether an image is AI, or has been manipulated with AI or other tools? There’s quite a few approaches, but one of the interesting ones is to look at the JPEG artifacting. If part of the image has ever been compressed via JPEG, this results in blocky artifacts that are hard for the human eye to spot, but easy to see with the right tools.
And finally, in a blast from the past, Supermicro has another pair of vulnerabilities that could allow malicious firmware on server Baseboard Management Controller (BMCs). The way these images are signed is slightly odd, with the various portions of the file signed independently. The attack is to treat these sections like cards in a deck, and shuffle malicious slices into the stack. The verification routine thinks all the important pieces are signed, but during a real boot, the malicious code runs instead. Patches coming soon.
Steamboat Willie Still Tests Copyright
If you know anything about Mickey Mouse, you’ll be able to tell us that his first outing was in 1928’s Steamboat Willie — an animated short that sees our hero as the hapless pilot of a riverboat battling an assortment of animals and his captain. It entered the public domain last year, meaning that it and the 1928 incarnation of Mickey are now free of any copyright obligation to the media giant.
There’s an interesting development from Florida on that front though as it seems Disney may have been testing this through legal means, and now a law firm wants to see them in court over their proposed use of the film in an advert.
Of course here at Hackaday we don’t cover the dry subject of Florida legal news as a rule, but we are interested in the world of copyright as it applies to many other things that do come under our eye. As we understand it the law firm is requesting the judge assert their protection from trademark claims over the use of Disney’s 1928 Willie, given that there have been claims from the entertainment giant against others doing the same thing.
It’s hardly surprising that a large corporation might seek to use legal muscle and trademark law to de facto extend the term of Mickey’s protection beyond the defined copyright expiration date, so for once it’s refreshing to see them come up against someone unafraid of a courtroom.
We hope that common sense will prevail, and this undermining of a cherished right (not to mention prior case law) is not allowed to succeed. Meanwhile if you’d like a 1928 Mickey that Disney have shied away from coming after, look no further than the EFF.
A Ham-Adjacent Portable Radio Repeater
Although ham radio offers a wide array of bands to transmit on, not to mention plenty of modes to communicate with, not everyone wants or needs to use all of this capability. For those needing simple two-way communication services like FRS or GMRS are available (in North America) with much less stringent licensing requirements, and GMRS even allows repeaters to be used to extend their range beyond the typical mile or so. [Dave] aka [N8DAV] has built an off-grid simplex repeater that can travel around with him wherever he goes.
The repeater itself is based on a pre-built simplex repeater module, which means that it has to record an incoming signal and then play it back on the same frequency. Compared to a split frequency repeater which uses different frequencies for transmit and receive this can be a bit cumbersome but simplifies the design and the use. A Baofeng UV-5R is used to perform the actual radio duties paired to a 40 watt amplifier to extend the range as much as possible. It’s all packed into a Pelican-like case and set up with a large battery that could power it for a number of days, making it useful for camping, rescue, or other off-grid activities.
For those wondering why [Dave] is using his ham call sign instead of his GMRS one, all of the equipment in this build will work in either the UHF ham bands or the channels reserved for GMRS with minor adjustments, so it’s perfectly possible to use the setup for one’s preferred license. And, for those in other parts of the world without GMRS there’s a similar class of radio called UHF CB which might be able to support similar builds, but be sure to check your local jurisdiction’s laws before hooking something like this up. For an even longer-range radio repeater using similar equipment we’d recommend looking to the skies.
youtube.com/embed/_S3fQOkPa9s?…
Thanks to [Red] for the tip!
Un attacco informatico ucraino paralizza il sistema di pagamento russo SBP
Gli specialisti informatici dell’intelligence di difesa dell’Ucraina hanno portato a termine con successo un attacco che ha paralizzato il sistema di pagamento nazionale russo SBP. Fonti della DIU hanno condiviso la notizia con Militarnyi. Secondo loro, l’attacco era mirato alle infrastrutture utilizzate per finanziare le organizzazioni che sostengono l’aggressione contro l’Ucraina.
A seguito di un attacco DDOS su larga scala al sistema SBP e al provider TransTeleCom, un numero significativo di russi ha perso la possibilità di effettuare trasferimenti istantanei e pagare gli acquisti online. Gli abitanti di Ekaterinburg si sono lamentati in massa sui social media per le interruzioni del servizio, poiché le persone non erano in grado di pagare i mezzi di trasporto o di fare rifornimento alle stazioni di servizio.
L’attacco informatico ha causato anche interruzioni nell’accesso a Internet e alla televisione interattiva. Centinaia di migliaia di abbonati di provider locali in diverse regioni della Federazione Russa sono rimasti senza comunicazione. Secondo l’intelligence ucraina, le conseguenze dell’attacco hanno avuto un impatto significativo sull’economia russa.
“Le perdite economiche stimate a seguito dell’attacco DDOS al sistema di pagamento SBP ammontano fino a 30 milioni di dollari”, ha sottolineato la DIU.
Sui social network di Ekaterinburg sono comparse numerose lamentele riguardo all’impossibilità di pagare online i trasporti pubblici o i pagamenti alle stazioni di servizio.
L'articolo Un attacco informatico ucraino paralizza il sistema di pagamento russo SBP proviene da il blog della sicurezza informatica.
Altro che cervello e quaderni! ChatGPT domina i banchi di scuola
L’utilizzo di ChatGPT è aumentato vertiginosamente con l’inizio del nuovo anno scolastico in Occidente, con la generazione di token che ha raggiunto livelli record. Secondo OpenRouter , il popolare chatbot OpenAI ha elaborato 78,3 miliardi di token il 18 settembre, il livello più alto dal calo estivo.
A giugno 2025, quando la maggior parte delle scuole era in vacanza, l’utilizzo medio giornaliero è sceso a 36,7 miliardi di token. A titolo di confronto, a maggio 2025, tra esami e finali, la media era vicina agli 80 miliardi al giorno.
Le statistiche di OpenRouter, che monitorano l’attività di 2,5 milioni di utenti, mostrano come i modelli cambino radicalmente a seconda del calendario accademico. Sebbene i dati riflettano una sola piattaforma, vengono utilizzati attivamente da ricercatori e investitori per analizzare le dinamiche di adozione degli LLM.
Come sottolinea Futurism, studi, tra cui uno della Rutgers University, hanno già confermato una forte correlazione tra la popolarità di ChatGPT e il processo educativo. Questo è facilmente osservabile osservando la grafica interattiva di OpenRouter .
L’attività diminuisce costantemente durante le vacanze primaverili ed estive, mentre aumenta con l’inizio delle lezioni. Pertanto, gli studenti costituiscono una parte significativa del pubblico di ChatGPT.
Tra i modelli monitorati da OpenRouter, ChatGPT 4.1 Mini è in testa, con 26,9 miliardi di token minati il 18 settembre. Il nuovo GPT-5 ha visto 18,7 miliardi di token minati lo stesso giorno. Anche altre versioni, come GPT-4o Mini e GPT-5 Mini, hanno dato un contributo significativo.
Questi dati confermano che gli strumenti di intelligenza artificiale sono sempre più utilizzati negli istituti scolastici. Gli studenti utilizzano il chatbot OpenAI per scrivere, cercare informazioni e supportare l’apprendimento. Non si tratta solo dei rischi associati all’imbroglio. Molti educatori ritengono utile insegnare agli studenti come interagire con tali sistemi e utilizzarli in modo responsabile.
Come ogni nuova tecnologia, l’intelligenza artificiale si sta rapidamente integrando nella vita quotidiana dei giovani. La discussione è già andata oltre la questione se ChatGPT debba essere utilizzato o meno. La questione chiave ora è come integrarlo correttamente nel processo educativo, in modo che l’intelligenza artificiale completi l’apprendimento anziché sostituirlo.
L'articolo Altro che cervello e quaderni! ChatGPT domina i banchi di scuola proviene da il blog della sicurezza informatica.
The New Raspberry Pi 500+: Better Gaming with Less Soldering Required
When Raspberry Pi released the Pi 500, as essentially an RPi 5 integrated into a chiclet keyboard, there were rumors based on the empty spots on the PCB that a better version would be released soon. This turned out to be the case, with [Jeff Geerling] now taking the new RPi 500+ to bits for some experimentation and keyboard modding.
The 500’s case was not designed to be opened, but if you did, you’d find that there was space allocated for a Power-Over-Ethernet section as well as an M.2 slot, albeit with all of the footprints unpopulated. Some hacking later and enterprising folk found that soldering the appropriate parts on the PCB does in fact enable a working M.2 slot. What the 500+ thus does is basically do that soldering work for you, while sadly not offering a PoE feature yet without some DIY soldering.
Perhaps the most obvious change is the keyboard, which now uses short-travel mechanical switches – with RGB – inside an enclosure that is now fortunately easy to open, as you may want to put in a different NVMe drive at some point. Or, if you’re someone like [Jeff] you want to use this slot to install an M.2 to Oculink adapter for some external GPU action.
After some struggling with eGPU devices an AMD RX 7900 XT was put into action, with the AMD GPU drivers posing no challenge after a kernel recompile. Other than the Oculink cable preventing the case from closing and also losing the M.2 NVMe SSD option, it was a pretty useful mod to get some real gaming and LLM action going.
With the additions of a presoldered M.2 slot and a nicer keyboard, as well as 16 GB RAM, you have to decide whether the $200 asking price is worth it over the $90 RPi 500. In the case of [Jeff] his kids will have to make do with the RPi 500 for the foreseeable future, and the RPi 400 still finds regular use around his studio.
youtube.com/embed/Dv3RRAx7G6E?…
Commodore 64: Dal mito degli anni ’80 al 2025! Vendute 10.000 nuove console
Commodore Corporation BV è stata recentemente acquisita da fan ed ex dipendenti. Ora, il nuovo marchio Commodore ha annunciato un traguardo significativo: il primo computer Commodore 64 Ultimate in 30 anni ha superato le 10.000 unità vendute.
L’account X ufficiale dell’azienda ha pubblicato i dati di vendita e ringraziato la community per il supporto. Come mostra il grafico pubblicato, le vendite sono iniziate in modo molto attivo il 12 luglio di quest’anno.
Da agosto, il trend è stato più uniforme, ma stabile. La cronologia mostra anche le date di uscita della trilogia video “Let’s Buy Commodore”, che ha ottenuto centinaia di migliaia di visualizzazioni (un episodio ha superato le 400.000 visualizzazioni). Il management dell’azienda ha monitorato attentamente l’impatto della campagna video sulle vendite.
