The annual meeting of the Chaos Computer Club, Germany’s giant hacker group, is online again this year. While those of us here are sad that we don’t get to see our hacker friends in person, our loss is your gain — the whole thing is online for the entire world to enjoy.
This year’s Congress has gone entirely decentralized, with many local clubs hosting their own video streams and “stages”. Instead of four tracks, there are now six or seven tracks of talks going on simultaneously, so prepare to be overwhelmed by choice. You can find the overall schedule here, so if you see anything you’d like to watch, you’ll know when to tune in.
Like last year, there is also a parallel 2D simulation world, like Zelda with videoconferencing, but for which you’ll need a ticket, and they’re sold out. (Check out the demo video if you want to see what that’s about.) And what would a conference be without t-shirts, armbands, and even a sticker exchange? Or course, it all has to be done by mail, but you do what you can.
We’ll be keeping our eyes on the talks, and let you know if we see anything good. If you do the same, let us know in the comments!
Technology moves quickly these days as consumers continue to demand more data and more pixels. We see regular updates to standards for USB and RAM continually coming down the pipeline as the quest for greater performance goes on.
HDMI 2.1 is the latest version of the popular audio-visual interface, and promises a raft of new features and greater performance than preceding versions of the standard. As it turns out, though, buying a new monitor or TV with an HDMI 2.1 logo on the box doesn’t mean you’ll get any of those new features, as discovered by TFT Central.
Aside from being the focus of a series of bizarre conspiracy theories, 5G cellular networks offer the promise of ultra-fast Internet access anywhere within their range. To that end there are a new breed of devices designed to provide home broadband using 5G as a backhaul. It’s one of these, a Nokia Fastmile, that [Eddie Zhang] received, and he’s found it to be an interesting teardown and investigation. Spoiler: it runs Android and has exploitable bugs.
A privilege escalation bug in the web administration tool led to gaining the ability to export and modify configuration files, but sadly though a telnet prompt can be opened it’s not much use without the password. Uncovering some blocked-off ports on the base of the unit revealed a USB-C port, which was found to connect to an Android device. Via ADB a shell could be opened on Android, but on furtherĀ investigation it was found that the Fastmile is not a single device but two separate ones. Inside is a PCB with an Android 5G phone to handle the connection, and another with a completely separate home router.
With access to the Android side and a login prompt on the router side that was as far as he was prepared to go without risking bricking his Fastmile. It only remained to do a teardown, which reveals the separate PCBs with their own heatsinks, and an impressive antenna array. Perhaps these devices will in time become as ubiquitous as old routers, and we’ll see them fully laid bare.
The modern smartphone is a marvel of sensors, radios, inputs, outputs, and processing power. In particular, some of those radios, such as WiFi and cellular, have grown fiendishly complex over the years. Even when that complexity is compressed down for the user into the one-dimensional space of the signal strength bars at the top of your phone. So when [David Burgess] was asked to look at some cellphone records of text messages and figure out where some of the more mysterious messages were coming from, it led him down a rabbit hole into the dark arts behind the glowing phone screen.
The number in question was 1111340002, sent by a phone connected to AT&T at the time, and was crucial for a legal case around distracted driving. [David’s] tools in his investigation were YateBTS (a cellular network simulator), SimTrace2 (pictured above), and old reliable Wireshark. Since the number isn’t a specific phone number and is not reachable from the public phone network, it must be a unique number inside AT&T processed by one particular AT&T SMSC (Short Message service center). The SMSC in question is in Atlanta and isn’t a typical texting center, so it must have some particular purpose. The message’s payload is raw binary rather than text, and [David] has done a pretty good job of decoding the majority of the format.
The most exciting revelation in this journey is that the phone (in the traditional sense) does not send this message. The processor on the phone does not know this message and executes no code to send it. Instead, the SIM card itself sends it. The SIM card is connected directly to the baseband processor on the phone, and the baseband polls the sim every so often, asking for any commands. One of those commands is an SMS (though many other commands have worrying consequences).
The SMS that [David] was chasing is triggered whenever a SIM detects a new IMEI, and the message lets the network know what about the previous and current IMEI. However, in the case of this message, it was unlikely that the SIM changed phones, so what happened? After some additional lab work and the deposition of an AT&T employee, [David] showed that a baseband firmware update would also trigger this SMS.
It’s a fascinating journey into the fragmented world of a smartphone’s minds and [David] does a fantastic job on the writeup. If you’re interested in sniffing wireless accessories, you will enjoy this soundbar’s wireless protocol laid bare.
