Links
-
Recent Posts
Recent Comments
Archives
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- October 2019
- September 2019
- August 2019
- July 2019
- June 2019
- May 2019
- April 2019
- March 2019
- February 2019
- January 2019
- December 2018
- November 2018
- October 2018
- September 2018
- August 2018
- July 2018
- June 2018
- May 2018
- April 2018
- March 2018
- February 2018
- January 2018
- December 2017
- November 2017
- October 2017
- September 2017
- August 2017
- July 2017
- June 2017
- May 2017
- April 2017
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- September 2016
Meta
Category Archives: news
This Week in Security: F5, Novel Ransomware, Freta, and Database Woes
The big story of the last week is a problem in F5’s BIG-IP devices. A rather trivial path traversal vulnerability allows an unauthenticated user to call endpoints that are intended to be restricted to authenticated. That attack can apparently be as simple as:
A full exploit has been added to …read more
Bridge Over Trebled Water: How the Golden Gate Bridge Started to Sing
Throughout the spring, some Bay Area residents from Marin County to the Presidio noticed a sustained, unplaceable high-pitched tone. In early June, the sound reached a new peak volume, and recordings of the eerie noise spread across Twitter and Facebook. Soon after, The Golden Gate Bridge, Highway, & Transportation District, …read more
Posted in Engineering, Featured, Golden Gate Bridge, moaning, news, Original Art, railing, singing, whistling, wind tunnel
Leave a comment
This Week in Security: Palo Alto Scores a 10, Cursed Images, VM Escapes, and Malicious Music
We’ve looked at many vulnerabilities over the years here on Hackaday, but it’s rather rare for a CVE to score a perfect 10 severity. This is reserved for the most severe and exploitable of problems. Palo Alto announced such a vulnerability, CVE-2020-2021, on the 29th. This vulnerability affects Palo Alto …read more
Posted in CVE, news, This Week in Security, vmware
Leave a comment
Your Own Open Source ASIC: SkyWater-PDF Plans First 130 nm Wafer in 2020
You might have caught Maya Posch’s article about the first open-source ASIC tools from Google and SkyWater Technology. It envisions increased access to make custom chips — Application Specific Integrated Circuits — designed using open-source tools, and made real through existing chip fabrication facilities. My first thought? How much does …read more
Posted in 130 nm, ASIC, custom chip, custom silicon, fpga, Hackaday Columns, news, open source, skywater
Leave a comment
Updating the Language of SPI Pin Labels to Remove Casual References to Slavery
This morning the Open Source Hardware Association (OSHWA) announced a resolution for changing the way SPI (Serial Peripheral Interface) pins are labelled on hardware and in datasheets. The protocol originally included MOSI/MISO references that stand for “Master Out, Slave In” and “Master In, Slave Out”. Some companies and individuals have …read more
Posted in CIPO, COPI, Featured, language, Microcontrollers, MISO, MOSI, news, OSHWA, sdi, SDO, spi, terminology
Leave a comment
Ask Hackaday: What Can Be Done with Your Bootlooping Blu-Ray?
Last Friday, thousands of owners of Samsung Blu Ray players found that their home entertainment devices would no longer boot up. While devices getting stuck in a power-cycling loop is not uncommon, this case stands out as it affected a huge range of devices all at the same time. Samsung’s …read more
Posted in Ask Hackaday, blu-ray, certificate, news, samsung, ssl, ssl certificate
Leave a comment
This Week in Security: Bitdefender, Ripple20, Starbucks, and Pwned Passwords
[Wladimir Palant] seems to be on a one man crusade against security problems in security software. The name may not be immediately recognizable, but among his other infamies is originating Adblock Plus, which we have a love-hate relationship with. (Look, surf the net with an adblocker, but disable it for …read more
Smartglove Helps Cyclists Be Seen
Cyclists share the road with other vehicles, often leading to problems when drivers fail to see or respect the rider’s space. To try and alleviate these issues, [Matlek] built the Smartglove to help cyclists communicate their intentions to other road users.
The project consists of a glove fitted with an …read more
Posted in news
Leave a comment
This Week in Security: HaveIBeenPwned And Facebook Attack Their Customers
We’re fans of haveibeenpwned.com around here, but a weird story came across my proverbial desk this week — [Troy Hunt] wrote a malicious SQL injection into one of their emails! That attack string was a simple ';--
Wait, doesn’t that look familiar? You remember the header on the haveibeenpwned web …read more
Copy and Paste Deemed Insecure
Back when Windows NT was king, Microsoft was able to claim that it met the strict “Orange Book” C2 security certification. The catch? Don’t install networking and remove the floppy drives. Turns out most of the things you want to do with your computer are the very things that are …read more
Posted in chrome, clipboard, cut and paste, cybersecurity, firefox, news, security, security hacks, vulnerability, xss
Leave a comment