Monthly Archives: April 2021

Over-Designed Model Paint Shaker

An over-designed and useless agitator for Testors enamel bottles

…An otherwise useless exercise in rapid prototyping.

Continue reading
Posted in DIY, Electronics, General, Objects | Leave a comment

Toys for my Escape Velocity Itch

Printed and painted Kestrel and Lightning models on a PowerBook 5,4

I had my regularly-scheduled itch to play Escape Velocity or one of its successors and/or clones the other week, and decided to play the real thing this time since I did a lap on Endless Sky not too long ago, and NAEV still doesn’t quite grab me.

I’m now most of the way through a game of EV (under emulation in Basilisk II), and …impulse bought a cheap 2004 15″ Aluminum PowerBook G4 (a 5,4) off the internet after a crash ate a save file. I have good coverage of Apple 1984-1994 in my collection (in the form of bulky desktops with CRTs), and x86 OS X is pretty easy to run in a VM, but I have a hole in the late PPC era. That machine will hopefully eventually also get its own post as I finish fixing it up, it’s not in perfect condition but it auctioned below prevailing when I was looking, and seems to be acceptable.

While I was looking into the player communities (…because it’s become very hard to set up a working install of EV Nova recently, and I can’t find a backup of my registered copy) I discovered that a couple months ago some wonderful person (slurked on thingiverse/quarmus on reddit) made and shared 3D models of the Kestrel and Lightning ships from the original EV.

…So the little Mac-user child of the 90s in me promptly headed down to the basement to print a Kestrel and a pair of Lightnings.

I gave them a quick sand to take the worst print artifacts off and sprayed them down with a couple coats of gray Krylon Fusion, which gave a decent base coat. I needed to do a little (bad) detail painting on the Lightnings, and the acrylics I have around didn’t stick well to the spraypaint, so I dug out my decades-old Testor model enamel set. Eventually they were shaken and stirred enough to get the job done; in another post post, an absurd over-engineered shaker that didn’t really solve the problem.

EV is still one of my favorite games, though I think Endless Sky’s implementation of the formula is actually significantly better for a modern player without the memories, especially now that Ambrosia is defunct and the hacks around registering Nova seem to not be working.

Posted in Computers, DIY, Entertainment, General, Objects | Leave a comment

DigitalOcean Says Customer Billing Data ‘Exposed’ by a Security Flaw

Source: Slashdot

Article note: Well that's not ideal.

DigitalOcean has emailed customers warning of a data breach involving customers' billing data, TechCrunch has learned. From the report: The cloud infrastructure giant told customers in an email on Wednesday, obtained by TechCrunch, that it has "confirmed an unauthorized exposure of details associated with the billing profile on your DigitalOcean account." The company said the person "gained access to some of your billing account details through a flaw that has been fixed" over a two-week window between April 9 and April 22. The email said customer billing names and addresses were accessed, as well as the last four digits of the payment card, its expiry date, and the name of the card-issuing bank. The company said that customers' DigitalOcean accounts were "not accessed," and passwords and account tokens were "not involved" in this breach. "To be extra careful, we have implemented additional security monitoring on your account. We are expanding our security measures to reduce the likelihood of this kind of flaw occuring [sic] in the future," the email said.

Read more of this story at Slashdot.

Posted in News | Leave a comment

UMN CS&E Statement on Linux Kernel Research

Source: Hacker News

Article note: This is a good statement. No one is being thrown under the bus, but they're acknowledging and getting ahead of the problem.
Posted in News | Leave a comment

In epic hack, Signal developer turns the tables on forensics firm Cellebrite

Source: Ars Technica

Article note: This is beautiful.
In epic hack, Signal developer turns the tables on forensics firm Cellebrite

Enlarge (credit: Moxie Marlinspike/Signal)

For years, Israeli digital forensics firm Cellebrite has helped governments and police around the world break into confiscated mobile phones, mostly by exploiting vulnerabilities that went overlooked by device manufacturers. Now, Moxie Marlinspike—the brainchild behind the Signal messaging app—has turned the tables.

