Kritik sah

3D printer owners have for years benefitted from using Octoprint to help manage their machines, and most people run Octoprint on a Raspberry Pi. [Martijn] made it run on his PinePhone instead , which turned out to be a surprisingly good fit for his needs. While [Martijn] was working out exactly what he wanted and taking an inventory of what Raspberry Pi components and accessories it would require, it occurred to him that his PinePhone — an open-source, linux-based mobile phone — would be a good candidate for his needs. It not only runs Linux with a touchscreen and camera, but even provides USB, ethernet, and separate DC power input via a small docking bar. It looked like the PinePhone had it all, and he was right. [Martijn]’s project page gives a walkthrough of the exact steps to get Octoprint up and running, and it even turns out to not be particularly difficult. [Martijn] is no stranger to hacking his PinePhone to do various things; we’ve already seen him add thermal imaging to ...

Pascal is not one of the biggest programming languages these days; it’s fallen into the background as the world moved on to newfangled things like C#, Python and Java. However, the language has its fans, one of whom put together a new compiler which targets retro platforms – and it goes by the name Turbo Rascal. The list of supported platforms is extensive, with Turbo Rascal able to compile highly-optimized binaries for the C64, Amiga 500, BBC Micro, IBM PC, Atari ST, Game Boy, Amstrad, NES, ZX Spectrum, and more. There’s a usable IDE and even an included graphics editor for getting projects put together quickly. Also known by its full name of Turbo Rascal Syntax Error, or TRSE, it’s the work of one [Nicolaas Groeneboom]. The compiler runs on 64-bit Windows, Linux, and OS X, and there are extensive tutorial videos available on YouTube , too. Thus, there’s no excuse not to start developing a new retro game immediately. Check out the demo video below, and remember – as long as we keep...

Hong Kong based [Handy Geng] has a knack for fitting his creations with a large percentage of recycled material. And as is exemplified by the video below the break , he also loves to mix the practical with the whimsical. Using parts salvaged from motor scooters, trash heaps, and likely many other sources, [Handy] has put together a small vehicle that he himself describes as looking like a bar of soap as it slips across the floor. You’ll agree when you see the independent front and rear steering at work, allowing the car’s front and rear to be driven and steered on their own. Crabbing sideways, driving diagonally, and we’re guessing spinning in place are possible. What’s also clear in the video below is that [Handy] is a talented fabricator. While not taking himself too seriously (keep an eye out for the 360° selfie cam!) he clearly takes pride in the work. [Handy]’s workshop and skill set show that at the core, he’s quite serious about his craft. We appreciate the creative use of sc...

A critical element of a good blasting cabinet setup is a vacuum system that can suck out the dust, blasting media, and bits of removed material faster than it collects inside the chamber. A cyclone separator can get the job done, but since it dumps all the waste from the cabinet into one bucket, it can make reusing the blasting material a dirty job. But as [Daniel Bauen] explains in the latest Engineerable video , his two-stage dust collector is able to keep the cabinet clear while separating the used blasting material into its own container. The cheap dust separator only works on large particles. Basically, the idea here is to to use two different cyclone separators: one that’s very effective, and a cheap model that’s only able to remove large particulates. By running the air from the cabinet through the cheap separator first, the used blasting media is captured in a dedicated bucket. From there, the air runs through the high-efficiency separator to extract the finer dust. Final...

Flip dot displays are awesome — too bad it’s so hard to find large panels to play around with, but that’s for another article. [Pierre Muth] has been working to find different and interesting things to do with these flip dots, and he recently explored how you can flip them very very gently . Now you likely remember [Pierre’s] work from earlier this year where he was pushing the speed of the displays as high as possible. Using a capacitor discharge trick he made it to 30 fps , which absolutely stunning work. This time around he attempted to do something equally impressive by micro-stepping the dots. It’s a bonkers idea and unfortunately didn’t work. It seems the dots are engineered for two steady states and you just can’t get very good performance with the in-between states. However, along the way he had an a-ha moment. Part of what he wanted to do with the microstepping was to slow down the change of the state and for that, he just grabbed a viscous fluid that’s thicker than air: Va...

