Slider

4929 Articles

Teardown: Recon Sentinel

November 16, 2020 by 35 Comments

It might be hard to imagine now, but there was a time when the average home had only a single Internet connected device in it. This beige box, known as a “desktop computer” in those olden days, was a hub of information and productivity for the whole family. There was a good chance you might even need to wait for your turn to use it, since it’s not like you had a personal device in your pocket that let you log on from the bathroom whatever room you might be in at the time. Which is just as well, since even if you had broadband back then, you certainly weren’t shooting it around the house with the Magic Internet Beams that we take for granted now.

Things are a lot more complicated today. Your computer(s) are only part of the equation. Now there’s mobile phones and tablets sharing your Internet connection, in addition to whatever smart gadgets you’ve brought into the mix. When your doorbell and half the light bulbs in the house have their own IP address, it takes more than a fresh copy of Norton AntiVirus to keep everything secure.

Which is precisely what Cigent Technology says the Recon Sentinel was designed for. Rather than protecting a single computer or device, this little gadget is advertised as being able to secure your entire network by sniffing out suspicious activity and providing instant notifications when new hardware is connected. According to the official whitepaper, it also runs a honeypot service Cigent calls a “cyber deception engine” and is capable of deploying “Active Defense Countermeasures” to confuse malicious devices that attempt to attack it.

It certainly sounds impressive. But for $149.99 plus an annual subscription fee, it better. If you’re hoping this teardown will tell you if it’s worth springing for the $899.99 Lifetime Subscription package, don’t get too excited. This isn’t a review, we’re only interested in cracking this thing open and seeing what makes it tick.

Continue reading “Teardown: Recon Sentinel”

Art of 3D printer in the middle of printing a Hackaday Jolly Wrencher logo

3D Printering: The Things Printers (Don’t) Do

November 16, 2020 by 56 Comments

3D printers are amazing things, but if one judges solely by the successes that get showcased online, it can look as through anything at all is possible. Yet in many ways, 3D printers are actually quite limited. Because success looks easy and no one showcases failure, people can end up with lopsided ideas of what is realistic. This isn’t surprising; behind every shining 3D print that pushes the boundaries of the technology, there are misprints and test pieces piled just out of sight.

If you have ever considered getting into 3D printing, or are wondering what kinds of expectations are realistic, read on because I am going to explain where objects come from, and how to recognize whether something is a good (or bad) fit for 3D printing. The important thing to understand is that printers have limitations, and to get a working idea of what those limitations are. The result will be a better understanding of what they can do, and what problems they can reliably solve.

3D Printers Have Limits

I recently had a talk with someone who wanted to know if a 3D printer could help with a problem they had. As I listened to them describe their needs, I realized I had in a way heard it all before many times.

My colleague actually had a fairly good idea of what printers could do, in theory. But they had very little grasp of what printers did not do, and that disconnect left them a bit adrift when it came to practical applications. To help address this gap, here are some tips that can give anyone a working understanding of the things 3D printers do not do well. Continue reading “3D Printering: The Things Printers (Don’t) Do”

What Is Worth Saving?

November 14, 2020 by 72 Comments

When it rain, it pours. One of the primary support cables holding up the Arecibo Observatory dish in Puerto Rico has just snapped, leaving its already uncertain fate. It had been badly damaged by Hurricane Maria in 2017, and after a few years of fundraising, the repairs were just about to begin on fixing up that damage, when the cable broke. Because the remaining cables are now holding increased weight, humans aren’t allowed to work on the dome until the risk of catastrophic failure has been ruled out — they’re doing inspection by drone.

Arecibo Observatory has had quite a run. It started out life as part of a Cold War era ICBM-tracking radar, which explains why it can transmit as well as receive. And it was the largest transmitting dish the world had. It was used in SETI, provided the first clues of gravitational waves, and found the first repeating fast radio bursts. Its radar capabilities mean that it could be used in asteroid detection. There are a number of reasons, not the least of which its historic import, to keep it running.

So when we ran this story, many commenters, fearing the worst, wrote in with their condolences. But some wrote in with outrage at the possibility that it might not be repaired. The usual suspects popped up: failure to spend enough on science, or on infrastructure. From the sidelines, however, and probably until further structural studies are done, we have no idea how much a repair of Arecibo will cost. After that, we have to decide if it’s worth it.

Per a 2018 grant, the NSF was splitting the $20 M repair and maintenance bill with a consortium led by the University of Central Florida that will administer the site. With further damage, that might be an underestimate, but we don’t know how much of one yet.

When do you decide to pull the plug on something like this? Although the biggest, Arecibo isn’t the only transmitter out there. The next largest transmitters are part of Deep Space Network, though, and are busy keeping touch with spacecraft all around our solar system. For pure receiving, China’s FAST is bigger and better. And certainly, we’ve learned a lot about radio telescopes since Arecibo was designed.

I’m not saying that we won’t shed a tear if Arecibo doesn’t get repaired, but it’s not the case that the NSF’s budget has been hit dramatically, or that they’re unaware of the comparative value of various big-ticket astronomy projects. Without being in their shoes, and having read through the thousands of competing grant proposals, it’s hard to say that the money spent to prop up a 70 year old telescope wouldn’t be better spent on something else.