On Wednesday, Marlinspike published a post that reported vulnerabilities in Cellebrite software that allowed him to execute malicious code on the Windows computer used to analyze a device. The researcher and software engineer exploited the vulnerabilities by loading specially formatted files that can be embedded into any app installed on the device.

Virtually no limits

“There are virtually no limits on the code that can be executed,” Marlinspike wrote.

Read 12 remaining paragraphs | Comments

Posted in News | Leave a comment

An unvaccinated worker set off an outbreak at a U.S. nursing home where most residents were immunized.

Source: NYT > Health

Article note: Well fuck. Bunch of confirmed transmission to vaccinated people, including at least one symptomatic case. This means things won't be fully settling unless our vaccination rates are much higher than is reasonable to expect.

New infections of inoculated residents are occurring, signaling the need to maintain safety measures, C.D.C. studies show.

Posted in News | Leave a comment

Hacking an Air Assist for the Ortur Laser

Source: Hack a Day

Article note: I've been wondering if you could get away with an aquarium air pump as a laser air assist for a while; apparently yes. I recently ordered some luer-lock tubing, fittings, and tips to try for setting up air and/or low-volume fluid on my CNC router.

Getting great results from a laser cutter takes a bit of effort to make sure all of the settings are just right. But even then, if the air between the material and the laser source is full of smoke and debris it will interfere with the laser beam and throw off the results. The solution is to add air assist which continuously clears that area.

Earlier this year I bought an Ortur laser engraver/cutter and have been hacking on it to improve the stock capabilities. last month I talked about putting a board under the machine and making the laser move up and down easily. But I still didn’t have an air assist. Since then I found a great way to add it that will work for many laser cutter setups.

I didn’t design any of these modifications, but I did alter them to fit my particular circumstances. You can find my very simple modifications to other designs on Thingiverse. You’ll also find links to the original designs and you’ll need them for extra parts and instructions, too. It is great to be able to start with work from talented people and build on each other’s ideas.

A Breath of Fresh Air

By the end of the last post, I had installed an air assist system but cut the air hose off of it because I never did get around to boiling some water to bend the air tube. However, it did let me move the laser head up and down easily, which is very useful.

This wasn’t the first air assist design I’d tried. If you look at Thingiverse, there are many different takes on this. Some have 3D printed nozzles that take an air needle or a 3D printer nozzle. Some just direct fan air at the part.

I found some just didn’t fit or didn’t work well. Others would interfere with the X stop or interfere with the Z motion of the laser which, admittedly, wouldn’t have been a problem on a stock machine. One of the designs had a custom top plate for the laser that had a little hose guide and even though I didn’t keep that air assist project, I didn’t remove the custom top plate and that turned out to be lucky, as you’ll see.

I had really been interested in putting an air assist on ever since I saw [DIY3DTech’s] video on how it improved cutting. I had even bought a small air pump for the purpose before the laser even arrived, but it mostly sat, unused, for lack of a good way to direct the air.

The Solution

Finally, I found [DIY3DTech’s] design that is very quick and simple to print. A bracket circles the laser head and mounts a small tube holder. You can adjust the angle and a 3D printer nozzle is wedged into the end of the tube. It is a simple design, but very adjustable.

The air assist bracket is held with tape.

Of course, there’s one small problem. If your laser head doesn’t move, the bracket is no problem. But if you can slide the laser up and down, the bracket needs to clear the big acorn nuts that hold the laser to the X carriage.

At first, I tried putting some washers to move the laser body away from the housing, but that didn’t seem like a great idea — I worried it might not be very stable if there were too many washers and I would have had to fish up some longer bolts. Instead, I did some surgery on the bracket and cut away the offending part, leaving it shaped like a U with the sides about 3cm long. Of course, that removed the fixing screw and made it not grip very well. However, a little double-stick tape nicely holds it on. You could probably also use some hot glue.

You can see the 0.8mm M6 nozzle from a 3D printer directing air at this cut.

A nylon bolt — which could probably be shorter — holds the black hose module to the white bracket. It also grips the tube, so don’t tighten it all the way or you’ll pinch the airflow off. A nylon nut locks it in place. Placing the nozzle in the tube is a bit of a challenge. You might heat the hose a little, but I didn’t. I just used needlenose pliers to stretch the tube in both directions and threaded the nozzle into the widened tube. I didn’t seal it, but a blob of hot glue or silicone might be a good idea.

