Podcasts about esp32

This show has been flagged as Clean by the host. Hello, again. This is Trey. Welcome to part 6 in my Cheap Yellow Display (CYD) Project series. Thank you for hanging in there with me on this rambling series. If you wish to catch up on earlier episodes, you can find them on my HPR profile page https://www.hackerpublicradio.org/correspondents/0394.html To review, my project is to build a portable morse code "Keyer memory" which can be connected to any of my amateur HF transceiver radios by simply plugging it in to the code key input port. This is based around an ESP32 platform which comes prepackaged on a yellow PC board with a color touchscreen display, WIFI, and Bluetooth. We fondly call this contraption the Cheap Yellow Display. So far, I have defined the necessities, collected the required hardware, and failed miserably building the graphical user interface (GUI). While I sort out the technical challenges getting my GUI code to play nicely with the CYD's touchscreen, it is important that we spend some time discussing Morse code itself, and the timing standards we will need to follow. I am not going to dive too deeply into the history behind telegraphs and Morse code, but it is very interesting. If you want to learn more, Wikipedia has the origins and evolution written out quite nicely at https://en.wikipedia.org/wiki/Morse_code For our purposes, we will fast forward from the year 1820 (When telegraphy began) all the way to 1865 when the International Telecommunication Union (ITU) standardized, what it called "International Morse Code". When I say Morse Code for the remainder of this podcast, I am referring to this ITU International Morse Code. Morse code typically includes the following characters: The 26 letter basic Latin alphabet The Indo-Arabic numerals 0 to 9 There is also a single accented Latin letter (É), which is written as an E with an accent mark, and a handful of punctuation marks. These characters are encoded using a sequence of short and long signals. Each short signal is referred to as a dit . Each long signal is referred to as a dah . At a young age, I began to refer to them as dots and dashes, as this is how they are usually written. For example, the letter "A" consists of a single dit followed by a single dah. When written out this would look like a period followed by a hyphen (what some might call a minus sign) .- This encoding method allows messages to be sent by turning on and off an electrical signal. This could result in a light flashing or a tone sounding to the pattern of the signal. The timing of a dit and dah, along with the spacing between them is carefully defined. Morsecode.world does a great job explaining the timing, and you can find their explanation at https://morsecode.world/international/timing/ It all starts with the dit, or more accurately, the amount of time the dit signal is turned on. We will call this length of time 1 unit. We will get to the actual length of time for a unit later in this episode. For now, it is just one unit. So, if a dit is 1 unit long, a dah will be 3 units long, so there is an obvious and consistent difference between a dit and a dah. Also, empty space between elements of the same character is 1 unit long. The space between characters should be 3 units long. Let's demonstrate using the letters H, P, & R. An "H" would be 4 dits …. A "P" would be 1 dit followed by 2 dahs and ending with 1 dit .--. An "R" would be 1 dit followed by 1 dah and ending with 1 dit .-. Remember when we send these grouped together like a word, we need 3 units of spacing between each character. You can hear this now. This is Morse code for the letters "HPR" at 15 words per minute .... .--. .-. That is the perfect segue to the next section, words per minute. The speed of morse code is measured in "words per minute". But how do you calculate this when some characters are short (Like the letter "E" which is only a single dit long), and other characters are long (Like the letter "J" which starts with a single dit and is followed by 3 dahs)? And that's just letters. What about words? We have short words and long words. How can we standardize on words per minute with so much diversity of length? Well, thanks to the French, we have a quite elegant solution to this problem. Well, not the French in general. Just PARIS. PARIS is the standard word which has been agreed upon to be used for determining the speed of Morse code. The word PARIS is 50 units long. "P" = dit(1) + (1) + dah(3) + (1) + dah(3) + (1) + dit(1) = 11 units {Space between letters} = 3 units "A" = dit(1) + (1) + dah(3) = 5 units {Space between letters} = 3 units "R" = dit(1) + (1) + dah(3) + (1) + dit(1) = 7 units {Space between letters} = 3 units "I" = dit(1) + (1) + dit(1) = 3 units {Space between letters} = 3 units "S" = dit(1) + (1) + dit(1) + (1) + dit(1) = 5 units {Space between words} = 7 units 11+3+5+3+7+3+3+3+5+7 = 50 units Here is the word PARIS sent at 15 WPM .--. .- .-. .. ... Morsecode.world again does a great job explaining the maths for how many milliseconds long a dit should be for a specific WPM of code ( https://morsecode.world/international/timing/ ) But, no... We could not keep it that simple. Some guy named Donald R. "Russ" Farnsworth had to complicate things and increase the gaps between letters and words to make interpreting code much easier. There are even more maths for Farnsworth timing... Wait a minute. When did I start saying "Maths" instead of "Math" like a normal North American? What is the reasoning around pluralizing "Math" anyways? Which way is more original English, "Math" or "Maths"? This sounds like a show idea for someone other than me. If you know or are interested in researching it, I look forward to listening to your show in the future. ANYWAYS, there IS much more MATH about Farnsworth timing on another page on Morsecode.world. ( https://morsecode.world/international/timing/farnsworth.html ). But I don't want to get into all of it in detail here. Not when there is a shortcut we can use in our code. Simplified, we can take 1,200 and divide it by the WPM we desire, and it will give us a close enough approximation of the number of milliseconds long a dit should be. For the 15 WPM messages you have heard throughout this episode, a dit was 1200/15 = 80 ms in length. If I speed it up to 20 WPM (The speed at which I try to practice) a dit will be 1200/20 = 60 ms long. This will be an important calculation for us as we develop the code we will later be using to construct our messages using the CYD. And this is also a good stopping point so that I can get back to trying to build that infernal GUI. Provide feedback on this episode.

In this episode of the Crazy Wisdom podcast, host Stewart Alsop interviews Marcin Dymczyk, CPO and co-founder of SevenSense Robotics, exploring the fascinating world of advanced robotics and AI. Their conversation covers the evolution from traditional "standard" robotics with predetermined pathways to advanced robotics that incorporates perception, reasoning, and adaptability - essentially the AGI of physical robotics. Dymczyk explains how his company builds "the eyes and brains of mobile robots" using camera-based autonomy algorithms, drawing parallels between robot sensing systems and human vision, inner ear balance, and proprioception. The discussion ranges from the technical challenges of sensor fusion and world models to broader topics including robotics regulation across different countries, the role of federalism in innovation, and how recent geopolitical changes are driving localized high-tech development, particularly in defense applications. They also touch on the democratization of robotics for small businesses and the philosophical implications of increasingly sophisticated AI systems operating in physical environments. To learn more about SevenSense, visit www.sevensense.ai.Check out this GPT we trained on the conversationTimestamps00:00 Introduction to Robotics and Personal Journey05:27 The Evolution of Robotics: From Standard to Advanced09:56 The Future of Robotics: AI and Automation12:09 The Role of Edge Computing in Robotics17:40 FPGA and AI: The Future of Robotics Processing21:54 Sensing the World: How Robots Perceive Their Environment29:01 Learning from the Physical World: Insights from Robotics33:21 The Intersection of Robotics and Manufacturing35:01 Journey into Robotics: Education and Passion36:41 Practical Robotics Projects for Beginners39:06 Understanding Particle Filters in Robotics40:37 World Models: The Future of AI and Robotics41:51 The Black Box Dilemma in AI and Robotics44:27 Safety and Interpretability in Autonomous Systems49:16 Regulatory Challenges in Robotics and AI51:19 Global Perspectives on Robotics Regulation54:43 The Future of Robotics in Emerging Markets57:38 The Role of Engineers in Modern WarfareKey Insights1. Advanced robotics transcends traditional programming through perception and intelligence. Dymczyk distinguishes between standard robotics that follows rigid, predefined pathways and advanced robotics that incorporates perception and reasoning. This evolution enables robots to make autonomous decisions about navigation and task execution, similar to how humans adapt to unexpected situations rather than following predetermined scripts.2. Camera-based sensing systems mirror human biological navigation. SevenSense Robotics builds "eyes and brains" for mobile robots using multiple cameras (up to eight), IMUs (accelerometers/gyroscopes), and wheel encoders that parallel human vision, inner ear balance, and proprioception. This redundant sensing approach allows robots to navigate even when one system fails, such as operating in dark environments where visual sensors are compromised.3. Edge computing dominates industrial robotics due to connectivity and security constraints. Many industrial applications operate in environments with poor connectivity (like underground grocery stores) or require on-premise solutions for confidentiality. This necessitates powerful local processing capabilities rather than cloud-dependent AI, particularly in automotive factories where data security about new models is paramount.4. Safety regulations create mandatory "kill switches" that bypass AI decision-making. European and US regulatory bodies require deterministic safety systems that can instantly stop robots regardless of AI reasoning. These systems operate like human reflexes, providing immediate responses to obstacles while the main AI brain handles complex navigation and planning tasks.5. Modern robotics development benefits from increasingly affordable optical sensors. The democratization of 3D cameras, laser range finders, and miniature range measurement chips (costing just a few dollars from distributors like DigiKey) enables rapid prototyping and innovation that was previously limited to well-funded research institutions.6. Geopolitical shifts are driving localized high-tech development, particularly in defense applications. The changing role of US global leadership and lessons from Ukraine's drone warfare are motivating countries like Poland to develop indigenous robotics capabilities. Small engineering teams can now create battlefield-effective technology using consumer drones equipped with advanced sensors.7. The future of robotics lies in natural language programming for non-experts. Dymczyk envisions a transformation where small business owners can instruct robots using conversational language rather than complex programming, similar to how AI coding assistants now enable non-programmers to build applications through natural language prompts.

