Mysterious Files PH

Digital clock projects have been with us since the 1970s, when affordable LEDs and integrated circuits became available. In 2026 most of them use a microcontroller, but for the AliExpress fans there’s one that goes straight back to the ’70s with a pile of logic chips. You can make it on the supplied PCBs, but that wasn’t for [ALTco]. Instead, he made the circuit in free form, using six metres of brass wire.

The construction is anchored together by a set of busbars that carry sockets for a set of seven-segment and driver modules. The circuit is typical for the day, with a crystal oscillator and divider chain feeding the counters for the displays. There are a few clever tricks that older engineers might recognize in order to reduce the chip count. In this case that’s negated by an extra set of circuitry allowing the time to be set from a rotary encoder.

We’re impressed by the intricacy of the device, made bit by bit without a plan, it as some wires what thread their way between others. It’s a truly beautiful piece, and it reminds us of our circuit sculpture contest back in 2020.

This week Jonathan chats with Milo Schwartz about Pangolin, the Open Source tunneling solution. Why do we need something other than Wireguard, and how does Pangolin fix IoT and IT problems? And most importantly, how do you run your own self-hosted Pangolin install? Watch to find out!

• GitHub: https://github.com/fosrl/pangolin
• How Pangolin Works: https://docs.pangolin.net/about/how-pangolin-works
• Y Combinator: https://www.ycombinator.com/companies/pangolin

Did you know you can watch the live recording of the show right on our YouTube Channel? Have someone you’d like us to interview? Let us know, or have the guest contact us! Take a look at the schedule here.

Direct Download in DRM-free MP3.

If you’d rather read along, here’s the transcript for this week’s episode.

---

Theme music: “Newer Wave” Kevin MacLeod (incompetech.com)

Licensed under Creative Commons: By Attribution 4.0 License

Digital Convergence Corporation is hardly a household name, and there’s a good reason for that. However, it raised about $185 million in investments around the year 2000 from companies such as Coca-Cola, Radio Shack, GE, E. W. Scripps, and the media giant Belo Corporation. So what did all these companies want, and why didn’t it catch on? If you are old enough, you might remember the :CueCat, but you probably thought it was Radio Shack’s disaster. They were simply investors.

The Big Idea

The :CueCat was a barcode scanner that, usually, plugged into a PC’s keyboard port (in those days, that was normally a PS/2 port). A special cable, often called a wedge, was like a Y-cable, allowing you to use your keyboard and the scanner on the same port. The scanner looked like a cat, of course.

However, the :CueCat was not just a generic barcode scanner. It was made to only scan “cues” which were to appear in catalogs, newspapers, and other publications. The idea was that you’d see something in an ad or a catalog, rush to your computer to scan the barcode, and be transported to the retailer’s website to learn more and complete the purchase.

The software could also listen using your sound card for special audio codes that would play on radio or TV commercials and then automatically pop up the associated webpage. So, a piece of software that was reading your keyboard, listening to your room audio at all times, and could inject keystrokes into your computer. What could go wrong?

Of Interest

You might think this was some tiny startup that died with a whimper, but Radio Shack, Forbes, Wired, and several major newspapers were onboard. The :CueCat cost about $6.50 to produce, but most people never bought one. Radio Shack, Forbes, and Wired were giving them away.

The problem is, even free was too high a price for most people. To use the device, you had to register and complete a long survey full of invasive questions. Then the software showed you an ad bar. Digital Convergence had your demographic info, your surfing habits, and knew what you were scanning.

Even then, the scanner solved a non-problem. If you saw something in a Radio Shack catalog, for example, it was probably not so hard to go to their website and search for it by title or stock number. Especially if you were sitting in front of your computer. If you weren’t… well, then, the :CueCat didn’t help you in that case, anyway.

The Next Big Thing?

It is easy to look back on this and think, “What a bad idea?” But Digital Convergence and its investors were in a full-blown media blitz. The video below shows a contemporary demo of the technology.

If you still aren’t sold, look at how happy the woman in the Radio Shack commercial is that she didn’t have to manually search the web for her next phone purchase.

Problem solved, right? Want to buy that new ham radio? Scan the code, and you don’t have to type “Alinco” into a search box! Even the table of contents in the 2002 RadioShack catalog was festooned with barcodes.

The RadioShack catalog might have been an exception, though. A 2001 issue of Forbes magazine showed sparing use of the barcodes and no obvious ones linking to big advertisers. You would think the advertisers would have been a prime target, even if you had to make deals to get them onboard.

