Kritik sah

We doubt you’ll be driving a Bugatti Bolide anytime soon. It’s a bit of a showy concept car, and it really is pushing some limits on what you can 3D print in an automobile. As you can imagine, they aren’t printing car parts out of ABS or PLA. According to The Drive, the prints use selective laser melting with titanium to make some impressively strong and light parts. It isn’t just the material that makes the 3D prints strong. Bugatti actually patented the internal structure of some parts which are almost bone-like. By having the parts largely hollow, the weight is cut. But fine internal structure creates very strong parts. How strong? A 3.52 ounce pushrod can handle up to 3.85 tons. The printed titanium is apparently heat-treated to increase its resistance to fracture strains. In addition to titanium, some of the concept car’s parts are printed ceramic which insulates some components from heat. The printing process can apparently get resolutions down to 0.1 mm. Many parts are quite

Much like us, [AGBarber] digs all the infinity polyhedra already out there, but laments the fact that almost all of them are too large to be used as desktop distractions conversation pieces. That’s probably because it’s a lot easier to build ’em big, but that didn’t stop [AGBarber] from trying, succeeding spectacularly, and paving the way for anyone who wants to take on the challenge of building a dazzling desk toy of their own . We all know that all those little strips of LEDs have to be chained together somehow. Wires would work fine in a larger version, but at roughly softball size, they become a tedious and fiddly nightmare. So what did [AGBarber] do instead? That’s right, they designed two different types of custom corner PCBs. The 3D printed brackets that hold the LEDs and the panels together are no cakewalk, either — [AGBarber] recommends using a resin printer if you have access to one, though it isn’t strictly required. Everything about this project is open source, including

There are an awful lot of machines on the market these days that fall under the broad category of “cheap Chinese laser cutters”. You know the type — the K40s, the no-name benchtop CO2 cutters, the bigger floor-mount units. If you’ve recently purchased one of these machines from one of the usual vendors, or even if you’re just thinking about doing so, you’ll likely have some questions. In which case, this “Chinese Laser Cutters 101” online class might be right up your alley. We got wind of this though its organizer, Jonathan Schwartz of American Laser Cutter in Los Angeles, who says he’s been installing, repairing, and using laser cutters for a decade now. The free class will be on February 8 at 5:00 PM PST, and while it’s open to all, it does require registration . We got an interesting tip the other day that had to do with Benford’s Law. We’d never heard of this one, so we assumed was a “joke law” like Murphy’s Law or Betteridge’s Rule of Headlines. But it turns out that Benford’s

Outputting data from a microcontroller over a serial port is convenient and easy, but formatting, visualizing, and analyzing the data can be tedious and frustrating. [Alex Spataru] knows this all too well, having spent too many hours building and debugging custom dashboards. To save himself and others the same frustration in the future, he created Serial Studio , a tool for quickly building dashboards for serial data. The only input required for Serial Studio to create a dashboard is a simple JSON structure specifying the data’s format, and how it should be grouped and displayed. Originally Serial Studio required all the JSON data to be sent over serial, which is fine for simple data but quickly becomes cumbersome for more complex applications. To solve this, [Alex] added a feature allowing the JSON document with the format information loaded from the computer, while only the data is sent over serial. Serial Studio includes several visualization options, including raw line graphs, ba

Using vision technology to identify weeds in agriculture is an area of active development, and a team of researchers recently shared their method of using a combination of machine vision plus depth information to identify and map weeds with the help of OpenCV , the open-source computer vision library. Agriculture is how people get fed, and improving weed management is one of its most important challenges. Many current efforts at weed detection and classification use fancy (and expensive) multispectral cameras, but PhenoCV-WeedCam relies primarily on an OAK-D stereo depth camera. The system is still being developed, but is somewhat further along than a proof of concept. The portable setups use a Raspberry Pi, stereo camera unit, power banks, an Android tablet for interfacing, and currently require an obedient human to move and point them. It’s an interesting peek at the kind of hands-on work that goes into data gathering for development. Armed with loads of field data from many dif