In this episode of the Crazy Wisdom Podcast, host Stewart Alsop sits down with Mike Bakon to explore the fascinating intersection of hardware hacking, blockchain technology, and decentralized systems. Their conversation spans from Mike's childhood fascination with taking apart electronics in 1980s Poland to his current work with ESP32 microcontrollers, LoRa mesh networks, and Cardano blockchain development. They discuss the technical differences between UTXO and account-based blockchains, the challenges of true decentralization versus hybrid systems, and how AI tools are changing the development landscape. Mike shares his vision for incentivizing mesh networks through blockchain technology and explains why he believes mass adoption of decentralized systems will come through abstraction rather than technical education. The discussion also touches on the potential for creating new internet infrastructure using ad hoc mesh networks and the importance of maintaining truly decentralized, permissionless systems in an increasingly surveilled world. You can find Mike in Twitter as @anothervariable.Check out this GPT we trained on the conversationTimestamps00:00 Introduction to Hardware and Early Experiences02:59 The Evolution of AI in Hardware Development05:56 Decentralization and Blockchain Technology09:02 Understanding UTXO vs Account-Based Blockchains11:59 Smart Contracts and Their Functionality14:58 The Importance of Decentralization in Blockchain17:59 The Process of Data Verification in Blockchain20:48 The Future of Blockchain and Its Applications34:38 Decentralization and Trustless Systems37:42 Mainstream Adoption of Blockchain39:58 The Role of Currency in Blockchain43:27 Interoperability vs Bridging in Blockchain47:27 Exploring Mesh Networks and LoRa Technology01:00:25 The Future of AI and DecentralizationKey Insights1. Hardware curiosity drives innovation from childhood - Mike's journey into hardware began as a child in 1980s Poland, where he would disassemble toys like battery-powered cars to understand how they worked. This natural curiosity about taking things apart and understanding their inner workings laid the foundation for his later expertise in microcontrollers like the ESP32 and his deep understanding of both hardware and software integration.2. AI as a research companion, not a replacement for coding - Mike uses AI and LLMs primarily as research tools and coding companions rather than letting them write entire applications. He finds them invaluable for getting quick answers to coding problems, analyzing Git repositories, and avoiding the need to search through Stack Overflow, but maintains anxiety when AI writes whole functions, preferring to understand and write his own code.3. Blockchain decentralization requires trustless consensus verification - The fundamental difference between blockchain databases and traditional databases lies in the consensus process that data must go through before being recorded. Unlike centralized systems where one entity controls data validation, blockchains require hundreds of nodes to verify each block through trustless consensus mechanisms, ensuring data integrity without relying on any single authority.4. UTXO vs account-based blockchains have fundamentally different architectures - Cardano uses an extended UTXO model (like Bitcoin but with smart contracts) where transactions consume existing UTXOs and create new ones, keeping the ledger lean. Ethereum uses account-based ledgers that store persistent state, leading to much larger data requirements over time and making it increasingly difficult for individuals to sync and maintain full nodes independently.5. True interoperability differs fundamentally from bridging - Real blockchain interoperability means being able to send assets directly between different blockchains (like sending ADA to a Bitcoin wallet) without intermediaries. This is possible between UTXO-based chains like Cardano and Bitcoin. Bridges, in contrast, require centralized entities to listen for transactions on one chain and trigger corresponding actions on another, introducing centralization risks.6. Mesh networks need economic incentives for sustainable infrastructure - While technologies like LoRa and Meshtastic enable impressive decentralized communication networks, the challenge lies in incentivizing people to maintain the hardware infrastructure. Mike sees potential in combining blockchain-based rewards (like earning ADA for running mesh network nodes) with existing decentralized communication protocols to create self-sustaining networks.7. Mass adoption comes through abstraction, not education - Rather than trying to educate everyone about blockchain technology, mass adoption will happen when developers can build applications on decentralized infrastructure that users interact with seamlessly, without needing to understand the underlying blockchain mechanics. Users should be able to benefit from decentralization through well-designed interfaces that abstract away the complexity of wallets, addresses, and consensus mechanisms.

Join Hackaday Editors Elliot Williams and Tom Nardi as they go over their picks for the best stories and hacks from the previous week. Things start off with a warning about the long-term viability of SSD backups, after which the discussion moves onto the limits of 3D printed PLA, the return of the Pebble smart watch, some unconventional aircraft, and an online KiCad schematic repository that has plenty of potential. You'll also hear about a remarkable conference badge made from e-waste electronic shelf labels, filling 3D prints with foam, and a tiny TV powered by the ESP32. The episode wraps up with our wish for hacker-friendly repair manuals, and an interesting tale of underwater engineering from D-Day. Check out the links over on Hackaday if you want to follow along, and as always, tell us what you think about this episode in the comments!

Ryan Collins calls himself a garbage man, but he's also the Managing Director at Tahoe Truckee Sierra Disposal (TTSD), a third-generation waste collection and recycling company in Northern California. After a stint in Silicon Valley, he came back to join the family business and walked into a world still powered by slide rulers, highlighters, and paper-heavy workflows. Today, his team is building in-house AI tools that are replacing expensive software and solving real operational problems across the business — all with a lean budget, limited tech experience, and a workforce that now regularly pitches their own automation ideas. We talk through how this transformation actually happened. Starting with Excel and a problem-first mindset, Ryan's weekend vibe coding projects grew into a full-on tech capability at TTSD. From saving $30,000 a year with a $75 microcontroller to avoiding six-figure SaaS spends with local AI tools, this episode is packed with practical stories. We also get into the risks of overengineering, how to decide when to bring in real software engineers, and what hiring looks like when you're prioritizing attitude and curiosity over resumes. If you're looking to build a culture of innovation, even in a non-tech industry, this one is worth a listen. Unlock the full potential of your product team with Integral's player coaches, experts in lean, human-centered design. Visit integral.io/convergence for a free Product Success Lab workshop to gain clarity and confidence in tackling any product design or engineering challenge. Inside the episode... Why even garbage truck drivers are suggesting AI tools now How Ryan turned Excel and a tinkering mindset into a culture of problem solving A $75 hardware build that fixed a $30,000-a-year proble Why vibe coding is addictive and how they stay focused on what matters Building in-house AI tools with Whisper, Mistral, and Claude Replacing a $120,000/year call center SaaS with a local tool running on a $2,000 PC How they protect customer data while still using AI internally When to keep iterating and when to bring in a developer What Ryan looks for in tech hires (and why resumes often don't matter) Using AI to bridge the language gap across a mostly Spanish-speaking workforce Mentioned in this episode ESP32 microcontrollers OpenAI Whisper (local speech-to-text) Mistral (local open source LLM) Claude by Anthropic 11Labs (AI voice translation) Google Maps API Upwork Cursor Excel, VBA, Python Pandas Alpha fold  Raptor engine at spaceX Stuff Matters: Exploring the Marvelous Materials That Shape Our Man-Made World by Mark Miodownik Unlock the full potential of your product team with Integral's player coaches, experts in lean, human-centered design. Visit integral.io/convergence for a free Product Success Lab workshop to gain clarity and confidence in tackling any product design or engineering challenge. Subscribe to the Convergence podcast wherever you get podcasts including video episodes to get updated on the other crucial conversations that we'll post on YouTube at youtube.com/@convergencefmpodcast Learn something? Give us a 5 star review and like the podcast on YouTube. It's how we grow.   Follow the Pod Linkedin: https://www.linkedin.com/company/convergence-podcast/ X: https://twitter.com/podconvergence Instagram: @podconvergence

