This Week In Security: Oracle Opera, Passkeys, And AirTag RFC

May 5, 2023 by Jonathan Bennett 10 Comments

There’s a problem with Opera. No, not that kind of opera. The Oracle kind. Oracle OPERA is a Property Management Solution (PMS) that is in use in a bunch of big-name hotels around the world. The PMS is the system that handles reservations and check-ins, talks to the phone system to put room extensions in the proper state, and generally runs the back-end of the property. It’s old code, and handles a bunch of tasks. And researchers at Assetnote found a serious vulnerability. CVE-2023-21932 is an arbitrary file upload issue, and rates at least a 7.2 CVSS.

It’s a tricky one, where the code does all the right things, but gets the steps out of order. Two parameters, jndiname and username are encrypted for transport, and the sanitization step happens before decryption. The username parameter receives no further sanitization, and is vulnerable to path traversal injection. There are two restrictions to exploitation. The string encryption has to be valid, and the request has to include a valid Java Naming and Directory Interface (JNDI) name. It looks like these are the issues leading Oracle to consider this flaw “difficult to exploit vulnerability allows high privileged attacker…”.

The only problem is that the encryption key is global and static. It was pretty straightforward to reverse engineer the encryption routine. And JDNI strings can be fetched anonymously from a trio of endpoints. This lead Assetnote to conclude that Oracle’s understanding of the flaw is faulty, and a much higher CVSS score is appropriate. Particularly with this Proof of Concept code, it is relatively straightforward to upload a web shell to an Opera system.

The one caveat there is that an attacker has to get network access to that install. These aren’t systems intended to be exposed to the internet, and my experience is that they are always on a dedicated network connection, not connected to the rest of the office network. Even the interconnect between the PMS and phone system is done via a serial connection, making this network flaw particularly hard to get to. Continue reading “This Week In Security: Oracle Opera, Passkeys, And AirTag RFC” →

Linux Cell Phone? Build OURPhone

May 5, 2023 by Al Williams 30 Comments

[Evan] couldn’t find a phone he liked, so he decided to build his own. There are advantages and disadvantages, as you might expect. On the plus side, you have the ultimate control. On the negative side, it doesn’t quite have the curb appeal — at least to the average user — of a sleek new cell phone from a major manufacturer.

The phone uses a Raspberry Pi, along with a 4G modem and a 480×800 touchscreen. There’s a laser cut box that measures 90x160x30 mm. For reference, a Google Pixel 7 is about 73x156x9 mm, so a little easier on the pocket.

But not one the pocketbook. The OURPhone only costs about $200 USD to build. There are trade-offs. For example, the touchscreen is resistive, so you’ll want a stylus (there’s a slot for it in the case). On the other hand, if you don’t like something, it is all there for you to change.

Obviously, a better screen would help. Thinner batteries might be a good enhancement too. But that’s the beauty of an open project. You can do all these things and more.

We wondered if you could get one of the “mobile” Linux editions to run or even Android. It seems like the hardest part is coming up with a sophisticated enclosure.

CNC Feeds And Speeds, Explained As A First-Timer

May 5, 2023 by Donald Papp 35 Comments

If you’ve ever looked into CNC cutting tools, you’ve probably heard the term “feeds and speeds”. It refers to choosing the speed at which to spin the cutting tool, and how fast to plow it into the material being cut. They’re important to get right, and some of the reasons aren’t obvious. This led [Callan Bryant] to share his learned insights as a first-timer. It turns out there are excellent (and somewhat non-intuitive) reasons not to simply guess at the correct values!

A table of variables and how they relate to one another (click to enlarge).

The image above shows a tool damaged by overheating. [Callan] points out that as a novice, one might be inclined to approach a first cutting jobs conservatively, with a low feed rate. But doing this can have an unexpected consequence: a tool that overheats due to spinning too quickly while removing too little material.

CNC cutting creates a lot of heat from friction, and one way to remove that heat is by having the tool produce shavings, which help carry heat away. If a tool is making dust instead of shavings — for example if the feed rate is too conservative — the removed pieces will be too small to carry significant energy, and the tool can overheat.

