This Week In Security: Kaspersky Ban, Project Naptime, And More

June 28, 2024 by 10 Comments

The hot news this week is that Kaspersky is banned in the USA. More specifically, Kaspersky products will be banned from sale in the US starting on September 29. This ban will extend to blocking software updates, though it’s unclear how that will actually be accomplished. It’s reasonable to assume that payment processors will block payments to Kaspersky, but will ISPs be required to block traffic that could contain antivirus updates?

WordPress Plugin Backdoor

A Quartet of WordPress plugins have been found to have recently included backdoor code. It’s a collection of five Open Source plugins, seemingly developed by unrelated people. Malicious updates first showed up on June 21st, and it appears that all five plugins are shipping the same malicious code.

Rabbit AI API

The Rabbit R1 was released to less than thunderous applause. The idea is a personal AI device, but the execution has been disappointing, to the point of reviewers suggesting some of the earlier claims were fabricated. Now it seems there’s a serious security issue, in the form of exposed API keys that have *way* too many privileges.

The research seems to be done by the rabbitude group, who found the keys back in May. Of the things allowed by access to the API keys, the most worrying for user privacy was access to every text-to-speech call. Rabbitude states in their June 25 post, that “rabbit inc has known that we have had their elevenlabs (tts) api key for a month, but they have taken no action to rotate the api keys.” On the other hand, rabbit pushed a statement on the 26th, claiming they were just then made aware of the issue, and made the needed key rotations right away.

Continue reading “This Week In Security: Kaspersky Ban, Project Naptime, And More”

Solving Cold Cases With Hacked Together Gear

June 28, 2024 by 12 Comments

People go missing without a trace far more commonly than any of us would like to think about. Of course the authorities will conduct a search, but even assuming they have the equipment and personnel necessary, the odds are often stacked against them. A few weeks go by, then months, and eventually there’s yet another “cold case” on the books and a family is left desperate for closure.

But occasionally a small team or an individual, if determined enough, can solve such a case even when the authorities have failed. Some of these people, such as [Antti Suanto] and his brother, have even managed to close the books on multiple missing person cases. In an incredibly engrossing series of blog posts, [Antti] describes how he hacked together a pair of remotely operated vehicles to help search for and ultimately identify sunken cars.

Continue reading “Solving Cold Cases With Hacked Together Gear”

A man in a red plaid shirt draped over an olive t-shirt holds sandpaper in one hand an an aluminum tube filled with white beads in the other over a wooden table.

Activated Alumina For Desiccating Your Filament

June 27, 2024 by 21 Comments

When you first unwrap a shiny new roll of filament for your FDM printer, it typically has a bag of silica gel inside. While great for keeping costs low on the manufacturing side, is silica gel the best solution to keep your filament dry at home?

Frustrated with the consumable nature and fussy handling of silica gel beads, [Build It Make It] sought a more permanent way to keep his filament dry. Already familiar with activated alumina beads, he crafted a desiccant cylinder that can be popped into the oven all at once instead of all that tedious mucking about with emptying and refilling plastic capsules.

A length of aluminum intake pipe, some high temperature epoxy, and aluminum mesh are all combined to make a simple, sealed cylinder. During the process, he found that using a syringe filled with the epoxy led to a much more precise application to the aluminum cylinder, so he recommends starting out that way if you make these for yourself.

We suspect something with a less permanent attachment at one end would let you periodically swap out the beads if you wanted to try this hack with the silica beads you already had. Perhaps some kind of threaded pipe fitting? If you want a more active dryer, try making one with a Peltier. If you want to know just how dry your filament is getting, you could also put in a sensor. You might also wonder, do you really need to dry filament at all?

Continue reading “Activated Alumina For Desiccating Your Filament”

The SS United States: The Most Important Ocean Liner We May Soon Lose Forever

June 27, 2024 by 11 Comments

Although it’s often said that the era of ocean liners came to an end by the 1950s with the rise of commercial aviation, reality isn’t quite that clear-cut. Coming out of the troubled 1940s arose a new kind of ocean liner, one using cutting-edge materials and propulsion, with hybrid civil and military use as the default, leading to a range of fascinating design decisions. This was the context in which the SS United States was born, with the beating heart of the US’ fastest battle ships, with light-weight aluminium structures and survivability built into every single aspect of its design.

