Vehicle-To-Everything: The Looming Smart Traffic Experience

October 7, 2024 by Maya Posch 49 Comments

Much of a car’s interaction with the world around it is still a very stand-alone, analog experience, regardless of whether said car has a human driver or a self-driving computer system. Mark I eyeballs or equivalent computer-connected sensors perceive the world, including road markings, traffic signs and the locations of other road traffic. This information is processed and the car’s speed and trajectory are adjusted to ideally follow the traffic rules and avoid unpleasant conversations with police officers, insurance companies, and/or worse.

An idea that has been kicked around for a few years now has been to use wireless communication between cars and their environment to present this information more directly, including road and traffic conditions, independent from signs placed near or on the road. It would also enable vehicle-to-vehicle communication (V2V), which somewhat like the transponders in airplanes would give cars and other vehicles awareness of where other traffic is hanging out. Other than V2V, Vehicle-to-Everything (V2X) would also include communication regarding infrastructure (V2I), pedestrians (V2P) and an expansive vehicle-to-network (V2N) that gives off strong Ghost in the Shell vibes.

Is this is the future of road traffic? The US Department of Transport (DOT) seems to think that its deployment will be a good thing, but V2X has been stuck in regulatory hurdles. This may now change, with the DOT releasing a roadmap for its deployment.

Continue reading “Vehicle-To-Everything: The Looming Smart Traffic Experience” →

Reversing Type 1 Diabetes With A Patient’s Own Stem Cells

October 6, 2024 by Maya Posch 8 Comments

Type 1 diabetes is an auto-immune condition whereby the patient’s own immune system attacks the pancreatic islets, destroying them in the process. Since these islets are responsible for producing insulin in response to blood sugar (glucose) levels, the patient is thus required to externally inject insulin for the remainder of their life. That was the expected scenario, but it appears that this form of diabetes may soon be treatable, with one woman now being free of the condition for a year already, as reported in Nature, referencing an article by [Shusen Wang] et al. that describes the treatment and the one-year result.

Most notable with this study is that the researchers didn’t use the regular method to create pluripotent stem cells. These cells were extracted from the patient, to revert back to this earlier developmental stage. They were not modified using genes, but rather singular chemicals (PDF). The advantage of this is that it avoids having to modify the cell’s genomes, which could conceivably cause issues like cancer later on. This was one of the first time that this method was used in a human subject, with islet cells formed and about 1.5 million of them injected into the patient’s abdominal muscles, a novel site for this procedure.

This location made these islets easy to keep track of, and easier to remove in case of any issues compared to the usual injection site within the liver. Fortunately for this woman, no complications occurred and one year later she is still free of any diabetes symptoms. Two other patients in the trial are also seeing very positive results, leaving only the question of whether the auto-immune condition that originally caused the islet destruction still exists. Since this female patient is taking immunosuppressants for a previous liver transplant it’s a hard to thing to judge, especially since we understand the causes behind type 1 diabetes so poorly.

Regardless, this and other trials using pluripotent cells, transplanted islets and more offer the prospect of a permanent treatment for the many people who suffer from type 1 diabetes.

Featured image: “Human induced pluripotent stem cell colony” National Eye Institute/NIH

2View: The Self-Erasing VHS Tape With Paperclip Hack

October 6, 2024 by Maya Posch 17 Comments

The back of the 2View VHS box. The instructions are all in Dutch, as its (sole) launch market. (Credit: Techmoan, YouTube)

Over the decades the video and music industries have tried a wide range of ways to get consumers to buy ‘cheaper’ versions of albums and music, but then limit the playback in some way. Perhaps one of the most fascinating ones is the 2View, as recently featured by [Matt] over at Techmoan on Youtube. This is a VHS tape which works in standard VHS players and offers you all the goodness that VHS offers, like up to 512 lines of PAL video and hard-coded ads and subtitles, but also is restricted to just playing twice. After this second playback and rewinding, the tape self-erases and is blank, leaving you with just an empty VHS tape you can use for your own recordings.

