Podcasts about esp32

Join Hackaday Editors Elliot Williams and Tom Nardi as they go over their picks for the best stories and hacks from the previous week. Things start off with a warning about the long-term viability of SSD backups, after which the discussion moves onto the limits of 3D printed PLA, the return of the Pebble smart watch, some unconventional aircraft, and an online KiCad schematic repository that has plenty of potential. You'll also hear about a remarkable conference badge made from e-waste electronic shelf labels, filling 3D prints with foam, and a tiny TV powered by the ESP32. The episode wraps up with our wish for hacker-friendly repair manuals, and an interesting tale of underwater engineering from D-Day. Check out the links over on Hackaday if you want to follow along, and as always, tell us what you think about this episode in the comments!

Ryan Collins calls himself a garbage man, but he's also the Managing Director at Tahoe Truckee Sierra Disposal (TTSD), a third-generation waste collection and recycling company in Northern California. After a stint in Silicon Valley, he came back to join the family business and walked into a world still powered by slide rulers, highlighters, and paper-heavy workflows. Today, his team is building in-house AI tools that are replacing expensive software and solving real operational problems across the business — all with a lean budget, limited tech experience, and a workforce that now regularly pitches their own automation ideas. We talk through how this transformation actually happened. Starting with Excel and a problem-first mindset, Ryan's weekend vibe coding projects grew into a full-on tech capability at TTSD. From saving $30,000 a year with a $75 microcontroller to avoiding six-figure SaaS spends with local AI tools, this episode is packed with practical stories. We also get into the risks of overengineering, how to decide when to bring in real software engineers, and what hiring looks like when you're prioritizing attitude and curiosity over resumes. If you're looking to build a culture of innovation, even in a non-tech industry, this one is worth a listen. Unlock the full potential of your product team with Integral's player coaches, experts in lean, human-centered design. Visit integral.io/convergence for a free Product Success Lab workshop to gain clarity and confidence in tackling any product design or engineering challenge. Inside the episode... Why even garbage truck drivers are suggesting AI tools now How Ryan turned Excel and a tinkering mindset into a culture of problem solving A $75 hardware build that fixed a $30,000-a-year proble Why vibe coding is addictive and how they stay focused on what matters Building in-house AI tools with Whisper, Mistral, and Claude Replacing a $120,000/year call center SaaS with a local tool running on a $2,000 PC How they protect customer data while still using AI internally When to keep iterating and when to bring in a developer What Ryan looks for in tech hires (and why resumes often don't matter) Using AI to bridge the language gap across a mostly Spanish-speaking workforce Mentioned in this episode ESP32 microcontrollers OpenAI Whisper (local speech-to-text) Mistral (local open source LLM) Claude by Anthropic 11Labs (AI voice translation) Google Maps API Upwork Cursor Excel, VBA, Python Pandas Alpha fold  Raptor engine at spaceX Stuff Matters: Exploring the Marvelous Materials That Shape Our Man-Made World by Mark Miodownik Unlock the full potential of your product team with Integral's player coaches, experts in lean, human-centered design. Visit integral.io/convergence for a free Product Success Lab workshop to gain clarity and confidence in tackling any product design or engineering challenge. Subscribe to the Convergence podcast wherever you get podcasts including video episodes to get updated on the other crucial conversations that we'll post on YouTube at youtube.com/@convergencefmpodcast Learn something? Give us a 5 star review and like the podcast on YouTube. It's how we grow.   Follow the Pod Linkedin: https://www.linkedin.com/company/convergence-podcast/ X: https://twitter.com/podconvergence Instagram: @podconvergence

We start with Z-wave, look at Open Source NVIDIA, and celebrate Intel hiring Linux engineers. Then Valve is still working on HDR in the kernel, Google is moving to Aluminium, and Patents just got a tiny bit worse. But KDE is dropping X11 next year, and Fedora is embracing the Nix packager! For tips we have podliner for your tui podcast needs, ss for socket statistics, and a real surprise in the form of Linux on the ESP32-s3. You can get the show notes at https://bit.ly/4ipstfs and enjoy! Host: Jonathan Bennett Co-Hosts: Rob Campbell and Jeff Massie Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

We start with Z-wave, look at Open Source NVIDIA, and celebrate Intel hiring Linux engineers. Then Valve is still working on HDR in the kernel, Google is moving to Aluminium, and Patents just got a tiny bit worse. But KDE is dropping X11 next year, and Fedora is embracing the Nix packager! For tips we have podliner for your tui podcast needs, ss for socket statistics, and a real surprise in the form of Linux on the ESP32-s3. You can get the show notes at https://bit.ly/4ipstfs and enjoy! Host: Jonathan Bennett Co-Hosts: Rob Campbell and Jeff Massie Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