[Callan] makes a table of variables at work in a CNC system in order to better understand their relationship before getting into making a formula for calculating reasonable feed and speed rates. Of course, such calculations are a reasonable starting point only, and it’s up to the operator to ensure things are happening as they should for any given situation. As our own Elliot Williams observed, CNC milling is a much more manual process than one might think.

NVIDIA Jetson Powers Real-Time Iron Man HUD

May 4, 2023 by Tom Nardi 15 Comments

If you could recreate any of the capabilities of Tony Stark’s Iron Man suit in real life, it would probably be the ability to fly, the super strength, or maybe even the palm-mounted lasers that can cut through whatever obstacle is in your path. But let’s be real, all that stuff is way too hard to try and pull off. Plus you’ll probably just end up accidentally killing yourself in the backyard.

But judging by the videos he’s been posting, [Kris Kersey] is doing one hell of a job creating a functional heads-up display (HUD) similar to the one Tony uses in the films. He’s even building it into a 3D printed Iron Man helmet, with the NVIDIA Jetson board that’s powering the show inside a chest-mounted “Arc Reactor”. He goes into a bit more detail about the project and his goals in an interview recently published on NVIDIA’s own blog. Continue reading “NVIDIA Jetson Powers Real-Time Iron Man HUD” →

Hacking Hue Lightbulbs

May 4, 2023 by Al Williams 13 Comments

What do you do with a Hue smart lightbulb? Well, if you are [Chris Greening], you take it apart and get hacking. If you ever wondered what’s inside, the teardown is pretty good, and you can also watch the video below. The potting compound, however, makes a mess.

Once you get the potting undone, there are three PCBs: an LED carrier, a power supply, and a logic board. The arrangement of the LEDs is a bit confusing, but [Chris] explains it along with providing schematics for all of the boards.

Continue reading “Hacking Hue Lightbulbs” →

Easter’s Over, But You Can Still Dye Keycaps

May 4, 2023 by Kristina Panos 11 Comments

While it’s true that keycap colorways abound these days, one can’t always find exactly what one is looking for. And once found, the set is often either prohibitively expensive, or it doesn’t come in the desired layout, or both. So, why not color your own keycaps?

That’s exactly what [amphiboi] did, while standing on the shoulders of [CrowningKnight]’s imgur post on the subject. Essentially, you use Rit dye and PBT keycaps for best results. Rit has a comprehensive guide to mixing their dyes to achieve pretty much whatever colors you want. Once that’s all squared away, it’s time to gather your cooking supplies.

Starting with a pot you don’t care about and four cups of boiling water. Add about a teaspoon of dish soap, which helps the dye settle evenly across the keycaps. Then you just add the dye(s) and stir with an expendable spoon, then add your keycaps. 5-10 minutes later, depending on your desired outcome, the ‘caps are ready to be rinsed, dried, and pushed on to your switches.

Satisfied with the color of your keycaps, but wish they had cool legends? Check out this waterslide decal tutorial.

ChatGPT Makes A 3D Model: The Secret Ingredient? Much Patience

May 4, 2023 by Donald Papp 44 Comments

ChatGPT is an AI large language model (LLM) which specializes in conversation. While using it, [Gil Meiri] discovered that one way to create models in FreeCAD is with Python scripting, and ChatGPT could be encouraged to create a 3D model of a plane in FreeCAD by expressing the model as a script. The result is just a basic plane shape, and it certainly took a lot of guidance on [Gil]’s part to make it happen, but it’s not bad for a tool that can’t see what it is doing.

The first step was getting ChatGPT to create code for a 10 mm cube, and plug that in FreeCAD to see the results. After that basic workflow was shown to work, [Gil] asked it to create a simple airplane shape. The resulting code had objects for wing, fuselage, and tail, but that’s about all that could be said because the result was almost — but not quite — completely unlike a plane. Not an encouraging start, but at least the basic building blocks were there. Continue reading “ChatGPT Makes A 3D Model: The Secret Ingredient? Much Patience” →