Author: Elliot Williams

1450 Articles

IPhone Jailbreak Hackers Await $1M Bounty

November 3, 2015 by 33 Comments

According to Motherboard, some unspecified (software) hacker just won a $1 million bounty for an iPhone exploit. But this is no ordinary there’s-a-glitch-in-your-Javascript bug bounty.

On September 21, “Premium” 0day startup Zerodium put out a call for a chain of exploits, starting with a browser, that enables the phone to be remotely jailbroken and arbitrary applications to be installed with root / administrator permissions. In short, a complete remote takeover of the phone. And they offered $1 million. A little over a month later, it looks like they’ve got their first claim. The hack has yet to be verified and the payout is actually made.

But we have little doubt that the hack, if it’s actually been done, is worth the money. The NSA alone has a $25 million annual budget for buying 0days and usually spends that money on much smaller bits and bobs. This hack, if it works, is huge. And the NSA isn’t the only agency that’s interested in spying on folks with iPhones.

Indeed, by bringing something like this out into the open, Zerodium is creating a bidding war among (presumably) adversarial parties. We’re not sure about the ethics of all this (OK, it’s downright shady) but it’s not currently illegal and by pitting various spy agencies (presumably) against each other, they’re almost sure to get their $1 million back with some cream on top.

We’ve seen a lot of bug bounty programs out there. Tossing “firmname bug bounty” into a search engine of your choice will probably come up with a hit for most firmnames. A notable exception in Silicon Valley? Apple. They let you do their debugging work for free. How long this will last is anyone’s guess, but if this Zerodium deal ends up being for real, it looks like they’re severely underpaying.

And if you’re working on your own iPhone remote exploits, don’t be discouraged. Zerodium still claims to have money for two more $1 million payouts. (And with that your humble author shrugs his shoulders and turns the soldering iron back on.)

Stellarator Is Germany’s Devilishly Complex Nuclear Fusion

November 2, 2015 by 82 Comments

You may not have heard of a Stellarator before, but if all goes well later this month in a small university town in the far northeast of Germany, you will. That’s because the Wendelstein 7-X is finally going to be fired up. If it’s able to hold the heat of a fusion-capable plasma, it could be a huge breakthrough.

So what’s a stellarator? It’s a specific type of nuclear fusion containment geometry that, while devilishly complex to build and maintain, stands a chance at being the first fusion generator to achieve break-even, where the energy extracted from the fusion reaction is greater or equal to the energy used in creating the necessary hot plasma.

There’s an awesome video on the W7-X, and some of the theory behind the reactor just below the break.

Continue reading “Stellarator Is Germany’s Devilishly Complex Nuclear Fusion”

3D Scanned, CNC-Milled, Pumpkin Selfie

October 31, 2015 by 11 Comments

When you have a CNC mill sitting around, it almost seems anachronistic to pull out a kitchen knife to carve a pumpkin. You can hardly blame [Nathan Bentall] for choosing an endmill instead. If you’re feeling the same, check out his blog post where [Nathan] works through all the steps involved in going from a raw pumpkin to a 3D RGB LED bust of himself. To put his head on the pumpkin’s shoulders he captured a depth map using a Kinect and then got down to some unorthodox milling.

Continue reading “3D Scanned, CNC-Milled, Pumpkin Selfie”

EFF Granted DMCA Exemption: Hacking Your Own Car Is Legal For Now

October 30, 2015 by 19 Comments

The Digital Millennium Copyright Act (DMCA) is a horrible piece of legislation that we’ve been living with for sixteen years now. In addition to establishing a de-facto copyright for the design of boat hulls (don’t get us started!), the DMCA includes a Section 1201 which criminalizes defeating encryption in cases where such could be used to break copyright law.

Originally intended to stop the rampant copying of music in the Napster era, it’s been abused to prevent users from re-filling their inkjet cartridges and to cover up rootkits. In short, it’s scope has vastly exceeded its original aims. And we take it personally, because we like to take stuff apart and see how it works.