Red Hat Security Advisory 2021-4848-07 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include code execution and denial of service vulnerabilities. from Packet Storm https://ift.tt/3D8Z56M

Laundry Booking Management System version 1.0 suffers from a remote code execution vulnerability. from Packet Storm https://ift.tt/3D7fFEq

The various companies and organisations that supply our community have achieved differing levels of success, with some staying as kitchen-table operations and others reaching the giddy heights of multinational commerce. Perhaps none has risen so far as Raspberry Pi though, as there are reports that the developer of single board computers might be seeking a £400m listing on the London Stock Exchange some time next year. The news is that they have sought the advice of investment bankers over the possibility of a float, seeking to secure further investment to further develop their product portfolio. We’re not investment advisers here at Hackaday so we’re not going to suggest whether or not to bet your shirt on Pi shares, instead our interest lies in what this might mean for their family of products. It’s an inevitable process for any start-up that achieves major success that it will over time progress from being directed by vision to being directed by commerce, and perhaps a listing co...

[Dominic Szablewski] was tinkering around with compressing RGB images, when he stumbled upon idea of how to make a simple lossless compression algorithm, resulting in the Quite OK Image Format , which seems to offer comparable file sizes to the PNG format but is so simple it runs up to 50 times faster for compression and up to four times faster for decompression. Implementation can be achieved with a miniscule 300 lines of C . Need a bit more detail on the real-world performance? Well [Dominic] has that covered too, with a complete set of benchmarks for your perusal. Image formats are one of those things these days that are designed by consortium, with so much complexity wedged in making it hard to implement with limited resources, so we find it very refreshing to see someone going back to basics and producing something super lightweight, and plenty good enough in practical terms. Other uses for the algorithm could be for super simple video compression, for applications where resou...

A few decades ago, palmtop computers were mostly based on MS-DOS, and while many users tried to mimic the UNIX experience, the results were mixed. Fast forward to the present and business-card-sized Linux computers modules abound. Canadian tinkerer [Rune Kyndal] decided to make his own Linux palmtop by sacrificing an old HP-95LX and replacing the guts with a Raspberry Pi Zero and a color LCD screen. We’re impressed with the rich set of features he has crammed into the limited volume of the case: Inside View: Everything fits, barely Raspberry Pi Zero W Color LCD, 4.3 inch, 800×480 w/Backlight Capacitive touch screen (not connected yet) Stereo speakers + microphone Ethernet 10/100 USB 2.0, 2 each RS-232, DE-9 connector microSD card HDMI IR dataport Webcam (TBD) LiPo Battery w/Charger One problem that any palmtop faces is how to make a usable keyboard, and HP had one of the better designs. The keys are the same famous style as used in HP calculators. And while no h...

There’s a lot of opinions and theories around the storing and drying of 3D printing materials. Some people are absolutely convinced you must bake filament if it been stored outside an airtight bag, even for a few days. Some others have ‘never had a problem.’ So it’s about time someone in the know has done some testing to try to pin down the answer to the question we’re all asking; How bad is wet filament really ? [Thomas Sanladerer] setup a simple experiment, using samples of three common types of filament, specifically PLA, PET-G and ASA. He stored the samples in three environments, on his desk, outside in the garden, and finally submerged in water for a full week. What followed was a whole lot of printing, but they all did print. Different filaments will absorb water at different rates, depending upon their chemical composition and the environment, nylon being apparently particularly fond of a good soaking. It would seem that the most obvious print defect that occurs with increa...

Most makerspaces and hackerspaces have one night per week or month where the ‘space is open to the public in order to entice new people into joining up. Whereas most members just write their name in Sharpie on a piece of masking tape, [Madison] wanted to do something extra . And what better way to get people interested in your ‘space than by wearing something useful that came out of it? The badge runs on an ATtiny45 and uses three 8×8 ultra-bright LED matrices for scrolling [Madison]’s name. It’s powered by a tiny LiPo battery that is boosted to 5 V. This build really shows off a number of skills, especially design. We love the look of this badge, from the pink silkscreen to the the typography. One of the hardest things about design is finding fonts that work well together, and we think [Madison] chose wisely. Be sure to check it out in action after the break. Custom name badges are a great way to start conversations no matter where you go. Here’s one that uses EL wire and LEDs that...