This show has been flagged as Clean by the host. Hello, again. This is Trey. Welcome to part 4 in my Cheap Yellow Display (CYD) Project series. If you have hung in there with me so far on this journey, thank you. If you have missed earlier episodes, you can find them on my HPR profile page https://www.hackerpublicradio.org/correspondents/0394.html If you have questions, comments, concerns, or other feedback, please leave an episode comment, or drop me an email (Using the address in my profile). Even better, you could record and upload your own show which shares your viewpoint or expertise. To review, I finally have an actual project to build using the CYD. It is a portable, programmable morse code "Keyer memory" which can be connected to any of my HF transceiver radios by simply plugging it in to the code key input port. Then I could transmit stored messages by simply touching their specific icon on the touch screen. So, now I purchased a pair of CYDs. Each arrived in an anti-static zipper bag with a USB C cable, a 6 inch long 4 pin PB1.25mm to Dupont 2.54mm cable harness, a plastic case holding the CYD itself and a small plastic stylus. There are pictures in the show notes. Depending on how many IO connections I may need, and how I plan to power this, I am probably going to need more 4 pin PB1.25mm wired connectors. You can see a description of the various features and connectors on RandomNerdTutorials writeup about this board ( https://randomnerdtutorials.com/cheap-yellow-display-esp32-2432s028r/ ). The only difference I can see between this description and what I received is that mine have both a MicroUSB and USB C port. Of course, first thing, I had to plug it in and see what happens. It appears to be running some kind of simulation of a web site. The backlit display looks alright. It is not super high resolution, but for the price, it will suite my needs. The touch screen is responsive, but it is pressure sensitive and works best using the provided stylus or a fingernail and not your finger tip. So, I have the CYD. What other hardware do I need? I need to address how one of these will actually connect to my radios. Modern amateur radio transceivers which support continuous wave (CW) transmission (Which is another name for Morse code) generally can use one of two different pieces of hardware for input. The first is what we call a straight key. Below is a photo of the one I own. This is a classic, old fashioned telegraph style code key. It is designed to quickly and easily be pressed down to close a circuit and when released the circuit is opened, effectively making it a normally open push button switch. To send a dot, the operator holds down the key for a short period of time, then releases it. To send a dash, the operator holds down the key for a longer period of time, before releasing it. (We will discuss actual timing specifications for morse code in a future podcast) Connectivity for the switch has been standardized to use a 3.5 mm mono male phone connector which has only sleeve and tip connections. The second option is a paddle style electronic keyer. There are many styles of these, and I am including a picture of the one I use, which once belonged to a close friend of mine who is now silent key. In general, the paddle is two separate normally open switches. In the most common configuration, if an operator presses and releases the paddle on the right, a dash is sent. If the paddle on the right is held, a continuous series of dashes will be sent until that paddle is released. The left paddle works similarly. If it is pressed and released, a single dot is sent. If it is pressed and held, a series of dots is sent until it is released. The function of these paddles can be swapped from left to right using the radio configuration. There is additional functionality which can be configured in some radios for when both paddles are pressed simultaneously, but I am not going to describe those here. The paddle generally uses a 3.5mm stereo male phone connector with the sleeve being common. The tip of the phone connector is wired to the left paddle and ring of the connector is wired to the right paddle. Most modern radios have a built in keyer which can be configured for a paddle and will automatically transmit the dots or dashes at whichever speed is configured based on the paddle pressed. You can see this phone connector illustrated on Wikipedia's phone connector page. . https://en.m.wikipedia.org/wiki/Phone_connector_(audio ) You can learn more about all the various devices which can be used for sending morse and how they function at Morse Code World . https://morsecode.world/keys.html Ideally, controlling all the morse code timing within the CYD would be best. That way, it could be connected as a straight key and any keyer settings already configured within the radio shouldn't matter. However, If I wish to also be able to manually send morse code myself using my paddles, without disconnecting the CYD and reconfiguring the radio, that could be problematic. I may need to factor in the possibility of connecting my paddle to the CYD and then building in code to respond to inputs from the paddles. As I mentioned in a previous episode, I have an Arduino Nano on my desk as a practice oscillator for my paddles. I may be able to reuse some of that code on the CYD. So, if I want the CYD to appear to the radio like a straight key, I will need it to be able to control a switch quickly and accurately. But I also want the CYD and the radio to be electrically isolated from each other. This calls for a relay. I was able to find and order some inexpensive relay modules which work nicely with Arduino and ESP32. These allow connectivity to 5v power and to one of the CYD's GPIO pins. These feed an optocoupler circuit, which, in-turn, drives the coil of the relay. This provides inductive kickback protection to the CYD and can drive a coil which would require more current than the GPIO can provide. Inductive kickback rabbit trail: An inductor is simply a coil of wire. Direct current flowing through any wire generates a magnetic field. Within the inductor, because the wire is coiled, the magnetic field builds from each pass of the wire in the coil. If you include an iron core, it sustains the magnetic field even better. This is the basis for an electro magnet. A relay is simply a momentary contact switch controlled by an electromagnet. One unique property of an inductor is that, current wants to keep flowing in the direction it was applied. To be specific, when the current source is removed, the magnetic field still exists for a while, and it effectively "generates" an electric current within the coil, in the same direction as the one which initially created the magnetic field to begin with. If it has a path to flow, this current will create another weaker magnetic field, which creates its own electric current, in a diminishing loop. If the circuit which drives the coil of a direct current relay is not ready for this continued push of current, damage can be done. Many times this is countered by wiring a "flyback diode" in parallel with the coil and in the opposite direction in which current will be applied. This way, when the current source is stopped, the diode gives a path for the inductive kickback current to safely flow while the magnetic field dissipates. Explained in greater detail at https://inductive-kickback.com/2019/04/inductive-kickback-made-simple-to-grasp-easy-to-handle/ The switch side of the relay is a single pole double throw (SPDT) and makes connections available for common, normally closed (NC), and normally open (NO). It will be easy to connect the common and NO connections to a 3.5mm mono male connector so that it may be plugged into the "key" port on any radio transmitter. I will need to do some testing on the speed of the relay, but I think it will work just fine. Once I start writing some code for the CYD, I will be able to connect and test the relay. Well, this is a good place to end this episode, and it is one of the longest in this series so far. In the next episode, we will begin to look at how we design the user interface for our program, something I do not know anything about (yet). Stay tuned weekdays for additional exciting episodes of Hacker Public Radio, and, at some point, the next episode in this series. If you like what you have heard, please leave an episode comment, or drop me an email (Using the address in my profile). If you have more than a single sentence to contribute on the subject, I encourage you to record an episode with your thoughts and expertise. If you dislike what you have heard, you are encouraged even more strongly to record and upload your own show which shares your viewpoint or opinion. Until next time. Provide feedback on this episode.

Wait, what? Is it time for the podcast again? Seems like only yesterday that Dan joined Elliot for the weekly rundown of the choicest hacks for the last 1/52 of a year. but here we are. We had quite a bit of news to talk about, including the winners of the Component Abuse Challenge -- warning, some components were actually abused for this challenge. They're also a trillion pages deep over at the Internet Archive, a milestone that seems worth celebrating. As for projects, both of us kicked things off with "Right to repair"-adjacent topics, first with a washing machine that gave up its secrets with IR and then with a car that refused to let its owner fix the brakes. We heated things up with a microwave foundry capable of melting cast iron -- watch your toes! -- and looked at a tiny ESP32 dev board with ludicrously small components.  We saw surveyors go to war, watched a Lego sorting machine go through its paces, and learned about radar by spinning up a sonar set from first principles. Finally, we wrapped things up with another Al Williams signature "Can't Miss Articles" section, with his deep dive into the fun hackers can have with the now-deprecated US penny, and his nostalgic look at pneumatic tube systems.

Send us a textJames Davis, widely recognized as FluxBench, has built a following by making electronics approachable, fun, and practical. With a mission to “keep the magic smoke inside the components where it belongs,” James is passionate about teaching engineers, makers, and hobbyists how to move beyond simple projects and start creating production-ready designs.On his YouTube channel, FluxBench, James shares tutorials and experiments ranging from ESP32-driven LED displays to embedded development strategies and Proxmox-based Flux Node setups. His videos blend clear explanations with hands-on demonstrations, making them accessible to beginners while still offering technical depth for experienced engineers. Whether it's wiring up microcontrollers, troubleshooting circuits, or scaling a one-off build into something robust, James shows how to translate curiosity into capability.With a background in embedded systems and a gift for teaching, James Davis represents the spirit of engineering as both an art and a craft. His work encourages others not just to build projects but to create real products that solve problems, delight users, and push the boundaries of what's possible with accessible electronics.Guest website:  Flux BenchAaron Moncur, hostClick here to learn more about simulation solutions from Simutech Group.

The nights are drawing in for Europeans, and Elliot Williams is joined this week by Jenny List for an evening podcast looking at the past week in all things Hackaday. After reminding listeners of the upcoming Hackaday Supercon and Jawncon events, we take a moment to mark the sad passing of the prolific YouTuber, Robert Murray-Smith. Before diving into the real hacks, there are a couple of more general news stories with an effect on our community. First, the takeover of Arduino by Qualcomm, and what its effect is likely to be. We try to speculate as to where the Arduino platform might go from here, and even whether it remains the player it once was, in 2025. Then there's the decision by Google to restrict Android sideloading to only approved-developer APKs unless over ADB. It's an assault on a user's rights over their own hardware, as well as something of a blow to the open-source Android ecosystem. What will be our community's response? On more familiar territory we have custom LCDs, algorithmic art, and a discussion of non-stepper motors in 3D printing. Even the MakerBot Cupcake makes an appearance. Then there's a tiny RV, new creative use of an ESP32 peripheral, and the DVD logo screensaver, in hardware. We end the show with a look at why logic circuits use the voltages they do. It's a smorgasbord of hacks for your listening enjoyment.