Measuring the usage of domestic utilities such as water, gas or electricity usually boils down to measuring a repetitive pulse signal with respect to time. To make things easy, most modern utility meters have a pulsed LED output, which can be used to monitor the consumption by using an external optical sensor. But what do you do if your meter isn’t so cooperative? That’s exactly what [Francesco] had to figure out while developing the non-invasive gas tracking system he calls ESPmeter . His meter might not have an LED, but it did have a magnet attached to the counter disk which activated an internal hall sensor. With some hacking, he was able to attach an external Hall-effect sensor to pick up this magnet and use the signal to monitor his daily gas consumption. A big stumbling block in such projects is the issue of powering the device for an extended period, and remembering when it’s time to change the batteries. With the clever use of commonly available parts, he was able to reduce

One of the essentials on the bench is some form of hot air gun. Whether it’s a precision tool intended for reworking PCBs or the broad-stroke item used for paint stripping, we’ve all got one somewhere. The paint-stripping variety are pretty cheap, but not as cheap as [Porcas Pregos e Parafusos]’s home made hot air gun . This slightly hair-raising device is made from a variety of junk parts and delivers hot air, though we suspect the possibility for burning the operator remains high. At its heart is one of those mains powered water boiler elements designed to be lowered into a cup or similar, and since such devices would burn out if not cooled in some way, there is a fan from a microwave oven passing air over it. The whole thing sits inside an aluminium cone cut from a circular cake tin, and is held together on a wooden chassis to which the handle and power switch from a defunct electric drill provide the operator with something to hold on to. As you can see from the video below the b

[CuriousMarc] likes to go to surplus stores even though there are fewer of them around. On a recent trip, he found a box that had some parts he thought would work for a temperature controller project. It was marked Dial-A-Level and proudly proclaimed that it had a patent pending. The box was from the 1970s and [Marc] was wondering what the device was meant to do. The device was a bit of a puzzle since it had three oddly-marked probe inputs. A search through the patent database revealed the device was a “capacitance probe for detecting moisture with very long cables.” The idea was to create a capacitor at the end of the cable and use the liquid as a dielectric. The sensor creates a 10 kHz sine wave it uses to excite the probe and an op amp measures the relative capacitive reactance of the probe versus a reference capacitor. The rest of the circuit is a comparator that reacts when the level is at a threshold. We love seeing the old hand-drawn boards from that era. Component designatio

It’s an age-old problem. You draw up a nice 6.5-meter long motorboat and then discover the shape won’t allow for a fiberglass mold. What do you do? If you’re [Moi], you grab a few Kuka robots and 3D print it using thermoplastic with embedded glass fibers. A UV light cures the plastic and you wind up with printed fiberglass. That’s the story behind the MAMBO, a 3D printed powerboat. Despite the color, the fiberglass isn’t blue out of the gate — the boat is painted. Still, it looks nice with lines inspired by [Sonny Levi]’s Arcidiavolo design from 1973. MAMBO stands for Motor Additive Manufacturing BOat. It has a dry weight of about 800 kg and is fitted with a cork floor, white leather seats, and an engine. We presume none of those things were 3D printed. Although it wasn’t fiberglass, we’ve seen a 3D printed boat before. In particular, the University of Maine’s giant 22,000 square foot printer cranked one out . We’ve also seen boats printed in standard PLA filament , which then had fi

[memestra] is a teacher whose life has become a series of videoconferences over the last year or so. With all the classes and meetings, they spend the whole day switching between either Zoom, Teams, or Meet. If anyone needs a single piece of hardware to control them all , it’s [memestra]. Well, and every other teacher out there. The hardware — an Arduino Pro Micro and some buttons — should come as no surprise, except for maybe [memstra]’s use of a resistor network for the LEDs. Still, there’s a lot to like about this little box, starting with the enclosure. That’s not milled or laser-cut metal — each side is a PCB, and they’re all soldered together into a box. We especially like the top panel, which fits down over the PCB that all the components are soldered to. Each of the non-volume buttons has multiple functions that are accessed by pressing, long pressing, or double pressing. But even the volume buttons do double duty: press them together to mute and un-mute. If [memestra] ever f