Hackers

Naturally, hacks immediately appeared. Drives from [Pierre-Philippe Coupard] and [Michael Rothwell]  allowed you to use the :CueCat without the invasive software or registration. You could even scan normal barcodes like UPC codes. Radio Shack and others wound up simply giving away $6.50 barcode scanners.

While people were already prickly about the amount of information gathered and the tracking, hackers found a report file on a public server that revealed personal info about 140,000 users — a huge number for the year 2000.

With hackers attacking both the hardware and the company’s website, Digital Convergence had to act. They changed their license, claiming that you didn’t own the scanner and forbidding reverse engineering. There were no real lawsuits, but there were threats and, as you might imagine, that just made things worse.

The Decline

By 2001, there were a very few USB-native :CueCats distributed. But the bad publicity and the lack of usefulness took its toll. By mid-year, most of the 225 employees at Digital Convergence had been let go. Later in the year, the investors decided to stop using the tech entirely.

By 2005, you could buy the now-surplus devices for $0.30 each, as long as you agreed to take 500,000 or more of them. You can still find them on the used market if you look. Open source software is still around that can make them do useful things, but honestly, unless you’re hacking it into a custom hardware setup, your phone is a better barcode scanner.

Hardware

You can still find some of the contemporary teardowns of the :CueCat online. There were, apparently, several revisions of the hardware, but at least one version had a cheap CPU, a serial EEPROM, an 8 KB static RAM, and a handful of small parts. For a free device, the insides looked pretty good.

Removing the ID from the device was as easy as removing the EEPROM, although people were less equipped to remove SMD chips in those days. You could also just lift a single pin, which was slightly easier. At least one enterprising hacker added a DIP switch to experiment with the pin settings.

Aftermath

Of course, now we have QR codes. But these are somewhat more private, work with the ubiquitous cell phone, and even then haven’t caught on in the way Digital Convergence had planned.

Was it a good idea? That’s debatable. But giant privacy grabs usually go poorly. Granted, in 2000, that might not have been as obvious as it is today. But it still doesn’t keep companies from finding it out all over again.

Featured image: The :CueCat. Photo by [Jerry Whiting]

Tech has a problem, an e-waste problem. Google is a common offender when it comes to this, creating a product just to end support a couple of years later. Thankfully, there are some lasting capabilities left in their defunct Stadia controllers. After hearing about these capabilities, [Bringus Studios] managed to turn this future e-waste into something new: a Bluetooth adapter for game controllers.

To give some credit to Google, once they announced the Stadia program was winding down, they released an updated firmware that let you use the controller as a generic Bluetooth gamepad. But there was also a rather unusual feature added — if another controller is connected to it via USB, its output will be passed along over Bluetooth as if it was coming from the Stadia controller itself.

This would allow you to wirelessly connect an Xbox 360 or PlayStation 3 controller to your computer, for example. But while a neat trick, having the two controllers plugged into each other is a bit awkward. So [Bringus Studios] decided to take the Stadia controller apart and turn it into a dedicated Bluetooth interface.

Unfortunately, a fair amount of Dremel work was required to fully disassemble the device. Additional PCB modifications allowed for tricking the main board into default joystick positions and removing some button boards. Slap a 3D printed box around the Frankenstein’d hardware and you’ll be able to add Bluetooth capability to a wide array of USB controllers.

While the end result can’t be used with every single controller, it still gives a unique use case for a defunct product. If you have some spare time, maybe check out the e-waste graveyard, where you too can turn abandoned products into something new.

The US Federal Communications Commission (FCC) is tasked with regulating both wired and wireless communications, which also includes a national security component. This is how previously the FCC tossed networking gear made by Huawei and foreign-manufactured drones onto its Covered List, effectively banning it from sale in the US. Now foreign-made consumer routers have been added to this list, barring explicit conditional approval on said list that would exempt them during a ‘transition phase’.

As per the FCC fact sheet, this follows after determination by an interagency body that such routers “pose unacceptable risks to the national security of the United States [..]”. This document points us to the National Security Determination PDF, which attempts to lay out the reasoning. In it is noted that routers are an integral part of every day life, and compromised routers are a major risk factor, ergo it follows that only US-manufactured routers are to be trusted.

These – so far fictional – US-manufactured consumer routers would have to feature ‘trusted supply chains’, which would seem to imply onshoring a large industrial base, though without specifying how deep this would have to go it’s hard to say what would be involved. The ‘supporting evidence’ section also only talks about firmware-related vulnerabilities, which would imply that US firmware developers do not produce CVEs.