As a form of analog restrictions management (ARM) it’s pretty simple in how it works, with [Matt] taking the now thankfully erased Coyote Ugly tape apart for a demonstration of the inside mechanism. This consists out of effectively just two parts: one plastic, spring-loaded shape that moves against one of the tape spools and follows the amount of tape, meaning minutes watched, and a second arm featuring a permanent magnet that is retained by an inner track inside the first shape until after rewinding twice it is released and ends up against the second spool, erasing the tape until rewound, after which it catches in a neutral position. This then left an erased tape that could be safely recorded on again.

Although cheaper than a comparable VHS tape without this limit, 2View was released in 2001, when in the Netherlands and elsewhere DVDs were demolishing the VHS market. This, combined with the fact that a simple bent paperclip could be stuck inside to retain the erase arm in place to make it a regular VHS tape, meant that it was really a desperate attempt that quickly vanished off the market

Continue reading “2View: The Self-Erasing VHS Tape With Paperclip Hack” →

Voyager 2’s Plasma Spectrometer Turned Off In Power-Saving Measure

October 2, 2024 by Maya Posch 24 Comments

The Voyager 2 spacecraft’s energy budget keeps dropping by about 4 Watt/year, as the plutonium in its nuclear power source is steadily dropping as the isotope decays. With 4 Watt of power less to use by its systems per year, the decision was made to disable the plasma spectrometer (PLS) instrument. As also noted by the NASA Voyager 2 team on Twitter, this doesn’t leave the spacecraft completely blind to plasma in the interstellar medium as the plasma wave subsystem (PWS) is still active. The PLS was instrumental in determining in 2018 that Voyager 2 had in fact left the heliosphere and entered interstellar space. The PLS on Voyager 1 had already broken down in 1980 and was turned off in 2007.

After saving the Voyager 1 spacecraft the past months from a dud memory chip and switching between increasingly clogged up thrusters, it was now Voyager 2’s turn for a reminder of the relentless march of time and the encroaching end of the Voyager missions. Currently Voyager 2 still has four active instruments, but by the time the power runs out, they’ll both be limping along with a single instrument, probably somewhere in the 2030s if their incredible luck holds.

This incredible feat was enabled both by the hard work and brilliance of the generations of teams behind the two spacecraft, who keep coming up with new tricks to save power, and the simplicity of the radioisotope generators (RTGs) which keep both Voyagers powered and warm even in the depths of interstellar space.

First Tentative Sales Of Tandem Perovskite-Silicon PV Panels

September 29, 2024 by Maya Posch 18 Comments

To anyone who has spent some time in photovoltaic (PV) power circles, the word ‘perovskite’ probably sounds familiar. Offering arguably better bandgap properties than traditional silicon cells, perovskite-based PV panels also promise to be cheaper and (literally) more flexible, but commercialization has been elusive. This is something which Oxford PV seeks to change, with the claim that they will be shipping the first hybrid perovskite-silicon panels to a US customer.

Although Oxford PV prefers to keep the details of their technology classified, there have been decades of research on pure perovskite PV cells as well as tandem perovskite-silicon versions. The reason for the tandem (i.e. stacked) construction is to use more of the solar rays’ spectrum and total energy to increase output. The obvious disadvantage of this approach is that you need to find ways to make each layer integrate in a stable fashion, with ideally the connecting electrodes being transparent. A good primer on the topic is found in this 2021 review article by [Yuanhang Cheng] and [Liming Ding].

The primary disadvantage of perovskites has always been their lack of longevity, with humidity, UV irradiation, temperature and other environmental factors conspiring against their continued existence. In a 2022 study by [Jiang Liu] et al. in Science it was reported that a perovskite-silicon tandem solar cell lost about 5% of its initial performance after 1,000 hours. A 2024 study by [Yongbin Jin] et al. in Advanced Materials measured a loss of 2% after approximately the same timespan. At a loss of 2%/1,000 hours, the perovskite layer would be at 50% of its initial output after 25,000 hours, or a hair over 2.85 years.