We like to feature hacks that are affordable and accessible to the average person, but from time to time it’s fun to dream about the projects we’ll tackle when we’re all grown up and stinking rich. [Mike Patey] appears to fall rather comfortably in the latter category, but thankfully he hasn’t lost his “excited kid with big plans” spirit. A talented and experienced experimental aircraft builder, he’s currently working on Scrappy, a small bush plane built to be a short take-off and landing drag racer . Scrappy started life as a Carbon Cub, a modernized kit version of the venerable Piper Super Cub. The only thing left of the original plane is a part of the fuselage frame, with almost everything else being custom. The engine is a 780 cubic inch (13 liter) horizontally opposed 8-cylinder, scavenged from one of [Mike]’s racing planes, and fitting it required extensive structural changes to the fuselage. The paddle-like propeller was intended for an airboat, and is designed for high thrust

It’s the middle of winter for those of us who live in the Northern Hemisphere, which naturally turns minds towards heating, or sometimes the lack of it. It’s particularly difficult for those who rely on a wood stove to escape the feeling that perhaps most of that hard-won heat may be whistling up the chimney rather than keeping them warm. It’s a problem [Lou] has addressed with his DIY chimney heat reclaimer . As can be seen from the video below the break, his stove appears to be in a workshop, and has a long single-wall metal stove pipe. Over the outside of this he’s placed a pair of T pieces joined by a longer length of pipe all of a larger bore, and a mains-powered fan forces air through this air jacket. The result is a continuous flow of hot air that he claims delivers a 45% heat reclamation. We’re curious though whether the reduction in flue temperature might cause extra tar condensation and thus the build-up of flammable material further up the chimney. The stove itself is a dou

For the impatient Nissan owners who may be joining us from Google, a hacker by the name of [ea] has figured out how to get a root shell on the Bosch LCN2kai head unit of their 2015 Xterra , and it looks like the process should be the same for other vehicles in the Nissan family such as the Rogue, Sentra, Altima, and Frontier. If you want to play along at home, all you have to do is write the provided image to a USB flash drive and insert it. Now for those of us who are a more interested in how this whole process works, [ea] was kind of enough to provide a very detailed account of how the exploit was discovered. Starting with getting a spare Linux-powered head unit out of a crashed Xterra to experiment with, the write-up takes the reader through each discovery and privilege escalation that ultimately leads to the development of a non-invasive hack that doesn’t require the user to pull their whole dashboard apart to run. The early stages of the process will look familiar to anyone who

I was reading Joshua Vasquez’s marvelous piece on the capstan equation this week. It’s a short, practical introduction to a single equation that, unless you’re doing something very strange, covers everything you need to know about friction when designing something with a rope or a cable that has to turn a corner or navigate a wiggle. Think of a bike cable or, in Joshua’s case, a moveable dragon-head Chomper. Turns out, there’s math for that! Basically, the more you wrap a cable or rope around something stationary, the more friction you have to deal with. I put this to good advantage last Spring when my son and I were doing some random tree-climbing with ropes. Turns out that four or five loops of climbing rope against fairly frictiony bark is enough to hold the weight of a grown man, with nothing other than the weight of the rope itself on the other end, for instance. I was also using this effect in a recent wall-plotter-bot design that uses simple cable braid instead of the ubiquit

If we had to pick one part to crown as the universal component in the world of analogue electronics, it would have to be the operational amplifier. The humble op-amp can be configured into so many circuit building blocks that it has become an indispensable tool for designers. It’s tempting to treat an op-amp as a triangular black box in a circuit diagram, but understanding its operation gives an insight into analogue electronics that’s worth having. [ Mitsuru Yamada ]’s homemade op-amp using discrete components is thus a project of interest, implementing as it does a complete simple op-amp with five transistors. Looking at the circuit diagram it follows the classic op-amp with a long-tailed pair of NPN transistors driving a PNP gain stage and finally a complimentary emitter follower as an output buffer. It incorporates the feedback capacitor that would have been an external component on early op-amp chips, and it has a couple of variable resistors to adjust the bias. Keen eyed reader

