When Frank Drake began his astronomy career in the late 1950s, this was an incredibly exciting time for the field. Humanity was beginning to unlock the secrets of the Universe using ever more powerful radio frequency and optical telescopes, including the tantalizing prospect of space-based telescopes. Amidst the ramping up Space Race between the US and USSR, there was an ever-growing excitement about humankind’s future among the stars.
As concrete plans for landings and colonies on the Moon, Venus and Mars were proposed and put into action, it also brought to the forefront many existing and new questions about humanity’s place in the Universe. During Frank Drake’s 92 years on planet Earth – until his passing on September 2nd of this year – he was one of the driving forces behind the search for extraterrestrial intelligence (SETI), along with other legends like Carl Sagan.
Although to the average person the acronym SETI is most likely to bring to mind popcorn movies about little grey – or green – men, Drake’s Project Ozma, as well as the SETI Institution and the ongoing Breakthrough Listen project are just some of the attempts made by Drake and his colleagues over the decades to answer that one question that may affect the very course of humankind’s future: are we alone in the Universe?
This week, Editor-in-Chief Elliot Williams and Assignments Editor Kristina Panos had a lot of fun discussing the best of the previous week’s hacks in spite of Elliot’s microphone connectivity troubles. News-wise, we busted out the wine and cheese to briefly debate whether a Colorado man should have won an art competition by entering an image created by AI. Afterward, we went around a bit about floppies, which are being outlawed in Japan.
Then it’s on to the What’s That Sound Results Show, but since Elliot can’t find a 14-sided die, he pulled on the Internet for our random number needs. Congratulations to our big winner [D Rex], who will receive one our coveted Hackaday Podcast t-shirts (Ed. note: Heck, I don’t even have one! That’s how special these babies are).
Afterlife for dead floppies.
Make shoes out of this.
Kristina’s Cyberdeck Thoughts
Is the food-safety-of-3D-printing debate over once and for all? It is as far as Elliot’s concerned. You know what else is over? The era of distributed, independent email servers. Bah! We’re not kidding about that last one — and we discuss a lie-detecting app that may or may not prove our innocence.
Finally, we talk active foot cooling, heat barriers for hot shops, and big, strong magnets. What are they for? Fixing floppies, fool!
[Vuong Nguyen] clearly knows his way around artificial intelligence accelerator hardware, creating ztachip: an open source implementation of an accelerator platform for AI and traditional image processing workloads. Ztachip (pronounced “zeta-chip”) contains an array of custom processors, and is not tied to one particular architecture. Ztachip implements a new tensor programming paradigm that [Vuong] has created, which can accelerate TensorFlow tasks, but is not limited to that. In fact it can process TensorFlow in parallel with non-AI tasks, as the video below shows.
A RISC-V core, based on the VexRiscV design, is used as the host processor handling the distribution of the application. VexRiscV itself is quite interesting. Written in SpinalHDL (a Scala variant), it’s super configurable, producing a Verilog core, ready to drop into the design.
A Digilent Arty-A7, Arducam and a VGA PMOD is all you need
From a hardware design perspective the RISC-V core hooks up to an AXI crossbar, with all the AXI-lite busses muxed as is usual for the AMBA AXI ecosystem. The Ztachip core as well as a DDR3 controller are also connected, together with a camera interface and VGA video.
Other than providing an FPGA-specific DDR3 controller and AXI crossbar IP, the rest of the design is generic RTL. This is good news. The demo below deploys onto an Artix-7 based Digilent (Arty-A7) with a VGA PMOD module, but little else needed. Pre-build Xilinx IP is provided, but targeting a different FPGA shouldn’t be a huge task for the experienced FPGA ninja.
Ztachip top level architecture
The magic happens in the Ztachip core, which is mostly an array of Pcores. Each Pcore has both vector and scalar processing capability, making it super flexible. The Tensor Engine (internally this is the ‘dataplane processor’) is in charge here, sending instructions from the RISC-V core into the Pcore array together with image data, as well as streaming video data out. That camera is only a 0.3 MP Arducam, and the video is VGA resolution, but give it a bigger FPGA and those limits could be raised.
This domain-specific approach uses a highly modified C-like language (with a custom compiler) to describe the application that is to be distributed across the accelerator array. We couldn’t find any documentation on this, but there are a few example algorithms.
The demo video shows a real-time mix of four algorithms running in parallel; one object classification (Google’s Tensorflow mobilenet-ssd, a pre-trained AI model) canny edge detection, a Harris corner detection, and Optical flow which gives it a predator-like motion vision.
[Vuong] reckons, efficiency wise it is 5.5x more computationally efficient than a Jetson Nano and 37x more than Google’s TPU edge. These are bold claims, to say the least, but who are we to argue with a clearly incredibly talented engineer?
A couple weeks ago we talked about in-app browsers, and the potential privacy issues when opening content in them. This week Microsoft reveals the other side of that security coin — JavaScript on a visited website may be able to interact with the JS embedded in the app browser. The vulnerability chain starts with a link handler published to Android, where any https://m.tiktok[.]com/redirect links automatically open in the TikTok app. The problem here is that this does trigger a redirect, and app-internal deeplinks aren’t filtered out. One of these internal schemes has the effect of loading an arbitrary page in the app webview, and while there is a filter that should prevent loading untrusted hosts, it can be bypassed with a pair of arguments included in the URI call.
