Kritik sah

It’s hurricane season in the northern hemisphere right now, and plenty of news and weather organizations remain dedicated to alerting people if a storm is about to impact their area. There’s no shortage of ways to receive this information, either. We all have our favorite weather app or forecasting site, and there are emergency alerts to cell phones, TV, and radio stations as well. If none of that suits you, though, you can also roll out your own weather alert readerboard . [Damaged Dolphin] built a weather alert readerboard using a Raspberry Pi and a 64×128 LED matrix. The Raspberry Pi runs Raspbian and uses a HAT from Adafruit, and once connected to the internet pulls down weather information for a specific area using custom python code. From there it can display any emergency weather alerts instantly on the readerboard screen including alerts for hurricanes. It does rely on data from the National Weather Service though, so if that is not available in your area some modifications wi...

[Jean-Francois Debroux] spent 35 years designing analog ASICs. He’s started a book and while it isn’t finished — indeed he says it may never be — the 180 pages he posted on LinkedIn are a pretty good read. The 46 sections are well organized, although some are placeholders. There are sections on design flow and the technical aspects of design. Examples range from a square root circuit to a sigma-delta modulator, although some of them are not complete yet. There are also sections on math, physics, common electronics, materials, and tools. The text is decidedly practical. For example, there’s a succinct summary of what a MOSFET channel width and length do to parameters such as capacitance, noise, and saturated resistance. If you prefer a PDF copy, here’s a tip. When viewing the document, click on the full-screen button. Then at the top, you’ll see a download button. The link there looks as though it isn’t a static link, so you’ll need to visit the post yourself to do the download. I...

To get the perfect mix for your paint, you need a good shake that is as random as possible. [Mark Rhodes] wanted to automate the process of mixing paint, so he built a 3D printed shaker to thoroughly shake small paint bottles. Using only a single motor, it shakes the bottle along three axes of rotation and one axis of translation. A cylindrical container is attached to a U-shaped bracket on each end, which in turn is attached to a rotating shaft. Only one of these shafts are powered, the other is effectively an idler. When turned on, it rotates the cylinder partially around the pitch and yaw axis, 360 degrees around the roll axis, and reciprocates it back and forth. The design appears to be based on an industrial mixer known as a “ Turbula “. Another interesting feature is how it holds the paint bottle in the cylinder. Several bands are stretched along the inside of the cylinder, and by rotating one of the rings at the end, it creates an hourglass-shaped web that can tightly hold the...

from Packet Storm https://ift.tt/34Pi8Wk

from Packet Storm https://ift.tt/31NULe9

Red Hat Security Advisory 2020-3581-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Issues addressed include a password leak vulnerability. from Packet Storm https://ift.tt/3lxGVUQ

Gentoo Linux Security Advisory 202008-24 - Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in the arbitrary execution of code. Versions less than 8.262_p01:8 are affected. from Packet Storm https://ift.tt/3jARm8x

Gentoo Linux Security Advisory 202008-23 - A vulnerability in chrony may allow a privileged attacker to cause data loss via a symlink. Versions less than 3.5.1 are affected. from Packet Storm https://ift.tt/2QGXJug

Gentoo Linux Security Advisory 202008-22 - Multiple vulnerabilities have been found in targetcli-fb, the worst of which could result in privilege escalation. Versions less than 2.1.53 are affected. from Packet Storm https://ift.tt/3bbFnuZ

Apache2 suffers from an incorrect handling of large requests issue in mod_proxy_uwsgi. from Packet Storm https://ift.tt/3bcwPUx

CMS Made Simple version 2.2.14 suffers from an authenticated remote shell upload vulnerability. from Packet Storm https://ift.tt/2EKxaBP

Gentoo Linux Security Advisory 202008-21 - A vulnerability in Kleopatra allows arbitrary execution of code. Versions less than 20.04.3-r1 are affected. from Packet Storm https://ift.tt/3lAOn1C

Gentoo Linux Security Advisory 202008-20 - Multiple vulnerabilities have been found in GPL Ghostscript, the worst of which could result in the arbitrary execution of code. Versions less than 9.52 are affected. from Packet Storm https://ift.tt/3lsNjwy