Hackers love their ThinkPads. They’re easy to work on, well documented, and offer plenty of potential for upgrades. For the more daring, there’s also a wide array of community-developed modifications available. For example, [Berry Berry Sneaky] has recently put together a step-by-step guide on swapping the common ThinkPad rectangular charging port (also used on ThinkBooks and other Lenovo machines) for USB-C Power Delivery. Now to be clear, this is not a new concept. But between freely sharing the STL for the 3D printed adapter , providing a full parts list, and providing clear instructions on how to put it all together, [Berry Berry Sneaky] has done a fantastic job of making this particular modification as approachable as possible. For the cost of a common PDC004 Power Delivery “trigger” module and a bit of PETG filament, you can add yet another device to the list of things that work with your shiny new USB-C charger. While not strictly necessary, [Berry Berry Sneaky] recommends ge

Make the move to a split keyboard and the first thing you’ll notice is that you have all this real estate between the two halves. (Well, as long as you’re doing it right). This is the perfect place to keep your cat, your coffee cup, or in [Jacek]’s case, your fantastic DIY trackball mouse . Don’t be fooled by the orange plastic base — all the electronics are rolled up inside that big sexy ball, which [Jacek] printed in two halves and glued together. Inside the ball there’s an Adafruit Feather nRF52840 Sense, which has an onboard accelerometer, gyroscope, and magnetometer. As you’ll see in the video after the break, the Feather takes readings from these and applies a sensor-fusing algorithm to determine the ball’s orientation in 3D space before sending its position to the computer. To send the click events, [Jacek] baked some mouse buttons into the keyboard’s firmware. Among the other Feather sensors is a PDM MEMS microphone, so detecting taps on the ball and translating them to clicks

Abstraction is the core of nearly all progress in computing. Unless you are fabricating your own semiconductors and drawing wire, we all create with building blocks ranging from components like CPUs, to operating system functions, to specialized libraries. Just as you wouldn’t want to spend your time deblocking disk records or rendering fonts for output devices, you probably shouldn’t have to think too much about audio data. While there are some powerful audio processing libraries out there, a new embeddable language called SOUL (SOUnd Language) is now in version 1.0 and wants to help you create efficient code for processing audio. The goal of SOUL is to target a runtime that can run on CPUs, but is better on DSPs. The code aims to be secure and real time with no pointers, garbage collection, and other things that typically interfere with audio processing or security. The code isn’t hard to puzzle out. Here’s the example for cutting audio volume by half: [CODE] processor MinimalG

Most of us make do with the VRAM that came with our graphics cards. We can just wait until the next one comes out and get a little more memory. After all, it’d be madness to try and delicately solder on new components of something so timing-sensitive as RAM chips, right? [VIK-on] took it upon himself to do just that . The inspiration came when a leaked diagram suggested that the RTX 2000 line could support 16 GB of RAM by using 2GB chips. NVIDIA never did release a 16GB version of the 2070, so this card is truly one of a kind. After some careful scouring of the internet, the GDDR6 chips were procured and carefully soldered on with a hot air gun. A few resistors had to be moved to accommodate the new RAM chips. During power-on, [VIK-on] saw all 16 GB enumerate and was able to run some stress tests. Unfortunately, the card wasn’t stable and started having black screen issues and wonky clocks. Whether it was a bad solder joint or firmware issues, it’s hard to say but he is pretty convinc

from Packet Storm https://ift.tt/2L0uTGf

from Packet Storm https://ift.tt/3iURwbC

Gentoo Linux Security Advisory 202101-38 - A vulnerability was discovered in NSD which could allow a local attacker to cause a Denial of Service condition. Versions less than 4.3.4 are affected. from Packet Storm https://ift.tt/36kq1mv

Ubuntu Security Notice 4714-1 - Zhihong Tian and Hui Lu found that XStream was vulnerable to remote code execution. A remote attacker could run arbitrary shell commands by manipulating the processed input stream. It was discovered that XStream was vulnerable to server-side forgery attacks. A remote attacker could request data from internal resources that are not publicly available only by manipulating the processed input stream. Various other issues were also addressed. from Packet Storm https://ift.tt/3t7CZ0U

Metasploit Framework version 6.0.11 msfvenom APK template command injection exploit. from Packet Storm https://ift.tt/3ov9lPN

Packed.Win32.Katusha.o suffers from an insecure permissions vulnerability. from Packet Storm https://ift.tt/3r3sDgA

Backdoor.Win32.MiniBlackLash malware suffers from a denial of service vulnerability. from Packet Storm https://ift.tt/3iUT85a

