This Week In Security: Oracle Opera, Passkeys, And AirTag RFC

May 5, 2023 by Jonathan Bennett 10 Comments

There’s a problem with Opera. No, not that kind of opera. The Oracle kind. Oracle OPERA is a Property Management Solution (PMS) that is in use in a bunch of big-name hotels around the world. The PMS is the system that handles reservations and check-ins, talks to the phone system to put room extensions in the proper state, and generally runs the back-end of the property. It’s old code, and handles a bunch of tasks. And researchers at Assetnote found a serious vulnerability. CVE-2023-21932 is an arbitrary file upload issue, and rates at least a 7.2 CVSS.

It’s a tricky one, where the code does all the right things, but gets the steps out of order. Two parameters, jndiname and username are encrypted for transport, and the sanitization step happens before decryption. The username parameter receives no further sanitization, and is vulnerable to path traversal injection. There are two restrictions to exploitation. The string encryption has to be valid, and the request has to include a valid Java Naming and Directory Interface (JNDI) name. It looks like these are the issues leading Oracle to consider this flaw “difficult to exploit vulnerability allows high privileged attacker…”.

The only problem is that the encryption key is global and static. It was pretty straightforward to reverse engineer the encryption routine. And JDNI strings can be fetched anonymously from a trio of endpoints. This lead Assetnote to conclude that Oracle’s understanding of the flaw is faulty, and a much higher CVSS score is appropriate. Particularly with this Proof of Concept code, it is relatively straightforward to upload a web shell to an Opera system.

The one caveat there is that an attacker has to get network access to that install. These aren’t systems intended to be exposed to the internet, and my experience is that they are always on a dedicated network connection, not connected to the rest of the office network. Even the interconnect between the PMS and phone system is done via a serial connection, making this network flaw particularly hard to get to. Continue reading “This Week In Security: Oracle Opera, Passkeys, And AirTag RFC” →

Metallurgist working by the blast furnaces in Třinec Iron and Steel Works. (Credit: Třinecké železárny)

We Already Live In A Hydrogen Economy: Steel Production, Generator Cooling, And Welding Gas

May 4, 2023 by Maya Posch 61 Comments

Although generally hydrogen is only mentioned within the context of transportation and energy storage, by far the most useful applications are found in industrial applications, including for the chemical industry, the manufacturing of steel, as well as that of methanol and fertilizer. This is illustrated by how today most of all hydrogen produced today is used for these industrial applications, as well as for applications such as cooling turbo generators, with demand for hydrogen in these applications rapidly increasing.

Currently virtually all hydrogen produced today comes from natural gas, via steam methane reformation (SMR), with potentially methane pyrolysis making natural gas-derived hydrogen a low-carbon source. The remainder of hydrogen comes from coal gasification and a small fraction from electrolysis of water. The hydrogen is often produced on-site, especially at industrial plants and thermal power plants. So aside from any decarbonization efforts, there are many uses for hydrogen which the public appears to be generally unaware of.

This leads us to the somewhat controversial hydrogen ladder.

Continue reading “We Already Live In A Hydrogen Economy: Steel Production, Generator Cooling, And Welding Gas” →

NASA’s Voyager Space Probe’s Reserve Power, And The Intricacies Of RTG-Based Power Systems

May 3, 2023 by Maya Posch 46 Comments

Launched in 1977, the Voyager 1 and 2 space probes have been operating non-stop for over 45 years, making their way from Earth to our solar system’s outer planets and beyond. Courtesy of the radioisotope thermoelectric generators (RTGs) which provided 470 W at launch, they are able to function in the darkness of Deep Space as well as they did within the confines of our Sun-lit solar system. Yet as nothing in the Universe is really infinite, so too do these RTGs wear out over time, both from natural decay of their radioactive source and from the degradation of the thermocouples.

Despite this gradual drop in power, NASA recently announced that Voyager 2 has a hitherto seemingly unknown source of reserve power that will postpone the shutdown of more science instruments for a few more years. The change essentially bypasses a voltage regulator circuit and associated backup power system, freeing up the power consumed by this for the scientific instruments which would otherwise have begun to shut down years sooner.

While this is good news in itself, it’s also noteworthy because the Voyager’s 45+ year old Multi-Hundred Watt (MHW) RTGs are the predecessor to the RTGs that are still powering the New Horizons probe after 17 years, and the Mars Science Laboratory (Curiosity) for over 10 years, showing the value of RTGs in long-term exploration missions.

Although the basic principle behind an RTG is quite simple, their design has changed significantly since the US put a SNAP-3 RTG on the Transit 4B satellite in 1961.