Currently there do not appear to be any specific details on what router manufacturers are supposed to do about this whole issue, though they can continue to sell previously FCC-approved routers in the US.

Although hardware backdoors are definitely a possibility, this requires a fair bit of effort within the supply chain that should generally also fairly easily to detect. Yet after for example Bloomberg claimed in 2018 that Supermicro gear had been infested with hardware backdoors, this started a years-long controversy.

Meanwhile actually verified issues with Supermicro hardware are boringly due to software CVEs. In that particular issue from 2024 two CVEs were discovered involving a lack of validation of a newly uploaded firmware image.

All of which is reminiscent of an early 2024 White House ‘memory safety appeal’ that smelled very strongly of red herring. Although it’s easy to point at compromised hardware with scary backdoors and sneaky software backdoors hidden deep inside firmware of servers and networking devices, the truth of the matter is that sloppy input validation is still by far the #1 cause of fresh CVEs each year, especially if you look at the CVEs that are actually being actively exploited.

As for this de-facto ban on new routers being sold in the US, this will correspondingly not change much here. The best defense against issues with networking equipment is still to practice network hygiene by keeping tabs on what is being sent on the LAN and WAN sides, while a government could e.g. force consumer routers to pass a strict independent hardware and software audit paid for by the manufacturer.

Speaking as someone who used to run DIY routers for the longest time built around FreeSCO and Smoothwall Linux, there’s also always the option of turning any old PC into a router by putting a bunch of NICs and WNICs into it and run SmoothWall, OpenWRT, etc.. A router is after all just a specialized computer, regardless of what the government feels that it identifies as.

Creating PCBs at home is quite easy these days (vias not withstanding), but even the best DIY methods usually can’t match the resolution offered by commercial PCB production lines. Large traces are easy enough to carve out of copper-backed FR1 or FR4 with even a mill, what if you need something more like 100 µm sized traces with similar clearance? This is what [Giangix] has been experimenting with, using both a fiber laser and chemical etching to see what approach gives the best results.

The thin copper clad boards are put on the 20 Watt fiber laser and held in place with the vacuum table that [Giangix] previously made, using the power of suction to make sure the board doesn’t move. The used laser specifies a minimum line width of 0.01 mm, so that’s clearly fine enough to engrave away the chemical resist layer that is sprayed on top of the copper layer.

After some experimentation, it was found that increasing the trace clearance between the 0.1 mm traces to a hair above 0.1 mm was necessary for the subsequent chemical etching step to work the best, as otherwise some copper was still likely to remain. The chemical etching bath mixture consists of hydrochloric acid and hydrogen peroxide, in a ratio of 2 mL water to 2 mL 30% HCl and 2 drops of 35% H2O2. This is agitated for 90 s to get a pretty good result.

Although the final resistance measurements on the traces is a bit higher than theoretical, comments suggest that maybe some of the copper got removed along with the removal of the resist layer. Perhaps the most interesting question here is whether directly ablating the copper using the fiber laser would give even better results and bypass the etching chemicals.

Although it may be hard to believe for current generations, there was a time when the Internet and the World Wide Web were not as integrated into society as it is today. The only forms of online ‘social media’ that existed came in the form of IRC, forums, BBSes, newsgroups and kin, while obtaining new software for your PC involved generally making your way over to a physical store to buy a boxed copy, at least officially.

In this era – and those before it – age-verification already existed, with various goods ranging from tobacco and alcohol to naughty adult magazines requiring you to pass some form of age check. Much like how movies also got age-gated, so did video games, with a sales clerk taking a very good look at you before selling you that naughty puzzle game or boxed copy of Quake 3.

Today we’re seeing a big fuss being made about online age-verification, with the claim being that it is ‘for the children’, but as any well-adjusted adult can attest to, this is essentially a big bucket of hogwash.

Pearl Clutching

The concept of restricting certain types of drugs, entertainment, and the operating of automobiles and trucks to specific age groups is a popular one. The general reasoning is that you have to set a limit somewhere because you cannot have toddlers driving lifted 4x4s, smoking a big fat cigar, and chugging down a cold one. As for where set this limit, there is rarely more than scarce evidence for a particular age past childhood being more reasonable than any other, with claims of harm often being dubious at best.

To be fair, there is no ‘safe age’ for substances that are actively harmful to the body, such as the inhalation of tobacco smoke and the consumption of ethanol in alcoholic drinks. Consequently the age where for example imbibing ethanol is suddenly legal differs wildly, from 15 or younger to 25 or older, with 18 being a popular age. Here one line of reasoning pertains to when the individual in question can be considered to be mature enough to drink responsibly, thus preventing driving under influence and other irresponsible behavior.