Join Alex Neuman on Vida Digital as he interviews Brian P. Cox from FutureVision Research, one of the makers bringing the FujiNet project to life. In this in-depth conversation, Brian shares how his early experiences with the Apple IIe, TRS-80, and Atari 1200XL inspired a lifelong passion for technology and teaching.They explore how FujiNet connects retro computers—Atari, Apple II/III, Commodore, Tandy CoCo, Coleco ADAM, and upcoming systems like the Intellivision, Atari 2600, and Commodore 64—to Wi-Fi, virtual disks, and even cross-platform online gaming through the TNFS protocol.Discover what challenges come with reviving decades-old hardware, how 3D-printed parts and ESP32 chips bridge generations, and what's next on the roadmap for FujiNet, including RS-232 support and future hardware based on the RP2040.

This show has been flagged as Clean by the host. Hello, again. This is Trey. Several months ago, I heard Paul Asadoorian mention the Cheap Yellow Display on his podcast, Paul's Security Weekly ( https://www.scworld.com/podcast-show/pauls-security-weekly ). I didn't think much of it at the time, but then I heard it referenced again, and again. Then, finally, it was described, and I became interested. "Cheap Yellow Display" is the term used for the ESP32-2432S028R. Since this is somewhat challenging to say, and to remember, and since the board is yellow, and it can be obtained for as little as $12 USD, it has been given the nickname "Cheap Yellow Display". I will abbreviate this as CYD for the remainder of this episode. It is an ESP32 (with built in WiFi & Bluetooth) on a development board with one or more USB connectors, a MicroSD slot, a limited selection of GPIO pins, an RGB LED, a speaker, a light sensor, and best of all, a 2.8-inch (71mm) TFT touchscreen LCD display. The CYD runs on 5 volts DC. I am including some photographs of the CYD in the show notes. RandomNerdTutorials has produced a very good writeup about this board on their website ( https://randomnerdtutorials.com/cheap-yellow-display-esp32-2432s028r/ ). Brian Lough (AKA WitnessMeNow) has been building a community for the CYD on his GitHub site ( https://github.com/witnessmenow/ESP32-Cheap-Yellow-Display ) where he has instructions, examples, tutorials, downloadable tools, and much more. Beginning back in the 1970s, my father and I built electronics projects together. And I have had a love for doing so ever since. Over the last few years, I have built several Arduino based gadgets on different platforms, including a couple which run on breadboards sitting beside me on my desk (I will share more about one of those later). A common use for the CYD among hackers is to leverage the built in WiFi & Bluetooth radios to compromise wireless networks or devices. The Marauder project is a prebuilt image which can be loaded directly to the CYD to use it as a wireless hacking tool. Fr4nkFletcher's Github repository ( https://github.com/Fr4nkFletcher/ESP32-Marauder-Cheap-Yellow-Display ) is one place where you can download the Marauder tool. There are also video games, clocks, photo slideshows, and more, which have already been coded for you, and are available on the internet for download. What would you do with a CYD? What could you build? What problem might you solve? What fun project might you come up with? For myself, the CYD intrigued me, but it did not yet jump out at me as something I had a need for. Yet. What would change my mind? What would set me on a quest to obtain some of these devices and learn to develop code for them? What problem did I wish to solve? Tune in again, in a couple weeks, to learn the answers some of these questions and more in my next episode in this HPR series. Provide feedback on this episode.

Scott, Wes, and CJ dive into Wes's Hackweek project: a real-time, web-controlled LED grid. They break down the hardware build, custom 3D-printed diffuser, ESP32 microcontroller, and Cloudflare durable objects powering live pixel art, GitHub activity displays, and interactive web drawings. Show Notes 00:00 Welcome to Syntax! 02:03 Wes' Hackweek project: a web-controlled LED grid 03:52 The hardware: LED panels, soldering, and power WS2812 LED panels 06:38 ESP32 microcontroller and WLED firmware explained ESP32 Microcontroller 10:57 Power supply challenges and injection fixes 15:05 Debugging and testing a DIY LED matrix 15:56 Shorts, blown circuits, and melted wires 17:58 Designing and 3D-printing the diffuser for crisp pixels 21:29 The software: Cloudflare Durable Objects + Party Server Cloudflare Durable Objects Party.server 22:18 Real-time sync and state management across clients Party Client 28:43 Connecting the server to the LED hardware 41:51 Open access fun: scripts, NSFW images, and moderation Cloudflare tunnel 44:10 Live demos 45:34 Future plans: stats, rooms, and making it always-on Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

This week on EYE ON NPI we're featuring some open source hardware from one of our favorite hardware manufacturers! It's the Arduino Nano R4 System on Module (https://www.digikey.com/en/product-highlight/a/arduino/nano-r4) a miniaturized version of the Arduino UNO R4 and Minima (https://blog.adafruit.com/2023/07/27/eye-on-npi-arduino-uno-r4-minima-and-uno-r4-wifi-boards-digikey-arduino-digikey-adafruit/) versions we covered on EYE ON NPI about two years ago! taking a cue from popular 'castellated single side' PCB proto boards on the market, the Nano comes in two options, one with headers (https://www.digikey.com/en/products/detail/arduino/ABX00143/26766495) for easy installation into existing Arduino Nano expansion kits or breadboards, and one with reflowable castellations (https://www.digikey.com/en/products/detail/arduino/ABX00142/26766490) The Arduino Nano (https://www.digikey.com/en/products/detail/arduino/A000005/2638989) is second only to the UNO as the definitive Arduino board that 'everyone got started with'. Many folks would start with the chunky UNO and then migrate to the Nano to get something that plugs into a breadboard for compact assembly. With a USB connector on one end, button and LEDs and programming header on the top, this board powered tens of thousands of builds. So it's not surprising that Arduino iterated on this design with a wide variety of chips like the RP2040 (https://www.digikey.com/en/products/detail/arduino/ABX00052/14123941) and ESP32 (https://www.digikey.com/en/products/detail/arduino/ABX00092/21219771) The latest generation is the Renesas RA4M1 series - which updates the original ATmega328 8-bit microcontroller to a beefy Cortex M4 with FPU. You get 48MHz clock, 256KB of Flash, 32KB of SRAM, ADC, DAC, CAN, captouch and other extras. The FPU in particular makes it a nice upgrade to the cortex M0/M0+. The best part is that with the 5V logic support of the R7FA4M1AB3CFM (https://www.digikey.com/en/products/detail/renesas-electronics-corporation/R7FA4M1AB3CFM-AA0/10447195), it makes for a great drop-in replacement when a 3V logic chip like the RP2040/ESP32 won't work as well. Plus you get lots of nice linear ADCs, the RP2040 only has 4 and the ESP32's are non-linear and sometimes don't work when WiFi is active. We also love that they added a Qwiic (https://www.sparkfun.com/qwiic) connector on the end! We use this for all our Stemma QT sensors, and between the many companies that have joined in the ecosystem there are easily a thousand different ons/displays/accessories that can plug in directly for instant expansion. If you want to get the latest Nano from the manufacturer of genuine Arduino boards, DigiKey is a authentic distributor and has tons of the Arduino Nano R4 (https://www.digikey.com/short/3brjrnjp) in stock right now for (https://www.digikey.com/en/products/detail/arduino/ASX00061/26744081) immediate shipment! Pick from the castellated flat or soldered-header variety, and don't forget to also grab some Arduino Nano accessories to get your design prototyped fast. Order today and your Nano will fly out of the DigiKey warehouse and arrive at your doorstep by tomorrow morning.