We start with Z-wave, look at Open Source NVIDIA, and celebrate Intel hiring Linux engineers. Then Valve is still working on HDR in the kernel, Google is moving to Aluminium, and Patents just got a tiny bit worse. But KDE is dropping X11 next year, and Fedora is embracing the Nix packager! For tips we have podliner for your tui podcast needs, ss for socket statistics, and a real surprise in the form of Linux on the ESP32-s3. You can get the show notes at https://bit.ly/4ipstfs and enjoy! Host: Jonathan Bennett Co-Hosts: Rob Campbell and Jeff Massie Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

We start with Z-wave, look at Open Source NVIDIA, and celebrate Intel hiring Linux engineers. Then Valve is still working on HDR in the kernel, Google is moving to Aluminium, and Patents just got a tiny bit worse. But KDE is dropping X11 next year, and Fedora is embracing the Nix packager! For tips we have podliner for your tui podcast needs, ss for socket statistics, and a real surprise in the form of Linux on the ESP32-s3. You can get the show notes at https://bit.ly/4ipstfs and enjoy! Host: Jonathan Bennett Co-Hosts: Rob Campbell and Jeff Massie Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

This show has been flagged as Clean by the host. Hello, again. This is Trey. Welcome to part 4 in my Cheap Yellow Display (CYD) Project series. If you have hung in there with me so far on this journey, thank you. If you have missed earlier episodes, you can find them on my HPR profile page https://www.hackerpublicradio.org/correspondents/0394.html If you have questions, comments, concerns, or other feedback, please leave an episode comment, or drop me an email (Using the address in my profile). Even better, you could record and upload your own show which shares your viewpoint or expertise. To review, I finally have an actual project to build using the CYD. It is a portable, programmable morse code "Keyer memory" which can be connected to any of my HF transceiver radios by simply plugging it in to the code key input port. Then I could transmit stored messages by simply touching their specific icon on the touch screen. So, now I purchased a pair of CYDs. Each arrived in an anti-static zipper bag with a USB C cable, a 6 inch long 4 pin PB1.25mm to Dupont 2.54mm cable harness, a plastic case holding the CYD itself and a small plastic stylus. There are pictures in the show notes. Depending on how many IO connections I may need, and how I plan to power this, I am probably going to need more 4 pin PB1.25mm wired connectors. You can see a description of the various features and connectors on RandomNerdTutorials writeup about this board ( https://randomnerdtutorials.com/cheap-yellow-display-esp32-2432s028r/ ). The only difference I can see between this description and what I received is that mine have both a MicroUSB and USB C port. Of course, first thing, I had to plug it in and see what happens. It appears to be running some kind of simulation of a web site. The backlit display looks alright. It is not super high resolution, but for the price, it will suite my needs. The touch screen is responsive, but it is pressure sensitive and works best using the provided stylus or a fingernail and not your finger tip. So, I have the CYD. What other hardware do I need? I need to address how one of these will actually connect to my radios. Modern amateur radio transceivers which support continuous wave (CW) transmission (Which is another name for Morse code) generally can use one of two different pieces of hardware for input. The first is what we call a straight key. Below is a photo of the one I own. This is a classic, old fashioned telegraph style code key. It is designed to quickly and easily be pressed down to close a circuit and when released the circuit is opened, effectively making it a normally open push button switch. To send a dot, the operator holds down the key for a short period of time, then releases it. To send a dash, the operator holds down the key for a longer period of time, before releasing it. (We will discuss actual timing specifications for morse code in a future podcast) Connectivity for the switch has been standardized to use a 3.5 mm mono male phone connector which has only sleeve and tip connections. The second option is a paddle style electronic keyer. There are many styles of these, and I am including a picture of the one I use, which once belonged to a close friend of mine who is now silent key. In general, the paddle is two separate normally open switches. In the most common configuration, if an operator presses and releases the paddle on the right, a dash is sent. If the paddle on the right is held, a continuous series of dashes will be sent until that paddle is released. The left paddle works similarly. If it is pressed and released, a single dot is sent. If it is pressed and held, a series of dots is sent until it is released. The function of these paddles can be swapped from left to right using the radio configuration. There is additional functionality which can be configured in some radios for when both paddles are pressed simultaneously, but I am not going to describe those here. The paddle generally uses a 3.5mm stereo male phone connector with the sleeve being common. The tip of the phone connector is wired to the left paddle and ring of the connector is wired to the right paddle. Most modern radios have a built in keyer which can be configured for a paddle and will automatically transmit the dots or dashes at whichever speed is configured based on the paddle pressed. You can see this phone connector illustrated on Wikipedia's phone connector page. . https://en.m.wikipedia.org/wiki/Phone_connector_(audio ) You can learn more about all the various devices which can be used for sending morse and how they function at Morse Code World . https://morsecode.world/keys.html Ideally, controlling all the morse code timing within the CYD would be best. That way, it could be connected as a straight key and any keyer settings already configured within the radio shouldn't matter. However, If I wish to also be able to manually send morse code myself using my paddles, without disconnecting the CYD and reconfiguring the radio, that could be problematic. I may need to factor in the possibility of connecting my paddle to the CYD and then building in code to respond to inputs from the paddles. As I mentioned in a previous episode, I have an Arduino Nano on my desk as a practice oscillator for my paddles. I may be able to reuse some of that code on the CYD. So, if I want the CYD to appear to the radio like a straight key, I will need it to be able to control a switch quickly and accurately. But I also want the CYD and the radio to be electrically isolated from each other. This calls for a relay. I was able to find and order some inexpensive relay modules which work nicely with Arduino and ESP32. These allow connectivity to 5v power and to one of the CYD's GPIO pins. These feed an optocoupler circuit, which, in-turn, drives the coil of the relay. This provides inductive kickback protection to the CYD and can drive a coil which would require more current than the GPIO can provide. Inductive kickback rabbit trail: An inductor is simply a coil of wire. Direct current flowing through any wire generates a magnetic field. Within the inductor, because the wire is coiled, the magnetic field builds from each pass of the wire in the coil. If you include an iron core, it sustains the magnetic field even better. This is the basis for an electro magnet. A relay is simply a momentary contact switch controlled by an electromagnet. One unique property of an inductor is that, current wants to keep flowing in the direction it was applied. To be specific, when the current source is removed, the magnetic field still exists for a while, and it effectively "generates" an electric current within the coil, in the same direction as the one which initially created the magnetic field to begin with. If it has a path to flow, this current will create another weaker magnetic field, which creates its own electric current, in a diminishing loop. If the circuit which drives the coil of a direct current relay is not ready for this continued push of current, damage can be done. Many times this is countered by wiring a "flyback diode" in parallel with the coil and in the opposite direction in which current will be applied. This way, when the current source is stopped, the diode gives a path for the inductive kickback current to safely flow while the magnetic field dissipates. Explained in greater detail at https://inductive-kickback.com/2019/04/inductive-kickback-made-simple-to-grasp-easy-to-handle/ The switch side of the relay is a single pole double throw (SPDT) and makes connections available for common, normally closed (NC), and normally open (NO). It will be easy to connect the common and NO connections to a 3.5mm mono male connector so that it may be plugged into the "key" port on any radio transmitter. I will need to do some testing on the speed of the relay, but I think it will work just fine. Once I start writing some code for the CYD, I will be able to connect and test the relay. Well, this is a good place to end this episode, and it is one of the longest in this series so far. In the next episode, we will begin to look at how we design the user interface for our program, something I do not know anything about (yet). Stay tuned weekdays for additional exciting episodes of Hacker Public Radio, and, at some point, the next episode in this series. If you like what you have heard, please leave an episode comment, or drop me an email (Using the address in my profile). If you have more than a single sentence to contribute on the subject, I encourage you to record an episode with your thoughts and expertise. If you dislike what you have heard, you are encouraged even more strongly to record and upload your own show which shares your viewpoint or opinion. Until next time. Provide feedback on this episode.

