Day: April 16, 2019

How 5G Is Likely To Put Weather Forecasting At Risk

April 16, 2019 by 90 Comments

If the great Samuel Clemens were alive today, he might modify the famous meteorological quip often attributed to him to read, “Everyone complains about weather forecasts, but I can’t for the life of me see why!” In his day, weather forecasting was as much guesswork as anything else, reading the clouds and the winds to see what was likely to happen in the next few hours, and being wrong as often as right. Telegraphy and better instrumentation made forecasting more scientific and improved accuracy steadily over the decades, to the point where we now enjoy 10-day forecasts that are at least good for planning purposes and three-day outlooks that are right about 90% of the time.

What made this increase in accuracy possible is supercomputers running sophisticated weather modeling software. But models are only as good as the raw data that they use as input, and increasingly that data comes from on high. A constellation of satellites with extremely sensitive sensors watches the planet, detecting changes in winds and water vapor in near real-time. But if the people tasked with running these systems are to be believed, the quality of that data faces a mortal threat from an unlikely foe: the rollout of 5G cellular networks.

Continue reading “How 5G Is Likely To Put Weather Forecasting At Risk”

Rooting Your Ride: Jailbreaking A Subaru QNX

April 16, 2019 by 18 Comments

A modern car still drives in the same way as the one you would have bought thirty years ago, it still has a steering wheel and all the other controls. What has changed in the cabin lies mostly beneath the dash, where enough computing power to launch several Moon shots takes care of everything from air-conditioning to entertainment. As you might expect these systems attract the curiosity of security researchers, and through their work we gain an insight into their operation.

[Scott Gayou] has a Subaru, a car that has an all-in-one entertainment system head unit that is typical of what you’d find across a host of manufacturers. His account of jailbreaking it is a lengthy essay and a fascinating read for anyone. He starts with a serial port, then an SSH prompt for a root password, and a bit of searching to find it was made by Harman and that it runs the closed-source realtime OS QNX. From there he finds an official Subaru update, from which he can slowly peel away the layers and deduce the security mechanism. The write-up lays bare his techniques, for example at one point isolating the ARM assembler for a particular function and transplanting it bodily into his own code for investigation.

Eventually he could penetrate the filesystem of the update, and from there he could find that while the root user had a password there were two other accounts that while heavily locked down, had none. The discovery came that files on USB drives plugged into the system were given user-level execute permissions, at which point under the locked-down user he could execute arbitrary code from USB drives. He could then create and modify copies of the device’s filesystem which he could flash onto it, and thus place a modified password validation function into it and gain root access.

Some Hackaday readers will be accomplished in security work such as this, but many of us are hardware specialists for whom it remains something of a dark art. A comprehensive and accessible write-up such as this one is therefore invaluable, because it gives us an insight into the techniques used and perhaps more importantly, into some of the security pitfalls a hardware engineer might unwittingly introduce into their creations.

QNX is a real-time operating system with a long history of appearances in industrial and automotive applications. Readers with long memories may recall their demo floppies from the 1990s which packed a fully functional GUI, Internet connectivity, and modern (for the time) web browser onto a single 1.44Mb floppy disk. We’ve talked about it in the past in a little detail, as when someone made a desktop OS using it.

Go Subterranean With This DARPA Challenge

April 16, 2019 by 9 Comments

Whether it comes to rescuing people from a cave system or the underground maze of sewers, tunnels and the like that exist underneath any major city, having accurate maps of the area is always crucial to know what the optimal routes are, and what the expected dangers are. The same is true for combat situations, where such maps can mean the difference between the failure or success of a mission. This is why DARPA last year started the Subterranean Challenge, or ‘SubT’ for short.

This challenge seeks new approaches to map, navigate, and search underground environments during time-sensitive combat operations or disaster response scenarios, which would allow for these maps to be created on-demand, in the shortest amount of time possible. Multidisciplinary teams from the world are invited to create autonomous systems that can map such subsurface networks no matter the circumstances.

Continue reading “Go Subterranean With This DARPA Challenge”