Nella prima settimana dopo il lancio del nuovo prodotto, Commodore raccolse oltre 2 milioni di dollari. Ciò coincise con la pubblicazione del video “Making History: Signing the Commodore Contract + C64 Ultimate Production Update”, che vide un ulteriore incremento delle vendite. Fu allora che molti si resero conto che l’azienda era davvero in via di guarigione.
Subito dopo il traguardo delle 10.000 unità vendute, Commodore ha ricordato a tutti che c’è ancora tempo per preordinare il primo lotto tramite commodore.net ed essere tra i primi acquirenti quest’anno.
Il Commodore 64 Ultimate, basato su una piattaforma FPGA e dotato della “prima scheda madre con tastiera trasparente al mondo”, ha un prezzo di partenza di 299 dollari. È stato anche precisato che la Founders Edition sarà un’edizione unica.
Non è ancora stato annunciato un sostituto per chi se l’è perso, ma è previsto un modello simile.
youtube.com/embed/S2fGP59mJ5M?…
Anche se non avete intenzione di immergervi in una versione moderna dell’iconico C64, questa notizia merita di essere accolta positivamente. Commodore si sta posizionando come Founder’s Sandbox, una piattaforma per nuovi progetti informatici. La roadmap dell’azienda prevede fino a 12 importanti release nei prossimi quattro anni, il che ha già incuriosito la comunità degli appassionati di tecnologia retrò e moderna.
Le vendite del Commodore 64 Ultimate hanno superato le 10.000 unità, dimostrando che l’interesse per i computer retrò rimane forte e che il marchio rilanciato è in grado non solo di attingere alla nostalgia, ma anche di diventare una forza trainante per nuovi progetti tecnologici.
Il Commodore 64 originale (noto anche come C64) fu lanciato nel gennaio 1982 e divenne rapidamente il computer domestico più popolare dell’epoca. Il computer era dotato di un processore MOS Technology 6510/8500 a 8 bit con frequenza di 1,023 MHz nella versione NTSC e 0,985 MHz nella versione PAL.
Oltre a 64 KB di RAM, erano disponibili 20 KB di memoria di sola lettura, incluso un interprete BASIC. Inoltre, il dispositivo offriva supporto hardware per grafica a colori e audio. Il chip grafico VIC-II supportava una risoluzione di 320×200 pixel, 16 colori e sprite hardware. Il tutto era completato da interfacce per joystick, porte video/audio, uno slot per cartucce ROM e una porta seriale IEEE-488 (per unità disco o stampanti).
L'articolo Commodore 64: Dal mito degli anni ’80 al 2025! Vendute 10.000 nuove console proviene da il blog della sicurezza informatica.
Vertical Solar Panels are Out Standing
If you’re mounting solar panels, everybody knows the drill, right? Point them south, angled according to latitude. It’s easy. In a video which demonstrates that [Everyday Dave] is truly out standing in his field, we hear a different story. [Dave] has a year’s worth of data in his Solar Panel Showdown that suggests there are good reasons to mount your panels vertically.
Specifically, [Dave] is using bifacial solar panels– panels that have cells on both sides. In his preferred orientation, one side faces South, while the other faces North. [Dave] is in the Northern Hemisphere, so those of you Down Under would have to do the opposite, pointing one face North and the other South.
Since [Dave] is far from the equator, the N/S vertical orientation beats the pants off of East-West facing panels, especially in winter. What’s interesting is how much better the bifacial panels do compared to the “standard” tilted orientation. While peak power in the summer is much better with the tilted bifacial panels (indeed, even the tilted single-sided panels), in winter the vertical N/S panels blow them out of the water. (Especially when snow gets involved. Vertical panels don’t need sweeping!)
Even in the summer, though, there are advantages: the N/S panels may produce less power overall, but they give a trickle earlier and later in the day than the tilted orientation. Still, that extra peak power really shows, and over a six-month period from solstice-to-solstice, the vertical panels only produced 77% what the tilted bifacial panels did (while tilted single-sided panels produced 90%).
Is it worth it? That depends on your use case. If most of the power is going to A/C, you’ll need the extra in the warmer months. In that case, you want to tilt the panels. If you have a steady, predictable load, though, having even production winter/summer might be more to your liking– in that case you can join [Dave] in sticking solar panels straight up and down.
These results probably apply at latitudes similar to [Dave] who is in cloudy and snowy Ohio, which is perhaps not the ideal place for solar experimentation. If you’re not an Ohio-like distance from the equator, you might find an East-West array is the best bang for the buck. Of course if you really want to max out power from each individual cell, you can’t beat sun tracking regardless of where you are.
youtube.com/embed/I-Fz5T5c0OQ?…
Hovercraft Suitcase Gives Your Luggage a Smooth Ride
The wheels on roller suitcases are one of their primary failure points. After the destruction of the wheel mount on her DIY suitcase, [Laura Kampf] wondered if it would be better to dispense with wheels altogether.
To give her suitcase a lift, [Kampf] decided to turn it into a hovercraft so it couldn’t be stopped by pavement or puddles. The first task was finding an appropriate fan, and a compact leaf blower donated it’s body to makerdom for the project. After reducing the blower to it’s constituent components and finding a secret turbo switch, work began on the momentum curtain.
“Nose-holing” the arrangement and size of the holes to pipe air through the stapled tarp and tape skirt seemed to be the bulk of the trial-and-error in this one. Based on other hovercraft designs [Kampf] found, keeping the holes near the center of the inflated portion gave better lift. In the end, the carry-on is able to lift a decent amount even on its lowest setting, resulting in a suitcase that is “not embarrassing” for travel. No word yet on what TSA thinks.
If you’re looking for another unexpected lift off, how about a full-sized flying Delorean replica? We’ve also covered some of the reasons why we don’t see more of these all terrain wonders.
youtube.com/embed/dbtdgSodOpw?…
Tube Furnace is the Real Hotness
We aren’t sure what [theglassman] is working on, but based on his recent projects, we think it is probably something interesting. He’s been decapping ICs, growing oxide on silicon substrates, and has built a tube furnace capable of reaching 1200 °C.
What would you do with something that can melt cast iron? We aren’t sure, but maybe you’ll tell us in the comments. We do have a fair idea of what [theglassman] is doing, though.
The core of the oven is a quartz tube. Insulation is via refractory cement and alumina ceramic wool. The heating itself is classic Nichrome wire and a tiny thermocouple. The real key, though, is to the proper controller. [theglassman] suggests a ramp/soak controller. These allow you to program sequences that heat up and then stop, which, if done properly, can prevent your fragile quartz tube from cracking.
Naturally, you need the tube furnace to grow oxides on silicon. It is less clear why he’s decapping ICs. We were nervous about his process of boiling down sulfuric acid (fuming nitrate works better, anyway, if you just want to remove the epoxy). If you want to remove everything like he does, sodium hydroxide will also work well.
Obviously, we need to keep an eye on [theglassman]. We are curious what he’s working towards. Maybe making a custom transistor? Or, dare we hope, a homemade IC?
Surprisingly Refined Perpetual Motion Device Teardown
Perpetual motion devices are either a gag, a scam, or as in the case of this particular toy that [Big Clive] bought on AliExpress, a rather fascinating demonstration of a contact-free inductive sensor combined with a pulsed magnet boost for the metal ball. A cool part about the device is that it comes with a completely clear enclosure, so you can admire its internals while it’s operating. Less cool was that after unboxing the device wasn’t working as the detector wasn’t getting the 12 V it needs to operate, requiring a bit of repairing first.
Based on the label on the bottom of the device with the creative model identifier P-toy-002, its standby current is 10 µA which ramps up to 3 A when it’s operating. This makes sense when you look at the two core components: the industrial inductive detector, and a rather big electromagnet that’s driven by a bank of three 10 mF, 35V capacitors, turning it into something akin to a coilgun. Annoyingly, an attempt was made to erase most of the IC package markings.
The circuitry isn’t too complex, fortunately, with an adjustable electromagnet coil voltage circuit combined with a MOSFET to provide the pulse, and a 78L12 regulator to generate the 12 VDC from the coil’s voltage rail for the sensor that is monitored by a MCU.
youtube.com/embed/0mpxdDQHYDQ?…
How Water Vapor Makes Smartphones Faster
Once upon a time, home computers were low-powered enough that they barely needed any cooling at all. An Amiga 500 didn’t even have a heatsink on the CPU, while the early Macintosh got by with a single teeny little fan.
Modern smartphones are far more powerful than these ancient machines, packed with multi-core processors running at speeds of many gigahertz. Even still, they’ve generally been able to get by without any active cooling devices. However, as manufacturers continue to push the envelope of performance, they’ve had to scramble for ways to suck heat out of these handheld computers. Vapor chamber cooling has risen as a solution to this problem, using simple physics to keep your handset humming along at maximum speed for longer.
Cool Runnings
Keeping a smartphone cool is a unique challenge compared to other computing devices. In a desktop or laptop computer, designers can rely on fans, heatsinks, and even water cooling loops with radiators to get heat out of a device. However, for a phone, these methods aren’t so practical. Any air vents would be quickly blocked by pocket lint, and even the slimmest fan or heatsink would add a huge amount of bulk, which is unacceptable for a handheld device.
Thus far, smartphones have largely avoided heating issues in two ways. Firstly, by using low-power chipsets that simply don’t generate a lot of heat in the first place. Secondly, by thermally coupling the main chips to metal heat spreaders and sometimes the smartphone’s external housing, to effectively create a simple heatsink. However, smartphones continue to grow more powerful, generating more heat during demanding tasks like recording high-resolution video. Thus, engineers have had to find new ways to dump greater amounts of heat without compromising the aesthetics and usability of their devices.
Enter vapor chamber cooling. Picture a sealed metal cavity built into a smartphone, inside which is a small amount of water-based coolant. The phone’s chipset is thermally coupled to the cavity, such that the heat is absorbed by the coolant inside. Thanks to the physical properties of water, notably its huge specific heat value, it’s able to absorb a great deal of heat energy, particularly as it passes through the phase-change regime as the fluid turns from a liquid into a gas. As it heats up and vaporizes, the coolant spreads to fill the entire cavity, spreading the heat into the whole thermal mass of the casing where it can be released into the surroundings. As heat is released, the vapor cools back into a liquid, and the cycle can begin again. The idea is exactly the same as is used in heat pipes—where a liquid is heated beyond its phase change point into a vapor, and used to spread heat to other areas of a sealed cavity.