Fuel CMS version 1.4.8 suffers from an authenticated remote SQL injection vulnerability. from Packet Storm https://ift.tt/2EI7oyj

Gentoo Linux Security Advisory 202008-19 - Multiple vulnerabilities have been found in BIND, the worst of which could result in a Denial of Service condition. Versions less than 9.16.6 are affected. from Packet Storm https://ift.tt/3lxGLgc

BlazeDVD version 7.0 Professional local SEH/ASLR/DEP buffer overflow exploit. from Packet Storm https://ift.tt/2EPwzio

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them. from Packet Storm https://ift.tt/3gLxXQn

MikroTik RouterOS suffers from NULL pointer dereference, memory corruption and division by zero vulnerabilities. from Packet Storm https://ift.tt/2ELKYMq

The VSIX Installer of Visual Studio allows for revival of expired code-signing certificates and modification of timestamps. from Packet Storm https://ift.tt/3gHfPa3

Online Book Store version 1.0 suffers from a remote SQL injection vulnerability. from Packet Storm https://ift.tt/3hQp7lO

TP-Link WDR4300 with firmware versions 3.13.33 and 3.14.3 post-authentication remote code execution exploit. from Packet Storm https://ift.tt/3ltr7CF

Conductive filament isn’t an ideal electrical conductor, but it’s a 3D-printable one and that’s what makes [Hercemer]’s 3D-printed flashlight using conductive filament work. Every part of the flashlight is printed except for the 9 volt battery and LEDs. Electrically speaking, the flashlight is a small number of LEDs connected in parallel to the terminals of the battery, and turning it on or off is done by twisting or loosening a cap to make or break the connection. The main part of the build is a 3D-printed conductive cylinder surrounded by a printed conductive ring with an insulator between them. This disk- or pad-shaped assembly forms not only the electrical connection between the LEDs and battery terminals, but also physically holds the LEDs. To attach them, [Hercemer] simply melts them right in. He uses a soldering iron to heat up the leads, and presses them into the 3D-printed conductive block while hot. The 9 V battery’s terminals contact the bottom when the end cap is twisted...

Kotlin is a relatively new programming language; a derivative of Java with lots of little handy functional bits such as coroutines . [Foalyy] is porting an app to Android and learning Kotlin at the same time, and after wrapping their mind around coroutines, has written up a concise five-part tutorial on them . Coroutines in Kotlin are a way to simplify writing asynchronous code, which is code that doesn’t necessarily execute in the order it is written. Coroutines are like light-weight threads that can be launched and managed easily, making it simpler to bridge together blocking and non-blocking code. (However, coroutines are not threads. They are more akin to suspending functions that play very well together.) [Foalyy] found that the official Kotlin documentation on coroutines went into great detail on how coroutines function, but wanted a more bottom-up approach to understanding how they work and can be used. Luckily for anyone who thinks the same way, [Foalyy] wrote it all up and...

As we stare dejectedly at our screens and consider what might have been during the 2020 summer that didn’t quite happen, here’s a little something to look forward to in a future where the COVID-19 pandemic will with any luck be much less of a threat. We have have had precious little in the way of events in 2020, but the call for participation has been announced for one of the largest planned for 2021 . MCH2021 will be big European summer camp of next year, and is scheduled for the 6th to the 10th of August at Scoutinglandgoed Zeewolde in the Netherlands province of Flevoland. It will be the latest in a long line of such events going back to 1989, and with such a track record we know it’s going to be a good one. We know that among our community are many people who’ll be interested in going to MCH, and that each and every one of you will have some fascinating insights that others would love to hear about. The challenge of the MCH orga is to bestow upon you the courage to stand up in fro...

