2025-10-01 10:00:52
Unitree have a number of robotic offerings, and are one of the first manufacturers offering humanoid robotic platforms. It seems they are also the subject of UniPwn, one of the first public exploits of a vulnerability across an entire robotic product line. In this case, the vulnerability allows an attacker not only to utterly compromise a device from within the affected product lines, but infected robots can also infect others within wireless range. This is done via a remote command-injection exploit that involves a robot’s Bluetooth Low Energy (BLE) Wi-Fi configuration service.
While this may be the first public humanoid robot exploit we have seen (it also affects their quadruped models), the lead-up to announcing the details in a post on X is a familiar one. Researchers discover a security vulnerability and attempt responsible disclosure by privately notifying the affected party. Ideally the manufacturer responds, communicates, and fixes the vulnerability so devices are no longer vulnerable by the time details come out. That’s not always how things go. If efforts at responsible disclosure fail and action isn’t taken, a public release can help inform people of a serious issue, and point out workarounds and mitigations to a vulnerability that the manufacturer isn’t addressing.
The biggest security issues involved in this vulnerability (summed up in a total of four CVEs) include:
system().The complete attack sequence is a chain of events that leverages the above in order to ultimately send commands which run with root privileges.
We’ve seen a Unitree security glitch before, but it was used to provide an unofficial SDK that opened up expensive features of the Go1 “robot dog” model for free. This one is rather more serious and reportedly affects not just the humanoid models, but also newer quadrupeds such as the Go2 and B2. The whole exploit is comprehensively documented, so get a fresh cup of whatever you’re drinking before sitting down to read through it.
2025-10-01 07:00:27
In the late 2010s, the Ender 3 printers were arguably the most popular line of 3D printers worldwide, and for good reason. They combined simplicity and reliability in a package that was much less expensive than competitors, giving a much wider range of people access to their first printers. Of course there are much better printers on the market today, leaving many of these printers sitting unused. [Irbis3D] had an idea that with so many of these obsolete, inexpensive printers on the secondhand market, he could build something better with their parts.
The printer he eventually pieces together takes parts from two donor Ender printers and creates a printer with a CoreXY design instead of the bedslinger (Cartesian) design of the originals. CoreXY has an advantage over other printer topologies in that the print head moves in X and Y directions, allowing for much faster print times at the expense of increased complexity. There are some challenges to the design that [Irbis3D] had to contend with, such as heating problems with the extruder head that needed some modifications, as well as a resonance problem common with many printer designs which can generally be solved by replacing parts one-by-one until satisfactory prints are achieved.
Of course, not all of the parts for the new printer come from the old Ender printers. The longer belts driving the print head needed to be ordered, as well as a few other miscellaneous bits. But almost everything else is taken from these printers, which can be found fairly cheaply on the secondhand market nowadays. In theory it’s possible to build this version for much less cost than an equivalent printer as a result. If you’re looking for something even more complicated to build, we’d recommend this delta printer with a built-in tool changer.
Thanks to [BusterCasey] for the tip!
2025-10-01 04:00:01
Have you ever wanted to find a Bluetooth device out in the wild while looking like the comic relief character from a science-fiction series? You might like Dendrite, the direction-finding hat from [SolidStat3].
Dendrite is intended for hunting down Bluetooth devices. It’s capable of direction estimation based on signal strength readings from four ESP32 microcontrollers mounted on an off-the-shelf hard hat. Each ESP32 searches for BLE devices in the immediate area and reports the apparent signal strength to a fifth ESP32, which collates readings from all units. It then runs a simple multilateration algorithm to estimate the direction of the device. This information is then displayed via a ring of addressable LEDs around the perimeter of the hat. White LEDs marking the direction of the detected device. The only problem? You can’t see the LEDs while you’re wearing the hat. You might need a friend to help you… or you can simply take it off to see what it’s doing.
Ultimately, this project is a useful direction-finding hard hat that would also make a perfect prop from an episode of Inspector Spacetime. We’ve covered direction finding in other contexts before, too. Meanwhile, if you’re cooking up your own innovative hard hat (or radio) hacks, don’t hesitate to let us know!
2025-10-01 02:30:52
In the original Animal Crossing from 2001, players are able to interact with a huge cast of quirky characters, all with different interests and personalities. But after you’ve played the game for awhile, the scripted interactions can become a bit monotonous. Seeing an opportunity to improve the experience, [josh] decided to put a Large Language Model (LLM) in charge of these interactions. Now when the player chats with other characters in the game, the dialogue is a lot more engaging, relevant, and sometimes just plain funny.
How does one go about hooking a modern LLM into a 24-year-old game built for an entirely offline console? [josh]’s clever approach required a lot of poking about, and did a good job of leveraging some of the game’s built-in features for a seamless result.
The game runs on a GameCube emulator, and the first thing needed is a way to allow the game and an external process to communicate with each other. To do this, [josh] uses a modding technique called Inter-Process Communication (IPC) via shared memory. This essentially defines a range of otherwise unused memory as a mailbox that both the game state and an external process (like a Python script) can access.
[josh] then nailed down the exact memory locations involved in dialogue. This was a painstaking process that required a lot of memory scanning, but eventually [josh] found where the game stores the active speaker and the active dialogue text when the player speaks to a villager. That wasn’t all, though. The dialogue isn’t just plain ASCII, it contains proprietary control codes that sprinkle things like sounds, colors, and speaker emotes into conversations.
The system therefore watches for dialogue, and when a conversation is detected, the “Writer” LLM — furnished with all necessary details via the shared memory mailbox — is asked to create relevant dialogue for the character in question. A second “Director” LLM takes care of adding colors, facial expressions, and things of that nature via control codes.