Online Voting System version 1.0 suffers from an authorization bypass vulnerability that allows for the password change of other users. from Packet Storm https://ift.tt/3adYqof

Red Hat Security Advisory 2021-0299-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.7.0. Issues addressed include an information leakage vulnerability. from Packet Storm https://ift.tt/3ovd7Zo

BloofoxCMS version 0.5.2.1 suffers from a persistent cross site scripting vulnerability. from Packet Storm https://ift.tt/2KXIj5E

Gentoo Linux Security Advisory 202101-37 - A buffer overflow in VLC might allow remote attacker(s) to execute arbitrary code. Versions less than 3.0.12.1 are affected. from Packet Storm https://ift.tt/39tZYeT

Gentoo Linux Security Advisory 202101-36 - A vulnerability in ImageMagick's handling of PDF was discovered possibly allowing code execution. Versions less than 6.9.11.41-r1 are affected. from Packet Storm https://ift.tt/2NDF3NM

Online Grading System version 1.0 suffers from a remote SQL injection vulnerability. from Packet Storm https://ift.tt/3adYnJ5

Backdoor.Win32.Mhtserv.b malware suffers from a missing authentication vulnerability. from Packet Storm https://ift.tt/2YnjNOF

Red Hat Security Advisory 2021-0298-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.7.0. Issues addressed include an information leakage vulnerability. from Packet Storm https://ift.tt/39rEyii

Quick.CMS versions 6.7 and below suffer from an authenticated remote code execution vulnerability. from Packet Storm https://ift.tt/39s5v5u

Home Assistant Community Store (HACS) version 1.10.0 suffers from a path traversal vulnerability that allows for account takeover. from Packet Storm https://ift.tt/2MFklwM

Backdoor.Win32.Zhangpo malware suffers from a denial of service vulnerability. from Packet Storm https://ift.tt/39v1MEl

For as long as super-heroes have existed, they have inspired hacker projects. For [Everett Bradford], emulating the character Pyro from X-Men has been an on and off project for the last decade. His latest version, Pyro System V4 , integrates quite a bit of control electronics to give the rather convincing effect of mind-controlled fire in the palm of his hand. (Video, embedded below.) The system is a motor-actuated slider strapped to [Everett]’s forearm, which pushes a pivoting end-effector with an integrated butane burner into the palm of his hand. The slider runs on 4 mm linear bearings actuated by a small geared DC motor using cables. The end effector is spring-loaded to push it into the palm and integrates a high voltage ignition arc generator circuit, nozzle, and capacitive activation button. The butane gas canister and the valve was cannibalized from a small blow torch lighter, and the valve is actuated by another geared DC motor. The valve actuator, slide actuator, and end-eff

The Raspberry Pi Pico is the latest product in the Raspberry Pi range, and it marks a departure from their previous small Linux-capable boards. The little microcontroller board will surely do well in the Pi Foundation’s core markets, but its RP2040 chip must have something special as a commercial component to avoid being simply another take on an ARM microcontroller that happens to be a bit more expensive and from an unproven manufacturer in the world of chips. Perhaps that special something comes in its on-board Programable IO perhipherals, or PIOs. [CNX Software] have taken an in-depth look at them , which makes for interesting reading. The PIOs are a set of state machines that have their own simple assembly language to execute simple repetitive I/O tasks without requiring the attention of the main processor core. How they can be configured is up to the imagination of the programmer, but examples suggested are extra I2C or SPI buses, or video interfaces. We expect the hacker commun

We wouldn’t be where we are today without Mrs. Coldiron’s middle school typing class. Even though she may have wanted to, she never did use negative reinforcement to improve our typing speed or technique. We unruly teenagers might have learned to type a lot faster if those IBM Selectrics had been wired up for discipline like [3DPrintedLife]’s terrifying, tingle-inducing typist trainer keyboard (YouTube, embedded below). This keyboard uses capsense modules and a neural network to detect whether the user is touch-typing or just hunting and pecking. If you’re doing it wrong, you’ll get a shock from the guts of a prank shock pen every time you peck the T or Y keys. Oh, and just for fun, there’s a 20 V LED bar across the top that is supposed to deter you from looking down at your hands with randomized and blindingly bright strobing light. Twenty-four of the keys are connected in groups of three by finger usage — for example Q, A, and Z are wired to the same capsense module. These are all