Wait, what? Is it time for the podcast again? Seems like only yesterday that Dan joined Elliot for the weekly rundown of the choicest hacks for the last 1/52 of a year. but here we are. We had quite a bit of news to talk about, including the winners of the Component Abuse Challenge -- warning, some components were actually abused for this challenge. They're also a trillion pages deep over at the Internet Archive, a milestone that seems worth celebrating. As for projects, both of us kicked things off with "Right to repair"-adjacent topics, first with a washing machine that gave up its secrets with IR and then with a car that refused to let its owner fix the brakes. We heated things up with a microwave foundry capable of melting cast iron -- watch your toes! -- and looked at a tiny ESP32 dev board with ludicrously small components.  We saw surveyors go to war, watched a Lego sorting machine go through its paces, and learned about radar by spinning up a sonar set from first principles. Finally, we wrapped things up with another Al Williams signature "Can't Miss Articles" section, with his deep dive into the fun hackers can have with the now-deprecated US penny, and his nostalgic look at pneumatic tube systems.

Send us a textJames Davis, widely recognized as FluxBench, has built a following by making electronics approachable, fun, and practical. With a mission to “keep the magic smoke inside the components where it belongs,” James is passionate about teaching engineers, makers, and hobbyists how to move beyond simple projects and start creating production-ready designs.On his YouTube channel, FluxBench, James shares tutorials and experiments ranging from ESP32-driven LED displays to embedded development strategies and Proxmox-based Flux Node setups. His videos blend clear explanations with hands-on demonstrations, making them accessible to beginners while still offering technical depth for experienced engineers. Whether it's wiring up microcontrollers, troubleshooting circuits, or scaling a one-off build into something robust, James shows how to translate curiosity into capability.With a background in embedded systems and a gift for teaching, James Davis represents the spirit of engineering as both an art and a craft. His work encourages others not just to build projects but to create real products that solve problems, delight users, and push the boundaries of what's possible with accessible electronics.Guest website:  Flux BenchAaron Moncur, hostClick here to learn more about simulation solutions from Simutech Group.

The nights are drawing in for Europeans, and Elliot Williams is joined this week by Jenny List for an evening podcast looking at the past week in all things Hackaday. After reminding listeners of the upcoming Hackaday Supercon and Jawncon events, we take a moment to mark the sad passing of the prolific YouTuber, Robert Murray-Smith. Before diving into the real hacks, there are a couple of more general news stories with an effect on our community. First, the takeover of Arduino by Qualcomm, and what its effect is likely to be. We try to speculate as to where the Arduino platform might go from here, and even whether it remains the player it once was, in 2025. Then there's the decision by Google to restrict Android sideloading to only approved-developer APKs unless over ADB. It's an assault on a user's rights over their own hardware, as well as something of a blow to the open-source Android ecosystem. What will be our community's response? On more familiar territory we have custom LCDs, algorithmic art, and a discussion of non-stepper motors in 3D printing. Even the MakerBot Cupcake makes an appearance. Then there's a tiny RV, new creative use of an ESP32 peripheral, and the DVD logo screensaver, in hardware. We end the show with a look at why logic circuits use the voltages they do. It's a smorgasbord of hacks for your listening enjoyment.

Join Alex Neuman on Vida Digital as he interviews Brian P. Cox from FutureVision Research, one of the makers bringing the FujiNet project to life. In this in-depth conversation, Brian shares how his early experiences with the Apple IIe, TRS-80, and Atari 1200XL inspired a lifelong passion for technology and teaching.They explore how FujiNet connects retro computers—Atari, Apple II/III, Commodore, Tandy CoCo, Coleco ADAM, and upcoming systems like the Intellivision, Atari 2600, and Commodore 64—to Wi-Fi, virtual disks, and even cross-platform online gaming through the TNFS protocol.Discover what challenges come with reviving decades-old hardware, how 3D-printed parts and ESP32 chips bridge generations, and what's next on the roadmap for FujiNet, including RS-232 support and future hardware based on the RP2040.

This show has been flagged as Clean by the host. Hello, again. This is Trey. Several months ago, I heard Paul Asadoorian mention the Cheap Yellow Display on his podcast, Paul's Security Weekly ( https://www.scworld.com/podcast-show/pauls-security-weekly ). I didn't think much of it at the time, but then I heard it referenced again, and again. Then, finally, it was described, and I became interested. "Cheap Yellow Display" is the term used for the ESP32-2432S028R. Since this is somewhat challenging to say, and to remember, and since the board is yellow, and it can be obtained for as little as $12 USD, it has been given the nickname "Cheap Yellow Display". I will abbreviate this as CYD for the remainder of this episode. It is an ESP32 (with built in WiFi & Bluetooth) on a development board with one or more USB connectors, a MicroSD slot, a limited selection of GPIO pins, an RGB LED, a speaker, a light sensor, and best of all, a 2.8-inch (71mm) TFT touchscreen LCD display. The CYD runs on 5 volts DC. I am including some photographs of the CYD in the show notes. RandomNerdTutorials has produced a very good writeup about this board on their website ( https://randomnerdtutorials.com/cheap-yellow-display-esp32-2432s028r/ ). Brian Lough (AKA WitnessMeNow) has been building a community for the CYD on his GitHub site ( https://github.com/witnessmenow/ESP32-Cheap-Yellow-Display ) where he has instructions, examples, tutorials, downloadable tools, and much more. Beginning back in the 1970s, my father and I built electronics projects together. And I have had a love for doing so ever since. Over the last few years, I have built several Arduino based gadgets on different platforms, including a couple which run on breadboards sitting beside me on my desk (I will share more about one of those later). A common use for the CYD among hackers is to leverage the built in WiFi & Bluetooth radios to compromise wireless networks or devices. The Marauder project is a prebuilt image which can be loaded directly to the CYD to use it as a wireless hacking tool. Fr4nkFletcher's Github repository ( https://github.com/Fr4nkFletcher/ESP32-Marauder-Cheap-Yellow-Display ) is one place where you can download the Marauder tool. There are also video games, clocks, photo slideshows, and more, which have already been coded for you, and are available on the internet for download. What would you do with a CYD? What could you build? What problem might you solve? What fun project might you come up with? For myself, the CYD intrigued me, but it did not yet jump out at me as something I had a need for. Yet. What would change my mind? What would set me on a quest to obtain some of these devices and learn to develop code for them? What problem did I wish to solve? Tune in again, in a couple weeks, to learn the answers some of these questions and more in my next episode in this HPR series. Provide feedback on this episode.

Scott, Wes, and CJ dive into Wes's Hackweek project: a real-time, web-controlled LED grid. They break down the hardware build, custom 3D-printed diffuser, ESP32 microcontroller, and Cloudflare durable objects powering live pixel art, GitHub activity displays, and interactive web drawings. Show Notes 00:00 Welcome to Syntax! 02:03 Wes' Hackweek project: a web-controlled LED grid 03:52 The hardware: LED panels, soldering, and power WS2812 LED panels 06:38 ESP32 microcontroller and WLED firmware explained ESP32 Microcontroller 10:57 Power supply challenges and injection fixes 15:05 Debugging and testing a DIY LED matrix 15:56 Shorts, blown circuits, and melted wires 17:58 Designing and 3D-printing the diffuser for crisp pixels 21:29 The software: Cloudflare Durable Objects + Party Server Cloudflare Durable Objects Party.server 22:18 Real-time sync and state management across clients Party Client 28:43 Connecting the server to the LED hardware 41:51 Open access fun: scripts, NSFW images, and moderation Cloudflare tunnel 44:10 Live demos 45:34 Future plans: stats, rooms, and making it always-on Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