The vapor chamber has benefits over traditional metal heatsinks. The liquid coolant is very effective at evaporating and spreading heat around the entire chamber, wicking heat away from hot chips more quickly. Traditional heatsinks can end up with a hotspot over individual chips, whereas the vapor chamber is more effective at distributing the heat over a wider area.
The intention behind this is to allow phones to run at maximum performance for longer. Whether you’re shooting video or playing a game, it’s no good if your phone has to start throttling clock rates to stay cool in the middle of a task. The vapor chamber simply helps engineers suck more heat out of a phone’s chipset and get rid of it faster.
One drawback is that vapor chambers are obviously far more complex to manufacture than traditional heatsinks. Rather than a flat metal heat spreader, you have a delicate chamber into which coolant must be injected, and then the chamber must be sealed. The coolant must be able to soak up a great deal of heat, as well as safely deal with many cycles of vaporization and condensation, without causing any corrosion or damage to the chamber in the process. The entire vapor chamber must be able to survive the rough-and-tumble life of a handheld device that’s stuffed into pockets and thrown into bags every day of its life.
Vapor chambers have been around for a while now, first showing up in the Galaxy S7 in 2016. They’ve gradually become more popular, though, and these days, you’ll find a vapor chamber in phones like the Google Pixel 9 Pro, the Samsung Galaxy S25+, and the Apple iPhone 17 Pro and Pro Max. They’re still largely the preserve of flagship devices, perhaps as much due to their high-tech appeal and higher cost than traditional cooling solutions. Still, as the smartphone arms race continues, and these parts become more common, expect the technology to trickle down to more humble models in the years to come.
Trapped Soul in Time for Halloween
While it is sort of disturbing, it is one of the best uses for a round LCD we’ve seen lately. What is it? Just [vishalsoniindia]’s SoulCage — a pendant that appears to have a poor soul trapped inside of it. Just in time for the upcoming spooky holiday. You can see the device in operation in the short video below.
The heart (sorry, unintentional pun) of the device is an ESP32-S3 round display. That means the rest of it is software, a battery, and a 3D printed case. There’s a switch, too, to select a male or female image as well as shut the device off when not in use.
In particular, a switch was added to put a regulator in shutdown mode, the USB to serial converter needed a change, and a battery level detection circuit was cut. When off, the device draws about one microamp, so battery life should be very long in storage. In operation, the 85 mA draw provides approximately 11 hours of use per full charge. Plenty of time for a holiday party.
Spy Tech: The NRO and Apollo 11
When you think of “secret” agencies, you probably think of the CIA, the NSA, the KGB, or MI-5. But the real secret agencies are the ones you hardly ever hear of. One of those is the National Reconnaissance Office (NRO). Formed in 1960, the agency was totally secret until the early 1970s.
If you have heard of the NRO, you probably know they manage spy satellites and other resources that get shared among intelligence agencies. But did you know they played a major, but secret, part in the Apollo 11 recovery? Don’t forget, it was 1969, and the general public didn’t know anything about the shadowy agency.
Secret Hawaii
Captain Hank Brandli was an Air Force meteorologist assigned to the NRO in Hawaii. His job was to support the Air Force’s “Star Catchers.” That was the Air Force group tasked with catching film buckets dropped from the super-secret Corona spy satellites. The satellites had to drop film only when there was good weather.
In the 1960s, civilian weather forecasting was not as good as it is now. But Brandli had access to data from the NRO’s Defense Meteorological Satellite Program (DMSP), then known simply as “417”. The high-tech data let him estimate the weather accurately over the drop zones for five days, much better than any contemporary civilian meteorologist could do.
When Apollo 11 headed home, Captain Brandli ran the numbers and found there would be a major tropical storm over the drop zone, located at 10.6° north by 172.5° west, about halfway between Howland Island and Johnston Atoll, on July 24th. The storm was likely to be a “screaming eagle” storm rising to 50,000 feet over the ocean.
In the movies, of course, spaceships are tough and can land in bad weather. In real life, the high winds could rip the parachutes from the capsule, and the impact would probably have killed the crew.
What to Do?
With the clock ticking, Brandli started looking for an acceptable way to raise the alarm. The Navy was in charge of NASA weather forecasting, so the first stop was DoD chief weather officer Captain Sam Houston, Jr. He was unaware of Corona, but he knew about DMSP.
Brandli was able to show Houston the photos and convince him that there was a real danger. Houston reached out to Rear Admiral Donald Davis, commanding the Apollo 11 recovery mission. He just couldn’t tell the Admiral where he got the data. In fact, he couldn’t even show him the photos, because he wasn’t cleared for DMSP.
Career Gamble
The forecast was correct. There were severe thunderstorms at the original site, but Apollo 11 splashed down in a calm sea about 1.7 miles from the target, as you can see below. Houston received a Navy Commendation medal, although he wasn’t allowed to say what it was for until 1995.
In hindsight, NASA has said they were also already aware of the weather situation due to the Application Technology Satellite 1, launched in 1966. Although the weather was described as “suitable for splashdown”, mission planners say they had planned to move the landing anyway.
youtube.com/embed/iZKwuY6kyAY?…
Modern Times
Weather forecasting, too, has gotten better. Studies show that even in 1980, a seven-day forecast might be, at best, 45 or 50% accurate. Today, they are nearly 80%. Some of that is better imaging. Some of it is better models and methods, too, of course.
However, thanks to one — or maybe a few — meteorologists, the Apollo 11 crew returned safely to Earth to enjoy their ticker-tape parades. After, of course, their quarantine.
Radio Shack Rebirth May Have Gone Awry in Alleged Ponzi-Like Scheme
Oh, Radio Shack. What a beautiful place you once were, a commercial haven for those seeking RC cars, resistors, and universal remotes. Then, the downfall, as you veered away from your origins, only to lead to an ultimate collapse. More recently, the brand was supposed to return to new heights online… only to fall afoul of the Securities and Exchange Commission. (via Yahoo Finance, Bloomberg)
The Radio Shack brand was picked up a few years ago by a company known as Retail Ecommerce Ventures (REV). The company’s modus operandi was to take well-known but beleaguered brands and relaunch them as online-only operations. Beyond Radio Shack, REV also owned a number of other notable brand names, like Pier 1, Modell’s Sporting Goods, and Dress Barn.
Unfortunately, the Radio Shack rebirth probably won’t reach the stellar heights of the past. Namely, because REV has been accused of operating a Ponzi-like scheme by the SEC. Despite huge boasts allegedly made to investors, none of REV’s portfolio of brands were actually making profits, and the SEC has charged that the company was paying investor returns with cash raised from other investors — unsustainable, and a major no-no, legally speaking.
We were cautiously optimistic when we heard about the REV buyout back in 2020, but at this point, it’s probably best to come to terms with the fact that Radio Shack won’t be coming back. The name will linger in our hearts for some time to come, but the business we knew is long gone. Sometimes it’s better to look to the future than to try and recreate the magic of the past, especially if you’re doing inappropriate things with other people’s money in the process.
Massive npm infection: the Shai-Hulud worm and patient zero
Introduction
The modern development world is almost entirely dependent on third-party modules. While this certainly speeds up development, it also creates a massive attack surface for end users, since anyone can create these components. It is no surprise that malicious modules are becoming more common. When a single maintainer account for popular modules or a single popular dependency is compromised, it can quickly turn into a supply chain attack. Such compromises are now a frequent attack vector trending among threat actors. In the last month alone, there have been two major incidents that confirm this interest in creating malicious modules, dependencies, and packages. We have already discussed the recent compromise of popular npm packages. September 16, 2025 saw reports of a new wave of npm package infections, caused by the self-propagating malware known as Shai-Hulud.
Shai-Hulud is designed to steal sensitive data, expose private repositories of organizations, and hijack victim credentials to infect other packages and spread on. Over 500 packages were infected in this incident, including one with more than two million weekly downloads. As a result, developers who integrated these malicious packages into their projects risk losing sensitive data, and their own libraries could become infected with Shai-Hulud. This self-propagating malware takes over accounts and steals secrets to create new infected modules, spreading the threat along the dependency chain.
Technical details
The worm’s malicious code executes when an infected package is installed. It then publishes infected releases to all packages the victim has update permissions for.
Once the infected package is installed from the npm registry on the victim’s system, a special command is automatically executed. This command launches a malicious script over 3 MB in size named bundle.js, which contains several legitimate, open-source work modules.
Key modules within bundle.js include:
- Library for interacting with AWS cloud services
- GCP module that retrieves metadata from the Google Cloud Platform environment
- Functions for TruffleHog, a tool for scanning various data sources to find sensitive information, specifically secrets
- Tool for interacting with the GitHub API
The JavaScript file also contains network utilities for data transfer and the main operational module, Shai-Hulud.
The worm begins its malicious activity by collecting information about the victim’s operating system and checking for an npm token and authenticated GitHub user token in the environment. If a valid GitHub token is not present, bundle.js will terminate. A distinctive feature of Shai-Hulud is that most of its functionality is geared toward Linux and macOS systems: almost all malicious actions are performed exclusively on these systems, with the exception of using TruffleHog to find secrets.
Exfiltrating secrets
After passing the checks, the malware uses the token mentioned earlier to get information about the current GitHub user. It then runs the extraction function, which creates a temporary executable bash script at /tmp/processor.sh and runs it as a separate process, passing the token as an argument. Below is the extraction function, with strings and variable names modified for readability since the original source code was illegible.
The extraction function, formatted for readability
The bash script is designed to communicate with the GitHub API and collect secrets from the victim’s repository in an unconventional way. First, the script checks if the token has the necessary permissions to create branches and work with GitHub Actions. If it does, the script gets a list of all the repositories the user can access from 2025. In each of these, it creates a new branch named shai-hulud and uploads a shai-hulud-workflow.yml workflow, which is a configuration file for describing GitHub Actions workflows. These files are automation scripts that are triggered in GitHub Actions whenever changes are made to a repository. The Shai-Hulud workflow activates on every push.
The malicious workflow configuration
This file collects secrets from the victim’s repositories and forwards them to the attackers’ server. Before being sent, the confidential data is encoded twice with Base64.
This unusual method for data collection is designed for a one-time extraction of secrets from a user’s repositories. However, it poses a threat not only to Shai-Hulud victims but also to ordinary researchers. If you search for “shai-hulud” on GitHub, you will find numerous repositories that have been compromised by the worm.
Open GitHub repositories compromised by Shai-Hulud
The main bundle.js script then requests a list of all organizations associated with the victim and runs the migration function for each one. This function also runs a bash script, but in this case, it saves it to /tmp/migrate-repos.sh, passing the organization name, username, and token as parameters for further malicious activity.