Continue reading “NASA’s Voyager Space Probe’s Reserve Power, And The Intricacies Of RTG-Based Power Systems” →

FET: Fun Endeavors Together

May 2, 2023 by Arya Voronova 42 Comments

Last time, we’ve looked over FET basics, details, nuances and caveats. Basics aren’t all there is to FETs, however – let’s go through real-world uses, in all their wonderful variety! I want to show you a bunch of cool circuits where a friendly FET, specifically a MOSFET, can help you – and, along the way, I’d also like to introduce you to a few FETs that I feel like you all could have a good long-term friendship with. If you don’t already know them, that is!

Driving Relays

Perhaps, that’s the single most popular use for an NPN transistor – driving coils, like relays or solenoids. We are quite used to driving relays with BJTs, typically an NPN – but it doesn’t have to be a BJT, FETs often will do the job just as fine! Here’s an N-FET, used in the exact same configuration as a typical BJT is, except instead of a base current limiting resistor, we have a gate-source resistor – you can’t quite solder the BJT out and solder the FET in after you have designed the board, but it’s a pretty seamless replacement otherwise. The freewheel (back EMF protection) diode is still needed for when you switch the relay and the coil produces wacky voltages in protest, but hey, can’t have every single aspect be superior.

The reason you can drive it the same way is quite simple: in the usual NPN circuit, the relay is driven by a 3.3 V or a 5 V logic level GPIO, and for small signal FETs, that is well within Vgs. However, if your MCU has 1.8 V GPIOs and your FET’s Vgs doesn’t quite cut it, an NPN transistor is a more advantageous solution, since that one will work as long as you can source the whatever little current and the measly 0.7 V needed.

Continue reading “FET: Fun Endeavors Together” →

My Great-Great-Grandad, The Engineer Who Invented A Coffee Pot

May 1, 2023 by Jenny List 32 Comments

In the study of genealogy it’s common to find people who will go to great lengths involving tenuous cross-links to establish royalty or famous figures such as George Washington or William Shakespeare in their family tree. There’s no royal blood and little in the way of fame to be found in my family tree, but I do have someone I find extremely interesting. One of my great-great-grandfathers was a Scottish engineer called James R Napier, and though his Wikipedia entry hasn’t caught up with this contribution to 1840s technology, he was the inventor of the vacuum coffee pot.

He was born in Glasgow in 1821 and was the son of a successful shipbuilder, Robert Napier, into whose business he followed once he’d received his education. He’s probably most well known today for his work in nautical engineering and for inventing Napier’s Diagram, a method for computing magnetic deviance on compass readings, but he was also a prolific engineer and author whose name crops up in fields as diverse as air engines, weights and measures, drying timber, and even the analysis of some dodgy wine. The coffee percolator was something of a side project for him, and for us it’s one of those pieces of family lore that’s been passed down the generations. It seems he was pretty proud of it, though he never took the trouble to patent it and and thus it was left to others to profit from that particular invention.

Vacuum Coffee Pots: Impressive, But Slooow

Just what is a vacuum coffee pot, and what makes it special? The answer lies in the temperature at which it infuses the coffee. We take for granted our fancy coffee machinery here in the 21st century, but a century and a half ago the making of coffee was a much simpler and less exact process. Making coffee by simply boiling grounds in water can burn it, imparting bitter flavours, and thus at the time a machine that could make a better cup was seen as of some importance. Continue reading “My Great-Great-Grandad, The Engineer Who Invented A Coffee Pot” →

Hackaday Links: April 30, 2023

April 30, 2023 by Dan Maloney 17 Comments

Cloudy with a chance of concrete? The “success” of last week’s brief but eventful Starship launch has apparently raised some regulatory eyebrows, with the Federal Aviation Administration launching an investigation into the destruction wrought by the mighty rocket. And it’s not just the hapless Dodge Caravan that they’re concerned with — although we found some fantastic POV footage that shows the kill shot as well as close-ups of the results — but also the damage rained down upon residents around the Boca Chica launch complex. Tons of concrete and rebar were excavated by the 33 Raptor engines during the launch and sent in all directions, reportedly landing up to 6 miles (10 kilometers) from the pad. What’s worse, a lot of debris ended up on beaches that are home to endangered species, which has the Sierra Club also taking an interest. The FAA has apparently nixed any launches from the Texas facility until they complete their investigation.

Continue reading “Hackaday Links: April 30, 2023” →

Hackaday Podcast 216: FETs, Fax, And Electrochemical Fab

April 28, 2023 by Elliot Williams 3 Comments

In this week’s podcast, non-brothers Elliot Williams and Al Williams talk about our favorite hacks of the week. Elliot’s got analog on the brain, courtesy of the ongoing Op Amp Contest, and Al is all about the retrocomputers, from a thrift-store treasure to an old, but still incredibly serviceable, voice synthesizer. Both agree that they love clever uses of mechanical parts and that nobody should fear the FET.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Download your own personal copy!