2025-12-13 05:00:05
Typically, if you happened across a walnut lying about, you might consider eating it or throwing it to a friendly squirrel. However, as [Penguin DIY] demonstrates, it’s perfectly possible to turn the humble nut into a clandestine surveillance device. It turns out the walnut worriers were right all along.
The build starts by splitting and hollowing out the walnut. From there, small holes are machined into the mating faces of the walnut, into which [Penguin DIY] glues small neodymium magnets. These allow the walnut to be opened and snapped shut as desired, while remaining indistinguishable from a regular walnut at a distance.
The walnut shell is loaded with nine tiny lithium-polymer cells, for a total of 270 mAh of battery capacity at 3.7 volts. Charging the cells is achieved via a deadbugged TP4056 charge module to save space, with power supplied via a USB C port. Holes are machined in the walnut shell for the USB C port as well as the camera lens, though one imagines the former could have been hidden purely inside for a stealthier look. The camera itself appears to be an all-in-one module with a transmitter built in, with the antenna installed in the top half of the walnut shell and connected via pogo pins. The video signal can be picked up at a distance via a receiver hooked up to a smart phone. No word on longevity, but the included batteries would probably provide an hour or two of transmission over short ranges if you’re lucky.
If you have a walnut tree in your backyard, please do not email us about your conspiracy theories that they are watching you. We get those more than you might think, and they are always upsetting to read. If, however, you’re interested in surveillance devices, we’ve featured projects built for detecting them before with varying levels of success. Video after the break.
2025-12-13 03:30:58
We all know that you can play DOOM on nearly anything, but what about the lesser known work being done to let other species get in on the action? For ages now, our rodent friends haven’t been able to play the 1993 masterpiece, but [Viktor Tóth] and colleagues have been working hard to fix this unfortunate oversight.
If you’ve got the feeling this isn’t the first time you’ve read about rats attempting to slay demons, it’s probably because [Victor] has been working on this mission for years now — with a previous attempt succeeding in allowing rats to navigate the DOOM landscape. Getting the rodents to actually play through the game properly has proved slightly more difficult, however.
Improving on the previous attempt, V2 has the capability to allow rats to traverse through levels, be immersed in the virtual world with a panoramic screen, and take out enemies. Rewards are given to successful behaviors in the form of sugar water through a solenoid powered dispenser.
While this current system looks promising, the rats haven’t gotten too far though the game due to time constraints. But they’ve managed to travel through the levels and shoot, which is still pretty impressive for rodents.
DOOM has been an indicator of just how far we can take technology for decades. While this particular project has taken the meme into a slightly different direction, there are always surprises. You can even play DOOM in KiCad when you’re tired of using it to design PCBs.
2025-12-13 02:00:10
The choice of a good keyboard is something which consumes a lot of time for many Hackaday readers, judging by the number of custom input device projects which make it to these pages. I live by my keyboard as a writer, but I have to admit that I’ve never joined in on the special keyboard front; for me it’s been a peripheral rather than an obsession. But I’m hard on keyboards, I type enough that I wear them out. For the last five years my Hackaday articles have come via a USB Thinkpad keyboard complete with the little red stick pointing device, but its keys have started parting company with their switches so it’s time for a replacement.
For a non keyboard savant peering over the edge, this can be a confusing choice. There’s much obsessing about different types of mechanical switch, and for some reason I can’t quite fathom, an unreasonable number of LEDs.
I don’t want my keyboard to look like the Blackpool Illuminations (translation for Americans: Las Vegas strip), I just want to type on the damn thing. More to the point, many of these “special” keyboards carry prices out of proportion to their utility, and it’s hard to escape the feeling that like the thousand quid stereo the spotty kid puts in his Opel Corsa, you’re being asked to pay just for bragging rights.
Narrowing down my needs then, I don’t need any gimmicks, I just need a small footprint keyboard that’s mechanically robust enough to survive years of my bashing out Hackaday articles on it. I’m prepared to pay good money for that.
The ‘board I settled upon is probably one of the most unglamorous decent quality keyboards on the market. The Cherry G84-4100 is sold to people in industry who need a keyboard that fits in a small space, and I’ve used one to the deafening roar of a cooling system in a data centre rack. It’s promising territory for a Hackaday scribe. I ordered mine from the Cherry website, and it cost me just under £70 (about $93), with the postage being extra. It’s available with a range of different keymaps, and I ordered the UK one. In due course the package arrived, a slim cardboard box devoid of consumer branding, inside of which was the keyboard, a USB-to-PS/2 adaptor, and a folded paper manual. I’m using it on a USB machine so the adaptor went in my hoard, but I’m pleased to be able to use this with older machines when necessary.