OpenStego is a tool implemented in Java for generic steganography, with support for password-based encryption of the data. It supports plugins for various steganographic algorithms (currently, only Least Significant Bit algorithm is supported for images). from Packet Storm https://ift.tt/3d0qYn7

Red Hat Security Advisory 2021-4845-05 - Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. Issues addressed include a code execution vulnerability. from Packet Storm https://ift.tt/3d2DC4U

Join us on Wednesday, December 1 at noon Pacific for the OpenCV Hack Chat with Brandon Gilles! A lot of what we take for granted these days existed only in the realm of science fiction not all that long ago. And perhaps nowhere is this more true than in the field of machine vision. The little bounding box that pops up around everyone’s face when you go to take a picture with your cell phone is a perfect example; it seems so trivial now, but just think about what’s involved in putting that little yellow box on the screen, and how it would not have been plausible just 20 years ago. Perhaps even more exciting than the development of computer vision systems is their accessibility to anyone thanks to open source efforts like OpenCV. Couple with ever-more powerful and affordable platforms and easily available cameras, OpenCV has launched thousands of exciting projects using computer vision. To help us along the road to incorporating machine vision into our projects, Brandon Gilles will ...

The Starlink beta has semi-officially ended, but it seems as though the global chip shortage is still limiting how many satellites are flying around the world for broadband internet access for those that might not be served by traditional ISPs. Not every location around the world has coverage even if you can get signed up, so to check that status the hard way you can always build a special antenna that tracks the Starlink beacons as they pass overhead . [Derek] is using this project to show of some of his software-defined radio skills, so this will require an SDR that can receive in the 1600 MHz range. It also requires a power injector to power the satellite receiver, but these are common enough since they are used to power TV antennas. The signals coming from the Starlink satellites have a very high signal-to-noise ratio so [Derek] didn’t even need a dish to focus the signals. This also helped because the antenna he is using was able to see a much wider area as a result. Once everyt...

Red Hat Security Advisory 2021-4844-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. from Packet Storm https://ift.tt/3xApQ34

Orangescrum version 1.8.0 suffers from a privilege escalation vulnerability. from Packet Storm https://ift.tt/3E5p7cL

Orangescrum version 1.8.0 suffers from multiple remote SQL injection vulnerabilities. from Packet Storm https://ift.tt/3p4haOA

Orangescrum version 1.8.0 suffers from reflective and persistent cross site scripting vulnerabilities. from Packet Storm https://ift.tt/32zaMHq

Red Hat Security Advisory 2021-4843-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. from Packet Storm https://ift.tt/3o4uD9H

Opencart version 3.0.3.8 suffers from a session injection vulnerability. from Packet Storm https://ift.tt/3FXhdlZ

This document aims at explaining some recent vulnerabilities in Apache HTTP Server that leads to attacks like path traversal and remote code execution. from Packet Storm https://ift.tt/3FXh8yH

This whitepaper provides an overview of a Polkit authentication bypass vulnerability that allows for local privilege escalation. from Packet Storm https://ift.tt/3d2Kr6x

Red Hat Security Advisory 2021-4833-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.9. Issues addressed include a bypass vulnerability. from Packet Storm https://ift.tt/31enQkL

Nextar C472 POS suffers from a dll hijacking vulnerability. from Packet Storm https://ift.tt/3o68Nm8