When [marzsman]’s eight-year-old daughter thought up a game they could play together involving rainbows, he was all ears. She is a certified rainbow expert, after all. They had a few R&D sessions and came up with a rainbow sorting speed trial game that looks fun to play and fairly easy to build . Press that blue button on the side, and the RGB LEDs along the top are put in randomized order. The object of this game is simple — just sort the rainbow before the other player by pressing each LED’s corresponding arcade button. Whoever sorts faster is rewarded with a rainbow animation behind their set of way-cool clear buttons. Inside the laser-cut box is an Espruino, which is a handy little microcontroller that speaks JavaScript. All of the arcade buttons are wired up as a key matrix. The astute among you have noticed there is six of everything, and that’s because indigo light is too hard to distinguish from blue. Check out the intense gameplay after the break. If [marzsman]’s daught...

Tech history is rife with examples of bizarre product demos, but we’ve got to think that Elon Musk’s Neuralink demo this week will have to rank up there with the weirdest of them. Elon’s job here was to sell the proposition that having a quarter-sized plug removed from your skull by a surgical robot and having it plunge 1,024 tiny wires into your gray matter will be totally normal and something that all the cool kids will be doing someday. We watched the 14-minute supercut of the demo , which went on for considerably longer than that due to the realities of pig wrangling, and we remain unsold on the technology. Elon selling it as “a Fitbit in your skull, with tiny wires” probably didn’t help, nor did the somewhat terrifying appearance of the surgical robot needed to do the job. On the other hand, Gertrude the Bionic Pig seemed none the worse for her implant, which was reportedly wired to her snout and sending data wirelessly. The demonstration of reading joint positions directly from ...

They say that imitation is the sincerest form of flattery. If we were going to imitate one of master circuit sculptor Mohite Bhoite’s creations, we’d probably pick the little blinky solar satellite as a jumping off point just like [richardsappia] did. It’s cute, it’s functional, and it involves solar power and supercapacitors. What more could you want? SATtiny is a pummer , which is BEAM robotics speak for a bot that soaks up the sun all day and blinks (or ‘pumms’, we suppose) for as long as it can throughout the night on the juice it collected. This one uses four mini solar panels to charge up a 4 F supercapacitor. At the controls is an ATtiny25V, which checks every eight seconds to see if the supercapacitor is charging or not as long as there is enough light. Once night has fallen, the two red LEDs will pumm like a pair of chums until the power runs out. Check out the brief demo after the break. Would you rather have something more nightstand-friendly? Here’s a mini night light sc...

Retailers have instituted enhanced cleaning procedures in response to the COVID-19 pandemic, with an aim to keep frequently touched surfaces as clean as possible. Certainly one of the most commonly handled objects in the entire store is the payment terminal by the register, and the PIN pad specifically. Which is why [Josh Starnes] is working on a UV sterilizer that mounts onto a standard credit card terminal . It’s a simple enough idea, but as is often the case, figuring out how to properly execute it is where things get tricky. [Josh] has already moved through several design iterations for his 3D printed enclosure in an attempt to make something that’s unobtrusive enough to be practical. The goal is to make something that the user won’t mistake for some kind of skimming device, which can certainly be tricky . The skeptics in the audience will be happy to hear that [Josh] isn’t bothering with an LED UV source, either. We’ve all seen the pitfalls of trying to sanitize using UV LEDs , ...

Plenty of people don’t bother to read the  current newspaper, let alone editions that were published over 100 years ago. But there’s a wealth of important historical information buried in these dusty old publications, assuming you can find a way to reliably digitize and index it all. You might think the solution is as simple as running images of the paper through optical character recognition (OCR) software, but as [John Scancella] explains, the problem is a bit more complicated than that . Stretching the text vertically highlights the columns. Ultimately, the issue largely comes down to formatting. The OCR software reasonably assumes all the text is in orderly horizontal lines, because in the vast majority of cases, it would be. That’s how you’re reading these words now. But as anyone who’s seen an old time newspaper knows, that’s not how things were necessarily written back then. Pages consisted of multiple narrow columns of stories separated by vertical lines; if the OCR tr...

