Known as Project CAVForth for the UK government’s Center for Connected and Autonomous Vehicles (CCAV) and the Forth bridge, over which the buses will travel, it is said to be the most complex test of autonomous on-road mass transit yet undertaken in Europe. The full-size single-deck motorcoaches, five in total, will ply a 22-km (14-mile) route into Edinburgh from Fife, crossing the famous Firth of Forth on the Forth Road suspension bridge. The buses will carry about 36 passengers each and run at SAE Level 4 autonomy, meaning that a safety driver is optional under good driving conditions. Continue reading “Automate The Freight: Autonomous Buses To Start Operation In UK”→
[Daljeet Nandha] from [RoboCoffee] writes to us, sharing his research on cryptographic signature-based firmware authenticity checks recently added to the Xiaomi Mi scooter firmware. Those scooters use an OTA firmware update mechanism over BLE, so you can update your scooter using nothing but a smartphone app – great because you can easily get all the good new features, but suboptimal because you can easily get all the bad new features. As an owner of a Mi 1S scooter but a hacker first and foremost, [Daljeet] set up a HTTPS proxy and captured the firmware files that the app downloaded from Xiaomi servers, dug into them, and summarized what he found.
Confirming this update will indefinitely lock you out of any third-party OTA updates
Unlike many of the security measures we’ve seen lacking-by-design, this one secures the OTA firmware updates with what we would consider the industry standard – SHA256 hash with elliptic cryptography-backed signing. As soon as the first firmware version implementing signature checks is flashed into your scooter, it won’t accept anything except further firmware binaries that come with Xiaomi’s digital signature. Unless a flaw is found in the signature checking implementation, the “flash a custom firmware with a smartphone app” route no longer seems to be a viable pathway for modding your scooter in ways Xiaomi doesn’t approve of.
Having disassembled the code currently available, [Daljeet] tells us about all of this – and more. In his extensive writeup, he shares scripts he used on his exploration journey, so that any sufficiently motivated hacker can follow in his footsteps, and we highly recommend you take a look at everything he’s shared. He also gives further insights, explaining some constraints of the OTA update process and pointing out a few security-related assumptions made by Xiaomi, worth checking for bypassing the security implemented. Then, he points out the firmware filenames hinting that, in the future, the ESC (Electronic Speed Control, responsible for driving the motors) board firmware might be encrypted with the same kind of elliptic curve cryptography, and finds a few update hooks in the decompiled code that could enable exactly that in future firmware releases.
One could argue that these scooters are typically modified to remove speed limits, installed there because of legal limitations in a variety of countries. However, the legal speed limits are more nuanced than a hard upper boundary, and if the hardware is capable of doing 35km/h, you shouldn’t be at mercy of Xiaomi to be able to use your scooter to its full extent where considerate. It would be fair to assert, however, that Xiaomi did this because they don’t want to have their reputation be anywhere near “maker of scooters that people can modify to break laws with”, and therefore we can’t expect them to be forthcoming.
Mass storage has come a long way since the introduction of the personal computer. [Tech Time Traveller] has an interesting video about the dawn of PC hard drives focusing on a company called MiniScribe. After a promising start, they lost an IBM contract and fell on hard times.
Apparently, the company was faking inventory to the tune of $15 million because executives feared for their jobs if profits weren’t forthcoming. Once they discovered the incorrect inventory, they not only set out to alter the company’s records to match it, but they also broke into an outside auditing firm’s records to change things there, too.
Senior management hatched a plan to charge off the fake inventory in small amounts to escape the notice of investors and government regulators. But to do that, they need to be able to explain where the balance of the nonexistent inventory was. So they leased a warehouse to hold the fraud inventory and filled it with bricks. Real bricks like you use to build a house. Around 26,000 bricks were packaged in boxes, assigned serial numbers, and placed on pallets. Auditors would see the product ready to ship and there were even plans to pretend to ship them to CompuAdd and CalAbco, two customers, who had agreed to accept and return the bricks on paper allowing them to absorb the $15 million write off a little at a time.
