Hackaday Links: September 19, 2021

September 19, 2021 by Dan Maloney 12 Comments

Things might be getting a bit dicey out in Jezero crater for Ingenuity. The little helicopter that could is starting to have trouble dealing with the thinning Martian atmosphere, and may start pressing against its margin of safety for continued operation. Ingenuity was designed for five flights that would all take place around the time its mothership Perseverance touched down on Mars back in February, at which time the mean atmospheric pressure was at a seasonal high. Over the last few months, the density of the Martian atmosphere has decreased a wee bit, but when you’re starting with a plan for a pressure that’s only 1.4% of Earth’s soupy atmosphere, every little bit counts. The solution to keeping Ingenuity flying is simple: run the rotors faster. NASA has run a test on that, spinning the rotors up to 2,800 RPM, and Ingenuity handled the extra stresses and power draw well. A 14th flight is planned to see how well the rotors bite into the rarefied air, but Ingenuity’s days as a scout for Perseverance could be numbered.

If you thought privacy concerns and government backdoors into encryption technology were 21st-century problems, think again. IEEE Spectrum has a story about “The Scandalous History of the Last Rotor Cipher Machine,” and it’s a great read — almost like a Tom Clancy novel. The story will appeal to crypto — not cryptocurrency — fans, especially those fascinated by Enigma machines, because it revolves around a Swiss rotor cipher machine called the HX-63, which was essentially a refinement of the original Enigma technology. With the equivalent of 2,000-bit encryption, it was considered unbreakable, and it was offered for sale to any and all — at least until the US National Security Agency sprung into action to persuade the inventor, Boris Hagelin, to shelve the HX-63 project in favor of electronic encryption. The NSA naturally helped Hagelin design this next generation of crypto machines, which of course all had backdoors built into them. While the cloak and dagger aspects of the story — including a possible assassination of Boris Hagelin’s son in 1970, when it became clear he wouldn’t “play ball” as his father had — are intriguing, the peek inside the HX-63, with its Swiss engineering, is the real treat.

One of the great things about the internet is how easy it is to quickly answer completely meaningless questions. For me, that usually involves looking up the lyrics of a song I just heard and finding out that, no, Robert Plant didn’t sing “Whoopie Cat” during Misty Mountain Hop. But it also let me answer a simple question the other day: what’s the largest single-piece metal object ever created? I figured it would have to be a casting of some sort, and likely something from the middle of the previous century. But as it turns out, the largest casting ever appears to have been manufactured in Sheffield, England in 2015. The company, Sheffield Forgemaster International, produced eleven castings for the offshore oil industry, each weighing in at over 320 tonnes. The scale of each piece is mind-boggling, and the technology that went into making them would be really interesting to learn about. And it goes without saying that my search was far from exhaustive; if you know of a single-piece metal part larger than 320 tonnes, I’ll be glad to stand corrected.

Have you heard about “teledriving” yet? On the face of it, a remote-controlled car where a qualified driver sits in an office somewhere watching video feeds from the car makes little sense. But as you dig into the details, the idea of remotely piloted cars starts to look like one of those “Why didn’t I think of that?” ideas. The company behind this is called Vay, and the idea is to remotely drive a ride-share vehicle to its next customer. Basically, when you hail a ride, a remote driver connects to an available car and drives it to your location. You get in and take over the controls to drive to your destination. When you arrive, another remote drive pilots the car to its next pickup. There are obvious problems to work out, but the idea is really the tacit admission that all things considered, humans are way better at driving than machines are, at least right now.

Hamster Trades Crypto Better Than You

July 7, 2021 by Bryan Cockfield 19 Comments

The inner machinations of the mind of cryptocurrency markets are an enigma. Even traditional stock markets often seem to behave at random, to the point that several economists seriously suggest that various non-human animals might outperform one market or another just by random chance alone. The classic example is a monkey picking stocks at random, but in the modern world the hamster [Mr Goxx] actively trades crypto from inside his hamster cage.

[Mr Goxx]’s home comprises a normal apartment and a separate office where he can make his trades. The office contains an “intention wheel” where he can run in order to select a currency to trade, and two tunnels that [Mr Goxx] can use to declare his intention to buy or sell the currency he selected with the wheel. The wheel is connected to an Arduino Nano with an optical encoder, and the Nano also detects the hamster’s presence in the “buy” or “sell” tunnel and lights up status LEDs when he wants to execute a trade. The Nano also communicates with an intricate Java program which overlays information on the live video feed and also executes the trades in real life with real money.