[josh] even added a small bit of shared “gossip” memory among all villagers which keeps track of who said what to who, and how they felt about it. This perhaps unsurprisingly results in a lot of villagers grumbling about just how much currency flows directly to Tom Nook, the raccoon proprietor of the local store.
A very clever detail pointed out by [Simon Willison] is how [josh] deals with the problem of the game expecting dialogue to be immediately available at the given memory location. After all, LLMs don’t work instantly. Turns out [josh]’s code makes clever use of a built-in dialogue control code that creates a short pause. Whenever a dialogue screen opens, a few short pauses ensure that the LLM’s work is done in time.
If Animal Crossing isn’t retro enough, or you prefer your LLMs to be a little more excitable, AI commentary for Pong is totally a thing.
2025-10-01 01:00:34
Supercon is the Ultimate Hardware Conference and you need to be there! Just check out this roster of talks that will be going down. We’ve got something for everyone out there in the Hackday universe, from poking at pins, to making things beautiful, to robots, radios, and FPGAs. And this isn’t even half of the list yet.
We’ve got a great mix of old favorites and new faces this year, and as good as they are, honestly the talks are only half of the fun. The badge hacking, the food, the brainstorming, and just the socializing with the geekiest of the geeky, make it an event you won’t want to miss. If you don’t have tickets yet, you can still get them here.
Plus, this year, because Friday night is Halloween, we’ll be hosting a Sci-Fi-themed costume party for those who want to show off their best props or most elaborate spacesuits. And if that is the sort of thing that you’re into, you will absolutely want to stay tuned to our Keynote Speaker(s) announcement in a little while. (Spoiler number one.)
This talk explores stacking multiple protocols, like UART, SPI, and I2C, onto the same GPIO pins by exploiting undefined “don’t care” regions. Learn how to bitbang several devices at once, creating protocol polyglots without extra hardware.
From Conway’s Game of Life to cyberpunk bounty hunting in the desert, this talk explores how thoughtful design in tech and hardware can lead to human connection and community. Elli Furedy shares lessons from years of building hardware and running an immersive experience at the event Neotropolis.
Take a nostalgic and technical deep dive into The Lawnmower Man, a quirky full-motion video game for DOS CD-ROM. We’ll explore the tools and techniques used to reverse-engineer the game, uncover how it was built, and wrap things up with a live demo on original hardware.
RGB lighting is everywhere and allows any project to display millions of unique colors. This talk explores the physiology of the human eye that allows RGB to be so effective, when alternatives are better, and how to choose the right lighting for your project.
This talk dives into the art and engineering of programming personality into pet robots, crafting behaviors, reactions, and quirks that turns a pile of parts into a companion with presence. Learn design tips, technical insights, and lessons from building expressive bots that blur the line between hardware and character.
This talk takes us on a tour of adventures reviving an abandoned IoT “AI” translator, 2025-style. From decoding peculiar protocols to reverse engineering firmware & software, discover how curiosity and persistence can breathe new life into forgotten hardware and tackle obscure technical challenges.
We’ll learn how to identify what a target is typing from a distance through a window with an advanced laser microphone capable of converting infrared to vibrations to radio back to sound, and the electrical, optical, radio, and software components needed for cutting-edge eavesdropping.
A small experiment with PCB art and interactive badges became a campus-wide creative movement. Hear how students combined art, technology, and real-world tools to build community, develop skills, and create projects that are as accessible as they are unforgettable.
This talk dives into using outdoor wireless access points to join a ham radio mesh network (ham net). Learn how services like weather stations, video streams, email, and VOIP are run entirely over the mesh, without needing commercial internet, all within FCC Part 97 rules.
This talk discusses a range of projects built from custom LED PCBs combined into two and three dimensional structures. Explores methods of connecting them into creative arrangements, both static and flexible, including the “Bendy SAO” which won a prize at Supercon 2024.
This talk presents research on destructive testing of commercial off-the-shelf (CoTS) FPGAs using cobalt-60 and cesium-137 radiation to study failure modes and resilience in high-radiation environments. Learn about a novel in-situ measurement method that allows real-time observation of integrated circuits during exposure, capturing transient faults and degradation without interrupting operation.
Earth’s magnetic field is glitching out. Phones fail, satellites drop, auroras flood the skies. This talk dives into Aurora Blue, which imagines this future through post-digital imaging hacks: cyanotype prints exposed by custom light-field instruments that flow like auroras. Deep-blue works built to endure, sky relics you can hold after the cloud crashes.
Sadly, we’ve got to announce that the Meshtastic workshop with Kody Kinzie will not be taking place. But Spoiler Number Two is that the badge this year will have all of the capabilities of that project and much, much more. If you’re into LoRA radio, meshes, and handheld devices, you’ll want to watch out for our badge reveal in the upcoming weeks.
Oh, and go get your tickets now before it’s too late. Supercon has sold out every year, so you can’t say that we didn’t tell you.
2025-09-30 23:30:24
You can get all kinds of great wildlife footage if you trek out into the woods with a camera, but it can be tough to stay awake all night. However, this is a task you can readily automate, as [Luke] did with his DIY trail camera.
A Raspberry Pi Zero 2W serves as the heart of the build. It’s compact and runs on very little power, but also provides a good amount more processing power than the original Raspberry Pi Zero. It’s kitted out with the Raspberry Pi AI Camera, which uses the Sony IMX500 Intelligent Vision Sensor — providing a great platform for neural networks doing image classification and similar machine learning tasks. A Witty Pi power management module is used both for its real time clock and to schedule start-ups and shutdowns to best manage the power on offer from the batteries. All these components are wrapped up in a 3D printed housing to keep the Pi safe out in the wild.
We’ve seen some neat projects in this vein before.