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!

DSP Spreadsheet: The Goertzel Algorithm Is Fourier’s Simpler Cousin

November 13, 2020 by 30 Comments

You probably have at least a nodding familiarity with the Fourier transform, a mathematical process for transforming a time-domain signal into a frequency domain signal. In particular, for computers, we don’t really have a nice equation so we use the discrete version of the transform which takes a series of measurements at regular intervals. If you need to understand the entire frequency spectrum of a signal or you want to filter portions of the signal, this is definitely the tool for the job. However, sometimes it is more than you need.

For example, consider tuning a guitar string. You only need to know if one frequency is present or if it isn’t. If you are decoding TouchTones, you only need to know if two of eight frequencies are present. You don’t care about anything else.

A Fourier transform can do either of those jobs. But if you go that route you are going to do a lot of math to compute things you don’t care about just so you can pick out the one or two pieces you do care about. That’s the idea behind the Goertzel. It is essentially a fast Fourier transform algorithm stripped down to compute just one frequency band of interest.  The math is much easier and you can usually implement it faster and smaller than a full transform, even on small CPUs.

Continue reading “DSP Spreadsheet: The Goertzel Algorithm Is Fourier’s Simpler Cousin”

This Week In Security: Platypus, Git.bat, TCL TVs, And Lessons From Online Gaming

November 13, 2020 by 9 Comments

Git’s Large File System is a reasonable solution to a bit of a niche problem. How do you handle large binary files that need to go into a git repository? It might be pictures or video that is part of a project’s documentation, or even a demonstration dataset. Git-lfs’s solution is to replace the binary files with a text-based pointer to where the real file is hosted. That’s not important to understanding this vulnerability, though. The problem is that git-lfs will call the main git binary as part of its operation, and when it does so, the full path is not used. On a Unix system, that’s not a problem. The $PATH variable is used to determine where to look for binaries. When git is run, /usr/bin/git is automagically run. On a Windows system, however, executing a binary name without a path will first look in the current directory, and if a matching executable file is not found, only then will the standard locations be checked.

You may already see the problem. If a repository contains a git.exe, git.bat, or another git.* file that Windows thinks is executable, git-lfs will execute that file instead of the intended git binary. This means simply checking out a malicious repository gets you immediate code execution. A standard install of git for Windows, prior to 2.29.2.2, contains the vulnerable plugin by default, so go check that you’re updated!

Then remember that there’s one more wrinkle to this vulnerability. How closely do you check the contents of a git download before you run the next git command? Even with a patched git-lfs version, if you clone a malicious repository, then run any other git command, you still run the local git.* file. The real solution is pushing the local directory higher up the path chain. Continue reading “This Week In Security: Platypus, Git.bat, TCL TVs, And Lessons From Online Gaming”

Tech Hidden In Plain Sight: Gas Pumps

November 12, 2020 by 67 Comments

Ask someone who isn’t technically inclined how a TV signal works or how a cell phone works, or even how a two-way switch in a hall light works and you are likely to get either a blank stare or a wildly improbable explanation. But there are some things so commonplace that even the most tech-savvy of us don’t bother thinking about. One of these things is the lowly gas pump.

Gas pumps are everywhere and it’s a safe bet to assume everyone reading this has used one at some point, most of use on a regular basis. But what’s really going on there?

Most of it is pretty easy to figure out. As the name implies, there must be a pump. There’s some way to tell how much is pumping and how much it costs and, today, some way to take the payment. But what about the automatic shut off? It isn’t done with some fancy electronics, that mechanism dates back decades. Plus, we’re talking about highly combustible materials, there has to be more to it then just a big tank of gas and a pump. Safety is paramount and, experientially, we don’t hear about gas stations blowing up two or three times a day, so there must be some pretty stout safety features. Let’s pay homage to those silent safety features and explore the tricks of the gasoline trade.

Continue reading “Tech Hidden In Plain Sight: Gas Pumps”

After Eight-Month Break, Deep Space Network Reconnects With Voyager 2

November 12, 2020 by 48 Comments

When the news broke recently that communications had finally been re-established with Voyager 2, I felt a momentary surge of panic. I’ve literally been following the Voyager missions since the twin space probes launched back in 1977, and I’ve been dreading the inevitable day when the last little bit of plutonium in their radioisotope thermal generators decays to the point that they’re no longer able to talk to us, and they go silent in the abyss of interstellar space. According to these headlines, Voyager 2 had stopped communicating for eight months — could this be a quick nap before the final sleep?

Thankfully, no. It turns out that the recent blackout to our most distant outpost of human engineering was completely expected, and completely Earth-side. Upgrades and maintenance were performed on the Deep Space Network antennas that are needed to talk to Voyager. But that left me with a question: What about the rest of the DSN? Could they have not picked up the slack and kept us in touch with Voyager as it sails through interstellar space? The answer to that is an interesting combination of RF engineering and orbital dynamics.

Continue reading “After Eight-Month Break, Deep Space Network Reconnects With Voyager 2”