The joys of overengineering a simple gift. [Joren] wanted to create a dress for his daughter’s fourth birthday that would react with lights in sequence for a song from Frozen . The dress and an LED strip, along with a digital microphone and a battery were easy to procure. But how to make it all work? An ESP32 did the trick. While the project’s name–Olaf–sounds like it was from Frozen, according to the GitHub page it actually means Overly Lightweight Acoustic Fingerprinting. Right. However, as the name implies, it can learn to identify any sound you want. One interesting twist. The code is in C, so running it through Emscripten allows the code to run in your browser and you can watch it work alongside a YouTube video of the movie. You can see in the image above that the fingerprint screen gets red dots until it matches the audio and then the dots turn green, indicating a match. Even if you don’t want a magic Frozen dress, the code on GitHub could be a good starting point for develo...

Humans continuously communicate with our bodies, and face masks cover one of the most expressive parts. For some, this is a muffler on strangers, but devastating for people who rely on lip-reading. Several masks exist that have a clear window for precisely this purpose, but they’re specialty and high-demand. [Erin St Blaine] over at Adafruit shows how she makes windowed masks with stuff you may already have in your house. Even if your sewing machine is locked up the local maker-space, you are in luck, because you don’t need a single stitch. For the thread-inclined, it is easy to tweak the recipe. The part of the mask that touches your face is terry cloth, but any breathable cotton towel should work. There is a PDF in the instructions where you can print templates in four sizes. You will also find a cutout for the plastic window salvaged from your cold soft drink cup. A water bottle should work too. Flexible glue holds the fabric together, but to attach the ear-loops, we fall back on ...

The half-track is a vehicle design that has gradually fallen out of favour in the decades since World War II. Combining the benefits of easy driving and handling of wheeled vehicles with the strong mud and snow performance of a tracked vehicle, they served a niche before largely being phased out with the rise of the armoured personnel carrier. [JackCarter] wished to build his own, so whipped up a lasercut RC version of the SdKfz 251 22. The work is impressive, with [JackCarter] creating the design in Solidworks from photos and illustrations of the vehicle. The moving parts are lasercut, including the tracks themselves, assembled from many tiny lasercut MDF parts. The benefit of using lasercutting to make the model is that it was easy for [Jack Carter] to create simple jigs to ease the process of putting the tracks together. A NodeMCU with a motor shield controls the gear motors used to drive the tracks, and drives a servo for steering. Control is via a smartphone, thanks to the Blynk ...

Most hobby-grade software defined radio setups don’t transmit. Of the few that do, most of them put out anemic levels around one milliwatt or so. If you want to do something outside of the lab, you’ll need an amplifier and that’s what [Tech Minds] shows how to do in a recent video . (Embedded below.) The video covers LimeSDR, HackRF, and the Pluto SDR, although the amplifiers should work with any transmitter. The SPF5189Z module is quite cheap and covers 50 MHz to 4 GHz, amplifying everything you throw at it. The downside is that it will amplify everything you throw at it, even parts of the signal you don’t want, such as spurs and harmonics. There are other modules, depending on your needs. The CN0417 covers a very narrow range from 2.4 GHz to 2.5 GHz. (If you can call 100 MHz bandwidth “narrow”.) The RF2126 will cover from 400 Mhz to 2.7 GHz. None of these are powerhouses. The maximum 20 dB gain will only give you a watt or so out with the minimal drive from most SDR transmitters. ...

Big fizzing electrical arcs are fun, and handled properly, not too dangerous either. The Jacob’s Ladder is one such piece of arc-generating equipment, one that featured heavily in vintage sci-fi films. It remains a charming demonstration of high-voltage electrical principles, and you can easily build your own mini version at home . The build starts with a basic high-voltage step-up kit that turns 4V DC into 15 kV at the output. At this voltage level, it’s possible to generate an arc in air. To create the Jacob’s ladder, the kit is wired up to a pair of closely-spaced electrodes that slowly get farther apart as they go up vertically. When an arc jumps from one electrode to the other, it ionises the air, and the voltage sags due to the current flow. The flowing current heats up the air, which begins to rise, taking the current path with it, causing the familiar climbing arc we all know and love. As the distance between the electrodes increases towards the top, the arc can eventually no ...