A Btrfs bug that bites is in the wild, and we discover whole home audio that works like a charm.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:

Chris fled a declarative-first world for the promised land of Bluefin's atomic simplicity. Fifty days in, did he find desktop bliss or just fresh compromises?Sponsored By:1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:

✨ There she is! This glowing LED arrow hat is the ultimate way to help your friends find you at festivals, raves, or crowded events. Powered by WLED and Adafruit's Sparkle Motion Stick, this bright, flashy headpiece points straight at you — like a living emoji in the middle of the dance floor.

Podcast: Open Source Security (LS 38 · TOP 2% what is this?)Episode: Embedded Security with Paul AsadoorianPub date: 2025-05-05Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationRecently, I had the pleasure of chatting with Paul Asadoorian, Principal Security Researcher at Eclypsium and the host of the legendary Paul's Security Weekly podcast. Our conversation dove into the often-murky waters of embedded systems and the Internet of Things (IoT), sparked by a specific vulnerability discussion on Paul's show concerning reference code for the popular ESP32 microcontroller. The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-05-embedded-security-with-paul-asadoorian/The podcast and artwork embedded on this page are from Josh Bressers, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Recently, I had the pleasure of chatting with Paul Asadoorian, Principal Security Researcher at Eclypsium and the host of the legendary Paul's Security Weekly podcast. Our conversation dove into the often-murky waters of embedded systems and the Internet of Things (IoT), sparked by a specific vulnerability discussion on Paul's show concerning reference code for the popular ESP32 microcontroller. The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-05-embedded-security-with-paul-asadoorian/

Over the holiday break, we designed a few Sparkle Motion (https://www.adafruit.com/search?q=sparkle+motion) ESP32 boards for use with WLED. They've been working well, so we decided to finish up the third version we cooked up—a USB “stick” for quick builds that you can power from a wall adapter, computer, or even a USB battery pack for portability. We managed to fit in a fuse, an I²S microphone, infrared-remote input, a mode-select button, two level-shifted outputs, and terminal blocks. It's designed to fit inside a pre-made snap-fit case (https://www.adafruit.com/product/6176). Visit the Adafruit shop online - http://www.adafruit.com ----------------------------------------- LIVE CHAT IS HERE! http://adafru.it/discord Subscribe to Adafruit on YouTube: http://adafru.it/subscribe New tutorials on the Adafruit Learning System: http://learn.adafruit.com/ ----------------------------------------- #esp32 #wled #diy

The crosswalk is talking to me man!, don't block my website without due process, Florida is demanding encryption backdoors, attacking boilers and banning HackRF Ones, time to update your flipper zero, using AI to create working exploits, what happens when you combine an RP2350 and an ESP32? Hopefully good hackery things!, more evidence that patching is not enough, auditing the PHP source code, reading the MEGA advisories, threat actors lie about data breaches (you don't say?), the data breach that Hertz, CISA warns of ransomware, some can't get Ahold of data breaches, please don't let people take control of your PC over Zoom and Paul's hot takes on: 4chan hack, the CVE program, and Microsoft Recall! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-871

The crosswalk is talking to me man!, don't block my website without due process, Florida is demanding encryption backdoors, attacking boilers and banning HackRF Ones, time to update your flipper zero, using AI to create working exploits, what happens when you combine an RP2350 and an ESP32? Hopefully good hackery things!, more evidence that patching is not enough, auditing the PHP source code, reading the MEGA advisories, threat actors lie about data breaches (you don't say?), the data breach that Hertz, CISA warns of ransomware, some can't get Ahold of data breaches, please don't let people take control of your PC over Zoom and Paul's hot takes on: 4chan hack, the CVE program, and Microsoft Recall! Show Notes: https://securityweekly.com/psw-871

The crosswalk is talking to me man!, don't block my website without due process, Florida is demanding encryption backdoors, attacking boilers and banning HackRF Ones, time to update your flipper zero, using AI to create working exploits, what happens when you combine an RP2350 and an ESP32? Hopefully good hackery things!, more evidence that patching is not enough, auditing the PHP source code, reading the MEGA advisories, threat actors lie about data breaches (you don't say?), the data breach that Hertz, CISA warns of ransomware, some can't get Ahold of data breaches, please don't let people take control of your PC over Zoom and Paul's hot takes on: 4chan hack, the CVE program, and Microsoft Recall! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-871

I'm joined by guests Rob Hamilton & Rijndael to go through the list.Housekeeping (00:01:09) OP_Next recapBitcoin • Software Releases & Project Updates (00:15:18) Coldcard (00:42:53) Bitcoin Core (00:47:21) BDK (00:48:12) Coinswap (00:48:56) Electrum Wallet (00:52:45) BTCPay Server (00:53:33) Nunchuk Android (00:54:04) Liana (00:54:51) The Mempool Open Source Project (00:57:01) BoltzExchange boltz-web-app (00:57:16) RoboSats (00:57:21) Bitcoin Safe (00:57:58) Blockstream Green (00:58:08) Rust Payjoin (01:01:15) Zaprite (01:01:48) Krux (01:02:29) Iris Wallet Desktop (01:02:46) Bitcoin Core Config Generator (01:02:52) UTXOracle• Project Spotlight (01:04:14) SwiftSync (01:04:43) PrivatePond (01:05:00) JoinMarket Fidelity Bond Simulator (01:05:52) DahLIAS (01:06:00) Satoshi Escrow (01:06:12) Taplocks (01:15:48) bitcoin.softforks.org (01:15:52) CTV and CSFS Enabled Bitcoin Node (01:16:03) UTXOscope (01:16:13) Block Bitcoin Treasury (01:16:47) Waye (01:17:08) Sovereign Craft(Not) a Vulnerability Disclosure (01:17:17) Pay-to-Anchor outputs now exploited for blockchain spamAudience Questions (01:23:46) How do we use open time stamps for transfer of assets using two party integrity between holders? (01:24:50) Does Cove have testnet4? (01:25:15) Can you explain like I'm 5 what opcodes are, how they are used on the network, and the level of optionality that applies to them? (01:26:49) Please discuss this idea: Block-based TOTP for bitcoin wallet passphrase validation.Privacy & Other Related Bitcoin Projects • Software Releases & Project Updates (01:28:48) Tor Browser (01:28:51) TailsOS (01:28:53) NymVPN (01:28:55) MapleAILightning + L2+ • Project Spotlight (01:29:17) Misty Breez (01:29:25) Sovereign Tools (01:29:28) Silk Road on Lightning (01:29:37) Cashu Token Decoder• Software Releases & Project Updates (01:29:48) Zeus (01:29:49) LDK (01:31:40) Minibits Wallet (01:31:42) HydrusNostr • Project Spotlight (01:31:44) Atomic Signature Swaps over Nostr (01:31:51) Lantern (01:31:59) Promenade (01:32:09) Noauth-enclaved (01:32:27) GM SwapBoosts (01:33:04) Shoutout to top boosters Rod Palmer Bugle News, pink monkey, btconboard, jespada, AVERAGE_GARY & larryoshi finkamotoLinks & Contacts:Website: https://bitcoin.review/Substack: https://substack.bitcoin.review/Twitter: https://twitter.com/bitcoinreviewhqNVK Twitter: https://twitter.com/nvkTelegram: https://t.me/BitcoinReviewPodEmail: producer@coinkite.comNostr & LN: ⚡nvk@nvk.org (not an email!)Full show notes: https://bitcoin.review/podcast/episode-95