This week on EYE ON NPI we're featuring some open source hardware from one of our favorite hardware manufacturers! It's the Arduino Nano R4 System on Module (https://www.digikey.com/en/product-highlight/a/arduino/nano-r4) a miniaturized version of the Arduino UNO R4 and Minima (https://blog.adafruit.com/2023/07/27/eye-on-npi-arduino-uno-r4-minima-and-uno-r4-wifi-boards-digikey-arduino-digikey-adafruit/) versions we covered on EYE ON NPI about two years ago! taking a cue from popular 'castellated single side' PCB proto boards on the market, the Nano comes in two options, one with headers (https://www.digikey.com/en/products/detail/arduino/ABX00143/26766495) for easy installation into existing Arduino Nano expansion kits or breadboards, and one with reflowable castellations (https://www.digikey.com/en/products/detail/arduino/ABX00142/26766490) The Arduino Nano (https://www.digikey.com/en/products/detail/arduino/A000005/2638989) is second only to the UNO as the definitive Arduino board that 'everyone got started with'. Many folks would start with the chunky UNO and then migrate to the Nano to get something that plugs into a breadboard for compact assembly. With a USB connector on one end, button and LEDs and programming header on the top, this board powered tens of thousands of builds. So it's not surprising that Arduino iterated on this design with a wide variety of chips like the RP2040 (https://www.digikey.com/en/products/detail/arduino/ABX00052/14123941) and ESP32 (https://www.digikey.com/en/products/detail/arduino/ABX00092/21219771) The latest generation is the Renesas RA4M1 series - which updates the original ATmega328 8-bit microcontroller to a beefy Cortex M4 with FPU. You get 48MHz clock, 256KB of Flash, 32KB of SRAM, ADC, DAC, CAN, captouch and other extras. The FPU in particular makes it a nice upgrade to the cortex M0/M0+. The best part is that with the 5V logic support of the R7FA4M1AB3CFM (https://www.digikey.com/en/products/detail/renesas-electronics-corporation/R7FA4M1AB3CFM-AA0/10447195), it makes for a great drop-in replacement when a 3V logic chip like the RP2040/ESP32 won't work as well. Plus you get lots of nice linear ADCs, the RP2040 only has 4 and the ESP32's are non-linear and sometimes don't work when WiFi is active. We also love that they added a Qwiic (https://www.sparkfun.com/qwiic) connector on the end! We use this for all our Stemma QT sensors, and between the many companies that have joined in the ecosystem there are easily a thousand different ons/displays/accessories that can plug in directly for instant expansion. If you want to get the latest Nano from the manufacturer of genuine Arduino boards, DigiKey is a authentic distributor and has tons of the Arduino Nano R4 (https://www.digikey.com/short/3brjrnjp) in stock right now for (https://www.digikey.com/en/products/detail/arduino/ASX00061/26744081) immediate shipment! Pick from the castellated flat or soldered-header variety, and don't forget to also grab some Arduino Nano accessories to get your design prototyped fast. Order today and your Nano will fly out of the DigiKey warehouse and arrive at your doorstep by tomorrow morning.

A Btrfs bug that bites is in the wild, and we discover whole home audio that works like a charm.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:

Chris fled a declarative-first world for the promised land of Bluefin's atomic simplicity. Fifty days in, did he find desktop bliss or just fresh compromises?Sponsored By:1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:

✨ There she is! This glowing LED arrow hat is the ultimate way to help your friends find you at festivals, raves, or crowded events. Powered by WLED and Adafruit's Sparkle Motion Stick, this bright, flashy headpiece points straight at you — like a living emoji in the middle of the dance floor.

Podcast: Open Source Security (LS 38 · TOP 2% what is this?)Episode: Embedded Security with Paul AsadoorianPub date: 2025-05-05Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationRecently, I had the pleasure of chatting with Paul Asadoorian, Principal Security Researcher at Eclypsium and the host of the legendary Paul's Security Weekly podcast. Our conversation dove into the often-murky waters of embedded systems and the Internet of Things (IoT), sparked by a specific vulnerability discussion on Paul's show concerning reference code for the popular ESP32 microcontroller. The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-05-embedded-security-with-paul-asadoorian/The podcast and artwork embedded on this page are from Josh Bressers, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Recently, I had the pleasure of chatting with Paul Asadoorian, Principal Security Researcher at Eclypsium and the host of the legendary Paul's Security Weekly podcast. Our conversation dove into the often-murky waters of embedded systems and the Internet of Things (IoT), sparked by a specific vulnerability discussion on Paul's show concerning reference code for the popular ESP32 microcontroller. The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-05-embedded-security-with-paul-asadoorian/

Over the holiday break, we designed a few Sparkle Motion (https://www.adafruit.com/search?q=sparkle+motion) ESP32 boards for use with WLED. They've been working well, so we decided to finish up the third version we cooked up—a USB “stick” for quick builds that you can power from a wall adapter, computer, or even a USB battery pack for portability. We managed to fit in a fuse, an I²S microphone, infrared-remote input, a mode-select button, two level-shifted outputs, and terminal blocks. It's designed to fit inside a pre-made snap-fit case (https://www.adafruit.com/product/6176). Visit the Adafruit shop online - http://www.adafruit.com ----------------------------------------- LIVE CHAT IS HERE! http://adafru.it/discord Subscribe to Adafruit on YouTube: http://adafru.it/subscribe New tutorials on the Adafruit Learning System: http://learn.adafruit.com/ ----------------------------------------- #esp32 #wled #diy

The crosswalk is talking to me man!, don't block my website without due process, Florida is demanding encryption backdoors, attacking boilers and banning HackRF Ones, time to update your flipper zero, using AI to create working exploits, what happens when you combine an RP2350 and an ESP32? Hopefully good hackery things!, more evidence that patching is not enough, auditing the PHP source code, reading the MEGA advisories, threat actors lie about data breaches (you don't say?), the data breach that Hertz, CISA warns of ransomware, some can't get Ahold of data breaches, please don't let people take control of your PC over Zoom and Paul's hot takes on: 4chan hack, the CVE program, and Microsoft Recall! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-871

The crosswalk is talking to me man!, don't block my website without due process, Florida is demanding encryption backdoors, attacking boilers and banning HackRF Ones, time to update your flipper zero, using AI to create working exploits, what happens when you combine an RP2350 and an ESP32? Hopefully good hackery things!, more evidence that patching is not enough, auditing the PHP source code, reading the MEGA advisories, threat actors lie about data breaches (you don't say?), the data breach that Hertz, CISA warns of ransomware, some can't get Ahold of data breaches, please don't let people take control of your PC over Zoom and Paul's hot takes on: 4chan hack, the CVE program, and Microsoft Recall! Show Notes: https://securityweekly.com/psw-871

The crosswalk is talking to me man!, don't block my website without due process, Florida is demanding encryption backdoors, attacking boilers and banning HackRF Ones, time to update your flipper zero, using AI to create working exploits, what happens when you combine an RP2350 and an ESP32? Hopefully good hackery things!, more evidence that patching is not enough, auditing the PHP source code, reading the MEGA advisories, threat actors lie about data breaches (you don't say?), the data breach that Hertz, CISA warns of ransomware, some can't get Ahold of data breaches, please don't let people take control of your PC over Zoom and Paul's hot takes on: 4chan hack, the CVE program, and Microsoft Recall! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-871

I'm joined by guests Rob Hamilton & Rijndael to go through the list.Housekeeping (00:01:09) OP_Next recapBitcoin • Software Releases & Project Updates (00:15:18) Coldcard (00:42:53) Bitcoin Core (00:47:21) BDK (00:48:12) Coinswap (00:48:56) Electrum Wallet (00:52:45) BTCPay Server (00:53:33) Nunchuk Android (00:54:04) Liana (00:54:51) The Mempool Open Source Project (00:57:01) BoltzExchange boltz-web-app (00:57:16) RoboSats (00:57:21) Bitcoin Safe (00:57:58) Blockstream Green (00:58:08) Rust Payjoin (01:01:15) Zaprite (01:01:48) Krux (01:02:29) Iris Wallet Desktop (01:02:46) Bitcoin Core Config Generator (01:02:52) UTXOracle• Project Spotlight (01:04:14) SwiftSync (01:04:43) PrivatePond (01:05:00) JoinMarket Fidelity Bond Simulator (01:05:52) DahLIAS (01:06:00) Satoshi Escrow (01:06:12) Taplocks (01:15:48) bitcoin.softforks.org (01:15:52) CTV and CSFS Enabled Bitcoin Node (01:16:03) UTXOscope (01:16:13) Block Bitcoin Treasury (01:16:47) Waye (01:17:08) Sovereign Craft(Not) a Vulnerability Disclosure (01:17:17) Pay-to-Anchor outputs now exploited for blockchain spamAudience Questions (01:23:46) How do we use open time stamps for transfer of assets using two party integrity between holders? (01:24:50) Does Cove have testnet4? (01:25:15) Can you explain like I'm 5 what opcodes are, how they are used on the network, and the level of optionality that applies to them? (01:26:49) Please discuss this idea: Block-based TOTP for bitcoin wallet passphrase validation.Privacy & Other Related Bitcoin Projects • Software Releases & Project Updates (01:28:48) Tor Browser (01:28:51) TailsOS (01:28:53) NymVPN (01:28:55) MapleAILightning + L2+ • Project Spotlight (01:29:17) Misty Breez (01:29:25) Sovereign Tools (01:29:28) Silk Road on Lightning (01:29:37) Cashu Token Decoder• Software Releases & Project Updates (01:29:48) Zeus (01:29:49) LDK (01:31:40) Minibits Wallet (01:31:42) HydrusNostr • Project Spotlight (01:31:44) Atomic Signature Swaps over Nostr (01:31:51) Lantern (01:31:59) Promenade (01:32:09) Noauth-enclaved (01:32:27) GM SwapBoosts (01:33:04) Shoutout to top boosters Rod Palmer Bugle News, pink monkey, btconboard, jespada, AVERAGE_GARY & larryoshi finkamotoLinks & Contacts:Website: https://bitcoin.review/Substack: https://substack.bitcoin.review/Twitter: https://twitter.com/bitcoinreviewhqNVK Twitter: https://twitter.com/nvkTelegram: https://t.me/BitcoinReviewPodEmail: producer@coinkite.comNostr & LN: ⚡nvk@nvk.org (not an email!)Full show notes: https://bitcoin.review/podcast/episode-95