EFF_LogoThe only bright light in this otherwise dark, dark tunnel is the possibility to petition for exemptions to Section 1201 for certain devices and purposes. Just a few days ago, the EFF won a slew of DMCA exemptions, including the contentious exemption for bypassing automobiles’ encryption to check out what’s going on in the car’s firmware. The obvious relevance of the ability for researchers to inspect cars’ firmware in light of the VW scandal may have helped overcome strong pushback from the car manufacturers and the EPA.

The other exemption that caught our eye was the renewal of protection for people who need to hack old video games to keep them playable, jailbreak phones so that you can run an operating system of your choosing on it, and even the right to copy content from a DVD for remixes and excerpts.

This is all good stuff, but it’s a little bit sad that the EFF has to beg every three years to enable us all to do something that wasn’t illegal until the DMCA was written. But don’t take my word for it, have a listen to Cory Doctorow’s much more eloquent rant.

(Banner image courtesy [Kristoffer Smith], who we covered on car hacking way back when.)

Hacking Diabetes Meters, Towards An Artificial Pancreas

October 29, 2015 by 51 Comments

We’ve covered a number of diabetes-related hacks in the past, but this project sets its goals especially high. [Tim] has diabetes and needs to monitor his blood glucose levels and administer insulin accordingly. As a first step, he and a community of other diabetics have been working on Android apps to log the data when combined with a self-made Bluetooth re-transmitter.

But [Tim] is taking his project farther than previous projects we’ve seen and aiming at eventually driving an insulin pump directly from the app. (Although he’s not there yet, and user input is still required.) To that end, he’s looking into the protocols that control the dosage pumps.

We just read about [Tim] in this article in the Guardian which covers the diabetic-hacker movement from a medical perspective — the author currently runs a healthcare innovation institute and is a former British health minister, so he’s not a noob. One passage made us pause a little bit. [Tim] speaks the usual praises of tech democratization through open source and laments “If you try to commercialize [your products], you run up against all sorts of regulatory barriers.” To which the author responds, “This should ring alarm bells. Regulatory barriers are there for a reason.”

We love health hacking, and we’re sure that if we had a medical condition that could be helped by constant monitoring, that we’d absolutely want at least local smart-phone logging of the relevant data. But how far is too far? We just ran an article on the Therac-25 case study in which subtle software race conditions ended up directly killing people. We’d maybe hesitate a bit before we automated the insulin pump, but perhaps we’re just chicken.

The solution suggested by [Lord Ara Darzi] in the Guardian piece is to form collaborations between patients motivated by the DIY spirit, and the engineers (software and hardware) who would bring their expertise, and presumably a modicum of additional safety margin, to the table. We like that a lot. Why don’t we see more of that?

Embed With Elliot: Going ‘Round With Circular Buffers

October 29, 2015 by 51 Comments

Why Buffer? Because buffers cut you some slack.

Inevitably, in our recent series on microcontroller interrupts, the question of how to deal with actual serial data came up. In those examples, we were passing one byte at a time between the interrupt service routine (ISR) and the main body of code. That works great as long as the main routine can handle the incoming data in time but, as many people noted in the comments, if the main routine takes too long the single byte can get overwritten by a new one.

The solution? Make some storage room for multiple bytes so that they can stack up until you have time to process them. And if you couple this storage space with some simple rules for reading and writing, you’ve got yourself a buffer.

So read on to see how to implement a simple, straightforward circular buffer in C for microcontrollers (or heck, for anything). Buffers are such a handy tool to have in your programming toolkit that you owe it to yourself to get familiar with them if you’re not already.

Continue reading “Embed With Elliot: Going ‘Round With Circular Buffers”

3D Printed Helix Displays Graphics In 3D

October 29, 2015 by 39 Comments

It looks like [Michel David] and his team at volumetrics.co have really upped their game: the game being production of a 3D volumetric video display.

We’ve covered an earlier version of the same technique, and still the best technical explanation of what they’re up to is to be found at their old website. But it’s a simple enough idea, and we expect that all of the difficulty is in making the details work out. But if you look at their latest video (just below the jump), we think that you’ll agree that they’ve ironed out most of the wrinkles.

Continue reading “3D Printed Helix Displays Graphics In 3D”