Our Right To Repair Depends On A Minimally Viable Laptop

March 7, 2019 by Brian Benchoff 142 Comments

It’s never been harder to repair your electronics. When the keyboard in your shiny new MacBook dies, you’ll have to send it to a Genius. When the battery in your iPhone dies, you’ll have to break out the pentalobe screwdrivers. Your technology does not respect your freedom, and this is true all the way down to the source code: the Library of Congress is thankfully chipping away at the DMCA in an effort that serves the Right to Repair movement, but still problems remain.

The ability — or rather, right — to repair will inevitably mean using electronics longer, and keeping them out of the garbage. That’s less e-waste, but it’s also older, potentially slower and less powerful portable workstations. This is the question: how long should you keep your electronics running? When do you start getting into the false economy of repairing something just because you can? What is the minimally viable laptop?

Continue reading “Our Right To Repair Depends On A Minimally Viable Laptop” →

Ask Hackaday: Earth’s Magnetic Field Shifting Rapidly, But Who Will Notice?

March 6, 2019 by Jenny List 92 Comments

Just when you though it was safe to venture out, the National Oceanic and Atmospheric Administration released an unexpected update. Magnetic North is on the move — faster than expected. That’s right, we know magnetic north moves around, but now it’s happened at a surprising rate. Instead of waiting for the normal five year interval before an update on its position, NOAA have given us a fresh one a bit earlier.

There are some things that we can safely consider immutable, reliable, they’ll always be the same. You might think that direction would be one of them. North, south, east, and west, the points of the compass. But while the True North of the Earth’s rotation has remained unchanged, the same can not be said of our customary method of measuring direction.

Earth’s magnetic field is generated by a 2,000 km thick outer core of liquid iron and nickel that surrounds the planet’s solid inner core. The axis of the earth’s internal magnet shifts around the rotational axis at the whim of the currents within that liquid interior, and with it changes the readings returned by magnetic compasses worldwide.

The question that emerged at Hackaday as we digested news of the early update was this: as navigation moves inexorably towards the use of GPS and other systems that do not depend upon the Earth’s magnetic field, where is this still relevant beyond the realm of science?

Continue reading “Ask Hackaday: Earth’s Magnetic Field Shifting Rapidly, But Who Will Notice?” →

1 Trillion USD Refund! (PDF Enclosed)

March 6, 2019 by Pedro Umbelino 5 Comments

Security researchers have found that it is possible to alter a digitally signed PDF without invalidating its signatures. To demonstrate it, they produced a fake document “refund order” of $1,000,000,000,000 dollars, with a valid signature from Amazon. This sparked my attention, since I was quite sure that they didn’t use some sort of quantum device to break the cryptography involved in the signing process. So what exactly is going on?

The researchers claim to found at least three different ways to, in their words:

… use an existing signed document (e.g., amazon.de invoice) and change the content of the document arbitrarily without invalidating the signatures. Thus, we can forge a document signed by invoicing@amazon.de to refund us one trillion dollars.

That’s not good news if you take into account that the main purpose of digitally signing a document is, well, prevent unauthorized changes in that document. The good news is that you can update your software to fix this flaws because of this research; the main PDF readers companies were given time to fix the issues. The bad news is that if you rely on the signature verification for any sensitive process, you likely want to go back and see if you were using vulnerable software previously and check that documents were correctly validated. I’m thinking about government institutions, banks, insurance companies and so on.

The implications are yet to be seen and probably won’t even be fully known.

There are three classes of attacks that work on different software. I’ll try to go into each one from what I could tell from reading the research.

Continue reading “1 Trillion USD Refund! (PDF Enclosed)” →

Better Living Through Science: Why Your Kids Probably Aren’t Getting Measles

March 5, 2019 by Al Williams 153 Comments

Oddly, there’s been a few recent outbreaks of measles. It struck me how when I was a kid, a few hundred kids getting measles wouldn’t have been news at all. However, even a handful makes the news now, since in 2000 the Center for Disease Control declared measles eradicated in the United States.

So how can an eradicated disease come back? How did we eradicate it to start with? The answers tell a pretty interesting tale of science applying to everyday life.

Continue reading “Better Living Through Science: Why Your Kids Probably Aren’t Getting Measles” →

When New Space Loses Out To NASA Pragmatism

March 4, 2019 by Tom Nardi 35 Comments

You’ve got to admit, things have been going exceptionally well for SpaceX. In the sixteen years they’ve been in operation, they’ve managed to tick off enough space “firsts” to make even established aerospace players blush. They’re the first privately owned company to not only design and launch their own orbital-class rocket, but to send a spacecraft to the International Space Station. The first stage of their Falcon 9 rocket is the world’s only orbital booster capable of autonomous landing and reuse, and their Falcon Heavy has the highest payload capacity of any operational launch system. All of which they’ve managed to do at a significantly lower cost than their competition.