In the case of exposing children to ‘harmful content’, whether in the form of video games or audiovisual entertainment, things get if possible even fuzzier, as proving that such content is indeed harmful is a tough ask. Realistically what we should primarily focus on as responsible adults and parents is the prevention of childhood trauma, as any reasonable person ought to be able to agree that inflicting trauma on a child is a certifiably Bad Thing.

In addition to this, there is also the importance of teaching children why certain types of behavior and excesses are bad, such as why you cannot drink soft drinks exclusively, why you need to eat your vegetables, why torturing small animals to death is absolutely not okay, and that Being Nice to Others is totally something to strive for.

Because children since time immemorial have sought to escape the suffocating hold of age restrictions, this raises the question of whether we can prove that this is in fact traumatic or in any way affects their behavior in a negative manner.

Dodging Restrictions

Although in the case of the pre-digital-everything age, sales clerks and adults had a lot more insight into what content you consumed, nobody really believed that with the right contacts you couldn’t get access to all the dirty magazines, violent video games and Parental Guidance (PG) or Adult Only (AO) rated movies.

The reason that I was playing Doom, Doom 2, Duke Nukem 3D and similar titles as a kid in the 1990s wasn’t due to me somehow passing as a certified adult or having an adult purchase it for me in a store, but because a computer-enthusiastic older cousin would copy them zipped up with ARJ across a bunch of floppy disks for me and my younger brother to enjoy. Think warez, but with a personal touch.

This kind of black market culture has always been pretty strong, from 1980s mix tapes and copy parties to buying copied audio CDs off someone at school by the late 90s, whether filled to the brim with explicit lyrics or not. This made ‘age restrictions’ mostly limited by one’s technological means and in how far one’s parents were aware of your illicit activities. Having your own TV and VHS/DVD player or multimedia-capable PC in your bedroom really broadened one’s horizons.

Considering that as a child I was also reading adult literature of the (mostly) non-nekkid variety, including the works of Stephen King and Jan Wolkers, as well as Lord of the Rings, there were many things that I did back then that were age-inappropriate. The main question remains whether any of that harmed or benefited me. This is a highly subjective question to ask, of course, but we do have some science to provide a more objective take on this subject.

Doomed To Violence

Back in the 1990s the idea that violent video games were causing children to become more violent got a lot of traction, mostly due to fighting games and first person shooters like Doom entering the scene. To some people, the premise that playing these games in which you use a variety of weapons and techniques to violently turn pixelated monsters and opponents into pixelated piles of viscera would not have any effect on the developing brain of children and teenagers seemed inconceivable.

The 1993-1994 US Senate hearings on video games came in the wake of the release of controversial games like Night Trap, Mortal Kombat, and by the 1994 hearing, also Doom. Effectively this is where video game ratings became an integral part of this new kind of media, with the Entertainment Software Rating Board (ESRB) being established for the US and Canada.

Yet despite the premise being that exposure to violence and pornography at a young age causes individuals to perform criminal behavior, the crime statistics do not bear this out. In fact, there was a much sharper rise since the 1950s in violent crime across the US, peaking at around 1990, when incidentally lead in the form of tetraethyl lead as a gasoline additive was phased out. This lends credence to the hypothesis that exposure to significant amounts of lead from a young age in one’s environment impaired cognitive development and resulted in said crime wave.

In a 2023 systematic review article by Virginia Lérida-Ayala et al. the causes of behavioral disorders in children and teenagers within the context of internet and video games are considered. Of note is that Internet Gaming Disorder (IGD) is featured in the DSM-5, involving compulsive use of video games to the point that it impairs one’s ability to function.

This negative aspect is of course also contrasted with the positive effects of video games when it comes to things like socializing, cognitive skills and improved self-esteem.

In the review article it is found that playing a very large number of hours of video games per day is correlated strongly with negative effects, yet with the caveat that it’s important not to confuse the order of causality. A strong connection is found between ADHD and escaping into video games, in order to avoid the complexities of emotional and social interactions.

Much like with other types of addictions and substance abuse, they can often act as an escape from reality, in which case the solution does not lie in technological solutions like age restrictions or forcefully limiting the number of hours that a user can play as doing so would merely force the individual to find other forms of escape.

Yet even in these extreme cases of IGD the result is generally not violent or even criminal behavior, but rather a withdrawal from society. This contrasts with the final point being raised, with that of aggression and other forms of dysfunctional behavior, which when left uncontrolled can result in negative feedback from the child or teen’s environment. Yet here too underlying psychological issues such as OCD, depression, social anxiety disorder and so on would seem to be generally present.