The bash script automates the migration of all private and internal repositories from the specified GitHub organization to the user’s account, making them public. The script also uses the GitHub API to copy the contents of the private repositories as mirrors.
We believe these actions are intended for the automated theft of source code from the private repositories of popular communities and organizations. For example, the well-known company CrowdStrike was caught in this wave of infections.
The worm’s self-replication
After running operations on the victim’s GitHub, the main bundle.js script moves on to its next crucial stage: self-replication. First, the script gets a list of the victim’s 20 most downloaded packages. To do this, it performs a search query with the username from the previously obtained npm token:
registry.npmjs.org/-/v1/search…
Next, for each of the packages it finds, it calls the updatePackage function. This function first attempts to download the tarball version of the package (a .TAR archive). If it exists, a temporary directory named npm-update-{target_package_name} is created. The tarball version of the package is saved there as package.tgz, then unpacked and modified as follows:
- The malicious
bundle.jsis added to the original package. - A postinstall command is added to the
package.jsonfile (which is used in Node.js projects to manage dependencies and project metadata). This command is configured to execute the malicious script vianode bundle.js. - The package version number is incremented by 1.
The modified package is then re-packed and published to npm as a new version with the npm publish command. After this, the temporary directory for the package is cleared.
The updatePackage function, formatted for readability
Uploading secrets to GitHub
Next, the worm uses the previously mentioned TruffleHog utility to harvest secrets from the target system. It downloads the latest version of the utility from the original repository for the specific operating system type using the following link:
github.com/trufflesecurity/tru… version}/{OS-specific file}
The worm also uses modules for AWS and Google Cloud Platform (GCP) to scan for secrets. The script then aggregates the collected data into a single object and creates a repository named “Shai-Hulud” in the victim’s profile. It then uploads the collected information to this repository as a data.json file.
Below is a list of data formats collected from the victim’s system and uploaded to GitHub:
{
"application": {
"name": "",
"version": "",
"description": ""
},
"system": {
"platform": "",
"architecture": "",
"platformDetailed": "",
"architectureDetailed": ""
},
"runtime": {
"nodeVersion": "",
"platform": "",
"architecture": "",
"timestamp": ""
},
"environment": {
},
"modules": {
"github": {
"authenticated": false,
"token": "",
"username": {}
},
"aws": {
"secrets":
[] },
"gcp": {
"secrets":
[] },
"truffleHog": {
"available": false,
"installed": false,
"version": "",
"platform": "",
"results": [
{}
]
},
"npm": {
"token": "",
"authenticated": true,
"username": ""
}
}
}
Infection characteristics
A distinctive characteristic of the modified packages is that they contain an archive named package.tar. This is worth noting because packages usually contain an archive with a name that matches the package itself.
Through our research, we were able to identify the first package from which Shai-Hulud began to spread, thanks to a key difference. As we mentioned earlier, after infection, a postinstall command to execute the malicious script, node bundle.js, is written to the package.json file. This command typically runs immediately after installation. However, we discovered that one of the infected packages listed the same command as a preinstall command, meaning it ran before the installation. This package was ngx-bootstrap version 18.1.4. We believe this was the starting point for the spread of this infection. This hypothesis is further supported by the fact that the archive name in the first infected version of this package differed from the name characteristic of later infected packages (package.tar).
While investigating different packages, we noticed that in some cases, a single package contained multiple versions with malicious code. This was likely possible because the infection spread to all maintainers and contributors of packages, and the malicious code was then introduced from each of their accounts.
Infected libraries and CrowdStrike
The rapidly spreading Shai-Hulud worm has infected many popular libraries that organizations and developers use daily. Shai-Hulud has infected over 500 popular packages in recent days, including libraries from the well-known company CrowdStrike.
Among the infected libraries were the following:
- @crowdstrike/commitlint versions 8.1.1, 8.1.2
- @crowdstrike/falcon-shoelace versions 0.4.1, 0.4.2
- @crowdstrike/foundry-js versions 0.19.1, 0.19.2
- @crowdstrike/glide-core versions 0.34.2, 0.34.3
- @crowdstrike/logscale-dashboard versions 1.205.1, 1.205.2
- @crowdstrike/logscale-file-editor versions 1.205.1, 1.205.2
- @crowdstrike/logscale-parser-edit versions 1.205.1, 1.205.2
- @crowdstrike/logscale-search versions 1.205.1, 1.205.2
- @crowdstrike/tailwind-toucan-base versions 5.0.1, 5.0.2
But the event that has drawn significant attention to this spreading threat was the infection of the @ctrl/tinycolor library, which is downloaded by over two million users every week.
As mentioned above, the malicious script exposes an organization’s private repositories, posing a serious threat to their owners, as this creates a risk of exposing the source code of their libraries and products, among other things, and leading to an even greater loss of data.
Prevention and protection
To protect against this type of infection, we recommend using a specialized solution for monitoring open-source components. Kaspersky maintains a continuous feed of compromised packages and libraries, which can be used to secure your supply chain and protect development from similar threats.
For personal devices, we recommend Kaspersky Premium, which provides multi-layered protection to prevent and neutralize infection threats. Our solution can also restore the device’s functionality if it’s infected with malware.
For corporate devices, we advise implementing a comprehensive solution like Kaspersky Next, which allows you to build a flexible and effective security system. This product line provides threat visibility and real-time protection, as well as EDR and XDR capabilities for investigation and response. It is suitable for organizations of any scale or industry.
Kaspersky products detect the Shai-Hulud threat as HEUR:Worm.Script.Shulud.gen.
In the event of a Shai-Hulud infection, and as a proactive response to the spreading threat, we recommend taking the following measures across your systems and infrastructure:
- Use a reliable security solution to conduct a full system scan.
- Audit your GitHub repositories:
- Check for repositories named
shai-hulud. - Look for non-trivial or unknown branches, pull requests, and files.
- Audit GitHub Actions logs for strings containing
shai-hulud.
- Check for repositories named
Indicators of compromise
Files:
bundle.js
shai-hulud-workflow.yml
Strings:
shai-hulud
Hashes:
C96FBBE010DD4C5BFB801780856EC228
78E701F42B76CCDE3F2678E548886860
Network artifacts:
https://webhook.site/bb8ca5f6-4175-45d2-b042-fc9ebb8170b7
Compromised packages:
@ahmedhfarag/ngx-perfect-scrollbar
@ahmedhfarag/ngx-virtual-scroller
@art-ws/common
@art-ws/config-eslint
@art-ws/config-ts
@art-ws/db-context
@art-ws/di
@art-ws/di-node
@art-ws/eslint
@art-ws/fastify-http-server
@art-ws/http-server
@art-ws/openapi
@art-ws/package-base
@art-ws/prettier
@art-ws/slf
@art-ws/ssl-info
@art-ws/web-app
@basic-ui-components-stc/basic-ui-components
@crowdstrike/commitlint
@crowdstrike/falcon-shoelace
@crowdstrike/foundry-js
@crowdstrike/glide-core
@crowdstrike/logscale-dashboard
@crowdstrike/logscale-file-editor
@crowdstrike/logscale-parser-edit
@crowdstrike/logscale-search
@crowdstrike/tailwind-toucan-base
@ctrl/deluge
@ctrl/golang-template
@ctrl/magnet-link
@ctrl/ngx-codemirror
@ctrl/ngx-csv
@ctrl/ngx-emoji-mart
@ctrl/ngx-rightclick
@ctrl/qbittorrent
@ctrl/react-adsense
@ctrl/shared-torrent
@ctrl/tinycolor
@ctrl/torrent-file
@ctrl/transmission
@ctrl/ts-base32
@nativescript-community/arraybuffers
@nativescript-community/gesturehandler
@nativescript-community/perms
@nativescript-community/sentry
@nativescript-community/sqlite
@nativescript-community/text
@nativescript-community/typeorm
@nativescript-community/ui-collectionview
@nativescript-community/ui-document-picker
@nativescript-community/ui-drawer
@nativescript-community/ui-image
@nativescript-community/ui-label
@nativescript-community/ui-material-bottom-navigation
@nativescript-community/ui-material-bottomsheet
@nativescript-community/ui-material-core
@nativescript-community/ui-material-core-tabs
@nativescript-community/ui-material-ripple
@nativescript-community/ui-material-tabs
@nativescript-community/ui-pager
@nativescript-community/ui-pulltorefresh
@nstudio/angular
@nstudio/focus
@nstudio/nativescript-checkbox
@nstudio/nativescript-loading-indicator
@nstudio/ui-collectionview
@nstudio/web
@nstudio/web-angular
@nstudio/xplat
@nstudio/xplat-utils
@operato/board
@operato/data-grist
@operato/graphql
@operato/headroom
@operato/help
@operato/i18n
@operato/input
@operato/layout
@operato/popup
@operato/pull-to-refresh
@operato/shell
@operato/styles
@operato/utils
@teselagen/bio-parsers
@teselagen/bounce-loader
@teselagen/file-utils
@teselagen/liquibase-tools
@teselagen/ove
@teselagen/range-utils
@teselagen/react-list
@teselagen/react-table
@teselagen/sequence-utils
@teselagen/ui
@thangved/callback-window
@things-factory/attachment-base
@things-factory/auth-base
@things-factory/email-base
@things-factory/env
@things-factory/integration-base
@things-factory/integration-marketplace
@things-factory/shell
@tnf-dev/api
@tnf-dev/core
@tnf-dev/js
@tnf-dev/mui
@tnf-dev/react
@ui-ux-gang/devextreme-angular-rpk
@ui-ux-gang/devextreme-rpk
@yoobic/design-system
@yoobic/jpeg-camera-es6
@yoobic/yobi
ace-colorpicker-rpk
airchief
airpilot
angulartics2
another-shai
browser-webdriver-downloader
capacitor-notificationhandler
capacitor-plugin-healthapp
capacitor-plugin-ihealth
capacitor-plugin-vonage
capacitorandroidpermissions
config-cordova
cordova-plugin-voxeet2
cordova-voxeet
create-hest-app
db-evo
devextreme-angular-rpk
devextreme-rpk
ember-browser-services
ember-headless-form
ember-headless-form-yup
ember-headless-table
ember-url-hash-polyfill
ember-velcro
encounter-playground
eslint-config-crowdstrike
eslint-config-crowdstrike-node
eslint-config-teselagen
globalize-rpk
graphql-sequelize-teselagen
json-rules-engine-simplified
jumpgate
koa2-swagger-ui
mcfly-semantic-release
mcp-knowledge-base
mcp-knowledge-graph
mobioffice-cli
monorepo-next
mstate-angular
mstate-cli
mstate-dev-react
mstate-react
ng-imports-checker
ng2-file-upload
ngx-bootstrap
ngx-color
ngx-toastr
ngx-trend
ngx-ws
oradm-to-gql
oradm-to-sqlz
ove-auto-annotate
pm2-gelf-json
printjs-rpk
react-complaint-image
react-jsonschema-form-conditionals
react-jsonschema-form-extras
react-jsonschema-rxnt-extras
remark-preset-lint-crowdstrike
rxnt-authentication
rxnt-healthchecks-nestjs
rxnt-kue
swc-plugin-component-annotate
tbssnch
teselagen-interval-tree
tg-client-query-builder
tg-redbird
tg-seq-gen
thangved-react-grid
ts-gaussian
ts-imports
tvi-cli
ve-bamreader
ve-editor
verror-extra
voip-callkit
wdio-web-reporter
yargs-help-output
yoo-styles
Solar-Powered RC Boat Has Unlimited Range
For RC aircraft there are generally legal restrictions that require the craft to stay within line of sight of the operator, but an RC boat or car can in theory go as far as the signal will allow — provided there is ample telemetry to let the operator navigate. [Thingify] took this idea to the extreme with a remote-controlled boat that connects to a satellite internet service and adds solar panels for theoretically unlimited range, in more ways than one.