History is full of stories about technology that makes sense to the designer but doesn’t really fit the needs of the users. Take cake mixes. In 1929, a man named Duff realized that he could capitalize on surplus flour and molasses and created a cake mix. You simply added water to the dry mix and baked it to create a delicious cake. After World War II General Mills and Pillsbury also wanted to sell more flour so they started making cakes. But sales leveled out. A psychologist who was a pioneer in focus groups named Dichter had the answer: bakers didn’t feel like they were contributing to the creation of the cake. To get more emotional investment, the cake mixes would need to have real eggs added in. Actually, Duff had noticed the same thing in his 1933 patent . It is easy to imagine a bunch of food… scientists? Engineers? Designers?… whatever a person inventing flour mixes in the 1930s was called… sitting around thinking that making a mix that only requires water is a great thing. But...

from Packet Storm https://ift.tt/31c681F

from Packet Storm https://ift.tt/3o4LnOa

from Packet Storm https://ift.tt/3rgKK6c

from Packet Storm https://ift.tt/3o5zcRo

[Atomic14] bought some wireless LEDs that receive power from a base station. They were very neatly packaged, but — we like it — he took one apart and made his own versions . They may not look as polished, but they work and they are undeniably cool. The LEDs work by receiving power from an induction coil. Once you have power, lighting up an LED is no big deal. Reverse engineering found the transmitter sends 217 kHz into a 2.2 mH inductor. A capacitor resonates the coil and drives the attached LED. Some experiments found that the circuit could supply about 2 mA -3 mA of current. [Atomic14] used two LEDs to get work out of each half of the AC waveform. He also dissects the transmitter, so you could roll your own there, too. What would you do with a wireless LED? Maybe lighting in a model display or a checkerboard? We wondered if you could use two or more power frequencies to signal (for example, 200 kHz lights a red LED but 250 kHz lights a green one)? The original transmitter was fi...

For a few years now it’s been an open secret that Prusa Research was working on a larger printer named, imaginatively enough, the Prusa XL. Positioned at the opposite end of their product spectrum from the wildly popular Prusa Mini, this upper-tier machine would be for serious hobbyists or small companies that need to print single-part objects that were too large for their flagship i3 MK3S+ printer. Unfortunately, the global COVID-19 pandemic made it difficult for the Czech company to focus on bringing a new product to market, to the point that some had begun to wonder if we’d ever see this mythical machine. But now, finally, the wait is over. Or perhaps, it’s just beginning. That’s because while Prusa Research has officially announced their new XL model and opened preorders for the $1,999+ USD printer, it’s not expected to ship until at least the second quarter of 2022. That’s already a pretty substantial lead time, but given Prusa’s track record when it comes to product launches, ...

Earlier this Fall, a Samsung warehouse in South Africa was robbed and the thieves got away with a quantity of smart televisions. Samsung proceeded to implement a little-known feature called “TV Block” which is installed on all of their TV products. The serial numbers of the stolen TV sets are flagged in their servers, and if one of these sets tries to connect the internet in the future, it will recognize that it is stolen and proceed to brick itself, disabling all television functionality. So while this real-life scenario makes sense, it is a bit alarming to realize the implication of such a feature — the manufacturer can reach into your TV and disable it from afar. One can assume that Samsung won’t abuse this capability, because acting otherwise would harm their reputation. In a press release, Samsung announced in a press release that any consumers whose sets were incorrectly bricked can have their sets un-bricked after demonstrating proper ownership. Despite such good intentions...

After an electronic IoT device has been deployed into the world, it may be necessary to reprogram or update it. But if physical access to the device (or devices) is troublesome or no longer possible, that’s a problem. OTA updates allow a device to download new firmware, install it, and reboot itself into the new version. Convenient? Yes. Secure? It definitely needs to be. Fortunately, over-the-air (OTA) firmware updates are a thing, allowing embedded devices to be reprogrammed over their wireless data connection instead of with a physical hardware device. Security is of course a concern, and thankfully [Refik] explains how to set up a basic framework so that ESP32 OTA updates can happen securely , allowing one to deploy devices and still push OTA updates in confidence. [Refik] begins by setting up a web server using Ubuntu Linux, and sets up HTTPS using a free SSL certificate from Let’s Encrypt , but a self-signed SSL certificate is also an option. Once that is done, the necessar...