Battery Engineering Hack Chat Gets Charged Up

December 16, 2022 by Tom Nardi 9 Comments

Turn the clock back a couple of decades, and the only time the average person would have given much thought to batteries was when the power would go out, and they suddenly needed to juice up their flashlight or portable radio. But today, high-capacity batteries have become part and parcel to our increasingly digital lifestyle. In fact, there’s an excellent chance the device your reading this on is currently running on battery power, or at least, is capable of it.

So let’s get to know batteries better. What’s the chemical process that allows them to work? For that matter, what even is a battery in the first place?

It’s these questions, and more, that made up this week’s Battery Engineering Hack Chat with Dave Sopchak. Our last Hack Chat of 2022 ended up being one of the longest in recent memory, with the conversation starting over an hour before the scheduled kickoff and running another half hour beyond when emcee Dan Maloney officially made his closing remarks. Not bad for a topic that so often gets taken for granted.

Continue reading “Battery Engineering Hack Chat Gets Charged Up” →

This Week In Security: Scamming The FBI, In The Wild, And AI Security

December 16, 2022 by Jonathan Bennett 16 Comments

If you’re part of a government alphabet agency, particularly running a program to share information to fight cybercrime, make sure to properly verify the identity of new members before admission. Oh, and make sure the API is rate-limited so a malicious member can’t scrape the entire user database and sell it on a dark web forum.

Putting snark aside, this is exactly what has happened to the FBI’s InfraGuard program. A clever user applied to the program using a CEO’s name and phone number, and a convincing-looking email address. The program administrators didn’t do much due diligence, and approved the application. Awkward.

BSD Ping

First off, the good folks at FreeBSD have published some errata about the ping problem we talked about last week. First off, note that while ping does elevate to root privileges via setuid, those privileges are dropped before any data handling occurs. And ping on FreeBSD runs inside a Capsicum sandbox, a huge obstacle to system compromise from within ping. And finally, further examination of the bug in a real-world context casts doubt on the idea that Remote Code Execution (RCE) is actually possible due to stack layouts.

If someone messes up somewhere, go look if you messed up in the same or similar way somewhere else.

Sage advice from [Florian Obser], OpenBSD developer. So seeing the ping problem in FreeBSD, he set about checking the OpenBSD ping implementation for identical or similar problems. The vulnerable code isn’t shared between the versions, so he reached for afl++, a fuzzing tool with an impressive list of finds. Connect afl++ to the function in ping that handles incoming data, and see what shakes out. The conclusion? No crashes found in this particular effort, but several hangs were identified and fixed. And that is a win. Continue reading “This Week In Security: Scamming The FBI, In The Wild, And AI Security” →

Australia’s Soft Plastic Recycling Debacle

December 15, 2022 by Zoe Skyforest 80 Comments

We’ve all been told to cut back on waste to help prevent environmental crisis on Earth. Reducing waste helps reduce the need to spend time and energy digging up fresh materials, and helps reduce the amount of trash we have to go out and bury in the ground in landfills. Recycling is a big part of this drive, allowing us to divert waste by reprocessing it into fresh new materials.

Sadly, though, recycling isn’t always as magical as it seems. As Australia has just found out, it’s harder than it sounds, and often smoke and mirrors prevent the public from understanding what’s really going on. Here’s how soft plastic recycling went wrong Down Under.

Continue reading “Australia’s Soft Plastic Recycling Debacle” →

All About USB-C: Cable Types

December 13, 2022 by Arya Voronova 51 Comments

USB-C cables and connectors: these are controversial topics, and rightfully so – I don’t want to pull any punches. I will also show you that things don’t have to be that bad for you, as long as you’re willing to apply a few tricks and adjust your expectations.

Wild West of Wiring

You might have a bunch of USB-C cables, and they all might look exactly the same, but you’ve likely experienced that they’re not the same internally, and often there’s not a label in sight. Yes, it’s pretty bad, and one could argue it’s getting worse.

I’d like to clarify that I’m only talking about USB C male – USB C male cables here. While cables like USB-A to USB-C are popular, they are quite simple; you get USB 2.0 or USB 3.0 data and 2 A of current at most, and the USB-C plug is usually hardwired as “host, will supply five volts”, which is defined by a pullup resistor. Also, while cables like “Type-C to DisplayPort” might look like cables at a glance, they are adapters with a meaningful amount of active circuitry in them.