The platform for this boat is a small catamaran, originally outfitted with an electric powertrain running on a battery. Using a satellite internet connection not only allows [Thingify] to receive telemetry and pilot the craft with effectively unlimited range, but it’s a good enough signal to receive live video from one of a pair of cameras as well. At that point, the main limiting factor of the boat was the battery, so he added a pair of flexible panels on a custom aluminum frame paired with a maximum power point tracking charge controller to make sure the battery is topped off. He also configured it to use as much power as the panels bring in, keeping the battery fully charged and ready for nightfall where the boat will only maintain its position and wait for the sun to rise the next morning.
With this setup [Thingify] hopes to eventually circumnavigate Lake Alexandrina in Australia. Although he has a few boat design issues to work out first; on its maiden voyage the boat capsized due to its high center of gravity and sail-like solar panels. Still, it’s an improvement from the earlier version of the craft we saw at the beginning of the year, and we look forward to his next iteration and the successful voyage around this lake.
youtube.com/embed/UjFrFAIM2Aw?…
L’IA non è (ancora) la nostra miligore amica. ACN all’incontro di AGN e AIPSA
I sistemi di Intelligenza Artificiale, ad esempio quelli di tipo generativo, possono essere usati per manipolare dati, informazioni e sistemi informatici, produrre falsità e disinformazione.
Ovviamente l’Intelligenza Artificiale può rappresentare un pericolo dal punto di vista della gestione sicura dei sistemi informatici, ma il fatto che possa rappresentare un pericolo cognitivo per i singoli utenti non è ancora abbastanza esplorato. Eppure, siamo tutti d’accordo che fake e deepfake possono manipolare le nostre percezioni ed essere usati come strumento di disinformazione e propaganda, leve della guerra cognitiva.
Le stesse IA possono essere hackerate, manipolandone i dati di addestramento, rimuovendo le regole di censura, riprogrammando quelle esistenti per scopi illeciti e criminali.
In aggiunta, poiché sono molti i Paesi che hanno abbastanza dati, potenza di calcolo e algoritmi, le IA sono un rischio emergente alla sovranità digitale visto che il loro impiego può servire a creare nuove armi informatiche, come i malware polimorfi, ma anche a individuare più facilmente le vulnerabilità sia dei sistemi umani sia di quelli software e, secondo alcuni studi, di hackerare sistemi informatici senza il feedback umano.
Di tutto questo ho parlato al convegno organizzato da AGM SOLUTIONS in collaborazione con AIPSA Associazione Italiana Professionisti Security Aziendale a Milano, con un titolo molto bello: “L’AI non è ancora la nostra migliore amica”.
In questa occasione ho potuto confrontarmi con colleghi e amici come Andrea Agosti, Alessandro Manfredini, Matteo Macina e Alessandro Piva e Cristian Fassi grazie alla moderazione di Gianni Rusconi e agli auspici di Matteo Franzosi. Il loro punto di vista è stato per me molto stimolante.
Coffee by Command: The Speech2Touch Voice Hack
If you were to troll your colleagues, you can label your office coffee maker any day with a sticker that says ‘voice activated’. Now [edholmes2232] made it actually come true. With Speech2Touch, he grafts voice control onto a Franke A600 coffee machine using an STM32WB55 USB dongle and some clever firmware hacking.
The office coffee machine has been a suspect for hacking for years and years. Nearly 35 years ago, at Cambridge University, a webcam served a live view of the office coffee pot. It made sure nobody made the trip to the coffee pot for nothing. The funny, but in fact useless HTTP status 418 was brought to life to state that the addressed server using the protocol was in fact a teapot, in answer to its refusal to brew coffee. Enter this hack – that could help you to coffee by shouting from your desk – if only your arms were long enough to hold your coffee cup in place.
Back to the details. The machine itself doesn’t support USB keyboards, but does accept a USB mouse, most likely as a last resort in case the touchscreen becomes irresponsive. That loophole is enough: by emulating touchscreen HID packets instead of mouse movement, the hack avoids clunky cursors and delivers a slick ‘sci-fi’ experience. The STM32 listens through an INMP441 MEMS mic, hands speech recognition to Picovoice, and then translates voice commands straight into touch inputs. Next, simply speaking to it taps the buttons for you.
It’s a neat example of sidestepping SDK lock-in. No reverse-engineering of the machine’s firmware, no shady soldering inside. Instead, it’s USB-level mischief, modular enough that the same trick could power voice control on other touchscreen-only appliances.
It’s a Bird! It’s a Plane! It’s… an Air Breathing Satellite?!
The big problem with Low Earth Orbit is, oddly enough, air resistance. Sure, there’s not enough air to breathe in space, but there is enough to create drag when you’re whipping around the planet at 28,000 km/h (17,000 mph) or more. Over time, that adds up to a decaying orbit. [Eager Space] recently did a video summarizing a paradoxical solution: go even lower, and let the air work for you.
So called air-breathing satellites would hang out in very low earth orbit– still well above the Karman line, but below 300 km (186 miles)– where atmospheric drag is too dominant for the current “coast on momentum” satellite paradigm to work. There are advantages to going so low, chiefly for communications (less latency) and earth observation (higher resolutions). You just need to find a way to fight that drag and not crash within a couple of orbits.
It turns out this space isn’t totally empty (aside from the monoatomic oxygen) as missions have been at very low orbits using conventional, Xenon-fueled ion engines to counter drag. The xenon runs out pretty quick in this application, though, and those satellites all had fairly short lifetimes.
That’s where the air-breathing satellites come in. You don’t need a lot of thrust to stabilize against drag, after all, and the thin whisps of air at 200 km or 300 km above ground level should provide ample reaction mass for some kind of solar-electric ion engine. The devil is in the details, of course, and [Eager Space] spends 13 minutes discussing challenges (like corrosive monoatomic oxygen) and various proposals.
Whoever is developing these satellites, they could do worse than talk to [Jay Bowles], whose air-breathing ion thrusters have been featured here several times over the years.
youtube.com/embed/vEfatzhHhvg?…
Meter Mods Make Radioactive Prospecting More Enjoyable
While we often get a detailed backstory of the projects we cover here at Hackaday, sometimes the genesis of a build is a bit of a mystery. Take [maurycyz]’s radiation survey meter modifications, for instance; we’re not sure why such a thing is needed, but we’re pretty glad we stumbled across it.
To be fair, [maurycyz] does give us a hint of what’s going on here by choosing the classic Ludlum Model 3 to modify. Built like a battleship, these meters would be great for field prospecting except that the standard G-M tube isn’t sensitive to gamma rays, the only kind of radiation likely not to be attenuated by soil. A better choice is a scintillation tube, but those greatly increase the background readings, making it hard to tease a signal from the noise.
To get around this problem and make rockhounding a little more enjoyable, [maurycyz] added a little digital magic to the mostly analog Ludlum. An AVR128 microcontroller taps into the stream of events the meter measures via the scintillation tube, and a little code subtracts the background radiation from the current count rate, translating the difference into an audible tone. This keeps [maurycyz]’s eyes on the rocks rather than on the meter needle, and makes it easier to find weakly radioactive or deeply buried specimens.
If you’re not ready to make the leap to a commercial survey meter, or if you just want to roll your own, we’ve got plenty of examples to choose from, from minimalist to cyberpunkish.
3D Printed “Book” Demonstrates Mechanical Actions
A book of mechanical actions is a wondrous thing — mechanically inclined children have lost collective decades pouring over them over the generations. What could possibly be better? Why, if the mechanisms in the book were present, and moved! That’s exactly what [AxelMadeIt] produced for a recent video.
Being just four pages, you might argue this is but a pamphlet. But since it takes up a couple inches of shelf space, it certainly looks like a book from the outside, which is exactly what [AxelMadeIt] was going for. To get a more book-like spine, his hinge design sacrificed opening flat, but since the pages are single-sided, that’s no great sacrifice.
At only 6 mm (1/4″) thick, finding printable mechanisms that could actually fit inside was quite a challenge. If he was machining everything out of brass, that would be room for oodles of layers. But [Axel] wanted to print the parts for this book, so the mechanisms need to be fairly thick. One page has a Roberts linkage and a vault-locking mechanism, another has planetary gears, with angled teeth to keep them from falling out. Finally, the first page has a geneva mechanism, and an escarpment, both driven by a TPU belt drive.
All pages are driven from an electric motor that is buried in the last page of the “book”, along with its motor, battery, and a couple of micro-switches to turn it on when you open the book and off again when you reach the last page. Rather than a description of the mechanisms, like most books of mechanical actions, [Axel] used multi-material printing to put lovely poems on each page. A nice pro-tip is that “Futura”, a font made famous by flying to the moon, works very well when printed this way. If you just want to watch him flip through, jump to 8:00 in the video.
This reminds us of another project we once featured, which animated 2100 mechanical mechanisms. While this book can’t offer near that variety, it makes up for it in tactility.
youtube.com/embed/RgPqE28IUkw?…
Esce Kali Linux 2025.3! Nuova release con miglioramenti e nuovi strumenti
Gli sviluppatori di Kali Linux hanno rilasciato una nuova release, la 2025.3, che amplia le funzionalità della distribuzione e aggiunge dieci nuovi strumenti di penetration testing.
