Cold War Spying And The Questionable Use Of Smuggled Blueprints In Developing Supersonic Airliners

December 8, 2023 by Maya Posch 12 Comments

Although spying is a time-honored tradition, the sheer scope of it reached a fever pitch during the Cold War, when everyone was spying on everyone, and conceivably for both sides at the same time. In an era where both McCarthyism and the character of James Bond enjoyed strong popularity, it should come as no surprise that a project of geopolitical importance like the development of the world’s first supersonic airliner would come amidst espionage, as well as accusations thereof.

This is the topic of a documentary that recently aired on Channel 4 in the UK called Concorde: The Race for Supersonic, yet what is the evidence that the Soviet Tu-144 truly was just a Concorde clone, a derogatory nicknamed ‘Concordski’?

At the time that the Concorde was being developed, there wasn’t just the competition from the Tu-144 team, but also the Boeing 2702 (pictured) and Lockheed L-2000, with the latter two ultimately being cancelled. Throughout development, all teams converged on a similar design, with a delta wing and similar overall shape. Differences included the drooping nose (absent on Boeing 2707-300) and use of canards (present on Tu-144 and 2707-200), and wildly different engines, with the production Tu-144S requiring an afterburner on its Kuznetsov NK-144A engines just like the Concorde, before the revised Tu-144D removing the need for afterburners with the Koliesov RD36-51 engines.

Although generally classified as a ‘failure’, the Tu-144’s biggest issues appear to have been due to the pressure on the development team from Soviet leadership. Once the biggest issues were being fixed (Tu-144D) it saw continued use for cargo use and even flying missions for NASA (Tu-144LL) until 1999. Although Soviet spies were definitely caught with Concorde blueprints, the practical use of these for the already overburdened Tu-144 development team in terms of reverse-engineering and applying it to the Tu-144’s design would be limited at best, which would seem to be reflected in the final results.

Meanwhile, although supersonic airliners haven’t been flying since the Concorde retired in 2003, the Lockheed Martin X-59 Quesst supersonic airplane that is being built for NASA looks set to fix the sonic boom and fuel usage issues that hampered supersonic flight. After the L-2000 lost to Boeing so many decades ago, it might be Lockheed that has the last laugh in the race towards supersonic flight for airliners.

Top image: Tu-144 with distinctive droop nose at the MAKS-2007 exhibition)

DIY Walkie-Talkie With ESP32 And ESP-NOW

December 8, 2023 by Maya Posch 15 Comments

In a recent article in Elektor magazine, [Clemens Valens] describes the construction and software for an ESP32 walkie-talkie system that uses ESP-NOW for the wireless connection between units, along with a low-cost condenser microphone with a transistor-based preamplifier and an LM386 op-amp for the speaker circuit. In the ESP32 module the built-in DAC and ADC are used for audio in and output, which provide just about enough resolution for voice communication.

So why use ESP-NOW rather than WiFi or Bluetooth? Mostly because of range, power usage and convenience with no SSIDs and passwords to bother with.

The DIY Walkie-Talkie circuit diagram. (Credit: Clemens Valens, Elektor magazine)

ESP-NOW is Espressif’s own network protocol that uses the same underlying hardware as 2.4 GHz WiFi and Bluetooth, but focuses on more basic direct and mesh-style communication. It can be considered to be somewhat like low-level UDP with MAC address instead of IP address, which makes it useful for fire-and-forget traffic such as from IoT devices.

In the past, we’ve seen ESP-NOW control everything from fake security cameras to CNC machines. In fact, we’ve even seen it used in another walkie-talkie a couple years back.

Hacking The Xiaomi Mi Band 8 With Custom Firmware

December 7, 2023 by Maya Posch 11 Comments

Over the past years, fitness trackers have gone from fairly unobtrusive bands that relied mostly on smartphone apps for interaction to essentially being fashion statements and smart watches, with large screens and impressive specs. The Xiaomi Mi Band 8 is no exception, with a zippy MCU and a 1.62″ AMOLED screen that just asks for some serious rick-rolling. This was a challenge which [Aaron Christophel] was all too happy to accept, resulting in some reverse-engineering and flashing of custom firmware onto one of these marvels of modern wearable technology.

Block Diagram for the Apollo4 Blue Lite. (Credit: Ambiq)

The Mi Band 8 is built around an Ambiq Apollo4 Blue Lite MCU which features a Cortex-M4 core for applications, along with a Bluetooth LE radio and a lot of SRAM and Flash. This naturally implies an SWD interface for programming, which was mostly a matter of reverse-engineering the PCB to find the locations for these signals and realizing that the original firmware disables the SWD interface on boot. Unfortunately the Ambiq SDK requires you to create an account, but you can get the basics from [Aaron]’s GitHub project. It appears that for BLE you do need the full SDK, and OTA updates feature a signing check, so physical access is required.

So far the display, touchscreen and light sensor are working, with the remaining peripherals just a matter of time. With a list price of around $64 for one of these fitness bands with a 192 x 490 touch-enabled AMOLED display and a variety of health-related sensors, they’d seem to be a fun toy to hack, especially when found on sale or used.

Continue reading “Hacking The Xiaomi Mi Band 8 With Custom Firmware” →

Japan’s JT-60SA Generates First Plasma As World’s Largest Superconducting Tokamak Fusion Reactor

December 6, 2023 by Maya Posch 35 Comments

Comparison of toroidal field (TF) coils from JET, JT-60SA and ITER (Credit: QST)

Japan’s JT-60SA fusion reactor project announced first plasma in October of this year to denote the successful upgrades to what is now the world’s largest operational, superconducting tokamak fusion reactor. First designed in the 1970s as Japan’s Breakeven Plasma Test Facility, the JT-60SA tokamak-based fusion reactor is the latest upgrade to the original JT-60 design, following two earlier upgrades (-A and -U) over its decades-long career. The most recent upgrade matches the Super Advanced meaning of the new name, as the new goal of the project is to investigate advanced components of the global ITER nuclear fusion project.