#circuitpythonparsec Use the built-in BME280 Temperature/Humidity/Pressure sensor on the Feather ESP32-S2. https://github.com/jedgarpark/parsec/tree/main/2025-04-17 https://www.adafruit.com/product/5303 Learn about CircuitPython: https://circuitpython.org Visit the Adafruit shop online - http://www.adafruit.com ----------------------------------------- LIVE CHAT IS HERE! http://adafru.it/discord Subscribe to Adafruit on YouTube: http://adafru.it/subscribe New tutorials on the Adafruit Learning System: http://learn.adafruit.com/ -----------------------------------------

more info: https://rhr.tv- ESP32 microcontroller vulnerabilities https://cryptodeeptech.ru/bitcoin-bluetooth-attacks/- Trump Signs Resolution Blocking IRS Reporting Rule for 'DeFi Brokers' https://www.nobsbitcoin.com/trump-signs-resolution-blocking-irs-reporting-rule-for-defi-brokers/- Tether to back OCEAN Pool with its hashrate https://tether.io/news/tether-to-deploy-hashrate-on-ocean-advancing-decentralized-bitcoin-mining-infrastructure/- New Voltage Enterprise Platform enables fastest way to enable bitcoin and soon stablecoin transactions https://www.voltage.cloud/blog/new-voltage-platform-enables-fastest-way-to-enable-bitcoin-and-soon-stablecoin-transactions- BitGo and Voltage Team Up to Deliver Instant Bitcoin and Stablecoin Payments via Lightning https://www.voltage.cloud/blog/bitgo-and-voltage-team-up-to-deliver-instant-bitcoin-and-stablecoin-payments-via-lightning- OpenSats Eleventh Wave of Nostr Grants https://opensats.org/blog/eleventh-wave-of-nostr-grants- OpenSats Impact Report: Advancements in Lightning Infrastructure https://opensats.org/blog/advancements-in-lightning-infrastructure- Unchained has launched the Bitcoin Legacy Project https://www.unchained.com/blog/introducing-the-bitcoin-legacy-project- Bitcoin mining centralization in 2025 https://b10c.me/blog/015-bitcoin-mining-centralization/- South Korea | 7-Eleven Accepting Discounted CBDC Payments During Pilot PhaseSouth Korea launched a nationwide pilot of its central bank digital currency (CBDC), enrolling 100,000 South Korean users. As part of the rollout, 7-Eleven will accept CBDC payments and offer a 10% discount on all products. Governments facing public skepticism regarding their CBDCs increasingly use similar incentive tactics to onboard users. For example, Nigeria discounts taxi fares to push its e-Naira CBDC, while Thailand is distributing its CBDC directly to citizens for free. While South Korea's CBDC project aims to modernize payments, it is part of a broader push from countries, even democratic ones, to integrate state-controlled digital currencies into everyday transactions. A move that is diametrically opposed to individuals' freedom, privacy, and human rights. FinancialFreedomReport.org- Bitcoin Core v29.0 https://bitcoincore.org/en/releases/29.0/- ColdCard Firmware Updates - MK4 5.4.2 and Q 1.3.2 https://x.com/COLDCARDwallet/status/1912896809682247765- Liana Wallet v10.0: Wallet Backups & Dependencies Update https://www.nobsbitcoin.com/liana-wallet-v10-0/- LNbits v1.0.0: Stable, Hardened, and Production-Ready https://www.nobsbitcoin.com/lnbits-v1-0-0/- Ross Ulbricht joins nostr https://primal.net/ross0:00 - Intro3:04 - Zoomer perspective28:00 - Base memecoins38:32 - ESP32 vulverability43:30 - Trump blocks defi broker rule45:15 - Tether hashrate on OCEAN1:02:06 - Bitaxe quantum sniping1:08:46 - Voltage1:11:02 - OpenSats1:12:44 - Unchained Legacy Project1:14:12 - HRF Story of the Week1:17:47 - Software updates1:25:00 - Ross on Nostr1:25:26 - Zoomers againShoutout to our sponsors:Coinkitehttps://coinkite.com/Unchainedhttps://unchained.com/rhr/Bitkeyhttps://bitkey.world/Stakworkhttps://stakwork.ai/Follow Marty Bent:Twitterhttps://twitter.com/martybentNostrhttps://primal.net/martyNewsletterhttps://tftc.io/martys-bent/Podcasthttps://tftc.io/podcasts/Follow Odell:Nostrhttps://primal.net/odellNewsletterhttps://discreetlog.com/Podcasthttps://citadeldispatch.com/

Join Hackaday Editors Elliot Williams and Tom Nardi as they talk about the best stories and hacks of the week. This episode starts off with a discussion of the Vintage Computer Festival East and Philadelphia Maker Faire -- two incredible events that just so happened to be scheduled for the same weekend. From there the discussion moves on to the latest developments in DIY soft robotics, the challenge of running Linux on 8-pin ICs, hardware mods to improve WiFi reception on cheap ESP32 development boards, and what's keeping old smartphones from being reused as general purpose computers. You'll also hear about Command and Conquer: Red Alert running on the Pi Pico 2, highly suspect USB-C splitters, and producing professional looking PCBs at home with a fiber laser. Stick around to the end to hear about the current state of non-Google web browsers, and a unique new machine that can engrave circuit boards with remarkable accuracy. Check out the links over on Hackaday if you want to follow along, and as always, tell us what you think about this episode in the comments!