The only other part of the air assist isn’t strictly necessary. I had a top plate from another air assist attempt still mounted to the laser and it had a little feed tube for the air hose that works well with this design, so I kept it. It keeps the hose lined up nicely and you can also bundle the hose with the rest of the wires if you want to keep it from flopping around everywhere.

Does it Work?

Magnified view of test cut.

Does it work? It does! Cutting out thin plywood takes only a few passes now and seems to make cleaner cuts. The accompanying picture shows a small test piece on 2mm plywood. Using 2 passes of the laser cut the outline perfectly and — looking close up — it appears I could even cut the engraving power down. Without magnifying it, though, it looks fine.

By the way, these cuts were with what Ortur calls a 15 W laser and using the standard lens. Keep in mind, though, the 15W number is the input power. The actual output power is probably just north of 4W.

Another side effect of the air blowing from the right? You can see all the smoke now hangs to the left side of the machine.


The top plate isn’t necessary but helps with managing the hose.

Speaking of smoke, you do need ventilation and that’s one thing I’m not finished working on. I’m still trying to figure out exactly what I want to do. A vent hood or an enclosure with an exhaust seems ideal but a pain to set up. For now, I have an open window with a dual window fan set to blow out.

Wood doesn’t smell too bad, but leather does. I understand, too, that some glue in plywood and some tanning chemicals in leather produce very nasty fumes, so this is one downside to these machines. If you think printing ABS smells, you aren’t going to enjoy an open laser cutter very much.

For now, though, I’m pretty satisfied with the results this modest machine can provide. If you really need a laser cutter for commercial purposes, you are probably going to look elsewhere. But if you want to spend about what a fair 3D printer costs and add a lot of capability to your workshop, you could do worse than one of these inexpensive engravers.

Posted in News | Leave a comment

“They introduce kernel bugs on purpose”

Source: Hacker News

Article note: ...Some shitheads at UMN are apparently fuzzing the Linux kernel development process, and pretending to be using a wonky analysis tool when caught. After they previously got caught doing a slightly less egregious version of the same thing. And got the whole university banned from kernel commits.
Posted in News | Leave a comment

The fake innovation of gig companies

Source: The Week: Most Recent Home Page Posts

Article note: It's sort of staggering how much of the economy, especially the tech sector, is absolutely valueless rent-seeking.

Over the last several months, Americans have heard hundreds of stories about the horrible working conditions of jobs in the so-called "gig economy." Amazon contract drivers have such brutal delivery schedules that they are sometimes forced to pee in bottles or defecate in bags. Uber drivers are often forced to work ludicrous overtime to make ends meet, much of it waiting for the algorithm to deliver a fare. Doordash paid $2.5 million to settle a lawsuit over allegedly stealing its drivers' tips (though it denied doing so).

These stories illustrate an important truth about these gig companies: They are not actually innovative, in the traditional economic meaning of the word. Instead they rely on the most ancient employer technique of all: plain old labor exploitation.

Innovation is of course a vague concept, but in economic history the idea typically refers to technology that allows for more production with less labor. The spinning mule and the power loom, for instance, allow the production of huge amounts of cloth with only a few workers, as compared to hand spinners and looms that require a worker for each one. The Bessemer process greatly increased steel production because it required many fewer workers. Manufacturing has become vastly more labor-efficient through the use of techniques like interchangeable parts and the assembly line. Every major industry has a history of this kind of thing.

With that in mind, let's consider Amazon warehouses. Jobs there are notorious for how management mercilessly regulates the work process with panopticon surveillance. Workers' every movement is tracked, bathroom breaks are strictly limited, and they are required to maintain a frenzied rate of packing and shipping. Dip below the demanded production metrics, and you will be automatically fired. Documents obtained by The Verge in 2019 found that Amazon was firing about 10 percent of its entire workforce every year at one Baltimore facility.