For my money, I got a keyboard described as “compact”, or 75%. It’s 282 by 132 by 26 mm in size, which means it takes up a little less space than the Thinkpad one it replaces, something of a win to my mind. It doesn’t have a numeric keypad, but I don’t need that. The switches are Cherry mechanical ones rather than the knock-offs you’ll find on so many competitors, and they have something of the mechanical sound but not the racket of an IBM buckled spring key switch. Cherry claim they’re good for 20 million activations, so even I shouldn’t wear them out.
The keymap is of course the standard UK one I’m used to, but what makes or breaks a ‘board like this one is how they arrange the other keys. I really like that their control key is in the bottom left hand corner rather than as in so many others, the function key, but I am taking a little while to get used to the insert and delete keys being to the left of the arrow keys in the bottom right hand corner. Otherwise my muscle memory isn’t being taxed too much by it.
There are a couple of little feet at the back underneath that can be flipped up to raise the ‘board at an angle. Since after years of typing the heel of my hand becomes inflamed if I rest it on the surface I elevate my wrist by about an inch with a rest, thus I use the keyboard tilt. I’ve been typing with the Cherry for a few weeks now, and it remains comfortable.
The Cherry G84-4100 then. It’s not a “special” keyboard in any way, in fact its about as utilitarian as it gets in a peripheral. But for me a keyboard is a tool, and just like my Vernier caliper or my screwdrivers I demand that it does its job repeatably and flawlessly for many years to come. So its unglamorous nature is its strength, because I’ve paid for the engineering which underlies it rather than the bells and whistles that adorn some others. Without realising it you’ll be seeing a lot of this peripheral in my work over the coming years.
2025-12-13 01:00:53
Hackaday Editors Elliot Williams and Al Williams met up to cover the best of Hackaday this week, and they want you to listen in. There were a hodgepodge of hacks this week, ranging from home automation with RF, volumetric displays in glass, and some crazy clocks, too.
Ever see a typewriter that uses an ink pen? Elliot and Al hadn’t either. Want time on a supercomputer? It isn’t free, but it is pretty cheap these days. Finally, the guys discussed how to focus on a project like Dan Maloney, who finally got a 3D printer, and talked about Maya Posch’s take on LLM intelligence.
Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!
Download the human-generated podcast in mostly mono, but sometimes stereo, MP3.
2025-12-13 00:00:00
The Landel Mailbug was a weird little thing. It combined a keyboard and a simple text display, and was intended to be a low-distraction method for checking your email. [CiferTech] decided to repurpose it, though, turning it into an AI console instead.
The first job was to crack the device open and figure out how to interface with the keyboard. The design was conventional, so reading the rows and columns of the key matrix was a cinch. [CiferTech] used PCF8574 IO expanders to make it easy to read the matrix with an ESP32 microcontroller over I2C. The ESP32 is paired with a small audio output module to allow it to run a text-to-speech system, and a character display to replace the original from the Mailbug itself. It uses its WiFi connection to query the ChatGPT API. Thus, when the user enters a query, the ESP32 runs it by ChatGPT, and then displays the output on the screen while also speaking it aloud.
[CiferTech] notes the build was inspired by AI terminals in retro movies, though we’re not sure what specifically it might be referencing. In any case, it does look retro and it does let you speak to a computer being, of a sort, so the job has been done. Overall, though, the build shows that you can build something clean and functional just by reusing and interfacing a well-built commercial product.
2025-12-12 23:00:08
Microsoft has published a patch-set for the Linux kernel, proposing the Hornet Linux Security Module (LSM). If you haven’t been keeping up with the kernel contributor scoreboard, Microsoft is #11 at time of writing and that might surprise you. The reality is that Microsoft’s biggest source of revenue is their cloud offering, and Azure is over half Linux, so Microsoft really is incentivized to make Linux better.
The Hornet LSM is all about more secure eBPF programs, which requires another aside: What is eBPF? First implemented in the Berkeley Packet Filter, it’s a virtual machine in the kernel, that allows executing programs in kernel space. It was quickly realized that this ability to run a script in kernel space was useful for far more than just filtering packets, and the extended Berkeley Packet Filter was born. eBPF is now used for load balancing, system auditing, security and intrusion detection, and lots more.