#newproducts JP's Product Pick of the Week 4/1/25 Sparkle Motion Mini WLED-friendly ESP32 NeoPixel LED Driver https://www.adafruit.com/product/6160 Visit the Adafruit shop online - http://www.adafruit.com ----------------------------------------- LIVE CHAT IS HERE! http://adafru.it/discord Subscribe to Adafruit on YouTube: http://adafru.it/subscribe New tutorials on the Adafruit Learning System: http://learn.adafruit.com/ -----------------------------------------

The dangers of doing things you don't understand. Espressif responds to the claims of an ESP32 backdoor. A widely leveraged mistake Microsoft stubbornly refuses to correct. A disturbingly simple remote takeover of Apache Tomcat servers. A 10/10 vulnerability affecting some ASUS, ASRock and HPE motherboards. Google snapped up another cloud security firm but paid a price! RCS messaging to soon get full end-to-end encryption (done right!). How did an AI Crypto Chatbot lose $105,000? ...and what is an AI Crypto Chatbot? Looks like Oracle may take stewardship of TikTok to keep it in-country. Whoops! 23andMe is sinking — don't let them take your genetics with them! The White House says "the cyber guys should stay!" AI project failure rates are on the rise. Anyone surprised? Listener feedback, and a very interesting update on just how looming is the threat from quantum computing? Show Notes - https://www.grc.com/sn/SN-1018-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security legatosecurity.com joindeleteme.com/twit promo code TWIT

The dangers of doing things you don't understand. Espressif responds to the claims of an ESP32 backdoor. A widely leveraged mistake Microsoft stubbornly refuses to correct. A disturbingly simple remote takeover of Apache Tomcat servers. A 10/10 vulnerability affecting some ASUS, ASRock and HPE motherboards. Google snapped up another cloud security firm but paid a price! RCS messaging to soon get full end-to-end encryption (done right!). How did an AI Crypto Chatbot lose $105,000? ...and what is an AI Crypto Chatbot? Looks like Oracle may take stewardship of TikTok to keep it in-country. Whoops! 23andMe is sinking — don't let them take your genetics with them! The White House says "the cyber guys should stay!" AI project failure rates are on the rise. Anyone surprised? Listener feedback, and a very interesting update on just how looming is the threat from quantum computing? Show Notes - https://www.grc.com/sn/SN-1018-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security legatosecurity.com joindeleteme.com/twit promo code TWIT

The dangers of doing things you don't understand. Espressif responds to the claims of an ESP32 backdoor. A widely leveraged mistake Microsoft stubbornly refuses to correct. A disturbingly simple remote takeover of Apache Tomcat servers. A 10/10 vulnerability affecting some ASUS, ASRock and HPE motherboards. Google snapped up another cloud security firm but paid a price! RCS messaging to soon get full end-to-end encryption (done right!). How did an AI Crypto Chatbot lose $105,000? ...and what is an AI Crypto Chatbot? Looks like Oracle may take stewardship of TikTok to keep it in-country. Whoops! 23andMe is sinking — don't let them take your genetics with them! The White House says "the cyber guys should stay!" AI project failure rates are on the rise. Anyone surprised? Listener feedback, and a very interesting update on just how looming is the threat from quantum computing? Show Notes - https://www.grc.com/sn/SN-1018-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security legatosecurity.com joindeleteme.com/twit promo code TWIT

The dangers of doing things you don't understand. Espressif responds to the claims of an ESP32 backdoor. A widely leveraged mistake Microsoft stubbornly refuses to correct. A disturbingly simple remote takeover of Apache Tomcat servers. A 10/10 vulnerability affecting some ASUS, ASRock and HPE motherboards. Google snapped up another cloud security firm but paid a price! RCS messaging to soon get full end-to-end encryption (done right!). How did an AI Crypto Chatbot lose $105,000? ...and what is an AI Crypto Chatbot? Looks like Oracle may take stewardship of TikTok to keep it in-country. Whoops! 23andMe is sinking — don't let them take your genetics with them! The White House says "the cyber guys should stay!" AI project failure rates are on the rise. Anyone surprised? Listener feedback, and a very interesting update on just how looming is the threat from quantum computing? Show Notes - https://www.grc.com/sn/SN-1018-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security legatosecurity.com joindeleteme.com/twit promo code TWIT

The dangers of doing things you don't understand. Espressif responds to the claims of an ESP32 backdoor. A widely leveraged mistake Microsoft stubbornly refuses to correct. A disturbingly simple remote takeover of Apache Tomcat servers. A 10/10 vulnerability affecting some ASUS, ASRock and HPE motherboards. Google snapped up another cloud security firm but paid a price! RCS messaging to soon get full end-to-end encryption (done right!). How did an AI Crypto Chatbot lose $105,000? ...and what is an AI Crypto Chatbot? Looks like Oracle may take stewardship of TikTok to keep it in-country. Whoops! 23andMe is sinking — don't let them take your genetics with them! The White House says "the cyber guys should stay!" AI project failure rates are on the rise. Anyone surprised? Listener feedback, and a very interesting update on just how looming is the threat from quantum computing? Show Notes - https://www.grc.com/sn/SN-1018-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security legatosecurity.com joindeleteme.com/twit promo code TWIT

The dangers of doing things you don't understand. Espressif responds to the claims of an ESP32 backdoor. A widely leveraged mistake Microsoft stubbornly refuses to correct. A disturbingly simple remote takeover of Apache Tomcat servers. A 10/10 vulnerability affecting some ASUS, ASRock and HPE motherboards. Google snapped up another cloud security firm but paid a price! RCS messaging to soon get full end-to-end encryption (done right!). How did an AI Crypto Chatbot lose $105,000? ...and what is an AI Crypto Chatbot? Looks like Oracle may take stewardship of TikTok to keep it in-country. Whoops! 23andMe is sinking — don't let them take your genetics with them! The White House says "the cyber guys should stay!" AI project failure rates are on the rise. Anyone surprised? Listener feedback, and a very interesting update on just how looming is the threat from quantum computing? Show Notes - https://www.grc.com/sn/SN-1018-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security legatosecurity.com joindeleteme.com/twit promo code TWIT

Build a 3D printed Bluetooth speaker, inspired by the TV Show Severance. Powered by the Feather ESP32 V2 and the MAX98357A 3W I2S amplifier.  This project is written in Arduino and uses two libraries by Phil Schatzmann that make using the ESP32 for Bluetooth audio really easy. Great for playing defiant jazz, watching your favorite TV show, or sync with your mobile device. Just please don't throw it at your coworkers, as it may cause a nasty bump to the head. Tutorial, Files and Code https://learn.adafruit.com/bluetooth-speaker/ Feather ESP32 https://www.adafruit.com/product/5400 IS2 Amplifier https://www.adafruit.com/product/3006 3W Speaker https://www.adafruit.com/product/4445 Visit the Adafruit shop online - http://www.adafruit.com ----------------------------------------- LIVE CHAT IS HERE! http://adafru.it/discord Subscribe to Adafruit on YouTube: http://adafru.it/subscribe New tutorials on the Adafruit Learning System: http://learn.adafruit.com/ -----------------------------------------

Build a 3D printed Bluetooth speaker, inspired by the TV Show Severance. Powered by the Feather ESP32 V2 and the MAX98357A 3W I2S amplifier.  This project is written in Arduino and uses two libraries by Phil Schatzmann that make using the ESP32 for Bluetooth audio really easy. Great for playing defiant jazz, watching your favorite TV show, or sync with your mobile device. Just please don't throw it at your coworkers, as it may cause a nasty bump to the head. Tutorial, Files and Code https://learn.adafruit.com/bluetooth-speaker/ Feather ESP32 https://www.adafruit.com/product/5400 IS2 Amplifier https://www.adafruit.com/product/3006 3W Speaker https://www.adafruit.com/product/4445 Visit the Adafruit shop online - http://www.adafruit.com ----------------------------------------- LIVE CHAT IS HERE! http://adafru.it/discord Subscribe to Adafruit on YouTube: http://adafru.it/subscribe New tutorials on the Adafruit Learning System: http://learn.adafruit.com/ -----------------------------------------