L’aggiornamento migliora i processi di deployment in ambienti virtuali, ripristina il supporto dei driver wireless per Raspberry Pi, rielabora diversi plugin e interrompe il supporto per l’architettura legacy ARMel.
Gli sviluppatori hanno completamente riprogettato il processo di creazione delle immagini virtuali, aggiornando l’integrazione con HashiCorp Packer e Vagrant. Gli script ora utilizzano lo standard versione 2, garantendo coerenza nella generazione dei template. I file di preconfigurazione per le installazioni automatizzate sono stati standardizzati e gli script Vagrant possono ora applicare impostazioni aggiuntive subito dopo l’avvio, eliminando la necessità di passaggi di routine durante la distribuzione dei laboratori.
Un’aggiunta importante è stato il ritorno di Nexmon per Broadcom e Cypress, incluso il Raspberry Pi 5. La patch abilita la modalità di monitoraggio e l’iniezione di pacchetti sui dispositivi in cui questa funzionalità non è disponibile nei driver standard. Allo stesso tempo, il supporto per l’architettura ARMel è stato abbandonato, a causa della decisione di Debian di terminare la manutenzione dopo il rilascio di “trixie”. Il team sta dedicando queste risorse alla preparazione del futuro supporto RISC-V.
Gli utenti di Xfce ora hanno a disposizione un pannello IP VPNriprogettato che consente loro di selezionare l’interfaccia da monitorare e di copiare rapidamente l’indirizzo della connessione specifica di cui hanno bisogno.
Sono stati aggiunti dieci nuovi strumenti al repository. Tra questi, le interfacce grafiche e console Caido per l’audit della sicurezza web, l’utility Detect It Easy per il riconoscimento dei tipi di file, la CLI Gemini con integrazione dell’agente AI direttamente nel terminale e krbrelayx per gli attacchi Kerberos.
Sono stati inoltre aggiunti ligolo-mp per il proxy del traffico, llm-tools-nmap per la scansione di rete utilizzando modelli linguistici, patchleaks per l’analisi delle patch e vwifi-dkms per la creazione di reti Wi-Fi fittizie.
La versione mobile di Kali NetHunter ha ricevuto importanti aggiornamenti. Il supporto per i dispositivi disponibili ora include il monitoraggio interno con frame injection nelle bande a 2,4 e 5 GHz. Il porting su Samsung Galaxy S10 ha prodotto un firmware compatibile con Broadcom, un kernel specializzato e una versione ARM64 stabile dell’utility Hijacker.
- Caido – The client side of caido (the graphical/desktop aka the main interface) – a web security auditing toolkit
- Caido-cli – The server section of caido – a web security auditing toolkit
- Detect It Easy (DiE) – File type identification
- Gemini CLI – An open-source AI agent that brings the power of Gemini directly into your terminal
- krbrelayx – Kerberos relaying and unconstrained delegation abuse toolkit
- ligolo-mp – Multiplayer pivoting solution
- llm-tools-nmap – Enables LLMs to perform network discovery and security scanning tasks using the nmap
- mcp-kali-server – MCP configuration to connect AI agent to Kali
- patchleaks – Spots the security fix and provides detailed description so you can validate – or weaponize – it fast
- vwifi-dkms – Setup “dummy” Wi-Fi networks, establishing connections, and disconnecting from them
Il modulo per auto CARsenal è stato aggiornato con un pacchetto e sono state aggiunte nuove funzionalità, la cui attivazione richiede la riesecuzione dello script di installazione.
Pertanto, Kali Linux 2025.3 combina un’infrastruttura di virtualizzazione riprogettata, driver per schede wireless aggiornati e una serie di nuove utilità, rendendo la distribuzione ancora più comoda e pertinente per gli specialisti dei test di sicurezza.
L'articolo Esce Kali Linux 2025.3! Nuova release con miglioramenti e nuovi strumenti proviene da il blog della sicurezza informatica.
FLOSS Weekly Episode 848: Open the Podbay Doors, Siri
This week Jonathan and Rob chat with Paulus Schoutsen about Home Assistant, ESPHome, and Music Assistant, all under the umbrella of the Open Home Foundation. Watch to see Paulus convince Rob and Jonathan that they need to step up their home automation games!
youtube.com/embed/seDhc3XnP0w?…
Did you know you can watch the live recording of the show right on our YouTube Channel? Have someone you’d like us to interview? Let us know, or contact the guest and have them contact us! Take a look at the schedule here.
play.libsyn.com/embed/episode/…
Direct Download in DRM-free MP3.
If you’d rather read along, here’s the transcript for this week’s episode.
Places to follow the FLOSS Weekly Podcast:
Theme music: “Newer Wave” Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 4.0 License
hackaday.com/2025/09/24/floss-…
Retrotechtacular: The Ferguson System
Of the many great technological leaps made in the middle of the 20th century, one of the ones with perhaps the greatest impact on our modern life takes a back seat behind the more glamorous worlds of electronics, aeronautics, or computing. But the ancestor of the modern tractor has arguably had more of an impact on the human condition in 2025 than that of the modern computer, and if you’d been down on the farm in the 1940s you might have seen one.
The Ferguson system refers to the three-point implement linkage you’ll find on all modern tractors, the brainchild of the Irish engineer Harry Ferguson. The film below the break is a marketing production for American farmers, and it features the Ford-built American version of the tractor known to Brits and Europeans as the Ferguson TE20.
As the four-wheeled machines grew in size and their implements moved beyond the size of their horse-drawn originals, they started to encounter a new set of problems which the film below demonstrates in detail. In short, a plough simply dragged by a tractor exerts a turning force on the machine, giving the front a tendency to lift and the rear a lack of traction. The farmers of the 1920s and 1930s attempted to counter this by loading their tractors with extra weights, at the expense of encumbering them and compromising their usefulness. Ferguson solved this problem by rigidly attaching the plough to the tractor through his three-point linkage while still allowing for flexibility in its height. The film demonstrates this in great detail, showing the hydraulic control and the feedback provided through a valve connected to the centre linkage spring.
A modern tractor is invariably much larger than the TE20, will have all-wheel drive, a wider-spaced three-point linkage for much larger implements, and a much more sophisticated transmission. But the principle is exactly the same, and in use it provides an identical level of utility to the original. While the TE20 is most likely to appear in over-restored-form at a tractor show in 2025 running on an odd mix of paraffin and petrol they can still sometimes be found at work, and albeit a few decades ago now I’ve even taken a turn on one myself. What struck me at the time was how small a machine it is compared to the heavyweight drawbar tractors it replaced; the effect of the three point linkage on ground pressure was such that it simply didn’t need the extra size. It’s equivalent to what we today would refer to as a yard tractor or an orchard tractor, the last one I drove being used for ground maintenance at a sports pitch. I have to admit that if I saw one in need of TLC at the right price I’d be sorely tempted.
So next time you see a tractor, take a look at its three-point linkage and think for a moment of those 1940s machines it’s derived from. It’s likely almost everything you eat has at some point been touched by that piece of machinery.
youtube.com/embed/47erWWuarco?…
CrowdStrike: la Sicurezza Informatica entra nell’era degli agenti AI
Al Fal.Con 2025, la conferenza annuale che raduna migliaia di esperti di cybersecurity da tutto il mondo, CrowdStrike ha messo in chiaro un concetto: la difesa informatica sta entrando in una nuova era, quella degli “agenti AI”.
Dall’endpoint all’agente: l’evoluzione della difesa digitale
Per anni CrowdStrike ha guidato il settore con la protezione degli endpoint e il modello di Endpoint Detection and Response. Oggi lo stesso approccio viene traslato sull’intelligenza artificiale. Con l’acquisizione della startup Pangea, l’azienda vuole blindare ogni aspetto dell’AI aziendale: dai modelli agli agenti virtuali, fino alle semplici conversazioni con un chatbot.
Nasce così il concetto di AI Detection and Response (AIDR), una sorta di “antivirus del futuro” capace di intercettare attacchi sofisticati come i prompt injection e di prevenire abusi o utilizzi rischiosi dei sistemi generativi.
Il SOC “agentico”: quando gli analisti non sono più da soli
Il CEO George Kurtz ha parlato di un vero cambio di paradigma per i Security Operations Center. Oggi gli attacchi non si misurano più in giorni o ore, ma in secondi. Per questo CrowdStrike propone il SOC agentico: non più una squadra di analisti sommersi dagli alert, ma un ambiente dove agenti digitali intelligenti lavorano al fianco delle persone, analizzano anomalie, prendono decisioni e agiscono in autonomia.
Protagonista di questa rivoluzione per Crowdstrike è Charlotte AI, il sistema che orchestra gli agenti e ne coordina le azioni. Non solo: grazie a Agent Works, ogni azienda potrà creare i propri agenti personalizzati con un’interfaccia no-code, come se stesse “assumendo” nuovi colleghi digitali specializzati in sicurezza.
Enterprise Graph: il gemello digitale dell’impresa
Il CTO Elia Zaitsev ha poi presentato l’Enterprise Graph, un modello che ricostruisce in tempo reale l’intera infrastruttura aziendale – utenti, asset, identità e dati – offrendo una visione unificata e interrogabile in linguaggio naturale. Un approccio che permette di passare in pochi istanti dall’individuazione di una vulnerabilità alla generazione automatica di un piano di remediation, riducendo drasticamente i tempi di risposta.
Al Fal.Con è stato presentato anche l’Adversary Strategy Program, con cui CrowdStrike replica e anticipa le mosse degli hacker per rendere la piattaforma sempre più resiliente. Da qui nascono soluzioni come Apex, un modello AI in grado di smascherare l’uso malevolo di processi legittimi, e nuove tecniche per contrastare ransomware e l’abuso di strumenti di gestione remota.
La sfida del futuro
In un mondo in cui “i prompt sono i nuovi malware”, come è stato detto sul palco, CrowdStrike punta a trasformare la paura dell’AI in un’opportunità: se i criminali informatici sfruttano i modelli generativi per accelerare i loro attacchi, le aziende possono rispondere con agenti AI che lavorano senza sosta, 24 ore su 24, al fianco dei team di sicurezza.
La promessa è chiara: con Falcon, Pangea e l’ecosistema di agenti intelligenti, CrowdStrike vuole fare con l’AI ciò che anni fa fece con gli endpoint: alzare l’asticella e ridefinire, ancora una volta, cosa significa “fermare le violazioni”.
L'articolo CrowdStrike: la Sicurezza Informatica entra nell’era degli agenti AI proviene da il blog della sicurezza informatica.