#circuitpythonparsec Use the built-in BME280 Temperature/Humidity/Pressure sensor on the Feather ESP32-S2. https://github.com/jedgarpark/parsec/tree/main/2025-04-17 https://www.adafruit.com/product/5303 Learn about CircuitPython: https://circuitpython.org Visit the Adafruit shop online - http://www.adafruit.com ----------------------------------------- LIVE CHAT IS HERE! http://adafru.it/discord Subscribe to Adafruit on YouTube: http://adafru.it/subscribe New tutorials on the Adafruit Learning System: http://learn.adafruit.com/ -----------------------------------------

more info: https://rhr.tv- ESP32 microcontroller vulnerabilities https://cryptodeeptech.ru/bitcoin-bluetooth-attacks/- Trump Signs Resolution Blocking IRS Reporting Rule for 'DeFi Brokers' https://www.nobsbitcoin.com/trump-signs-resolution-blocking-irs-reporting-rule-for-defi-brokers/- Tether to back OCEAN Pool with its hashrate https://tether.io/news/tether-to-deploy-hashrate-on-ocean-advancing-decentralized-bitcoin-mining-infrastructure/- New Voltage Enterprise Platform enables fastest way to enable bitcoin and soon stablecoin transactions https://www.voltage.cloud/blog/new-voltage-platform-enables-fastest-way-to-enable-bitcoin-and-soon-stablecoin-transactions- BitGo and Voltage Team Up to Deliver Instant Bitcoin and Stablecoin Payments via Lightning https://www.voltage.cloud/blog/bitgo-and-voltage-team-up-to-deliver-instant-bitcoin-and-stablecoin-payments-via-lightning- OpenSats Eleventh Wave of Nostr Grants https://opensats.org/blog/eleventh-wave-of-nostr-grants- OpenSats Impact Report: Advancements in Lightning Infrastructure https://opensats.org/blog/advancements-in-lightning-infrastructure- Unchained has launched the Bitcoin Legacy Project https://www.unchained.com/blog/introducing-the-bitcoin-legacy-project- Bitcoin mining centralization in 2025 https://b10c.me/blog/015-bitcoin-mining-centralization/- South Korea | 7-Eleven Accepting Discounted CBDC Payments During Pilot PhaseSouth Korea launched a nationwide pilot of its central bank digital currency (CBDC), enrolling 100,000 South Korean users. As part of the rollout, 7-Eleven will accept CBDC payments and offer a 10% discount on all products. Governments facing public skepticism regarding their CBDCs increasingly use similar incentive tactics to onboard users. For example, Nigeria discounts taxi fares to push its e-Naira CBDC, while Thailand is distributing its CBDC directly to citizens for free. While South Korea's CBDC project aims to modernize payments, it is part of a broader push from countries, even democratic ones, to integrate state-controlled digital currencies into everyday transactions. A move that is diametrically opposed to individuals' freedom, privacy, and human rights. FinancialFreedomReport.org- Bitcoin Core v29.0 https://bitcoincore.org/en/releases/29.0/- ColdCard Firmware Updates - MK4 5.4.2 and Q 1.3.2 https://x.com/COLDCARDwallet/status/1912896809682247765- Liana Wallet v10.0: Wallet Backups & Dependencies Update https://www.nobsbitcoin.com/liana-wallet-v10-0/- LNbits v1.0.0: Stable, Hardened, and Production-Ready https://www.nobsbitcoin.com/lnbits-v1-0-0/- Ross Ulbricht joins nostr https://primal.net/ross0:00 - Intro3:04 - Zoomer perspective28:00 - Base memecoins38:32 - ESP32 vulverability43:30 - Trump blocks defi broker rule45:15 - Tether hashrate on OCEAN1:02:06 - Bitaxe quantum sniping1:08:46 - Voltage1:11:02 - OpenSats1:12:44 - Unchained Legacy Project1:14:12 - HRF Story of the Week1:17:47 - Software updates1:25:00 - Ross on Nostr1:25:26 - Zoomers againShoutout to our sponsors:Coinkitehttps://coinkite.com/Unchainedhttps://unchained.com/rhr/Bitkeyhttps://bitkey.world/Stakworkhttps://stakwork.ai/Follow Marty Bent:Twitterhttps://twitter.com/martybentNostrhttps://primal.net/martyNewsletterhttps://tftc.io/martys-bent/Podcasthttps://tftc.io/podcasts/Follow Odell:Nostrhttps://primal.net/odellNewsletterhttps://discreetlog.com/Podcasthttps://citadeldispatch.com/

Join Hackaday Editors Elliot Williams and Tom Nardi as they talk about the best stories and hacks of the week. This episode starts off with a discussion of the Vintage Computer Festival East and Philadelphia Maker Faire -- two incredible events that just so happened to be scheduled for the same weekend. From there the discussion moves on to the latest developments in DIY soft robotics, the challenge of running Linux on 8-pin ICs, hardware mods to improve WiFi reception on cheap ESP32 development boards, and what's keeping old smartphones from being reused as general purpose computers. You'll also hear about Command and Conquer: Red Alert running on the Pi Pico 2, highly suspect USB-C splitters, and producing professional looking PCBs at home with a fiber laser. Stick around to the end to hear about the current state of non-Google web browsers, and a unique new machine that can engrave circuit boards with remarkable accuracy. Check out the links over on Hackaday if you want to follow along, and as always, tell us what you think about this episode in the comments!

#newproducts JP's Product Pick of the Week 4/1/25 Sparkle Motion Mini WLED-friendly ESP32 NeoPixel LED Driver https://www.adafruit.com/product/6160 Visit the Adafruit shop online - http://www.adafruit.com ----------------------------------------- LIVE CHAT IS HERE! http://adafru.it/discord Subscribe to Adafruit on YouTube: http://adafru.it/subscribe New tutorials on the Adafruit Learning System: http://learn.adafruit.com/ -----------------------------------------

The dangers of doing things you don't understand. Espressif responds to the claims of an ESP32 backdoor. A widely leveraged mistake Microsoft stubbornly refuses to correct. A disturbingly simple remote takeover of Apache Tomcat servers. A 10/10 vulnerability affecting some ASUS, ASRock and HPE motherboards. Google snapped up another cloud security firm but paid a price! RCS messaging to soon get full end-to-end encryption (done right!). How did an AI Crypto Chatbot lose $105,000? ...and what is an AI Crypto Chatbot? Looks like Oracle may take stewardship of TikTok to keep it in-country. Whoops! 23andMe is sinking — don't let them take your genetics with them! The White House says "the cyber guys should stay!" AI project failure rates are on the rise. Anyone surprised? Listener feedback, and a very interesting update on just how looming is the threat from quantum computing? Show Notes - https://www.grc.com/sn/SN-1018-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security legatosecurity.com joindeleteme.com/twit promo code TWIT

The dangers of doing things you don't understand. Espressif responds to the claims of an ESP32 backdoor. A widely leveraged mistake Microsoft stubbornly refuses to correct. A disturbingly simple remote takeover of Apache Tomcat servers. A 10/10 vulnerability affecting some ASUS, ASRock and HPE motherboards. Google snapped up another cloud security firm but paid a price! RCS messaging to soon get full end-to-end encryption (done right!). How did an AI Crypto Chatbot lose $105,000? ...and what is an AI Crypto Chatbot? Looks like Oracle may take stewardship of TikTok to keep it in-country. Whoops! 23andMe is sinking — don't let them take your genetics with them! The White House says "the cyber guys should stay!" AI project failure rates are on the rise. Anyone surprised? Listener feedback, and a very interesting update on just how looming is the threat from quantum computing? Show Notes - https://www.grc.com/sn/SN-1018-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security legatosecurity.com joindeleteme.com/twit promo code TWIT