The dangers of doing things you don't understand. Espressif responds to the claims of an ESP32 backdoor. A widely leveraged mistake Microsoft stubbornly refuses to correct. A disturbingly simple remote takeover of Apache Tomcat servers. A 10/10 vulnerability affecting some ASUS, ASRock and HPE motherboards. Google snapped up another cloud security firm but paid a price! RCS messaging to soon get full end-to-end encryption (done right!). How did an AI Crypto Chatbot lose $105,000? ...and what is an AI Crypto Chatbot? Looks like Oracle may take stewardship of TikTok to keep it in-country. Whoops! 23andMe is sinking — don't let them take your genetics with them! The White House says "the cyber guys should stay!" AI project failure rates are on the rise. Anyone surprised? Listener feedback, and a very interesting update on just how looming is the threat from quantum computing? Show Notes - https://www.grc.com/sn/SN-1018-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security legatosecurity.com joindeleteme.com/twit promo code TWIT

This week: Compliance, localization, blah blah, the Greatest Cybersecurity Myth Ever Told, trolling Microsoft with a video, Github actions give birth to a supply chain attack, prioritizing security research, I'm tired of 0-Days that are not 0-Days, sticking your head in the sand and believing everything is fine, I'm excited about AI crawlers, but some are not, Room 641A, a real ESP32 vulnerability, do we need a CVE for every default credential?, smart Flipper Zero add-ons, one more reason why people fear firmware updates, no more Windows 10, you should use Linux, and I have a Linux terminal in my pocket, now what? Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-866

This week: Compliance, localization, blah blah, the Greatest Cybersecurity Myth Ever Told, trolling Microsoft with a video, Github actions give birth to a supply chain attack, prioritizing security research, I'm tired of 0-Days that are not 0-Days, sticking your head in the sand and believing everything is fine, I'm excited about AI crawlers, but some are not, Room 641A, a real ESP32 vulnerability, do we need a CVE for every default credential?, smart Flipper Zero add-ons, one more reason why people fear firmware updates, no more Windows 10, you should use Linux, and I have a Linux terminal in my pocket, now what? Show Notes: https://securityweekly.com/psw-866

Tracking WiFi devices with cheap ESP32 devices, using OSM and Google Maps together, deleting your Twitter data, “3D” images with any camera, forcing Ubuntu to give you all the available updates, efficiently importing photos, counting lines of code, and more.   Discoveries espargos and demo video OSM2GoogleMaps Bookmarklet Cyd twitter-defollower Cross Views About apt upgrade... Read More

Tracking WiFi devices with cheap ESP32 devices, using OSM and Google Maps together, deleting your Twitter data, “3D” images with any camera, forcing Ubuntu to give you all the available updates, efficiently importing photos, counting lines of code, and more.   Discoveries espargos and demo video OSM2GoogleMaps Bookmarklet Cyd twitter-defollower Cross Views About apt upgrade... Read More

Sounil Yu joins us to kick things off with AI defenses: Enterprise AI search tools like Copilot for Microsoft 365 lack the in-depth access controls required to ensure that query responses align with the user's need-to-know boundaries. Without proper controls, these tools accelerate the discovery of improperly secured sensitive files within the organization. Knostic's solution ensures that enterprise data is safeguarded without slowing down innovation. By automating the detection and remediation of LLM data exposure, Knostic helps organizations mitigate the security, privacy, and compliance risks associated with AI chatbots and enterprise search tools. In the security news: The controversial pick for National Cyber Director, the not-so-controversial pick to lead CISA, complete with funding cuts, the controversial ESP32 backdoor that is not a backdoor but hidden features, Dark Storm takes down X, interesting use cases for LoRa, using AI to get your dream job, details on the biggest crypto heist in history, an EDR bypass and a 404 error, slipping through the cracks in CVSS, old school vulnerability disclosure in 2025, Rayhunter, a pen test that should not have been, JTAG and your Flipper Zero, a Linux webcam was used for what now?, and "Spatial-Domain Wireless Jamming with Reconfigurable Intelligent Surfaces"! Segment Resources: https://www.knostic.ai/blog/enterprise-ai-search-tools-addressing-the-risk-of-data-leakage https://www.knostic.ai/what-we-do Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-865

Sounil Yu joins us to kick things off with AI defenses: Enterprise AI search tools like Copilot for Microsoft 365 lack the in-depth access controls required to ensure that query responses align with the user's need-to-know boundaries. Without proper controls, these tools accelerate the discovery of improperly secured sensitive files within the organization. Knostic's solution ensures that enterprise data is safeguarded without slowing down innovation. By automating the detection and remediation of LLM data exposure, Knostic helps organizations mitigate the security, privacy, and compliance risks associated with AI chatbots and enterprise search tools. In the security news: The controversial pick for National Cyber Director, the not-so-controversial pick to lead CISA, complete with funding cuts, the controversial ESP32 backdoor that is not a backdoor but hidden features, Dark Storm takes down X, interesting use cases for LoRa, using AI to get your dream job, details on the biggest crypto heist in history, an EDR bypass and a 404 error, slipping through the cracks in CVSS, old school vulnerability disclosure in 2025, Rayhunter, a pen test that should not have been, JTAG and your Flipper Zero, a Linux webcam was used for what now?, and "Spatial-Domain Wireless Jamming with Reconfigurable Intelligent Surfaces"! Segment Resources: * https://www.knostic.ai/blog/enterprise-ai-search-tools-addressing-the-risk-of-data-leakage * https://www.knostic.ai/what-we-do Show Notes: https://securityweekly.com/psw-865

Microsoft Patch Tuesday Microsoft Patched six already exploited vulnerabilities today. In addition, the patches included a critical patch for Microsoft's DNS server and about 50 additional patches. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%3A%20March%202025/31756 Apple Updates iOS/macOS Apple released an update to address a single, already exploited, vulnerability in WebKit. This vulnerability affects iOS, macOS and VisionOS. https://support.apple.com/en-us/100100 Expressif Response to ESP32 Debug Commands Expressif released a statement commenting on the recent release of a paper alledging "Backdoors" in ESP32 chipsets. According to Expressif, these commands are debug commands and not reachable directly via Bluetooth. https://www.espressif.com/en/news/Response_ESP32_Bluetooth

