Author: Jonathan Bennett

533 Articles

Quetzal-1 Satellite Goes Open Source

July 4, 2023 by 30 Comments

Back in 2020, students from Universidad Del Valle De Guatemala (UVG) pulled off a really impressive feat, designing and building a CubeSat that lasted a whopping 211 days in orbit. In addition to telemetry and radio equipment, it carried a black-and-white camera payload.

But it turns out space is hard. The first pictures were solid black or white, with the automatic exposure process failing pretty badly. A pair of good pictures were taken by waiting until the satellite was passing over Guatemala during sunrise or sunset. A hung I2C bus led to battery drain, and the team tried a system reset to clear the hung state. Sadly the craft never came back to life after the reset, likely because of one of the Lithium-Ion battery cells failed completely in the low charge state.

That was 2020, so why are we covering it now? Because the project just released a massive trove of open source design documents, the software that ran on the satellite and ground station, and all the captured telemetry from the flight. It’s the ultimate bootstrap for anyone else designing a CubeSat, and hopefully provides enough clues to avoid some of the same issues.

Even though the mission had problems, it did achieve a lot of milestones, including the first picture of Earth taken by a Central American satellite. Even coming online and making radio contact from orbit to an earthbound station is quite a feat. The team is already looking forward to Quetzal-2, so stay tuned for more!

And if you want the details on the Quetzal-1 design, and what went wrong with the electrical system, both PDF papers have been released. Seeing more open source in space is an encouraging development, and one that should continue to grow as the cost of payloads to orbit continues to fall. We’ve covered the UPSat satellite, the PyCubed framework, and even the RTL-SDR for listening to satellite radio traffic.

Cooling Paint You Can Actually Make

July 3, 2023 by 60 Comments

[NightHawkInLight] has been working on radiative sky paint. (Video, embedded below.) That’s a coating that radiates heat in the infrared spectrum at a wavelength that isn’t readily absorbed or reflected by the atmosphere. The result is a passive system that keeps materials a few degrees cooler in direct sunlight than an untreated piece in the shade. That sounds a bit like magic, but apparently the math checks out.

Continue reading “Cooling Paint You Can Actually Make”

Fujitsu Proprietary Keyboard Goes PS/2 With A Pico

July 1, 2023 by 8 Comments

One of our favorite retro-computing YouTubers, [Clint] from LGR, found himself a very interesting Fujitsu keyboard while thrift store shopping. It was a beautiful unit, but confusing, as this keyboard comes with an 8-pin DIN connector. A 5-pin DIN plug or 6-pin Mini-DIN would be easy to work with, but what was this odd connection? Turns out the Fujitsu N860-2500-T111 came with an Olympus CV-100 Video Processor, which was designed for medical imaging, potentially among other uses. And as often happened with old specialized hardware, the keyboard used a proprietary protocol for sending keystrokes.

[Clint] put out a call for anyone that could help him build an adapter, and [Andy] from Element14 answered the call. But this problem requires more than an adapter, mainly because the Fujitsu doesn’t have key rollover. It’s one key at a time, and that just doesn’t work for the sort of things [Clint] shows off on LGR. So, the electronic guts of the keyboard were removed, to be replaced with a Raspberry Pi Pico, wired directly to the keyboard matrix.

Continue reading “Fujitsu Proprietary Keyboard Goes PS/2 With A Pico”

This Week In Security:Camaro Dragon, RowPress, And RepoJacking

June 30, 2023 by 4 Comments

Malicious flash drives have come a long ways since the old days of autorun infections. It’s not an accident that Microsoft has tightened down the attack surface available of removable media. So how exactly did a malicious flash drive lead to the compromise of a European hospital? Some sophisticated firmware on the drive? A mysterious zero day? Nope, just hidden files, and an executable using the drive name and icon. Some attacker discovered that a user trying to access a flash drive, only to be presented with what looks like the same flash drive icon, will naturally try to access it again, running an .exe in the process.