Pill Sized Scoop of Your Internals
Taking a look inside the human body has never been easier — just swallow a camera in the shape of a pill. However, what is not quite as easy is retrieving a piece of whatever you’re viewing. This is exactly what researchers from HIT Shenzhen have attempted to solve with their magnetic capsule bot.
When traditional procedures want to take a sample somewhere in the intestinal tract they generally require somewhat invasive procedures sticking something up…well you know. With this pill, robot magnetic control allows physicians to choose exactly where and when to take a sample, all without shoving unpleasant objects into…again you know.
A magnetic field is generated to open the capsule and suck liquids inside. This traps a sample that can be retrieved through later bowel movements. The technology hasn’t been tested on a living patient yet, but but animal trials are planned for the foreseeable future.
Check out the fine details with the paper itself here. Biomedical engineering is always an interesting topic with so much potential for more hacking. We at Hackaday are no strangers to this wonderful world of bodily hacks.
How Regulations Are Trying To Keep Home Battery Installs Safe
The advent of rooftop solar power generation was a huge step forward for renewable energy. No longer was generating electricity the sole preserve of governments and major commercial providers; now just about any homeowner could start putting juice into the grid for a few thousand dollars. Since then, we’ve seen the rise of the home battery, which both promises to make individual homes more self sufficient, whilst also allowing them to make more money selling energy to the grid where needed.
Home batteries are becoming increasingly popular, but as with any new home utility, there come risks. After all, a large capacity battery can present great danger if not installed or used correctly. In the face of these dangers, authorities in jurisdictions around the world have been working to ensure home batteries are installed with due regard for the safety of the occupants of the average home.
Hot Stuff
Home batteries exist for one reason—to store electrical energy for later use. Currently, this is most effectively achieved with the use of lots of lithium-ion cells. While the dangers of lithium-ion cells are often overstated and dramatized, they do nonetheless pose a safety risk when things go wrong. There is of course, the electrical danger, however adherence to proper wiring standards and such typically manages that problem. The greater concern when it comes to home battery installations is around fire. If a large bank of lithium cells catches alight, either through its own malfunction or an external cause, the resultant blaze can be fierce, and incredibly difficult to extinguish. It is for this reason that authorities have developed extensive regulations around home battery installations. The aim is generally to avoid the likelihood of ignition or fire wherever possible, and limit the possible harms if such a thing should occur.
Basically, you don’t want a massive lithium battery fire to overwhelm you with smoke and flames, trap you in your home, or otherwise cause great injury. Thus, most jurisdictions post strict regulations about where a battery may be installed in a typical home. For example, in the US, NFPA rules mandate that residential batteries can only be installed in garages, on exterior walls or outdoors at least three feet away from windows, or in utility closets and storage spaces. Regulations in other jurisdictions are similarly strict; Australian rules ban installations under stairs or ventilation ducts, for example, along with any installations in ceilings or wall cavities. It might feel convenient to tuck batteries away where they can’t be seen, but the risks are considered too great. It’s just generally considered a bad idea to pack your walls or roof full of highly-combustible material.
Often, many jurisdictions also require some level of non-combustible barrier to protect nearby structures that are made of combustible material. For example, if installing a battery near a wooden part of a building, regulations may insist upon the use of materials like brick or concrete that won’t readily catch alight if the battery enters thermal runaway. Capacity limits are also typical, as it’s undesirable to have an excessively large battery in a residential installation where it could one day become an unstoppable inferno in an inhabited area.
It might then seem, based on all the safety concerns around putting big batteries near inhabited structures, that a more remote installation would be best. However, standalone outdoor installations are often also subject to their own restrictions. For example, in Australia’s hot climate, outdoor installs must be protected to some degree from direct sunlight to avoid overheating issues that could lead to disaster. Garage or garage-adjacent installations generally require protection against potential vehicles impacts, too. For example, the NFPA 855 standard requires the use of hefty 4-inch bollards set 3-feet deep in concrete to protect against accidental vehicle impact in commercial installations, while noting that any risk of impact is unacceptable for residential garage installations.
These are just some of the hurdles you will have to clear if you wish to install a large storage battery in your home. There are so many others, from regulations around approved batteries and inverters, wiring rules, as well as the necessary signage to indicate to tradespeople and first responders that a large battery is connected to the home’s electrical supply. It can be a lot to take in, though for the average customer, it’s up to their home battery installer to ensure compliance in these regards. If you’re looking at such an installation, though, and you’re wondering why you can’t put your battery exactly where you like, just know that there are likely many good reasons behind it!
Who Wants a Rusty Old Smartphone?
If we’re talking about oxidized iron… probably nobody. If we’re talking about Rust the programming language, well, that might be a different story. Google agrees, and is working on bringing the language into Android. That’s not enough for [Paul Sanja], who has the first Redox OS smartphone.
Redox OS is a Unix-like operating system written entirely in Rust, and somehow we haven’t covered it until now. Unlike Asterinas, a project to recreate the Linux kernel in Rust, Redox has few pretensions of being anything but its own thing, and that’s great! On desktop, Redox has a working windowing system and many utilities, including a basic browser in the form of NetSurf.
It’s claims to be source-compatible with Linux and BSD programs, and partially POSIX compliant. A certain someone around here might want to try it as a daily driver. The header image is a desktop screenshot, because there’s more to see there and it fits our aspect ratio.
On smartphones, it… boots. Some smartphones, anyway. It’s actually a big first step. That booting is possible is actually thanks to the great work put in by the Postmarket OS team to get Uboot working on select android devices. That uboot loader doesn’t need to load the Linux-based Postmarket OS. It can be used for anything compatible. Like, say, Redox OS, as [Paul] shows us.
Of course, Redox OS has no drivers for the touchscreen or anything else, so at the moment that rusty smartphone can only boot to a login screen. But thanks to Rust, you can rest assured that login screen hasn’t got any memory leaks! Jokes aside, this is a great start and we’re hoping to see more.
Redox is a promising project on mobile or desktop, and its development seems a much better use of time and effort than fighting over Rust in the Linux kernel.
hackaday.com/2025/09/24/who-wa…
RTINGS 10-Year Equivalent TV Longevity Update With Many Casualties
For the past two-and-half years Canadian consumer testing outfit RTINGS has been running an accelerated aging experiment across a large number of TVs available to a North-American audience. In their most recent update, we not only find out about the latest casualties, but also the impending end of the experiment after 18,000 hours — as the TVs are currently failing left and right as they accelerate up the ascending ramp of the bathtub curve.
The dumbest failure type has to be the TVs (such as the Sony X90J) where the failure of a single dead backlight LED causes the whole TV to stop working along with series-wired LED backlights where one dead LED takes out a whole strip or zone. Other failures include degrading lightguides much as with our last update coverage last year, which was when edge-lit TVs were keeling over due to overheating issues.
Detailed updates can be found on the constantly updating log for the experiment, such as on the failed quantum dot diffusor plate in a TCL QLED TV, as the quantum dots have degraded to the point of green being completely missing. Although some OLEDs are still among the ‘living’, they’re showing severe degradation – as pictured above – after what would be the equivalent of ten years of typical usage.
Once the experiment wraps up it will be fascinating to see who the survivors are, and what the chances are of still using that shiny new TV ten years from now.
youtube.com/embed/Chcwz5LYiHs?…
Come disabilitare un EDR tramite registro? Con il DedicatedDumpFile
Ho lavorato per diversi anni come System Engineer e uno dei compiti che ho svolto è stata la gestione di Citrix PVS. Uno dei problemi con PVS era l’analisi dei file di dump. L’unico modo per generare un file di dump completo era utilizzare l’ opzione DedicatedDumpFile, disponibile come chiave di registro in HKLMSYSTEMCurrentControlSetControlCrashControl.
Un ostacolo significativo quando il file DedicatedDumpFile è abilitato e configurato è la sua eliminazione, poiché è sempre in uso da parte di un processo.
Il crash dump viene creato dal kernel di Windows (ntoskrnl.exe) in collaborazione con il driver Crashdmp.sys. Per garantire che il file sia sempre contiguo, non frammentato e disponibile al momento del crash, il kernel lo mantiene aperto e riservato mentre il sistema è in esecuzione.
Ora, cosa succede se il valore della chiave di registro DedicatedDumpFile non è un file .dmp?
Per impostazione predefinita, Windows non verifica se il valore della chiave punta a un file .dmp. Se inseriamo il percorso di un file .exe (ad esempio, EDR.exe) nella chiave DedicatedDumpFile , Windows aprirà il file all’avvio, causando l’utilizzo del file .exe.
Questo può causare il crash di un processo protetto, come un EDR? Certo che sì.
Ho creato un semplice script PowerShell che aggiunge la chiave DedicatedDumpFile con il valore di un percorso .exe (EDRService.exe).
Come puoi vedere nell’immagine sottostante, la chiave è stata aggiunta correttamente.
Naturalmente è necessario un riavvio perché la chiave venga aggiunta in HKLM .
Dopo il riavvio, come accennato in precedenza, il processo EDR non può essere avviato perché il servizio è in uso.
Ora siamo in grado di eseguire le azioni desiderate senza l’interazione dell’EDR.
Questa tecnica è stata testata su otto EDR e solo uno di essi l’ha bloccata, non a causa di DedicatedDumpFile, ma perché controlla se una chiave di registro è scritta con il suo nome.
L'articolo Come disabilitare un EDR tramite registro? Con il DedicatedDumpFile proviene da il blog della sicurezza informatica.
Dodecahedron Speaker Is Biblically Accurate
Once upon a time, many radios and TVs only came with a single (mono) speaker. Then someone decided all audio hardware should have as many speakers as we have ears. That was until [Olivia] came along, and whipped up a dodecahedron speaker as an educational piece for workshops. Really, it shows us that twelve speakers should be the minimum standard going forward.
The speaker relies on a 3D-printed frame. The dodecahedron shell is assembled from 12 individual faces, each of which hosts a small individual speaker. Multichannel audio fans shouldn’t get too excited—all twelve speakers are wired to the same input in four groups of three, making this essentially an exceptionally complicated mono device. It might sound silly, but it’s actually a great way to deliver audio in many directions all at once. [Olivia] even went to the effort of running some sweep tests in anechoic and reverberation chambers to see how they performed, which is a fun bit of extra detail in the build log.
[Olivia] notes that these unique speakers are great as a beginner workshop build. They’re easy to modify in various ways to suit different ideas or levels of ability, and they can be made for less than $30 a pop. We’d love to see an advanced version that maybe packed in a lithium battery and a Bluetooth module to make them a standalone audio device. Video after the break.
youtube.com/embed/bOk2Ty-xNDM?…
How A Failed Video Format Spawned A New Kind of Microscope
The video cassette tape was really the first successful home video format; discs just couldn’t compete back in the early days. That’s not to say nobody tried, however, with RCA’s VideoDisc a valiant effort that ultimately fell flat on its face. However, the forgotten format did have one benefit, in that it led to the development of an entirely new kind of microscope, as explained by IEEE Spectrum.