Millions of people all over the world don’t have access to clean drinking water, and it’s largely because of pollution by corporations and individuals. Solving this problem requires an affordable, scalable way to quickly judge water quality, package the data, and present it to an authority that can crack down on the polluters before the evidence dissipates. Ideally, the solution would be open source and easy to replicate. The more citizen scientists, the better. [Andrei Florian]’s WaterAid flows directly from this line of thinking. Dip this small handheld device below the surface, and it quickly takes a bunch of water quality and atmospheric readings, averages them, and sends the data to a web dashboard using an Arduino MKR GSM . WaterAid judges quality by testing the pH and the turbidity of the water, which gauges the amount of impurities. Commercial turbidity sensors work by measuring the amount of light scattered by the solids present in a liquid, so [Andrei] made a DIY version wi...

Microwaves used to be simple to use. Set the dial for the desired time, and hit start. Then, everything went digital and the average microwave now takes between four and six button presses in precise order just to start heating. Music players have gone down a similar path, and those that grew up in the era of vinyl records can find modern digital media simply too hard to work with. To solve this problem, [ananords] whipped up Juuke, a music player focused on ease of use . The Juuke has a simplistic interface intended to be as easy to use as possible. Songs are selected using printed cards with embedded RFID tags – placing them on the Juuke triggers playback. Volume is controlled with a simple knob, and the only two buttons are for play/pause and shuffle mode. Underneath, an Arduino Uno runs the show, hooked up to a RC522 RFID interface board. Music is handled by the DFPlayer mini, which loads tracks off a microSD card. The DFPlayer can be hooked up to a speaker directly, but there’s ...

This week our own [Donald Papp] wrote a thought-provoking piece on buying and selling 3D-printer models . His basic point: if you don’t know what you’re getting until you’ve purchased it, and there’s no refund policy, how can you tell if your money is being well spent? It’s a serious problem for these nascent markets , because when customers aren’t satisfied they won’t come back. It got me thinking about my own experience, albeit with all of the free 3D models out there. They are a supremely mixed bag, and even though you’re not paying for the model, you’re paying in printing time, filament, and effort. It pays to be choosy, and all of [Donald]’s suggestions hold in the “free” market as well. Failenium Falcon. Image by Johannes Only download models that have been printed at least once , have decent documentation about things like layer height, filament type, and support, and to the best of your abilities, be critical about the ability to fabricate the part at all. Fused-deposition...

Your entry for the 2020 Hackaday Prize needs to be in by Monday morning, August 31st! This is the deadline for initial entries, if you’re one of the one hundred lucky projects that advance to the finals you’ll still have another month to polish up your project. Why not make this weekend your own personal hackathon? Entries focus on four challenges outlined by our non-profit partners this year. From improving modular dome housing and developing manufacturing techniques in disaster zones, to designing interfaces for people with physical challenges and protecting natural ocean landscapes, there’s plenty of room to be creative here. In addition to the $50,000 grand prize there are still nine other top prizes up for grabs. You can do this. Tell your story, show a proof of concept, and document it to convince the judges your project is viable. It’ll be tight, but hackers work best when deadlines are looming. We can’t wait to see what you come up with between now and Monday! The Hacka...

Turning on a lightbulb has never been easier. You can do it from your mobile. Voice activation through home assistants is robust. Wall switches even play nicely with the above methods. It was only a matter of time before someone decided to make it fun, if you consider a Rubik’s cube enjoyable. [Alastair Aitchison] at Playful Technology demonstrated that it is possible to trigger a relay when you match all the colors . Video also after the break. The cube does little to obfuscate game data, so in this scope, it sends unencrypted transmissions. An ESP32 with [Alastair]’s Arduino code, can track each movement, and recognize a solved state. In the video, he solves the puzzle, and an actuator releases a balloon. He talks about some other cool things this could do, like home automation or a puzzle room, which is in his wheelhouse judging by the rest of his YouTube channel. We would love to see different actions perform remote tasks. Twisting the top could set a timer for 1-2-3-4-5 minutes,...