Quadcopters have incredible flying abilities, but if one loses just a single motor, it drops like a rock. Researchers from the University of Zurich’s Robotics and Perception Group have proven that this does not need to be the case by keeping a quadcopter flying with only three motors . A quadcopter usually has enough thrust to stay aloft with only three motors, but it will spin uncontrollably in the yaw axis. It is impossible to stop a quadcopter from spinning, so the focus for researchers was on keeping the drone controllable while it’s spinning. To achieve this, accurate position and motion estimation is required, so they attached a pair of cameras to the bottom of the craft for visual-inertial odometry (VIO). One is a normal optical camera, while the other is an event camera, which has pixels that can independently respond to changes in light as they occur. This means that it has better low light performance and does not suffer from motion blur. The feeds from the cameras are anal

Randonauting is the pastime of using random numbers to generate a destination to visit, in the pursuit of adventure. Of course, anything that can be done on a website with a script is even cooler with custom hardware, so [Decker] built a rig for the job.  The device uses a USB hardware random number generator to produce truly  random numbers through quantum effects; at least, according to our best theories of the universe. These numbers are then used to pick a random set of GPS coordinates and a time in which to be there, a fun twist on traditional Randonauting of [Decker]’s own creation. At its heart, it’s a random number generator pumped through some Python scripts. Where this build elevates itself is not in the mechanics, but the presentation. The rig runs on a Raspberry Pi, inside a bell jar, with a vacuum fluorsecent display, fairy lights and plumbing components. It plays on the cyberpunk aesthetic, and it’s so much harder to ignore one’s mission when the time and place are give

Ubuntu Security Notice 4706-1 - Olle Segerdahl found that ceph-mon and ceph-mgr daemons did not properly restrict access, resulting in gaining access to unauthorized resources. An authenticated user could use this vulnerability to modify the configuration and possibly conduct further attacks. Adam Mohammed found that Ceph Object Gateway was vulnerable to HTTP header injection via a CORS ExposeHeader tag. An attacker could use this to gain access or cause a crash. Various other issues were also addressed. from Packet Storm https://ift.tt/3prKdud

Ubuntu Security Notice 4707-1 - It was discovered that TCMU lacked a check for transport-layer restrictions, allowing remote attackers to read or write files via directory traversal in an XCOPY request. from Packet Storm https://ift.tt/39sqOUK

Chamilo LMS version 1.11.14 suffers from a cross site scripting vulnerability. from Packet Storm https://ift.tt/2Ylg3wO

Ubuntu Security Notice 4712-1 - USN-4576-1 fixed a vulnerability in the overlay file system implementation in the Linux kernel. Unfortunately, that fix introduced a regression that could incorrectly deny access to overlay files in some situations. This update fixes the problem. from Packet Storm https://ift.tt/3t5duxm

Ubuntu Security Notice 4713-1 - It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data. from Packet Storm https://ift.tt/3qZZeUF

Ubuntu Security Notice 4711-1 - It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data. Kiyin discovered that the perf subsystem in the Linux kernel did not properly deallocate memory in some situations. A privileged attacker could use this to cause a denial of service. Various other issues were also addressed. from Packet Storm https://ift.tt/39v8tGF

Ubuntu Security Notice 4710-1 - Kiyin discovered that the perf subsystem in the Linux kernel did not properly deallocate memory in some situations. A privileged attacker could use this to cause a denial of service. from Packet Storm https://ift.tt/3osylaj

Red Hat Security Advisory 2021-0290-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.7.0 ESR. Issues addressed include an information leakage vulnerability. from Packet Storm https://ift.tt/2YkBIp9

Red Hat Security Advisory 2021-0289-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.7.0 ESR. Issues addressed include an information leakage vulnerability. from Packet Storm https://ift.tt/2YpQcnw

Red Hat Security Advisory 2021-0288-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.7.0 ESR. Issues addressed include an information leakage vulnerability. from Packet Storm https://ift.tt/3ab9anw

Gentoo Linux Security Advisory 202101-35 - Multiple vulnerabilities have been found in phpMyAdmin, allowing remote attackers to conduct XSS. Versions less than 4.9.6:4.9.6 are affected. from Packet Storm https://ift.tt/3crgIoG