The full story is well worth the read; the short version is that it all comes down to capacitance. RCA’s VideoDisc format was unique in that it didn’t use reflective surfaces or magnetic states to represent data. Instead, the data was effectively stored as capacitance changes. As a conductive stylus rode through an undulating groove in a carbon-impregnated PVC disc, the capacitance between the stylus and the disc changed. This capacitance was effectively placed into a resonant circuit, where it would alter the frequency over time, delivering an FM signal that could be decoded into video and audio by the VideoDisc player.
The VideoDisc had a capacitance sensor that could detect such fine changes in capacitance, that it led to the development of the Scanning Capacitance Microscope (SCM). The same techniques used to read and inspect VideoDiscs for quality control could be put to good use in the field of semiconductors. The sensors were able to be used to detect tiny changes in capacitance from dopants in a semiconductor sample, and the SCM soon became an important tool in the industry.
It’s perhaps a more inspiring discovery than when cheeky troublemakers figured out you could use BluRay diodes to pop balloons. Still fun, though. An advertisement for the RCA VideoDisc is your video after the break.
youtube.com/embed/h184c9WJ8uY?…
Build Your Own 6K Camera
[Curious Scientist] has been working with some image sensors. The latest project around it is a 6K camera. Of course, the sensor gives you a lot of it, but it also requires some off-the-shelf parts and, of course, some 3D printed components.
An off-the-shelf part of a case provides a reliable C mount. There’s also an IR filter in a 3D-printed bracket.
The processor gets hot, so he used different heat sinks and a fan, too. Overall, this isn’t much custom electronics, but this is an excellent example of assembling existing parts with high-quality 3D printed components.
Heat-set inserts provide a tripon mount. There’s also a custom HDMI monitor mount if you don’t want to use your phone as a viewfinder. One neat oddity that helps is a USB-A cable that splits into three USB-C connectors. Of course, only one of them has data lines. The other two feed power to different parts of the camera.
A good-looking build. At a glance, you could easily think this was a commercial product. We do like these digital camera builds, but we also find 3D printed film cameras fascinating. If 6K is too much for you, you can always downsize.
youtube.com/embed/idA1_AyZoek?…
Calculator Battery Mod Lets You Go the Distance
Disposable batteries seem so 1990s. Sure, it’s nice to be able to spend a couple of bucks at the drugstore and get a flashlight or TV remote back in the game, but when the device is a daily driver, rechargeable batteries sure seem to make more financial sense. Unfortunately, what makes sense to the end user doesn’t always make sense to manufacturers, so rolling your own rechargeable calculator battery pack might be your best option.
This slick hack comes to us from [Magmabow], who uses a Casio FXCG50 calculator, a known battery hog. With regular use, it goes through a set of four alkaline AA batteries every couple of months, which adds up quickly. In search of a visually clean build, [Magmabow] based the build around the biggest LiPo pillow-pack he could find that would fit inside the empty battery compartment, and planned to tap into the calculator’s existing USB port for charging. A custom PCB provides charging control and boosts the nominal 3.7-volt output of the battery to the 5-ish volts the calculator wants to see. The PCB design is quite clever; it spans across the battery compartment, with its output feeding directly into the spring contacts normally used for the AAs. A 3D-printed insert keeps the LiPo and the PCB in place inside the battery compartment.
Almost no modifications to the calculator are needed, other than a couple of bodge wires to connect the battery pack to the calculator’s USB port. The downside is that the calculator’s battery status indicator won’t work anymore since the controller will just shut the 5-volt output down when the LiPo is discharged. It seems like there might be a simple fix for that, but implementing it on such a small PCB could be quite a challenge, in which case a calculator with a little more room to work with might be nice.
youtube.com/embed/S9CCIyYRlEc?…
Automatic Feeder Keeps Fish Sated
[Noisy Electrons] is a maker who also likes to keep fish. He sometimes needs to travel and keep his fish fed in the meantime, so he created an automated solution to handle that for him.
The build is based around an STM32 microcontroller, paired with a MCP7940N real-time clock to keep time. The microcontroller is hooked up to a few buttons and a small display to serve as an interface, allowing the feeding times and dosage amounts to be configured right on the device. Food is distributed from a 3D printed drum with a hole in it, which is rotated via a stepper motor. Each time the drum rotates, some food falls through the hole and into the tank. Dosage amount is measured in rotations — the more times the drum rotates, the more food is delivered to the fish.
[Noisy Electron] built three of these devices for three separate tanks. Thus far, it’s been three weeks and all the fish are still alive, so we’ll take that as a vote of confidence in the build. We’ve featured some other great pet feeders over the years, too
youtube.com/embed/mMoiuHav7VQ?…
Hacking RAN: i servizi segreti USA scoprono una rete cellulare clandestina a New York
I servizi segreti statunitensi hanno riferito di aver scoperto e sequestrato una rete di apparecchiature di telecomunicazione nell’area di New York in grado di interrompere il servizio di telefonia mobile.
I dispositivi si trovavano nei pressi dell’Assemblea Generale delle Nazioni Unite, alla quale questa settimana hanno partecipato decine di leader mondiali.
Secondo l’agenzia, la rete comprendeva oltre 100.000 schede SIM e circa 300 server. Le apparecchiature consentivano l’invio di messaggi anonimi crittografati e potevano interferire con i servizi di emergenza.
Secondo un funzionario, il sistema era in grado di inviare fino a 30 milioni di messaggi di testo al minuto e i Servizi Segreti non avevano mai assistito a un’operazione di tale portata prima.
“Considerati i tempi, il luogo e il potenziale di notevoli disagi alle reti di telecomunicazioni di New York City che questi dispositivi avrebbero potuto causare, l’agenzia è intervenuta rapidamente per chiudere la rete“, ha affermato il Secret Service in una nota.
L’attrezzatura è stata scoperta ad agosto in diversi siti entro un raggio di 56 chilometri dalla sede centrale delle Nazioni Unite.
La scoperta è avvenuta a seguito di un’indagine durata mesi, iniziata dopo che tre alti funzionari statunitensi avevano ricevuto “minacce telefoniche” anonime in primavera. Tra loro c’erano un agente dei Servizi Segreti e due funzionari della Casa Bianca.
Un’analisi iniziale dei dati di alcune schede SIM ha rivelato collegamenti con almeno un governo straniero, nonché con criminali già noti alle forze dell’ordine statunitensi, inclusi membri di un cartello.
“Continueremo a indagare su chi si cela dietro questa rete e quali fossero i suoi obiettivi, inclusa la potenziale interruzione delle comunicazioni governative e di emergenza durante la visita dei leader mondiali a New York“, ha dichiarato Matt McCool, capo dell’ufficio newyorkese dei Servizi Segreti.
Le fotografie pubblicate mostrano rack di server pieni di schede SIM e antenne. Secondo McCool, questa rete avrebbe potuto disabilitare le torri cellulari e “paralizzare di fatto le reti mobili”.
Gli esperti hanno definito l’operazione costosa e tecnologicamente avanzata. Secondo Anthony Ferrante, responsabile della sicurezza informatica presso la società di consulenza FTI ed ex funzionario della Casa Bianca e dell’FBI, la rete scoperta era probabilmente un’operazione di spionaggio. Ha aggiunto che tali apparecchiature potrebbero essere utilizzate anche per intercettare le comunicazioni.
L’operazione ha coinvolto anche il Dipartimento di Giustizia degli Stati Uniti, il Dipartimento di Polizia di New York, l’Office of National Intelligence e l’Homeland Security Investigations. Secondo McCool, l’indagine è in corso e “non c’è motivo di credere che dispositivi simili non vengano trovati in altre città”.
Durante la perquisizione, oltre ai server SIM, gli agenti hanno scoperto anche sostanze proibite, armi illegali, computer e telefoni cellulari.
L'articolo Hacking RAN: i servizi segreti USA scoprono una rete cellulare clandestina a New York proviene da il blog della sicurezza informatica.
2025 Hackaday Superconference: Announcing our Workshops and Tickets
Can you feel the nip of fall in the air? That can only mean one thing: Supercon is just around the corner. The next few weeks are going to bring a blitz of Supercon-related reveals, and we’re starting off with a big one: the workshops.
Supercon is the Ultimate Hardware Conference, and you need to be there to attend a workshop. Both workshop and general admission tickets are on sale now! Don’t wait — they sell out fast.
Kody Kinzie
Meshtastic for Beginners: Solder Your Own Cat-Themed LoRa Weather Station!
If you’ve wanted to create off-grid, encrypted mesh networks that can span over a hundred miles, this class will serve as a beginner’s guide to Meshtastic. We’ll be soldering and setting up our own custom cat-themed Meshtastic weather station nodes!
Seth Hillbrand
Level Up Your Board Game with KiCad
This workshop will teach you how to use KiCad with other common open-source tools, including Inkscape and FreeCAD, to level up your board game. We’ll make a beautiful PCB-based board game. You’ll learn techniques for better circuit layout, art transfer, case fitting, and 3D modeling.
Pat Deegan
Tiny Tapeout
In this workshop, participants will get the opportunity to design and manufacture their own design on an ASIC! Participants will learn the basics of digital logic, the basics of how semiconductors are designed and made, how to use an online digital design tool to build and simulate a simple design, and how to create the GDS files for manufacture on the open-source Sky130 PDK. Participants will have the option to submit their designs for manufacturing on the next shuttle as part of the Tiny Tapeout project.
Estefannie and Bob Hickman
Bling It On: Programming Your Own Generative Art Matrix
In this intermediate-level maker workshop, you will learn the fundamentals of generative algorithms and apply them using either Circuit Python or C++ to create a dynamic display that can pull data over WiFi from one or more APIs and use the data to visualize some generative art. The results will be beautiful and practical, and attendees will leave with an amazing 130 mm x 130 mm LED matrix.
Shawn Hymel
Introduction to Embedded Rust
Rust curious? This hands-on workshop will introduce you to this fascinating (relatively) new language and how you can use it to develop firmware for your various microcontroller projects. We’ll cover the basics of Rust’s ownership model, blink an LED (as you do), and read from an I2C sensor. (Shawn’s workshop is sponsored by DigiKey.)
November is just around the corner. Get your tickets now and we’ll see you at Supercon!