Originally the JT-60SA upgrade with superconducting coils was supposed to last from 2013 to 2020, with first plasma that same year. During commissioning in 2021, a short circuit in the poloidal field coils caused a lengthy investigation and repair, which was completed earlier this year. Although the JT-60SA is only using hydrogen and later deuterium as its fuel rather than the deuterium-tritium (D-T) mixture of ITER, it nevertheless has a range of research objectives that allow for researchers to study many aspects of the ITER fusion reactor while the latter is still under construction.

Since the JT-60SA also has cooled divertors, it can sustain plasma for up to 100 seconds, to study various field configurations and the effect this has on plasma stability, along with a range of other parameters. Along with UK’s JET, China’s HL-2M and a range of other tokamaks at other facilities around the world, this should provide future ITER operators with significant know-how and experience long before that tokamak will generate its first plasma.

Anthrobots can promote gap closures on scratched live neuronal monolayers. (Credit: Gumuskaya et al., 2023)

Anthrobots: Tiny Robots From Tracheal Epithelium Cells That Can Fix Neural Damage

December 6, 2023 by Maya Posch 10 Comments

Although we often regard our own bodies and those of the other multicellular organisms around us as a singular entity, each cell that makes up our body is its own, nano-robot. One long-existing question was whether these cells can be used for other tasks — like biological robots — after they have specialized into a specific tissue type, with a recent study by [Gizem Gumuskaya] and colleagues in Advanced Science (with Nature news coverage) indicating a potential intriguing use of adult human epithelial cells recovered from the trachea.

Human bronchial epithelial cells self-construct into multicellular motile living architectures. (Credit: Gumuskaya et al., 2023)

After extraction, these adult cells were kept in an extracellular matrix (ECM, Matrigel) in conditions promoting cell division, followed by ECM dissolution after 14 days and subsequent culturing of the spherical clumps of cells that had thus formed in a water-based, low-viscosity environment. This environment, along with the addition of retinoic acid promoted the development of outward-facing cilia, rather than the typical inward type with a gel-based ECM.

These spheroids (anthrobots, referencing their human origin) generally showed the ability to move using these cilia, with the direction largely determined by the symmetry of the sphere. Multiple of these motile spheroids were then placed on a layer of human neural tissue, in which a scratch had damaged a number of the neurons to form a gap. The anthrobots grouped together over the course of days to form a bridge across the gap, with the neural tissue observed to regrow underneath this bridge, a behavior that could not be repeated by using a dummy support consisting out of agarose on another neural sample, indicating that it is this living bridge that enabled neural regeneration.

Although the researchers rightfully indicate that they are uncertain which factors actually induce this restorative effect in the neurons, it offers exciting glimpses into a potential feature where neural damage is easily repaired, and biological robots made from our own cells can be assembled to perform a variety of tasks.

Update On The BLUFFS Bluetooth Vulnerability

December 2, 2023 by Maya Posch 14 Comments

As we first reported in yesterday’s weekly security post, researchers at EURECOM have revealed the details (PDF, references) of a new man-in-the-middle (MITM) attack on Bluetooth 4.2 through 5.4, which has been assigned CVE-2023-24023. Like preceding CVEs, it concerns the session authentication between Bluetooth devices, where the attacker uses spoofed paired or bonded devices to force the use of a much shorter encryption key length.

The name of this newly discovered vulnerability is BLUFFS (Bluetooth Forward and Future Secrecy), where forward and future secrecy are important terms that refer to the protection of secure sessions against compromise in the past (forward, FoS) and future (FuS). The CVE presentation notes that the Bluetooth specification does not cover either FuS or FoS. In total two new architectural vulnerabilities were discovered, both of which attack the security key.

The Bluetooth SIG has released a statement regarding this attack method. Although serious, it would seem that the core issue is that some implementations allow for encryption key lengths below 7 octets:

Continue reading “Update On The BLUFFS Bluetooth Vulnerability” →

Open Source Spacecraft Avionics With NASA’s Core Flight System

November 30, 2023 by Maya Posch 18 Comments

One thing about developing satellites, spacecraft, rovers and kin is that they have a big overlap in terms of functionality. From communication, to handling sensors, propulsion, managing data storage, task scheduling and so on, the teams over at NASA have found over the years that with each project there was a lot of repetition.

Block diagram of a simplified avionics system. (Credit: NASA)

Either they were either copy-pasting code from old projects, or multiple teams were essentially writing the same code.

To resolve this inefficiency NASA developed the Core Flight System (cFS), a common software framework for spacecraft, based on code and lessons from various space missions. The framework, which the space agency has released under the Apache license, consists of an operating system abstraction layer (OSAL), the underlying OS (VxWorks, FreeRTOS, RTEMS, POSIX, etc.), and the applications that run on top of the OSAL alongside the Core Flight Executive (cFE) component. Here cFS apps can be loaded and unloaded dynamically, along with cFS libraries, as cFS supports both static and dynamic linking.

There are a few sample applications to get started with, and documentation is available, should you wish to use cFS for your own projects. Admittedly, it’s a more complex framework than you’d need for a backyard rover. But who knows? As access to space gets cheaper and cheaper, you might actually get the chance to put together a DIY CubeSat someday — might as well start practicing now.