Live updates are sent directly both on Twitter and Reddit, besides the live Twitch stream of [Mr Goxx] we linked above. The stream only shows his office and not his apartment, and he’s mostly active at night (Berlin time). But we can’t wait for his random walks to yield long-term results which can be analyzed for years to come. In the meantime we’ll see if others have been able to make any profits in crypto with any less-random methods.

NFTs Are The Hope For A New Tomorrow!

April 1, 2021 by Jenny List 54 Comments

Here at Hackaday, we’re always working as hard as we can to bring you the latest and most exciting technologies, and like so many people we’ve become convinced that the possibilities offered by the rise of the Blockchain present unrivaled opportunities for humanity to reinvent itself unfettered by the stifling regulations of a dying system. This is why today we’ve decided to join in with the digital cognoscenti and celebrities embracing Non-Fungible Tokens, or NFTs, as a new promise of non-corporeal digital investment cryptoasset that’s taking the world by storm.

Crypto Non-Fungible Investment Gains!

Imagine for a minute, yourself owning a very expensive car. Skievl, CC BY-SA 4.0.

An NFT is a digital token representing something in the real world, and coupled to a unique ID held in a secure entry in the Blockchain. It’s non-fungible, which means that it’s unique and not interchangeable in the manner of a traditional old-style cryptoasset such as Bitcoin. As it allows a real-world object to be tokenised in digital form it represents a way to own something that provides an irrefutable connection to it as as a digital cryptoasset.

It’s a complex system that’s maybe too difficult to explain fully in a single article, but think of an NFT as a way to invest in a cryptoasset in digital form with its uniqueness guaranteed by Blockchain security, without having the inconvenience of physically owning it. Instead your NFT is safely held on a server on the Internet, and can’t be physically stolen as it would from a bank vault because it has the Blockchain cryptosecurity baked in.

Non Fungible Blockchain Cryptoassets!

You don't own this. Yet. — You don’t own this. Yet.

NFTs have so far found a space in the creative markets, where they have provided a revolutionary opportunity for artists to expand their sales in the digital realm by selling NFTs of their work. A struggling artist can now access buyers all over the world, who can in turn now invest with confidence in creative talent to which they would never otherwise be exposed. It’s a win-win situation in which both cryptoinvestor and artist benefit from The Power of the Blockchain.

Hackaday is excited to offer a once-in-a-lifetime chance to acquire a Blockchain-cryptosecured NFT representing one of our own articles; our first ever NFT is the only officially sanctioned digital copy of a Hackaday article presenting a novel method of handling toilet paper shortages. The original article will continue to exist on Hackaday.com with all rights reserved, but we will not make any other NFTs of it. We may also decide to update the original article to let everyone know you are the lucky owner of the only digital copy of this piece of greatness. That’s right, this NFT will let you prove you own a screenshot!

Having today sold you on the incredible cryptoinvestment opportunity offered by NFTs, we’ll be back on another date with a more sober and in-depth technical examination of the technology behind them. Meanwhile should our brief foray into NFTs garner any interest (and we really hope it does not), we will donate proceeds to the excellent Girls Who Code, a truly solid investment with a tangible bright future.

Thanks [Micah Scott] for some NFT consultancy during the making of this piece.

This Week In Security: XCode Infections, Freepik, And Crypto Fails

August 28, 2020 by Jonathan Bennett 8 Comments

There is a scenario that keep security gurus up at night: Malware that can detect software compilation and insert itself into the resulting binary. A new Mac malware, XCSSET (PDF), does just that, running whenever Xcode is used to build an application. Not only is there the danger of compiled apps being malicious, the malware also collects data from the developer’s machine. It seems that the malware spreads through infected Xcode projects.

WordPress Plugins

WordPress has a complicated security track record. The core project has had very few serious vulnerabilities over the years. On the other hand, WordPress sites are routinely compromised. How? Generally through vulnerable plugins. Case in point? Advanced Access Manager. It’s a third party WordPress plugin with an estimate 100,000 installations. The problem is that this plugin requires user levels, a deprecated and removed WordPress feature. The missing feature had some unexpected results, like allowing any user to request administrator privileges.