The dangers of doing things you don't understand. Espressif responds to the claims of an ESP32 backdoor. A widely leveraged mistake Microsoft stubbornly refuses to correct. A disturbingly simple remote takeover of Apache Tomcat servers. A 10/10 vulnerability affecting some ASUS, ASRock and HPE motherboards. Google snapped up another cloud security firm but paid a price! RCS messaging to soon get full end-to-end encryption (done right!). How did an AI Crypto Chatbot lose $105,000? ...and what is an AI Crypto Chatbot? Looks like Oracle may take stewardship of TikTok to keep it in-country. Whoops! 23andMe is sinking — don't let them take your genetics with them! The White House says "the cyber guys should stay!" AI project failure rates are on the rise. Anyone surprised? Listener feedback, and a very interesting update on just how looming is the threat from quantum computing? Show Notes - https://www.grc.com/sn/SN-1018-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security legatosecurity.com joindeleteme.com/twit promo code TWIT

The dangers of doing things you don't understand. Espressif responds to the claims of an ESP32 backdoor. A widely leveraged mistake Microsoft stubbornly refuses to correct. A disturbingly simple remote takeover of Apache Tomcat servers. A 10/10 vulnerability affecting some ASUS, ASRock and HPE motherboards. Google snapped up another cloud security firm but paid a price! RCS messaging to soon get full end-to-end encryption (done right!). How did an AI Crypto Chatbot lose $105,000? ...and what is an AI Crypto Chatbot? Looks like Oracle may take stewardship of TikTok to keep it in-country. Whoops! 23andMe is sinking — don't let them take your genetics with them! The White House says "the cyber guys should stay!" AI project failure rates are on the rise. Anyone surprised? Listener feedback, and a very interesting update on just how looming is the threat from quantum computing? Show Notes - https://www.grc.com/sn/SN-1018-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security legatosecurity.com joindeleteme.com/twit promo code TWIT

The dangers of doing things you don't understand. Espressif responds to the claims of an ESP32 backdoor. A widely leveraged mistake Microsoft stubbornly refuses to correct. A disturbingly simple remote takeover of Apache Tomcat servers. A 10/10 vulnerability affecting some ASUS, ASRock and HPE motherboards. Google snapped up another cloud security firm but paid a price! RCS messaging to soon get full end-to-end encryption (done right!). How did an AI Crypto Chatbot lose $105,000? ...and what is an AI Crypto Chatbot? Looks like Oracle may take stewardship of TikTok to keep it in-country. Whoops! 23andMe is sinking — don't let them take your genetics with them! The White House says "the cyber guys should stay!" AI project failure rates are on the rise. Anyone surprised? Listener feedback, and a very interesting update on just how looming is the threat from quantum computing? Show Notes - https://www.grc.com/sn/SN-1018-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security legatosecurity.com joindeleteme.com/twit promo code TWIT

The dangers of doing things you don't understand. Espressif responds to the claims of an ESP32 backdoor. A widely leveraged mistake Microsoft stubbornly refuses to correct. A disturbingly simple remote takeover of Apache Tomcat servers. A 10/10 vulnerability affecting some ASUS, ASRock and HPE motherboards. Google snapped up another cloud security firm but paid a price! RCS messaging to soon get full end-to-end encryption (done right!). How did an AI Crypto Chatbot lose $105,000? ...and what is an AI Crypto Chatbot? Looks like Oracle may take stewardship of TikTok to keep it in-country. Whoops! 23andMe is sinking — don't let them take your genetics with them! The White House says "the cyber guys should stay!" AI project failure rates are on the rise. Anyone surprised? Listener feedback, and a very interesting update on just how looming is the threat from quantum computing? Show Notes - https://www.grc.com/sn/SN-1018-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security legatosecurity.com joindeleteme.com/twit promo code TWIT

Build a 3D printed Bluetooth speaker, inspired by the TV Show Severance. Powered by the Feather ESP32 V2 and the MAX98357A 3W I2S amplifier.  This project is written in Arduino and uses two libraries by Phil Schatzmann that make using the ESP32 for Bluetooth audio really easy. Great for playing defiant jazz, watching your favorite TV show, or sync with your mobile device. Just please don't throw it at your coworkers, as it may cause a nasty bump to the head. Tutorial, Files and Code https://learn.adafruit.com/bluetooth-speaker/ Feather ESP32 https://www.adafruit.com/product/5400 IS2 Amplifier https://www.adafruit.com/product/3006 3W Speaker https://www.adafruit.com/product/4445 Visit the Adafruit shop online - http://www.adafruit.com ----------------------------------------- LIVE CHAT IS HERE! http://adafru.it/discord Subscribe to Adafruit on YouTube: http://adafru.it/subscribe New tutorials on the Adafruit Learning System: http://learn.adafruit.com/ -----------------------------------------

Build a 3D printed Bluetooth speaker, inspired by the TV Show Severance. Powered by the Feather ESP32 V2 and the MAX98357A 3W I2S amplifier.  This project is written in Arduino and uses two libraries by Phil Schatzmann that make using the ESP32 for Bluetooth audio really easy. Great for playing defiant jazz, watching your favorite TV show, or sync with your mobile device. Just please don't throw it at your coworkers, as it may cause a nasty bump to the head. Tutorial, Files and Code https://learn.adafruit.com/bluetooth-speaker/ Feather ESP32 https://www.adafruit.com/product/5400 IS2 Amplifier https://www.adafruit.com/product/3006 3W Speaker https://www.adafruit.com/product/4445 Visit the Adafruit shop online - http://www.adafruit.com ----------------------------------------- LIVE CHAT IS HERE! http://adafru.it/discord Subscribe to Adafruit on YouTube: http://adafru.it/subscribe New tutorials on the Adafruit Learning System: http://learn.adafruit.com/ -----------------------------------------

The dangers of doing things you don't understand. Espressif responds to the claims of an ESP32 backdoor. A widely leveraged mistake Microsoft stubbornly refuses to correct. A disturbingly simple remote takeover of Apache Tomcat servers. A 10/10 vulnerability affecting some ASUS, ASRock and HPE motherboards. Google snapped up another cloud security firm but paid a price! RCS messaging to soon get full end-to-end encryption (done right!). How did an AI Crypto Chatbot lose $105,000? ...and what is an AI Crypto Chatbot? Looks like Oracle may take stewardship of TikTok to keep it in-country. Whoops! 23andMe is sinking — don't let them take your genetics with them! The White House says "the cyber guys should stay!" AI project failure rates are on the rise. Anyone surprised? Listener feedback, and a very interesting update on just how looming is the threat from quantum computing? Show Notes - https://www.grc.com/sn/SN-1018-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security legatosecurity.com joindeleteme.com/twit promo code TWIT

This week: Compliance, localization, blah blah, the Greatest Cybersecurity Myth Ever Told, trolling Microsoft with a video, Github actions give birth to a supply chain attack, prioritizing security research, I'm tired of 0-Days that are not 0-Days, sticking your head in the sand and believing everything is fine, I'm excited about AI crawlers, but some are not, Room 641A, a real ESP32 vulnerability, do we need a CVE for every default credential?, smart Flipper Zero add-ons, one more reason why people fear firmware updates, no more Windows 10, you should use Linux, and I have a Linux terminal in my pocket, now what? Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-866

This week: Compliance, localization, blah blah, the Greatest Cybersecurity Myth Ever Told, trolling Microsoft with a video, Github actions give birth to a supply chain attack, prioritizing security research, I'm tired of 0-Days that are not 0-Days, sticking your head in the sand and believing everything is fine, I'm excited about AI crawlers, but some are not, Room 641A, a real ESP32 vulnerability, do we need a CVE for every default credential?, smart Flipper Zero add-ons, one more reason why people fear firmware updates, no more Windows 10, you should use Linux, and I have a Linux terminal in my pocket, now what? Show Notes: https://securityweekly.com/psw-866

Tracking WiFi devices with cheap ESP32 devices, using OSM and Google Maps together, deleting your Twitter data, “3D” images with any camera, forcing Ubuntu to give you all the available updates, efficiently importing photos, counting lines of code, and more.   Discoveries espargos and demo video OSM2GoogleMaps Bookmarklet Cyd twitter-defollower Cross Views About apt upgrade... Read More