Once an arbitrary page is loaded, the biggest problem shows up. The JavaScript that runs in the app browser exposes 70+ methods to JS running on the page. If this is untrusted code, it gives away the figurative keys to the kingdom, as an auth token can be accessed for the current user. Account modification, private video access, and video upload are all accessible. Thankfully the problem was fixed back in March, less than a month after private disclosure. Still, a one-click account hijack is nothing to sneeze at. Thankfully this one didn’t escape from the lab before it was fixed.
UPnP Strikes Again
It’s not an exaggeration to say that Universal Plug and Play (UPnP) may have been the most dangerous feature to be included in routers with the possible exception of open-by-default WiFi. QNAP has issued yet another advisory of ransomware targeting their devices, and once again UPnP is the culprit. Photo Station is the vulnerable app, and it has to be exposed to the internet to get pwned. And what does UPnP do? Exposes apps to the internet without user interaction. And QNAP, in their efforts to make their NAS products more usable, included UPnP support, maybe by default on some models. If you have a QNAP device (or even if you don’t), make sure UPnP is disabled on your router, turn off all port forwarding unless you’re absolutely sure you know what you’re doing, and use Wireguard for remote access. Continue reading “This Week In Security: One-click, UPnP, Mainframes, And Exploring The Fog”→
There is always some hype surrounding an Apple product announcement, and while maybe it’s not in the same league as those for the original iPod or iPhone, their iPhone 14 model will include emergency texting by satellite has generated quite a bit of coverage. It’s easy to find a lot about the system from the software end in terms of its interface and even Apple’s use of compression, but what about the radio side? Whose satellite constellation are they using, and how does it work?
As has been widely reported, their communication partner for the service is Globalstar, a provider of satellite data services that like their competitor Iridium have their origins in the 1990s when satellite phones were briefly seen as the Next Big Thing. They have a 24-satellite constellation, and they sell a range of off-the-grid voice, data, paging, tracking, and IoT connectivity services. The Apple emergency texting looks a lot like Globalstar’s Spot texting service. It’s only available in North America for now, we’re guessing because the satellites aren’t smart relays but straightforward transponders, and the network lacks sufficient ground station coverage outside that region.
With all the talk about low-earth-orbit connectivity surrounding services such as SpaceX’s Starlink it’s a bit unexpected to find ourselves back with a satellite constellation using 1990s technology. But we can see that as well as a major win for Globalstar as their service begins to look outdated by comparison to Starlink, it’s a perfect match for Apple in not requiring a complex ground station for low-bandwidth text messages. We expect that there will be some form of exclusivity in the deal, so it will be interesting to see how the larger Android vendors respond.
If you have any sort of device that cuts like a CNC mill or a laser cutter, you probably generate a lot of strange-looking scrap material. Most of us hate to throw anything away, but how do you plan to use all these odd shapes? [Caddzeus] has an answer. Using a camera and some software he digitizes the shapes accurately into a form usable in his CAD package of choice.
The process involves setting up some targets with known dimensions that will appear in the photograph. This allows the picture to be taken without being overly concerned about the distance to the camera or the angle.
Using GIMP, he adjusts the images to remove the perspective. He then brings the image into Inkscape where he can accurately scale and trace the shape.
There are detailed instructions — including videos — but if you know how to use these tools, you can probably figure it out for yourself. This technique would be useful, too, if you wanted to get an outline of something you intend to mill or cut into your CAD program as a reference. We like to do this with a laser cutter so you can burn the outline of something you are engraving or cutting on a piece of paper before you start and easily align the workpiece to the laser.
Of course, a small part could surrender its image to a conventional scanner and you can use a similar technique to adjust the scale. If you start using Inkscape a lot, you’ll want more plugins. You never know what you might build from some scrap odds and ends.
In hot weather, those of us who drive are familiar with the sensation of getting into the car and having it feel like an oven inside. A car is a essentially sealed metal box with large windows, thus on a sunny summer day it has more in common with a greenhouse, and in a heatwave this can become unbearable. But does it get hot enough for cooking? [Julian Lozos] aimed to find out, by cooking Icelandic rúgbrauð using only a 2016 Honda and the California sunshine.
Rúgbrauð is a traditional Icelandic rye bread that’s traditionally cooked by geothermal energy buried in the ground for around a day in proximity to a hot spring. A car dashboard gets pretty hot in a California heatwave, so it’s not unreasonable to expect that it might replicate this environment. He parked the Honda on a street in the sun, placed a pot full of dough on the dashboard, and waited.
The maximum temperature measured was 86.5 C (187 F), but unfortunately the sun didn’t stay high enough to maintain that temperature for the required time. After two days in the car the crust was cooked but the interior was still gooey, so the experiment can’t be said to have been successful. He does make the point though that a less traditional and much thinner loaf using a wide and flat tray might have delivered a better result.
We’re intrigued by this experiment, almost enough to try something like it ourselves were the summer not beginning to wane in these more northerly climes. Have any of you tried cooking in a hot car, or would we need a solar oven? Give us your views in the comments.