As popular as the venerable Yaesu FT-817 transceiver might be with amateur radio operators, it’s not without its flaws, particularly in the user interface department. [Andy (G7UHN)] is painfully familiar with these flaws, so he designed this auxiliary display and control panel for the FT-817 to make operating it a little easier. There are a ton of ways to enjoy ham radio, but one of the more popular ways is to bust out of the shack and operate in the great outdoors. From the seashore to mountain peaks, hams love giving their rigs some fresh air and sunshine. The battery-powered, multimode, all-band FT-817 is great for these jaunts, but to fit as much radio into a small package as they did, Yaesu engineers had to compromise on the controls. Rather than bristling with buttons, many of the most-used features of the radio are buried within menus that require multiple clicks and twists to access. [Andy]’s solution is a PCB bearing an Arduino Nano, an LCD screen, and a whole bunch of actu...

Cats are nature’s born hunters. Whether its rodents, insects, or lasers, they’ll pounce and attack with ruthless efficiency. Built to challenge a cat, or perhaps merely to tease it, Sourino is a robotic mouse built with common off-the-shelf parts . A test subject appears unamused. So named for the combination of Souris (French for “mouse”) and Arduino, the project is driven by an Arduino Nano. Hooked up to three sets of ultrasonic transducers, this gives the robot mouse much improved obstacle avoidance abilities compared to using just a single transducer front-and-centre. The ‘bot can navigate basic mazes or household floors with ease. A pair of geared motors are used for drive, using simple skid-steering to turn corners. It’s all packed in a 3D printed enclosure, which mounts the various components and exposes the ultrasonic sensors. There’s even an IR remote enabling mode selection or full manual control. While the ‘bot lacks the speed and agility of common house mice, it’s neve...

[Ottverse] has an interesting series in progress to demystify video compression. The latest installment promises to explain discrete cosine transforms as though you were five years old. We’ll be honest. At five, we probably didn’t know how to interpret this sentence: …the Discrete Cosine Transform takes a set of N correlated (similar) data-points and returns N de-correlated (dis-similar) data-points (coefficients) in such a way that the energy is compacted in only a few of the coefficients M where M << N. Still, the explanation is pretty clear and we really liked the analogy with the spheres and the stars in a constellation. The example Matlab code is probably also lost on a five-year-old, but we liked it. Anyone, we think, can understand the practical result where removing too much data — high compression — resulted in a poor quality image, but the image quality was pretty good even when 75% of the data vanishes. So while you might not want to show this to your five-yea...

Most of us can say that we have taken an obsolete hard drive out of a computer and felt it was a waste to toss it in the e-waste pile. Some of us have children’s drawings hung on the fridge with actuator magnets, or maybe a vast spreadsheet suspended on a steel filing cabinet. Let us not forget that there is also a high-speed, low-noise motor in there. On some models it is separate from the PCB, so grab an Electronic Speed Controller (ESC), your microcontroller of choice, and make yourself a salvaged HDD centrifuge like [Cave Man] has. His build uses the tray as a chassis, but he modeled and printed a new face in the same style as the original. On top, he has an OLED screen for displaying the requested speed, measured speed, and runtime. Next to the display is a four-button pad with a customized legend for setting parameters. The video after the break shows the machine running through its paces. This version accommodates the tiny capillary tubes, microhematocrit tubes, for processing...

from Packet Storm https://ift.tt/31CMqda

from Packet Storm https://ift.tt/2YLL3aa

from Packet Storm https://ift.tt/3gCoDOF

from Packet Storm https://ift.tt/34EVFva

Gentoo Linux Security Advisory 202008-18 - Multiple vulnerabilities have been found in X.org X11 library, the worst of which could result in the arbitrary execution of code. Versions less than 1.6.12 are affected. from Packet Storm https://ift.tt/2D6iT1N

Symphony CMS version 3.0.0 suffers from a persistent cross site scripting vulnerability. from Packet Storm https://ift.tt/3hJiPV2