The issue has been fixed in 6.6.2 of the plugin, so if you happen to run the Advanced Access Manager plugin, make sure to get it updated. Beyond that, maybe it’s time to do an audit on your WordPress site. Uninstall unused plugins, and make sure the rest are up to date, along with the WordPress installation itself. Continue reading “This Week In Security: XCode Infections, Freepik, And Crypto Fails” →

John McMaster Explains Crypto Ignition Phone Keys And How To Reproduce Them

December 2, 2019 by Lewin Day 17 Comments

When you’re a nation state, secure communications are key to protecting your sovereignty and keeping your best laid plans under wraps. For the USA, this requirement led to the development of a series of secure telephony networks over the years. John McMaster found himself interested in investigating the workings of the STU-III secure telephone, and set out to replicate the secure keys used with this system.

An encryption key in a very physical, real sense, the Crypto Igntion Key was used with the STU-III to secure phone calls across many US government operations. The key contains a 64KB EEPROM that holds the cryptographic data.

[John] had a particular affinity for the STU-III for its method of encrypting phone calls. A physical device known as a Crypto Ignition Key had to be inserted into the telephone, and turned with a satisfying clunk to enable encryption. This physical key contains digital encryption keys that, in combination with those in the telephone, are used to encrypt the call. The tactile interface gives very clear feedback to the user about securing the communication channel. Wishing to learn more, John began to research the system further and attempted to source some hardware to tinker with.

As John explains in his Hackaday Superconference talk embeded below, he was able to source a civilian-model STU-III handset but the keys proved difficult to find. As carriers of encryption keys, it’s likely that most were destroyed as per security protocol when reaching their expiry date. However, after laying his hands on a broken key, he was able to create a CAD model and produce a mechanically compatible prototype that would fit in the slot and turn correctly.

Continue reading “John McMaster Explains Crypto Ignition Phone Keys And How To Reproduce Them” →

Mining Bitcoin On The ESP32 For Fun, Definitely Not Profit

March 19, 2019 by Lewin Day 7 Comments

Bitcoin’s great, if you sold at the end of 2017. If you’re still holding, your opinion might be a little more sour. The cost to compete in the great hashing race continues to rise while cryptocurrency values remain underwhelming. While getting involved at the top end is prohibitively expensive, you can still have some fun with the basic concepts – as [Jake] did, by calculating Bitcoin hashes on the ESP32.

It’s a project that is very much done for fun, rather than profit. [Jake] notes that even maxing out both cores, it would take 31 billion years to mine one block at current difficulty levels. Regardless, the underlying maths is nothing too crazy. Double-hashing the right data with the SHA256 algorithm is all that’s required, a task that is well within the ESP32’s capabilities. There’s hardware acceleration available, too – though this is weirdly slower than doing it in software.

Overall, you’re not going to get rich hashing Bitcoin on a cheap microcontroller platform. You might just learn something useful, though. If this isn’t weird enough though, you could always try the same thing on a 1970s Xerox Alto.

Rebuilding The First Vocal Encryption System

January 27, 2019 by Dan Maloney 12 Comments

Back in the early days of radio, it was quickly apparent that the technology would revolutionize warfare, but only if some way could be found to prevent enemies from hearing what was said. During World War II, the Allies put a considerable amount of effort into securing vocal transmissions, resulting in a system called SIGSALY – 50 tons of gear developed by Bell Laboratories with the help of Alan Turing that successfully secured communications between the likes of Churchill and Roosevelt during the war.

Now, a small piece of the SIGSALY system lives again, in the form of a period-faithful reproduction of the vocal quantizer used in the system. It’s the work of [Jon D. Paul], who undertook the build to better understand how the SIGSALY system worked. [Jon] also wanted to honor the original builders, who developed a surprisingly sophisticated system given the technology of the day.

SIGSALY was seriously Top Secret in the day, and most of the documentation was destroyed when the system was decommissioned. Working from scant information, [Jon] was able to recreate the quantizer from period parts, including five vintage VT-109/2051 thyratrons scrounged from eBay. The vacuum tubes are similar in operation to silicon-controlled rectifiers (SCRs) and form the core of the ADC, along with a resistor divider ladder network. Almost every component is period correct, and everything is housed in a nice acrylic case. It’s a beautiful piece of work and a great homage to a nearly forgotten piece of cryptographic history.

Interestingly, Bell Labs had a bit of a head start on the technology that went into SIGSALY, by virtue of their work on the first voice synthesizer in the 1930s.

Continue reading “Rebuilding The First Vocal Encryption System” →