Tracking WiFi devices with cheap ESP32 devices, using OSM and Google Maps together, deleting your Twitter data, “3D” images with any camera, forcing Ubuntu to give you all the available updates, efficiently importing photos, counting lines of code, and more.   Discoveries espargos and demo video OSM2GoogleMaps Bookmarklet Cyd twitter-defollower Cross Views About apt upgrade... Read More

Sounil Yu joins us to kick things off with AI defenses: Enterprise AI search tools like Copilot for Microsoft 365 lack the in-depth access controls required to ensure that query responses align with the user's need-to-know boundaries. Without proper controls, these tools accelerate the discovery of improperly secured sensitive files within the organization. Knostic's solution ensures that enterprise data is safeguarded without slowing down innovation. By automating the detection and remediation of LLM data exposure, Knostic helps organizations mitigate the security, privacy, and compliance risks associated with AI chatbots and enterprise search tools. In the security news: The controversial pick for National Cyber Director, the not-so-controversial pick to lead CISA, complete with funding cuts, the controversial ESP32 backdoor that is not a backdoor but hidden features, Dark Storm takes down X, interesting use cases for LoRa, using AI to get your dream job, details on the biggest crypto heist in history, an EDR bypass and a 404 error, slipping through the cracks in CVSS, old school vulnerability disclosure in 2025, Rayhunter, a pen test that should not have been, JTAG and your Flipper Zero, a Linux webcam was used for what now?, and "Spatial-Domain Wireless Jamming with Reconfigurable Intelligent Surfaces"! Segment Resources: https://www.knostic.ai/blog/enterprise-ai-search-tools-addressing-the-risk-of-data-leakage https://www.knostic.ai/what-we-do Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-865

Sounil Yu joins us to kick things off with AI defenses: Enterprise AI search tools like Copilot for Microsoft 365 lack the in-depth access controls required to ensure that query responses align with the user's need-to-know boundaries. Without proper controls, these tools accelerate the discovery of improperly secured sensitive files within the organization. Knostic's solution ensures that enterprise data is safeguarded without slowing down innovation. By automating the detection and remediation of LLM data exposure, Knostic helps organizations mitigate the security, privacy, and compliance risks associated with AI chatbots and enterprise search tools. In the security news: The controversial pick for National Cyber Director, the not-so-controversial pick to lead CISA, complete with funding cuts, the controversial ESP32 backdoor that is not a backdoor but hidden features, Dark Storm takes down X, interesting use cases for LoRa, using AI to get your dream job, details on the biggest crypto heist in history, an EDR bypass and a 404 error, slipping through the cracks in CVSS, old school vulnerability disclosure in 2025, Rayhunter, a pen test that should not have been, JTAG and your Flipper Zero, a Linux webcam was used for what now?, and "Spatial-Domain Wireless Jamming with Reconfigurable Intelligent Surfaces"! Segment Resources: * https://www.knostic.ai/blog/enterprise-ai-search-tools-addressing-the-risk-of-data-leakage * https://www.knostic.ai/what-we-do Show Notes: https://securityweekly.com/psw-865

Microsoft Patch Tuesday Microsoft Patched six already exploited vulnerabilities today. In addition, the patches included a critical patch for Microsoft's DNS server and about 50 additional patches. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%3A%20March%202025/31756 Apple Updates iOS/macOS Apple released an update to address a single, already exploited, vulnerability in WebKit. This vulnerability affects iOS, macOS and VisionOS. https://support.apple.com/en-us/100100 Expressif Response to ESP32 Debug Commands Expressif released a statement commenting on the recent release of a paper alledging "Backdoors" in ESP32 chipsets. According to Expressif, these commands are debug commands and not reachable directly via Bluetooth. https://www.espressif.com/en/news/Response_ESP32_Bluetooth

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news with special guest Rob Joyce, a Former Special Assistant to the US President and Director of Cybersecurity for NSA. They talk through: A realistic bluetooth-proximity phishing attack against Passkeys A very patient ransomware actor encrypts an entire enterprise with a puny linux webcam processor The ESP32 backdoor that is neither a door nor at the back The X DDoS that Elon said was Ukraine is claimed by pro-Palestinian hacktivists Years later, LastPass hackers are still emptying crypto-wallets …and it turns out North Korea nailed {Safe}Wallet with a malicious docker image. Nice! Rob Joyce recently testified to the US House Select Committee on the Chinese Communist Party, and he explains why DOGE kicking probationary employees to the curb is “devastating” for the national security staff pipeline. This week's episode is sponsored by SpecterOps, makers of the Bloodhound identity attack path mapping tool. Chief Product Officer Justin Kohler and Principal Security Researcher Lee Chagolla-Christensen discuss their pragmatic approach to disabling NTLM authentication in Active Directory using Bloodhound's insight. This episode is also available on Youtube. Show notes CVE-2024-9956 - PassKey Account Takeover in All Mobile Browsers | Tobia Righi - Security Researcher Feds Link $150M Cyberheist to 2022 LastPass Hacks – Krebs on Security Camera off: Akira deploys ransomware via webcam Tarlogic detects a hidden feature in the mass-market ESP32 chip that could infect millions of IoT devices Alleged Co-Founder of Garantex Arrested in India – Krebs on Security 37K+ VMware ESXi instances vulnerable to critical zero-day | Cybersecurity Dive Apple patches 0-day exploited in “extremely sophisticated attack” - Ars Technica What Really Happened With the DDoS Attacks That Took Down X | WIRED Eleven11bot estimates revised downward as researchers point to Mirai variant | Cybersecurity Dive Previously unidentified botnet infects unpatched TP-Link Archer home routers | The Record from Recorded Future News Safe.eth on X: "Investigation Updates and Community Call to Action" / X How to verify Safe{Wallet} transactions on a hardware wallet | Safe{Wallet} Help Center and Support. US charges Chinese nationals in cyberattacks on Treasury, dissidents and more | The Record from Recorded Future News Former top NSA cyber official: Probationary firings ‘devastating' to cyber, national security | CyberScoop U.S. pauses intelligence sharing with Ukraine used to target Russian forces - The Washington Post

Commonly Probed Webshell URLs Many attackers deploy web shells to gain a foothold on vulnerable web servers. These webshells can also be taken over by parasitic exploits. https://isc.sans.edu/diary/Commonly%20Probed%20Webshell%20URLs/31748 Undocumented ESP32 Commands A recent conference presentation by Tarlogic revealed several "backdoors" or undocumented features in the commonly used ESP32 Chipsets. Tarlogic also released a toolkit to make it easier to audit chipsets and find these hiddent commands. https://www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-devices/ Camera Off: Akira deploys ransomware via Webcam The Akira ransomware group was recently observed infecting a network with Ransomware by taking advantage of a webcam. https://www.s-rminform.com/latest-thinking/camera-off-akira-deploys-ransomware-via-webcam

This episode also covers recent ransomware as a service (RaaS) trends, including the rise of SpearWing and Akira groups, advanced ransomware techniques exploiting IoT vulnerabilities, and issues with the ESP32 microcontroller's hidden commands. Additionally, Signal President Meredith Whitaker warns about privacy risks in agentic AI systems. Tune in for in-depth cybersecurity updates and more. 00:00 The Talk: Supporting Our Podcast 01:37 Cybersecurity Today: Ransomware as a Service 04:57 Akira Ransomware: Exploiting IoT Devices 06:50 ESP32 Microcontroller Vulnerabilities 08:21 AI Agents: Privacy and Security Risks 09:56 Conclusion and Contact Information

It's Valentine's Day today, and what better way to capture your beloved's heart than by settling down together and listening to the Hackaday Podcast! Elliot Williams is joined by Jenny List for this week's roundup of what's cool in the world of hardware. We start by reminding listeners that Hackaday Europe is but a month away, and that a weekend immersed in both hardware hacking and the unique culture offered by the city of Berlin can be yours. The stand-out hack of the week is introduced by Elliot, Henrik Forstén's synthetic aperture radar system mounted on a cheap quadcopter, pushing the limits of construction, design, and computation to create landscape imagery of astounding detail. Most of us will never create our own SAR system, but we can all learn a lot about this field from his work. Meanwhile Jenny brings us Sylvain Munaut's software defined radio made using different projects that are part of Tiny Tapeout ASICs. The SDR isn't the best one ever, but for us it represents a major milestone in which Tiny Tapeout makes the jump from proof of concept to component. We look forward to more of this at more reasonable prices in the future. Beyond that we looked at the porting of Google Find My to the ESP32, how to repair broken zippers, and tuning in to ultrasonic sounds. Have fun listening, and come back next week for episode 309!