WordPress Autoptimize plugin version 2.7.6 suffers from an authenticated remote shell upload vulnerability. from Packet Storm https://ift.tt/2YJSsGW

Gentoo Linux Security Advisory 202008-17 - Multiple vulnerabilities have been found in Redis, the worst of which could result in the arbitrary execution of code. Versions less than 5.0.9 are affected. from Packet Storm https://ift.tt/3gC4Wq4

SUPERAntiSpyware Professional X Trial versions prior to 10.0.1206 suffer from a local privilege escalation vulnerability. from Packet Storm https://ift.tt/3ltJ044

Nagios Log Server version 2.1.6 suffers from a persistent cross site scripting vulnerability. from Packet Storm https://ift.tt/31Dxc7z

Mida eFramework version 2.9.0 suffers from a remote code execution vulnerability. from Packet Storm https://ift.tt/3gC819Q

ASX to MP3 Converter version 3.1.3.7.2010.11.05 .wax local buffer overflow proof of concept exploit with DEP and ASLR bypass. from Packet Storm https://ift.tt/2QvuJFZ

Since Apple switched to Intel chips in the mid-00s, the PowerPC chips from Motorola and the PowerPC Instruction Set Architecture (ISA) that they had been using largely fell by the wayside. While true that niche applications like supercomputing still use the Power ISA on other non-Apple hardware, the days of personal computing with PowerPC are largely gone unless you’re still desperately trying to keep your Power Mac G5 out of the landfill or replaying Twilight Princess. Luckily for enthusiasts, though, the Power ISA is now open source and this group has been working on an open-source laptop based on this architecture . While development is ongoing and there are no end-user products available yet, the progress that this group has made shows promise. They have completed their PCB designs and schematics and have a working bill of materials, including a chassis from Slimbook. There are also prototypes with a T2080RDB development kit and a NXP T2080 processor, although they aren’t running ...

Feature creep is typically something to be avoided, since watching a relatively simple project balloon into a rat’s nest of complexity often leads to ineffective, or even abandoned, projects. On the other hand, if you can maintain a tight focus, it’s not always a bad thing. [cbm80Amiga] shows us how to drill down and add specific features in this single-button timer without losing focus on what the original project was all about. The timer is based on an Arduino Pro Mini and an HX1230 LCD with a simple piezo speaker for audible alerts. A single button controls operation of the timer, with short presses incrementing each digit and long presses moving on to the next digit. Controlling button presses this finely is a project in its own, but then [cbm80Amiga] moves on to other features such as backlight control, low power modes which allow it to operate for around two years on a single battery charge, preset times for various kitchen uses, and different appearance settings. Honestly we ...

Back in the early 1980s, there was a certain fad in making your computer produce something resembling human speech. There were several hardware solutions to this, adding voices to everything from automated telephone systems to video game consoles, all the way to Steve Jobs using the gimmick to introduce Macintosh to the world in 1984. In 1982, a software-based version of this synthesis was released for the Atari 8-bit line of computers, and ever since them [rossumur] has wondered whether or not it could run on the very constrained 2600 . Fast-forward 38 years and he found out that the answer was that yes, it was indeed possible to port a semblance of the original 1982 Software Automatic Mouth (or SAM) to run entirely on the Atari 2600 , without any additional hardware. To be able to fit such a seemingly complicated piece of software into the paltry 128 bytes (yes, bytes) of RAM, [rossumur] actually uses an authoring tool in order to pre-calculate the allophones, and store only those i...

If you live anywhere near the tropics, air conditioning isn’t a luxury but a necessity. The problem however is that humid climates can cause conventional air conditioners to draw more power to dehumidify the air than it requires to just cool it, which increases the power needed to run the unit. Back in 1963, there was a proposal to create a cooling system that didn’t foster condensation and couple it with different methods of removing humidity. Researchers in Singapore have now created such a system . It uses a membrane that is permeable to infrared radiation but prevents condensation around the cooling unit. You can see a video of the apparatus in a pavilion in the Singapore heat in the video below. Chilled water runs through tubes behind a membrane that passes thermal radiation. Since the tubes are not exposed to the ambient atmosphere, condensation is minimal. But heat radiates from the warmer area to the much colder area of the tubes. Desiccant passively dries the air. Does it w...