Outpacing the super-fast Iowa-class battleships with whom it shares a lot of DNA due to its lack of heavy armor and triple 16″ turrets, it easily became the fastest ocean liner, setting speed records that took decades to be beaten by other ocean-going vessels, though no ocean liner ever truly did beat it on speed or comfort. Tricked out in the most tasteful non-flammable 1950s art and decorations imaginable, it would still be the fastest and most comfortable way to cross the Atlantic today. Unfortunately ocean liners are no longer considered a way to travel in this era of commercial aviation, leading to the SS United States and kin finding themselves either scrapped, or stuck in limbo.

In the case of the SS United States, so far it has managed to escape the cutting torch, but while in limbo many of its fittings were sold off at auction, and the conservation group which is in possession of the ship is desperately looking for a way to fund the restoration. Most recently, the owner of the pier where the ship is moored in Philadelphia  got the ship’s eviction approved by a judge, leading to very tough choices to be made by September.

Continue reading “The SS United States: The Most Important Ocean Liner We May Soon Lose Forever”

LEGO Bricks: Now Out Of This World

June 27, 2024 by 15 Comments

Now the eyes of space explorers are turned once more towards the Moon, there are a whole host of new engineering challenges facing engineers working on lunar missions. One such challenge relates to how any proposed Moon base might be built, and as European Space Agency (ESA) researchers turn their mind to the problem they’ve taken a uniquely European approach. They’ve made some LEGO bricks.

Sadly lunar regolith is in short supply in Europe at the moment, so as a stand-in they’ve ground up a meteorite, mixed the powder with a polymer, and 3D printed their bricks. The LEGO write-up is a little long on frothy writing style and a little short on the science, but it seems that they clutch in exactly the same way as the official bricks from Billund, and can be assembled just as you would a normal set of bricks.

It’s with some regret that we have to concede that Europe’s off-planet outpost won’t be crewed by LEGO people in a base made from LEGO bricks, but we applaud them for doing this as a practical test given the limited supply of starter material. LEGO themselves have snagged some of them to display in a range of their flagship stores, so we hot-footed it down to London to catch some pictures. What we found is a single brick in a glass case, sadly looking very like any other 3D printed brick in a shiny grey medium. It’s probably the most expensive brick in the world though, so we doubt they’ll be available to buy any time soon.

If you’re hungry for more of all things LEGO, we can do no better than suggest a trip to the mother lode, in Billund, Denmark.

FLOSS Weekly Episode 789: You Can’t Eat The Boards

June 26, 2024 by No comments

This week Jonathan Bennett and Doc Searls chat with Igor Pecovnik and Ricardo Pardini about Armbian, the Debian-based distro tailor made for single-board computers. There’s more than just Raspberry Pi to talk about, with the crew griping about ancient vendor kernels, the less-than-easy ARM boot process, and more!

Continue reading “FLOSS Weekly Episode 789: You Can’t Eat The Boards”

Paul Allen’s Living Computers Museum And Labs To Be Auctioned

June 25, 2024 by 20 Comments

After the Living Computers museum in Seattle closed like so many museums and businesses in 2020 with the pandemic, there were many who feared that it might not open again. Four years later this fear has become reality, as the Living Computers: Museum + Labs (LCM+L, for short) entire inventory is being auctioned off. This occurs only 12 years after the museum and associated educational facilities were opened to the public. Along with Allen’s collection at the LCM+L, other items that he had been collecting until his death in 2018 will also be auctioned at Christie’s, for a grand total of 150 items in the Gen One: Innovations from the Paul G. Allen Collection.

In 2022 Allen’s art collection had seen the auction block, but this time it would seem that the hammer has come for this museum. Unique about LCM+L was that it featured vintage computing systems that visitors could interact with and use much like they would have been used back in the day, rather than being merely static display pieces, hence the ‘living computers’ part. Although other vintage computing museums in the US and elsewhere now also allow for such interactive displays, it’s sad to see the only major vintage computing museum in Washington State vanish.

Hopefully the items being auctioned will find loving homes, ideally at other museums and with collectors who aren’t afraid to keep the educational spirit of LCM+L alive.

Thanks to [adistuder] for the tip.

Top image: A roughly 180° panorama of the “conditioned” room of the Living Computer Museum, Seattle, Washington, USA. Taken in 2014. (Credit: Joe Mabel)