In short, it would appear that violent and otherwise age-restricted content do not reprogram a child or teenager’s brain, but it can provide a coping mechanism for those who are dealing with certain mental and psychological issues. Or in other words, when a child or teen is feeling generally happy and content, there should be no negative effects from them indulging in video games and movies, even if they may be deemed to be not quite age-appropriate.

Traces Of Trauma

There are many ways in which a child can suffer trauma, but the primary question is whether exposure to age-restricted content can actually induce trauma. This somewhat goes back to the previous section where it’s important to not confuse the order of causality, as after all often trauma can precede problematic behavior rather than be caused by it.

Yet if we look at the list of the types of trauma, it’s not immediately obvious in what way voluntarily opting to listen to explicit lyrics, play violent or erotic video games, would in any way be ‘traumatic’. When contrasted with the list of childhood traumas, such a thing would seem to be rather benign as it’s done out of curiosity tinged with a hint of adventure due to it being ‘for adults’ or at least much older children.

When I look back upon my own experiences playing those violent games – with an occasional stop to pass a stripper in DN3D a few bucks to have them show me some very naughty pixels – it fills me more with a feeling of nostalgia rather than an overwhelming urge to acquire firearms or frequent a strip club.

I will admit that catching that the scene from Child’s Play where Chucky has been thrown into the lit hearth and comes walking out whilst on fire caused child me to fear walking into the dark garage later on. I would fortunately quickly get over that, though I’m still not a fan of snuff-type films like the Saw ones.

Ultimately, when it comes to childhood trauma, this doesn’t appear to be much of a reason to age-restrict certain types of content.

Anonymity Is Good

Since the arrival of so-called ‘social media’ the central tenet of never giving out your personal information which was front and center during the 1990s and 2000s got quite literally flipped around. Suddenly we had massive corporations practically begging you to give every last scrap of your personal information, every intimate detail of your daily life and with it every last second of your attention span. They even made an ‘everything device‘ for it in the form of a smartphone that practically ensures that you’ll never be alone with your thoughts again.

The upshot of this reversal is that instead of a mostly comfortable anonymous experience, suddenly every second that you’re awake has been turned into the equivalent of a schoolyard during recess, the watercooler banter at the office and similar social interactions. Along with this comes social anxiety, real-life bullying, and worse, with multiple studies indicating the real harm to children and teenagers in particular, but also to adults.

A recent response to this has been the introduction of social media bans for under-16 year olds, which by itself sounds like a good idea, but this fails to address the many problems that this introduces: from illicit access as demand remains, to the privacy nightmare that ensues as suddenly access to social media requires more stringent identification than accessing a pornographic website.

This raises many questions, such as whether ‘social media’ and the FOMO it introduces is a legitimate addiction, and whether we shouldn’t make being online more anonymous rather than enforce a rather dystopian ‘real name’ policy onto the populace. Contrast this to the old ‘don’t trust strangers’ adage that used to get hammered into the minds of young children, to prevent them from taking up offers from overly friendly people with candy-filled vans.

Modern-Day Safety

In how far do children today understand the dangers of the Internet? In a 2019 research article by Jun Zhao et al. a group of UK school children aged 6 – 10 were asked a range of questions in focus groups to see how they see these risks. Now that many children are practically raised by iPads and equivalents, it’s more relevant than ever that the adults in their environment teach them to be safe and to reinforce good online privacy behavior.

The paper was also summarized in an article by Chun Fei Lung, for those whose attention spans are beginning to drift at this point. A major take-away is that children will generally recognize situations that feel ‘scary’ or ‘annoying’, and they agreed that they should ask one of their parents about it before doing anything else.

Perhaps the scariest part is how trusting these children were when it came to platforms they were familiar with. We have seen issues recently pertaining to platforms like Roblox where such trust was exploited by unscrupulous adults, leading to age verification being implemented through the services of Persona. This same identity verification company has also been hired by Discord and has seen its services used in the UK and Australia for their respective online safety legislation.

This then gets us to the crux of modern day online safety, where online anonymity has been replaced with identify verification through private companies. It’s hard to shake the feeling that parental involvement and education campaigns by governments wouldn’t be significantly more effective here. As well as pose a significantly lower risk of having your identity stolen.

Of course, none of this is an easy issue to solve, and there will always be unscrupulous folk around, but treating age verification as some kind of technological silver bullet to a societal issue will always end in tears.