Despite widespread pandemic cancellations, BornHack still happened this year and they even managed to once again bring an electronic badge to all attendees. If you missed it, I’ve already published an overview of the hacker camp itself . Today let’s dig into the 2020 BornHack badge ! Designed by Thomas Flummer and manufactured in Denmark, it takes the form of a PCB in the shape of a roughly 60 degree circular arc with most of its top side taken up by a 9 by 32 array of SMD LEDs. There is the usual 4-way button array and space for an SAO connector on the rest of the front face, while on the rear are a set of GPIO pads and a pair of AA battery holders for power. Connectivity is via USB-C and infra-red, and usefully there is also a power on/off switch. At the heart of its hardware is a SAMD21G18A ARM Cortex M0+ microcontroller which is perhaps not the most exciting of chips, but the hardware becomes more interesting with the LED drivers. A pair of the IS31FL3731 chips (you may recogni...

ZTE Mobile Hotspot MS910S version DL_MF910S_CN_EUV1.00.01 suffers from having a hard-coded administrative password, busybox vulnerabilities, and having a known backdoor in the GoAhead webserver. from Packet Storm https://ift.tt/3jmXwZO

Eikon Thomson Reuters version 4.0.42144 suffers from a weak permissions issue that can lead to code execution. from Packet Storm https://ift.tt/3jorZqq

Ubuntu Security Notice 4477-1 - Amit Klein discovered that Squid incorrectly validated certain data. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. Régis Leroy discovered that Squid incorrectly validated certain data. A remote attacker could possibly use this issue to perform an HTTP request splitting attack, resulting in cache poisoning. Lubos Uhliarik discovered that Squid incorrectly handled certain Cache Digest response messages sent by trusted peers. A remote attacker could possibly use this issue to cause Squid to consume resources, resulting in a denial of service. Various other issues were also addressed. from Packet Storm https://ift.tt/2YINaeJ

Ubuntu Security Notice 4476-1 - It was discovered that NSS incorrectly handled some inputs. An attacker could possibly use this issue to expose sensitive information. from Packet Storm https://ift.tt/3jdQUga

Red Hat Security Advisory 2020-3574-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include bypass and code execution vulnerabilities. from Packet Storm https://ift.tt/3gyNbIf

Soldering irons are a personal tool. Some folks need them on the cool side, and some like it hot. Getting it right takes some practice and experience, but when you find a tip and temp that works, you stick with it. [Riccardo Pittini] landed somewhere in the middle with his open-source soldering station, Soldering RT1 . When you start it up, it asks what temperature you want, and it heats up. Easy-peasy. When you are ready to get fancy, you can plug in a second iron, run off a car battery, record preset temperatures, limit your duty-cycle, and open a serial connection. The controller has an Arduino bootloader on a 32u4 processor, so it looks like a ProMicro to your computer. The system works with the RT series of Weller tips, which have a comprehensive lineup. [Riccardo] also recreated SMD tweezers, and you can find everything at his Tindie store . Soldering has a way of bringing out opinions from novices to masters. If we could interview our younger selves, we’d have a few nuggets of...

Virtual reality is usually an isolated individual experience very different from the shared group experience of a movie screen or even a living room TV. But those worlds of entertainment are more closely intertwined than most audiences are aware. Video game engines have been taking a growing role in film and television production behind the scenes, and now they’re stepping out in front of the camera in a big way for making The Mandalorian TV series . Big in this case is a three-quarters cylindrical LED array 75 ft (23 m) in diameter and 20 ft (6 m) high. But the LEDs covering its walls and ceiling aren’t pointing outwards like some installation for Times Square. This setup, called the Volume, points inward to display background images for camera and crew working within. It’s an immersive LED backdrop and stage environment. Incorporating projected imagery on stage is a technique going at least as far back as 1933’s King Kong , but it is very limited. Lighting and camera motion has to...