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news with special guest Rob Joyce, a Former Special Assistant to the US President and Director of Cybersecurity for NSA. They talk through: A realistic bluetooth-proximity phishing attack against Passkeys A very patient ransomware actor encrypts an entire enterprise with a puny linux webcam processor The ESP32 backdoor that is neither a door nor at the back The X DDoS that Elon said was Ukraine is claimed by pro-Palestinian hacktivists Years later, LastPass hackers are still emptying crypto-wallets …and it turns out North Korea nailed {Safe}Wallet with a malicious docker image. Nice! Rob Joyce recently testified to the US House Select Committee on the Chinese Communist Party, and he explains why DOGE kicking probationary employees to the curb is “devastating” for the national security staff pipeline. This week's episode is sponsored by SpecterOps, makers of the Bloodhound identity attack path mapping tool. Chief Product Officer Justin Kohler and Principal Security Researcher Lee Chagolla-Christensen discuss their pragmatic approach to disabling NTLM authentication in Active Directory using Bloodhound's insight. This episode is also available on Youtube. Show notes CVE-2024-9956 - PassKey Account Takeover in All Mobile Browsers | Tobia Righi - Security Researcher Feds Link $150M Cyberheist to 2022 LastPass Hacks – Krebs on Security Camera off: Akira deploys ransomware via webcam Tarlogic detects a hidden feature in the mass-market ESP32 chip that could infect millions of IoT devices Alleged Co-Founder of Garantex Arrested in India – Krebs on Security 37K+ VMware ESXi instances vulnerable to critical zero-day | Cybersecurity Dive Apple patches 0-day exploited in “extremely sophisticated attack” - Ars Technica What Really Happened With the DDoS Attacks That Took Down X | WIRED Eleven11bot estimates revised downward as researchers point to Mirai variant | Cybersecurity Dive Previously unidentified botnet infects unpatched TP-Link Archer home routers | The Record from Recorded Future News Safe.eth on X: "Investigation Updates and Community Call to Action" / X How to verify Safe{Wallet} transactions on a hardware wallet | Safe{Wallet} Help Center and Support. US charges Chinese nationals in cyberattacks on Treasury, dissidents and more | The Record from Recorded Future News Former top NSA cyber official: Probationary firings ‘devastating' to cyber, national security | CyberScoop U.S. pauses intelligence sharing with Ukraine used to target Russian forces - The Washington Post

Commonly Probed Webshell URLs Many attackers deploy web shells to gain a foothold on vulnerable web servers. These webshells can also be taken over by parasitic exploits. https://isc.sans.edu/diary/Commonly%20Probed%20Webshell%20URLs/31748 Undocumented ESP32 Commands A recent conference presentation by Tarlogic revealed several "backdoors" or undocumented features in the commonly used ESP32 Chipsets. Tarlogic also released a toolkit to make it easier to audit chipsets and find these hiddent commands. https://www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-devices/ Camera Off: Akira deploys ransomware via Webcam The Akira ransomware group was recently observed infecting a network with Ransomware by taking advantage of a webcam. https://www.s-rminform.com/latest-thinking/camera-off-akira-deploys-ransomware-via-webcam

This episode also covers recent ransomware as a service (RaaS) trends, including the rise of SpearWing and Akira groups, advanced ransomware techniques exploiting IoT vulnerabilities, and issues with the ESP32 microcontroller's hidden commands. Additionally, Signal President Meredith Whitaker warns about privacy risks in agentic AI systems. Tune in for in-depth cybersecurity updates and more. 00:00 The Talk: Supporting Our Podcast 01:37 Cybersecurity Today: Ransomware as a Service 04:57 Akira Ransomware: Exploiting IoT Devices 06:50 ESP32 Microcontroller Vulnerabilities 08:21 AI Agents: Privacy and Security Risks 09:56 Conclusion and Contact Information

OK, after many hours spent with Claude on writing a driver for the TLV320DAC3100 (https://www.digikey.com/en/products/detail/texas-instruments/TLV320DAC3100IRHBR/2260591), we finally have it configured using our driver, and playing an MP3 stream on this ESP32. This I2S DAC has a particularly complex PLL and audio-routing system, so it's not one where you can just pipe in I2S data and have it magically play. One nice thing we got working on is the MCLK, which is generated from the BCLK, so it'll work great with anything from an Arduino-compatible to a single-board computer like Raspberry Pi. We're hoping to get the headphone detection working next so that we can turn off the amp when the headphone is plugged in. Also, it should be able to control the volume from the headset buttons. Also, we want to get the internal beep generator going so we can make tones separate from the audio stream for UI notifications. Visit the Adafruit shop online - http://www.adafruit.com ----------------------------------------- LIVE CHAT IS HERE! http://adafru.it/discord Subscribe to Adafruit on YouTube: http://adafru.it/subscribe New tutorials on the Adafruit Learning System: http://learn.adafruit.com/ ----------------------------------------- #ai #claude #tech

It's Valentine's Day today, and what better way to capture your beloved's heart than by settling down together and listening to the Hackaday Podcast! Elliot Williams is joined by Jenny List for this week's roundup of what's cool in the world of hardware. We start by reminding listeners that Hackaday Europe is but a month away, and that a weekend immersed in both hardware hacking and the unique culture offered by the city of Berlin can be yours. The stand-out hack of the week is introduced by Elliot, Henrik Forstén's synthetic aperture radar system mounted on a cheap quadcopter, pushing the limits of construction, design, and computation to create landscape imagery of astounding detail. Most of us will never create our own SAR system, but we can all learn a lot about this field from his work. Meanwhile Jenny brings us Sylvain Munaut's software defined radio made using different projects that are part of Tiny Tapeout ASICs. The SDR isn't the best one ever, but for us it represents a major milestone in which Tiny Tapeout makes the jump from proof of concept to component. We look forward to more of this at more reasonable prices in the future. Beyond that we looked at the porting of Google Find My to the ESP32, how to repair broken zippers, and tuning in to ultrasonic sounds. Have fun listening, and come back next week for episode 309!  

Folks may be familiar with our HalloWing M4 (https://www.adafruit.com/product/4300) fancy eyeballs demo code - it's very dependent on the wired-up hardware. But of course, with our new round displays (https://www.adafruit.com/product/6178), we wanted to try wiring one up to see how it looks. That ended up being 2 days of hacking, but at least it's done now - we've refactored the code to support any SAMD51 board and any SPITFT display. It's not ready for publication yet; We juuuuuust got this working like 3 minutes ago... We want to abstract out the SAMD51-dependant parts so it could be run on chips like the ESP32 or RP2350 (https://www.adafruit.com/product/6055)! Visit the Adafruit shop online - http://www.adafruit.com ----------------------------------------- LIVE CHAT IS HERE! http://adafru.it/discord Subscribe to Adafruit on YouTube: http://adafru.it/subscribe New tutorials on the Adafruit Learning System: http://learn.adafruit.com/ -----------------------------------------

As the holiday party season fades away into memory and we get into the swing of the new year, Elliot Williams is joined on the Hackaday Podcast by Jenny List for a roundup of what's cool in the world of Hackaday. In the news this week, who read the small print and noticed that Benchy has a non-commercial licence? As the takedown notices for Benchy derivatives fly around, we muse about the different interpretations of open source, and remind listeners to pay attention when they choose how to release their work. The week gave us enough hacks to get our teeth into, with Elliot descending into the rabbit hole of switch debouncing, and Jenny waxing lyrical over a crystal oscillator. Adding self-driving capability to a 30-year-old Volvo caught our attention too, as did the intriguing Cheap Yellow Display, an ESP32 module that has (almost) everything. Meanwhile in the quick hacks, a chess engine written for a processor architecture implemented entirely in regular expressions impressed us a lot, as did the feat of sending TOSLINK across London over commercial fibre networks. Enjoy the episode, and see you again next week! And check out the links over at Hackaday.