The idea behind the SpeedBoatRace is how quickly you can print a Benchy — the little boat that is used as a test print for a 3d printer. Speeding up a print is quite tricky as it means moving the head quicker and giving layers less time to deposit and a whole other host of problems. So [Roetz] took a page out of a CPU designer’s playbook, and rather than increasing the latency, he raised the throughput. The original plan was for 20 hot ends, but due to cooling issues, that had to be reduced to 18. Perhaps even more impressive than the scale of the machine is that the only off-the-shelf parts on it are the fans for cooling. Everything else is printed or machined by [Roetz] himself. The whole run was completed in less than an hour, which technically gives him a sub 3.6 minute time per benchy, even accounting for a few that failed.
Some of the 20th century’s most iconic design and typography came to us through public signage in the various national railways of Europe. Were you to think of a Modernist clock face for example, the chances are that the prototype for your image hangs somewhere in one of the continent’s great railway terminals. If you don’t fancy getting on a train to see your favourite public timepiece, then maybe [EBP Controller] has a treat for you, with a 3D-printed double-faced Belgian railway station clock.
Behind the scenes the mechanism is simpler than appearances might lead the observer to believe, with each set of hands driven through a single gear to a motor. Controlling it all is an ESP8266, which is able to synchronise the clock exactly to an NTP server. It appears at first sight to have an unnecessarily large quantity of motors, but considering that there are two faces each with three hands the six motors each have a use. So while the real thing might require a heist from the SNCB, at least modernist clock fans can now have their own.
At the time of this writing, the James Webb Space Telescope was perched upon its ride to space, ready for its much-delayed launch from the ESA spaceport in French Guiana. The $10 billion space observatory suffered one final delay (knocks on wood) when predictions of high winds aloft pushed it back from a Christmas Eve launch to a Christmas Day departure, at 12:20 UTC. Given the exigencies of the day, we doubt we’ll be able to watch the launch live — then again, past experience indicates we’ll still be wrapping presents at 4:20 PST. Either way, here’s hoping that everything comes off without a hitch, and that astronomers get the present they’ve been waiting many, many Christmases for.
In other space news, things are getting really interesting on Mars. The ESA announced that their ExoMars Trace Gas Orbiter has detected signs of water in the Valles Marineris. The satellite found a large area of increased hydrogen concentration in the top meter of Martian soil; the assumption is that the hydrogen comes from water, meaning that as much as 40% of the material in the region scanned may be water. If so, that’s a huge find, as we thought most of Mars’ water was locked in the polar regions. The Mariner Valley stretches more than 4,000 km just below the equator, and so may prove to be an important resource for future explorers.
Meanwhile, in Jezero crater, Perseverance has decided to upstage its rotorcraft sidekick for a change by finding signs of organic molecules on Mars. It’s not the first time organic compounds have been found — Perseverance’s cousin Curiosity found some too, ESA’s Mars Express mission spotted methane from on high, and then there were the equivocal but intriguing results from the Viking missions in the 1970s. But the latest evidence is really great news for the scientists who picked Jezero crater as a likely place to search for signs of past life on Mars. The organics found are not proof of life by any means, as there are many ways to make organic molecules abiotically. But then again, if you’re going to find evidence of life on Mars, you’ve got to start with detecting organics.
Back on Earth, getting your laptop stolen would be bad enough. But what if it got yoinked while it was unlocked? Depending on who you are and what you do with that machine, it could be a death sentence. That’s where BusKill could come in handy. It’s a hardware-software approach to securing a laptop when it — or you — suddenly goes missing. A dongle with a breakaway magnetic lanyard gets plugged into a USB port, and the other end of the lanyard gets attached to your person. If you get separated from your machine, the dongle sends customizable commands to either lock the screen or, for the sufficiently paranoid, nuke the hard drive. The designs are all up on GitHub, so check it out and think about what else this could be useful for.
If you like the look of low-poly models but hate the work involved in making them, our friend and Hack Chat alumnus Andrew Sink came up with a solution: an online 3D low-poly generator. The tool is pretty neat; it uses three.js and runs completely in-browser. All you have to do is upload an STL file and set sliders to get rid of as many triangles as you want. Great stuff, and fun to play with even if you don’t need to decimate your polygons.
And finally, what have you done with your oscilloscope for the last three years? Most of us can’t answer that except in the vaguest of terms, but then there’s DrTune, who took three years’ worth of screencaps from this Rigol DS1054z and strung them together into a 60-second movie. He swears he didn’t purposely sync the video to the soundtrack, which is “Flight of the Bumblebee” by Rimsky-Korsakov, but in some places it’s just perfect. See if you can guess what DrTune has been working on by watching the waveforms fly by. And watch for Easter eggs.