That executable runs a signed Symantec binary, included on the drive, and sideloads an OCX that hijacks the process. From there, the computer is infected, as well as any other flash drives in the machine. Part of the obfuscation technique is an odd chain of executables, executed recursively for a hundred copies. Naturally once the infection has rooted itself in a given machine, it takes commands from a C&C server, and sends certain files out to its waiting overlords. Checkpoint Research has attributed this campaign to Camaro Dragon, a name straight from the 80s that refers to a Chinese actor with an emphasis on espionage. Continue reading “This Week In Security:Camaro Dragon, RowPress, And RepoJacking”

Meshtastic For The Greater Good

June 26, 2023 by 62 Comments

Last week, my city was hit by a tornado. That’s not surprising here in Oklahoma, and thankfully this event was an F0 or possibly even an EF0 — a really weak tornado. Only a couple roofs collapsed, though probably half the houses in town are going to need roof repairs, thanks to the combination of huge hail and high winds. While it wasn’t too bad, power did go down in a few places around town, and this led to an interesting series of events.

Chat messages were coming in like this: “That was a [power] flicker, yeah. Even took down my Internet.” Followed by “Whee, [fiber Internet] got knocked out and now Starlink has too many clouds in the way.” And after ten minutes of silence, we got a bit worried to see “Time to hide under a bed. … Is cell service back?” It is a bit spooky to think about trying to help neighbors and friends after a disaster, in the midst of the communication breakdown that often follows. If he had needed help, and had no working communications, how long would it have taken for us to go check on him?
Continue reading “Meshtastic For The Greater Good”

Et Tu, Red Hat?

June 23, 2023 by 94 Comments

Something odd happened to git.centos.org last week. That’s the repository where Red Hat has traditionally published the source code to everything that’s a part of Red Hat Enterprise Linux (RHEL) to fulfill the requirements of the GPL license. Last week, those packages just stopped flowing. Updates weren’t being published. And finally, Red Hat has published a clear answer to why:

Red Hat has decided to continue to use the Customer Portal to share source code with our partners and customers, while treating CentOS Stream as the venue for collaboration with the community.

Sounds innocuous, but what’s really going on here? Let’s have a look at the Red Hat family: RHEL, CentOS, and Fedora.

RHEL is the enterprise Linux distribution that is Red Hat’s bread and butter. Fedora is RHEL’s upstream distribution, where changes happen fast and things occasionally break. CentOS started off as a community repackaging of RHEL, as allowed under the GPL and other Open Source licenses, for people who liked the stability but didn’t need the software support that you’re paying for when you buy RHEL.

Red Hat took over the reigns of CentOS back in 2014, and then imposed the transition to CentOS Stream in 2020, to some consternation. This placed CentOS Stream between the upstream Fedora, and the downstream RHEL. Some people missed the stability of the old CentOS, and in response a handful of efforts spun up to fill the gap, like Alma Linux and Rocky Linux. These projects took the source from git.centos.org, and rebuilt them into usable community operating systems, staying closer to RHEL in the process.

Red Hat has published a longer statement elaborating on the growth of CentOS Stream, but it ends with an interesting statement: “Red Hat customers and partners can access RHEL sources via the customer and partner portals, in accordance with their subscription agreement.” What exactly is in that subscription agreement? Well according to Alma Linux, “the way we understand it today, Red Hat’s user interface agreements indicate that re-publishing sources acquired through the customer portal would be a violation of those agreements.” Continue reading “Et Tu, Red Hat?”

This Week In Security: NOAuth, MiniDLNA, And Ticket To Ride

June 23, 2023 by 4 Comments

There’s a fun logic flaw in how multiple online services handle OAuth logins, that abuses Microsoft’s Azure Active Directory service to allow account takeovers. The problem is how a site handles the “Sign In With Microsoft” option, when there’s an existing account under the same email address. This is an irritating problem for an end-user, when a site offers multiple sign-in options. Trying to remember which option was used to set up an account is a struggle, so many services automatically merge accounts.

The problem is that the Microsoft Azure authentication information includes an email address, but Microsoft hasn’t done any verification that the account in question actually controls that address. And in fact, it’s trivial for the Azure admin to change that address at whim. So if the service accepts that email address as authoritative, and auto-merges the accounts, it’s a trivial account takeover. And it’s more than just a theoretical problem, as researchers at descope were able to demonstrate the attack, and have found multiple medium and large services that were vulnerable, as well as at least two authentication providers that themselves were vulnerable to this attack.

Microsoft has pushed updates to the Azure AD service to make the issue easier to avoid, though it seems that the unverified “email” field is still being sent on authentication transactions. There is a new flag, “RemoveUnverifiedEmailClaim” that eliminates the issue, and is enabled by default for new applications. Unfortunately this means that existing vulnerable applications will continue to be vulnerable until fixed on the application side. Continue reading “This Week In Security: NOAuth, MiniDLNA, And Ticket To Ride”