Now, a lot of technology goes into this system. But it is not using labor efficiently, it is efficiently exploiting labor — more production with more work. Indeed, these warehouse jobs are so brutal that many people end up disabled as a result, with chronic knee, back, or foot problems. That's whole future lifetimes of potential work burned up because Amazon wants to wring as many possible shipments out of their workers in the short term.

The story is the same with Amazon's delivery drivers. These work basically just like UPS — a bunch of people driving around dropping off packages. Amazon's logistics are world-class, but their signature strategy in terms of delivery is profligate use of labor. Whereas UPS is unionized, and so drivers generally get good pay, benefits, and decent hours, Amazon uses (heavily surveilled) disposable contract labor that can be forced to work as hard and as long as possible.

The story with taxi companies like Uber is even more wasteful. The entire value proposition of Uber is based on exploitation — paying drivers as little as possible, especially by shifting the costs of car ownership and maintenance to them. Worse, as Hubert Horan writes for American Affairs, Uber's ride system is far less efficient than traditional taxi companies. A normal taxi company will own a fleet of cars that are all the same (or just a few models), thus creating efficiencies of scale in terms of purchasing and maintenance. They also must carefully analyze their city to avoid trips that won't be able to return with another fare, thus keeping rides per miles driven high. But Uber has no such efficiencies of scale, and allows rides to almost anywhere because it subsidizes its fares far below the cost of production, thanks to deep-pocketed investors who are hoping for monopoly profits. (Though these are likely a mirage, as Uber has lost something like $29 billion over its existence, and any attempt to reach profitability will immediately put it at a disadvantage relative to normal taxis.)

Food delivery companies like Grubhub or Doordash are perhaps worst of all. These basically get in between a restaurant and its customers with an app that is convenient for the customer (sometimes putting restaurants on the service without even asking first), and then squeeze the restaurant with high commissions, all while paying their delivery workers as little as possible. One study found San Francisco food deliverers made just $26,000 per year, and that was before expenses. Many app orders for restaurants are straight-up unprofitable — New York City is considering new regulations to limit delivery app commissions for this reason.

Moreover, food delivery is a difficult business — Domino's, for instance, has its own delivery service, which requires elaborate systems to maximize deliveries per trip and make sure the pizza arrives hot. With gig companies, by contrast, delivery workers can service dozens of different restaurants, leaving little room for coordination or for workers to learn efficient routes for a particular store. That means haphazard delivery paths where food often arrives cold, and workers regularly competing with each other to get their deliveries first, creating big pile-ups and confusion at the restaurant. That's probably a big reason why even despite all the predatory business practices, not a single one of these companies has ever turned a consistent profit, not even during the pandemic as online food orders soared.

All this demonstrates an important side function of pro-worker policies like the PRO Act to make union organizing easier (which is before the Senate right now), a high minimum wage, and running the economy hot so that unemployment is low. Those of course benefit workers directly by increasing pay and helping labor organizing. But they also change the balance of power between workers and bosses.

All these horrible gig companies rely on a large population of people desperate for work. But if jobs are plentiful and labor scarce, then suddenly they will find it a lot harder to fill ruthlessly exploitative positions. They will have to start offering better pay and conditions, forcing them to economize on labor with real innovation or go out of business. Amazon could probably handle it, but many of these other gig companies likely can't. And if so, that is all to the good. As Saoirse Gowan and Mio Tastas Viktorsson write about Sweden's postwar economic model, one prime objective was to ensure that "unproductive firms would not be able to stay afloat by underpaying their workers." If a company can't survive without paying its workers decently under good conditions, it doesn't deserve to exist.

Posted in News | Leave a comment

SQLite the only database you will ever need in most cases

Source: Hacker News

Article note: The general lesson of "You're not a FAANG, don't add their absurd complications 'for scale.' is something the tech world needs to listen to. Your glorified webpage can serve 50,000 users off a cheap VM and 400,000 users off a beat-up 1U colo, so design it to host that way. You don't need Kubernetes, you don't even need containers. You don't need a distributed DB and load balancers. Your cargo-cult complexity fetishism is making things hard for you and everyone else.
Posted in News | Leave a comment