Gentoo Linux Security Advisory 202101-34 - Multiple vulnerabilities have been found in Telegram, the worst of which could result in information disclosure. Versions less than 2.4.4 are affected. from Packet Storm https://ift.tt/3ciJU17

WordPress SuperForms plugin version 4.9 suffers from a remote shell upload vulnerability. from Packet Storm https://ift.tt/3ck2R3F

jQuery UI version 1.12.1 suffers from a denial of service vulnerability. from Packet Storm https://ift.tt/3t307xB

from Packet Storm https://ift.tt/2KWR9AN

from Packet Storm https://ift.tt/36hphP1

from Packet Storm https://ift.tt/3iSSt4f

from Packet Storm https://ift.tt/39qzlYg

When it was first announced, many people were skeptical of the Nintendo DS. Rather than pushing raw power, the unique dual screen handheld was designed to explore new styles of play. Compared to the more traditional handhelds like the Game Boy Advance (GBA) or even Sony’s PlayStation Portable (PSP), the DS seemed like huge gamble for the Japanese gaming giant. But it paid off. The Nintendo DS ended up being one of the most successful gaming platforms of all time, and as [Modern Vintage Gamer] explains in a recent video , at least part of that was due to its surprising graphical prowess. While it was technically inferior to the PSP in almost every way, Nintendo’s decades of experience in pushing the limits of 2D graphics allowed them to squeeze more out of the hardware than many would have thought possible. On one level, the Nintendo DS could be seen as a upgraded GBA. Developers who were already used to the 2D capabilities of that system would feel right at home when they made the sw

Space is hard, especially if you haven’t done it before. A growing number of CubeSats are launched by small, inexperienced teams every year, and a number of them fail due to missing some small but critical hardware or software problem. Researchers from the Robotic Exploration Lab (REx) at Carnegie Melon University have learned some of these lessons the hard way and created PyCubed , an open-source hardware and software framework for future CubeSats. Most satellites, including CubeSats , require the same basic building blocks. These include ADCS (Attitude Determination and Control System), TT&C (telemetry, track, and command), C&DH (command and data handling), and an EPS (electrical power system). Each of these building blocks is integrated into a single PC/104 size PCB. The main microcontroller is an ATSAMD51, also used on a couple of Adafruit dev boards, and runs Circuit Python. Communications are handled by a LoRa radio module, and there is also an unpopulated footprint for

If you want to waste time in a meaningful way, get yourself an hourglass. It’s simultaneously mesmerizing and terrifying to sit there and watch the seconds slip through the threshold that separates possibility from missed opportunity. [Ty and Gig]’s LED hourglass is equally beautiful to watch . It doesn’t actually tell time, but that’s perfectly fine by us. What it does do is animate the LEDs to approximate grains of sand in gravity, no matter how the hourglass is tilted. In either vertical orientation, the sand falls as long as there is some in the top. When the hourglass is horizontal, the LEDs settle just like real sand does. [Ty and Gig] achieved this with a whole lot of code that breaks the animation frames into structure arrays. By contrast, the hardware part of this build is fairly simple: all that’s needed to replicate this build is some RGB LEDs a beefy power supply to drive them, an accelerometer, and a microcontroller. [Ty and Gig] were planning to use an ESP8266, but m

The Goodbye 2020 contest asked you to turn out the lights on an objectively crappy year in an interesting way. Four winners have been announced , and we have to tip the hat to [Becky Stern] for both creativity and execution on the 2020 candle seen above. Three wicks burn the candle down, revealing a metalwork dumpster fire along the way. It’s not just a performance piece but also an interesting look into candle making with 3D printed molds and insight on specifics like pour-temperature for best results. [Becky] entered as a group with a few other YouTube channels that included gags like [TechnoChic’s] knitted 2020 mask that is unraveled to count down the to the end. [Marius Taciuc] spun up a clock to count down his year. The custom PCB uses a set of 7-segment displays to show the time (and some custom messages), along with a battery-backed RTC for precision. The aesthetic is a PC overclocker’s dream as the timepiece lives inside of a mason jar filled with baby oil . You cert