So it might come as a surprise to hear that SpaceX recently lost out on a lucrative NASA launch contract to the same entrenched aerospace corporations they’ve been running circles around for the last decade. It certainly seems to have come as a surprise to SpaceX, at least. Their bid to launch NASA’s Lucy mission on the Falcon 9 was so much lower than the nearly $150 million awarded to United Launch Alliance (ULA) for a flight on their Atlas V that the company has decided to formally protest the decision. Publicly questioning a NASA contract marks another “first” for the company, and a sign that SpaceX’s confidence in their abilities has reached the point that they’re no longer content to be treated as a minor player compared to heavyweights like Boeing and Lockheed Martin.

But this isn’t the first time NASA has opted to side with more established partners, even in the face of significantly lower bids by “New Space” companies. Their decision not to select Sierra Nevada Corporation’s Dream Chaser spaceplane for the Commercial Crew program in 2014, despite it being far cheaper than Boeing’s CST-100 Starliner, triggered a similar protest to the US Government Accountability Office (GAO). In the end, the GAO determined that Boeing’s experience and long history justified the higher sticker price of their spacecraft compared to the relative newcomer.

NASA has yet to officially explain their decision to go with ULA over SpaceX for the Lucy mission, but in light of what we know about the contract, it seems a safe bet they’ll tell SpaceX the same thing they told Sierra Nevada in 2014. The SpaceX bid might be lower, but in the end, NASA’s is willing to pay more to know it will get done right. Which begs the question: at what point are the cost savings not compelling enough to trust an important scientific mission (or human lives) to these rapidly emerging commercial space companies?

Continue reading “When New Space Loses Out To NASA Pragmatism” →

Does Tesla’s Autosteer Make Cars Less Safe?

March 4, 2019 by Elliot Williams 77 Comments

In 2016, a Tesla Model S T-boned a tractor trailer at full speed, killing its lone passenger instantly. It was running in Autosteer mode at the time, and neither the driver nor the car’s automatic braking system reacted before the crash. The US National Highway Traffic Safety Administration (NHTSA) investigated the incident, requested data from Tesla related to Autosteer safety, and eventually concluded that there wasn’t a safety-related defect in the vehicle’s design (PDF report).

But the NHTSA report went a step further. Based on the data that Tesla provided them, they noted that since the addition of Autosteer to Tesla’s confusingly named “Autopilot” suite of functions, the rate of crashes severe enough to deploy airbags declined by 40%. That’s a fantastic result.

Because it was so spectacular, a private company with a history of investigating automotive safety wanted to have a look at the data. The NHTSA refused because Tesla claimed that the data was a trade secret, so Quality Control Systems (QCS) filed a Freedom of Information Act lawsuit to get the data on which the report was based. Nearly two years later, QCS eventually won.

Looking into the data, QCS concluded that crashes may have actually increased by as much as 60% on the addition of Autosteer, or maybe not at all. Anyway, the data provided the NHTSA was not sufficient, and had bizarre omissions, and the NHTSA has since retracted their safety claim. How did this NHTSA one-eighty happen? Can we learn anything from the report? And how does this all align with Tesla’s claim of better-than-average safety line up? We’ll dig into the numbers below.

But if nothing else, Tesla’s dramatic reversal of fortune should highlight the need for transparency in the safety numbers of self-driving and other advanced car technologies, something we’ve been calling for for years now.

Continue reading “Does Tesla’s Autosteer Make Cars Less Safe?” →

Yes, You Can Put IoT On The Blockchain Using Python And The ESP8266

March 1, 2019 by Sean Boyce 13 Comments

Last year, we saw quite a bit of media attention paid to blockchain startups. They raised money from the public, then most of them vanished without a trace (or product). Ethics and legality of their fundraising model aside, a few of the ideas they presented might be worth revisiting one day.

One idea in particular that I’ve struggled with is the synthesis of IoT and blockchain technology. Usually when presented with a product or technology, I can comprehend how and/or why someone would use it – in this case I understand neither, and it’s been nagging at me from some quiet but irrepressible corner of my mind.

The typical IoT networks I’ve seen collect data using cheap and low-power devices, and transmit it to a central service without more effort spent on security than needed (and sometimes much less). On the other hand, blockchains tend to be an expensive way to store data, require a fair amount of local storage and processing power to fully interact with them, and generally involve the careful use of public-private key encryption.

I can see some edge cases where it would be useful, for example securely setting the state of some large network of state machines – sort of like a more complex version of this system that controls a single LED via Ethereum smart contract.

What I believe isn’t important though, perhaps I just lack imagination – so lets build it anyway.

Continue reading “Yes, You Can Put IoT On The Blockchain Using Python And The ESP8266” →