Unfortunately, the fictitious excellent financial performance led to an expectation of even better performance in the future which necessitated even further fraud. The company had turned around, but only on paper. A downturn in the computer business and maxed-out credit signaled the beginning of the end. Suppliers and employees weren’t getting paid. A senior manager violated insider trader rules and dumped a lot of stock.
The turnaround CEO finally resigned and a new CEO found the fraud and released the findings that they were in the hole for $100 million. Bankruptcy pushed the company’s assets to Maxtor and criminal charges against 16 people ensued ending in fines and jail time. It isn’t clear if any of the boxed bricks were shipped to anyone by accident or by a disgruntled employee with a rubber paycheck. [Tech Time Traveller] speculates that if someone has one, it would be quite the collector’s item.
News reports were everywhere that an autonomous taxi operated by a company called Cruise was driving through San Francisco with no headlights. The local constabulary tried to stop the vehicle and were a bit thrown that there was no driver. Then the car moved beyond an intersection and pulled over, further bemusing the officers.
The company says the headlights were due to human error and that the car had stopped at a light and then moved to a safe stop by design. This leads to the question of how people including police officers will interact with robot vehicles.
Taking apart old stuff and re-using the parts to make something new is how many hackers first got started in the world of mechanical and electronic engineering. But even after years working in industry we still get that tinge of excitement whenever someone offers us an old device “for parts”, and immediately begin to imagine the things we could build with the components inside.
So when [Victor Frost] was offered an old Cricut cutting plotter, he realized he could use its parts to create the camera slider he’d been planning to build. The plotter’s X stage, controlled by a stepper motor, was ideal for moving a camera platform back and forth. [Victor] wanted to build the entire thing in a “freehand” way, without making a detailed design or purchasing any new parts. So he dived into his parts bin and dug up an Arduino, a 16×2 LCD, some wires and buttons, and a few pieces of MDF.
The camera mount is simply a piece of steel that a GoPro’s magnetic mount can latch onto, but [Victor] keeps open the possibility of mounting a proper tripod ball head. The Arduino drives the stepper motor through an Adafruit Motor Shield, with a simple user interface running on the LCD. The user can set the desired end points and speed, and then run the camera back and forth as often as needed. In this way, the software follows the same “keep it simple” philosophy as the hardware design.
All [George] really wanted was for his vintage calculator to understand Reverse Polish Notation (RPN). The calculator in question can already run its own version of BASIC, however the bespoke Hitachi CPU struggles performance-wise with complex programs, and wouldn’t be a realistic way of using RPN on the calculator. An RPN interpreter written in assembly language would be much faster.
The first step in cracking this calculator wide open was a ROM dump, followed by writing a disassembler. Incredibly, the MAME framework already featured a ‘partial implementation’ of the calculator’s CPU, which was a much needed shot in the arm when it came time to write a full-featured emulator.
With the entire calculator emulated in software, the plan from here involved replacing one of the BASIC commands in ROM with new code that would jump to an address in RAM. With 32KB of RAM there ended up being plenty of room for experimentation, and uploading a program into RAM was simplified by using Casio’s original backup software to dump the RAM onto a PC. Here, the contents of RAM could be easily modified with custom code, then uploaded back into the calculator.
With RAM to burn, new routines were created to write custom characters to the screen, and a new font was created to squeeze more characters onto the display than normal. [George] ended up porting a Forth interpreter, which defaults to RPN style, to finally achieve his humble objective. He also managed to get a version of Conway’s Game Of Life running, check out the video after the break.
Menopause is the time of life when menstrual periods come to a halt, and a woman is no longer able to bear children. The most obvious cause of menopause is when the ovaries run out of eggs, though it can also be caused by a variety of other medical processes. While menopause is in many ways well-understood, the biological reason for menopause, or the way in which it evolved in humanity remains a mystery. The process was once thought to be virtually non-existent in the animal kingdom, raising further questions.
Surprisingly recently, however, scientists began to learn that humans are not alone in this trait. Indeed, a small handful of sea-going mammals also go through this unique and puzzling process.