A quick glance through the Oxford PV website didn’t reveal any datasheets or other technical information which might elucidate the true loss rate, so it would seem that we’ll have to wait a while longer on real data to see whether this plucky little startup has truly cracked the perovskite stability issue.

Top image: Summary of tandem perovskite-silicon solar cell workings. (Credit: Yuanhang Cheng, Liming Ding, SusMat, 2021)

Man-in-the-Middle PCB Unlocks HP Ink Cartridges

September 28, 2024 by Maya Posch 150 Comments

It’s a well-known secret that inkjet ink is being kept at artificially high prices, which is why many opt to forego ‘genuine’ manufacturer cartridges and get third-party ones instead. Many of these third-party ones are so-called re-manufactured ones, where a third-party refills an empty OEM cartridge. This is increasingly being done due to digital rights management (DRM) reasons, with tracking chips added to each cartridge. These chip prohibit e.g. the manual refilling of empty cartridges with a syringe, but with the right tweak or attack can be bypassed, with [Jay Summet] showing off an interesting HP cartridge DRM bypass using a physical man-in-the-middle-attack.

This bypass takes the form of a flex PCB with contacts on both sides which align with those on the cartridge and those of the printer. What looks like a single IC in a QFN package is located on the cartridge side, with space for it created inside an apparently milled indentation in the cartridge’s plastic. This allows is to fit flush between the cartridge and HP inkjet printer, intercepting traffic and presumably telling the printer some sweet lies so that you can go on with that print job rather than dash out to the store to get some more overpriced Genuine HP-approved cartridges.

Not that HP isn’t aware or not ticked off about this, mind. Recently they threatened to brick HP printers that use third-party cartridges if detected, amidst vague handwaving about ‘hackers’ and ‘viruses’ and ‘protecting the users’ with their Dynamic Security DRM system. As the many lawsuits regarding this DRM system trickle their way through the legal system, it might be worth it to keep a monochrome laser printer standing by just in case the (HP) inkjet throws another vague error when all you want is to just print a text document.

Continue reading “Man-in-the-Middle PCB Unlocks HP Ink Cartridges” →

Hacking Kia: Remotely Hijack A Car Using Only Its License Plate

September 27, 2024 by Maya Posch 55 Comments

These days everything needs to be connected to remote servers via the internet, whether it’s one’s TV, fridge or even that new car you just bought. A recently discovered (and already patched) vulnerability concerning Kia cars was a doozy in this regard, as a fairly straightforward series of steps allowed for any attacker to obtain the vehicle identification number (VIN) from the license plate, and from there become registered as the car’s owner on Kia’s network. The hack and the way it was discovered is described in great detail on [Sam Curry]’s website, along with the timeline of its discovery.

Notable is that this isn’t the first vulnerability discovered in Kia’s HTTP-based APIs, with [Sam] this time taking a poke at the dealer endpoints. To his surprise, he was able to register as a dealer and obtain a valid session ID using which he could then proceed to query Kia’s systems for a user’s registered email address and phone number.

With a specially crafted tool to automate the entire process, this information was then used to demote the car’s owner and register the attacker as the primary owner. After this the attacker was free to lock/unlock the doors, honk to his heart’s content, locate the car and start/stop the vehicle. The vulnerability affected all Kia cars made after 2013, with the victim having no indication of their vehicle having been hijacked in this manner. Aside from the doors randomly locking, the quaint honking and engine turning on/off at a whim, of course.

Perhaps the scariest part about this kind of vulnerability is that it could have allowed an attacker to identify a vulnerable parked car, gained access, before getting into the car, starting the engine and driving away. As long as these remote APIs allow for such levels of control, one might hope that one day car manufacturers will take security somewhat more serious, as this is only the latest in a seemingly endless series of amusingly terrifying security vulnerabilities that require nothing more than some bored hackers with HTTP query crafting tools to discover.

Continue reading “Hacking Kia: Remotely Hijack A Car Using Only Its License Plate” →