This unique ability to load scripts from user space into kernel space has made eBPF useful for malware and spyware applications, too. There is already a signature scheme to restrict eBPF programs, but Hornet allows for stricter checks and auditing. The patch is considered a Request For Comments (RFC), and points out that this existing protection may be subject to Time Of Check / Time Of Use (TOCTOU) attacks. It remains to be seen whether Hornet passes muster and lands in the upstream kernel.
Linux obviously isn’t the only ongoing concern for Microsoft, and it’s the time of month to talk about patch Tuesday. There are 57 fixes that are considered vulnerabilities, and additional changes that are just classified internally as bug fixes. There were three of those vulnerabilities that were publicly known before the fix, and one of those was known to be actively used in attacks in the wild.
CVE-2025-62221 was an escalation of privilege flaw in the Windows Cloud Files Mini Filter Driver. In Windows, a minifilter is a kernel driver that attach to the file system software, to monitor or modify file operations. This flaw was a use-after-free that allowed a lesser-privileged attacker to gain SYSTEM privileges.
Researchers at Wiz found an active exploitation campaign that uses CVE-2025-8110, a previously unknown vulnerability in Gogs. The GO Git Service, hence the name, is a self-hosted GitHub/GitLab alternative written in Go. It’s reasonably popular, with 1,400 of them exposed to the Internet.
The vulnerability was a bypass of CVE-2024-55947, a path traversal vulnerability that allowed a malicious user to upload files to arbitrary locations. That was fixed with Gogs 0.13.1, but the fix failed to account for symbolic links (symlinks). Namely, as far as the git protocol is concerned, symlinks are completely legal. The path traversal checking doesn’t check for symlinks during normal git access, so a symlink pointing outside the repository can easily be created. And then the HTTPS file API can be used to upload a file to that symlink, again allowing for arbitrary writes.
The active exploitation on this vulnerability is particularly widespread. Of the 1400 Gogs instances on the Internet, over 700 show signs of compromise, in the form of new repositories with randomized names. It’s possible that even more instances have been compromised, and the signs have been covered. The attack added a symlink to .git/config, and then overwriting that file with a new config that defines the sshCommand setting. After exploitation, a Supershell malware was installed, establishing ongoing remote control.
The most troubling element of this story is that the vulnerability was first discovered in the wild back in July and was reported to the Gogs project at that time. As of December 11, the vulnerability has not been fixed or acknowledged. After five months of exploitation without a patch, it seems time to acknowledge that Gogs is effectively unmaintained. There are a couple of active forks that don’t seem to be vulnerable to this attack; time to migrate.
There’s an old story I always considered apocryphal, that data could be extracted from the blinking lights of network equipment, leading to a few ISPs to boast that they covered all their LEDs with tape for security. While there may have been a bit of truth to that idea, it definitely served as inspiration for [Damien Cauquil] at Quarkslab, reverse engineering a very cheap smart watch.
The watches were €11.99 last Christmas, and a price point that cheap tickles the curiosity of nearly any hacker. What’s on the inside? What does the firmware look like? The micro-controller was by the JieLi brand, and it’s a bit obscure, with no good way to pull the firmware back off. With no leads there, [Damien] turned to the Android app and the Bluetooth Low Energy connection. One of the functions of the app is uploading custom watch dials. Which of course had to be tested by creating a custom watch face featuring a certain Rick Astley.
But those custom watch faces have a quirk. The format internally uses byte offsets, and the watch doesn’t check for that offset to be out of bounds. A ridiculous scheme was concocted to abuse this memory leak to push firmware bytes out as pixel data. It took a Raspberry Pi Pico sniffing the SPI bus to actually recover those bytes, but it worked! Quite the epic hack.
Libpng has an out of bounds read vulnerability, that was just fixed in 1.6.52. What’s weird about this one is that the vulnerability is can be triggered by completely legitimate PNG images. The good news is that is vulnerability only effects the simplified API, so not every user of libpng is in the blast radius.
And finally, Google has pushed out an out-of-band update to Chrome, fixing a vulnerability that is being exploited in the wild. The Hacker News managed to connect the bug ID to a pull request in the LibANGLE library, a translation layer between OpenGL US calls into Direct3D, Vulkan, and Metal. The details there suggests the flaw is limited to the macOS platform, as the fix is in the metal renderer. Regardless, time to update!