Purely following the specification, there used to be six types of USB-C to USB-C cables out there. Then, it became eight. Now, I’m afraid, there’s twelve of them, purely following the spec, and there’s way more when counting all the out-of-spec cables. Good news is – for most of the time, majority of these cables will be suitable for simple tasks like charging and data transfer, and situations where you need a very specific cable are going to be rare enough. Still, let’s go through it, and you’ll see that they’re easier to tell apart than it might look. Continue reading “All About USB-C: Cable Types” →

NASA Aces Artemis I, But The Journey Has Just Begun

December 12, 2022 by Tom Nardi 51 Comments

When NASA’s Orion capsule splashed down in the Pacific Ocean yesterday afternoon, it marked the end of a journey that started decades ago. The origins of the Orion capsule can be tracked back to a Lockheed Martin proposal from the early 2000s, and development of the towering Space Launch System rocket that sent it on its historic trip around the Moon started back in 2011 — although few at the time could have imagined that’s what it would end up being used for. The intended mission for the incredibly powerful Shuttle-derived rocket changed so many times over the years that for a time it was referred to as the “Rocket to Nowhere”, as it appeared the agency couldn’t decide just where they wanted to send their flagship exploration vehicle.

But today, for perhaps the first time, the future of the SLS and Orion seem bright. The Artemis I mission wasn’t just a technical success by about pretty much every metric you’d care to use, it was also a public relations boon the likes of which NASA has rarely seen outside the dramatic landings of their Mars rovers. Tens of millions of people watched the unmanned mission blast off towards the Moon, a prelude to the global excitement that will surround the crewed follow-up flight currently scheduled for 2024.

As NASA’s commentators reminded viewers during the live streamed segments of the nearly 26-day long mission around the Moon, the test flight officially ushered in what the space agency is calling the Artemis Generation, a new era of lunar exploration that picks up where the Apollo left off. Rather than occasional hasty visits to its beautiful desolation, Artemis aims to lay the groundwork for a permanent human presence on our natural satellite.

With the successful conclusion of the Artemis I, NASA has now demonstrated effectively two-thirds of the hardware and techniques required to return humans to the surface of the Moon: SLS proved it has the power to send heavy payloads beyond low Earth orbit, and the long-duration flight Orion took around our nearest celestial neighbor ensured it’s more than up to the task of ferrying human explorers on a shorter and more direct route.

But of course, it would be unreasonable to expect the first flight of such a complex vehicle to go off without a hitch. While the primary mission goals were all accomplished, and the architecture generally met or exceeded pre-launch expectations, there’s still plenty of work to be done before NASA is ready for Artemis II.

Continue reading “NASA Aces Artemis I, But The Journey Has Just Begun” →

Ask Hackaday: Will Your 2030 Car Have AM Radio?

December 9, 2022 by Al Williams 171 Comments

Car makers have been phasing out AM radios in their cars for quite some time. Let’s face it, there isn’t much on AM these days, and electric vehicles have been known to cause interference with AM radios. So why have them? For that matter, many aftermarket head units now don’t even have radios at all. They play digital media or stream Bluetooth from your phone. However, a U.S. Senator, Edward J. Markey, has started a letter-writing campaign to the major car makers urging them to retain the AM radio in their future vehicles.

So does that mean AM lives? Or will the car makers kill it off? The letter requests that the companies answer several questions, including if they plan to discontinue AM or FM radios in the near future and if they support digital broadcast radio.

Continue reading “Ask Hackaday: Will Your 2030 Car Have AM Radio?” →

Singapore Branches Out Into Internet Of Trees

December 8, 2022 by Kristina Panos 18 Comments

Five years ago, a 38-year-old woman was enjoying an outdoor concert with her family with one of her twin infants in her arms. In the week prior, it had been windy and rainy, but today, the weather was nice, and the concert was crowded. Without warning, a 270-year-old tembusu tree fell on the woman, pinning and ultimately killing her after the other concertgoers couldn’t remove it in time. This tragedy happened in spite of twice-yearly inspections where the tree showed no visual signs of trouble.

It’s exactly this type of incident that Singaporean officials hope to avoid by building an Internet of Trees. The equatorial island nation is home to roughly 5.5 million people, and around 7 million trees — about 6 million of which are tracked by Singapore’s National Parks Board, so that they can be managed remotely with an app. (The Board only tracks trees once they’ve reached a certain size, so we’ll assume that the other million are too young to join the fun just yet.)

While tree-triggered deaths are fairly few and far between, there are plenty of other ‘tree incidents’ that can occur, such as a branch falling, or a tree trunk snapping or uprooting. Depending on the size of the branch, this can be a dangerous nuisance as it could block roads, obscure signage, or destroy property. Thanks to the efforts of the National Parks Board, these incidents have dropped from around 3,000 per year at the turn of the millennium to under 500 per year today.

Continue reading “Singapore Branches Out Into Internet Of Trees” →