This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.
With Editor-in-Chief Elliot Williams enjoying some time off, Managing Editor Tom Nardi is flying solo for this special edition of the Hackaday Podcast. Thanks to our roving reporter Jenny List, we’ll be treated to several interviews conducted live from EMF Camp — a European outdoor hacker camp the likes of which those of us in the United States can only dream of. After this special segment, Hackaday contributors Al Williams and Ryan Flowers will stop by to talk about their favorite stories from the week during what may be the longest Quick Hacks on record. There’s a few extra surprises hidden in this week’s program…but if we told you everything, it would ruin the surprise. Listen closely, you never know what (or who) you might hear.
There’s not one, but two side-channel attacks to talk about this week. Up first is Pacman, a bypass for ARM’s Pointer Authentication Code. PAC is a protection built into certain ARM Processors, where a cryptographic hash value must be set correctly when pointers are updated. If the hash is not set correctly, the program simply crashes. The idea is that most exploits use pointer manipulation to achieve code execution, and correctly setting the PAC requires an explicit instruction call. The PAC is actually indicated in the unused bits of the pointer itself. The AArch64 architecture uses 64-bit values for addressing, but the address space is much less than 64-bit, usually 53 bits or less. This leaves 11 bits for the PAC value. Keep in mind that the application doesn’t hold the keys and doesn’t calculate this value. 11 bits may not seem like enough to make this secure, but keep in mind that every failed attempt crashes the program, and every application restart regenerate the keys.
What Pacman introduces is an oracle, which is a method to gain insight on data the attacker shouldn’t be able to see. In this case, the oracle works via speculation attacks, very similar to Meltdown and Spectre. The key is to attempt a protected pointer dereference speculatively, and to then observe the change in system state as a result. What you may notice is that this requires an attack to already be running code on the target system, in order to run the PAC oracle technique. Pacman is not a Remote Code Execution flaw, nor is it useful in gaining RCE.
One more important note is that an application has to have PAC support compiled in, in order to benefit from this protection. The platform that has made wide use of PAC is MacOS, as it’s a feature baked in to their M1 processor. The attack chain would likely start with a remote execution bug in an application missing PAC support. Once a foothold is established in uprivileged userspace, Pacman would be used as part of an exploit against the kernel. See the PDF paper for all the details.
With a seemingly endless list of shortages of basic items trotted across newsfeeds on a daily basis, you’d be pardoned for not noticing any one shortage in particular. But in among the shortages of everything from eggs to fertilizers to sriracha sauce has been a growing realization that we may actually be running out of something so fundamental that it could have repercussions that will be felt across all aspects of our technological society: helium.
The degree to which helium is central to almost every aspect of daily life is hard to overstate. Helium’s unique properties, like the fact that it remains liquid at just a few degrees above absolute zero, contribute to its use in countless industrial processes. From leak detection and welding to silicon wafer production and cooling the superconducting magnets that make magnetic resonance imaging possible, helium has become entrenched in technology in a way that belies its relative scarcity.
But where does helium come from? As we’ll see, the second lightest element on the periodic table is not easy to come by, and considerable effort goes into extracting and purifying it enough for industrial use. While great strides are being made toward improved methods of extraction and the discovery of new deposits, for all practical purposes helium is a non-renewable resource for which there are no substitutes. So it pays to know a thing or two about how we get our hands on it.
Filament-based 3D printers spent a long time at the developmental forefront for hobbyists, but resin-based printers have absolutely done a lot of catching up, and so have the resins they use. It used to be broadly true that resin prints looked great but were brittle, but that’s really not the case anymore.
A bigger variety of resins and properties are available to hobbyists than ever before, so if that’s what’s been keeping you away, it’s maybe time for another look. There are tough resins, there are stiff resins, there are heat-resistant resins, and more. Some make casting easy, and some are even flexible. If your part or application needs a particular property, there is probably a resin for it out there.
It may sound like a provocative statement to make, but technology has been on a downward trend for a long time. That’s not a moral or ethical proclamation, but rather an observation about the scale of technology. Where once the height of technology was something like a water-powered mill, whose smallest parts were the size of a human hand and tolerances were measured in inches, today we routinely build machines by etching silicon chips with features measured in nanometers, look inside the smallest of cells and manipulate their innards, and use microscopes that can visualize materials at the atomic level.
The world has gotten much, much smaller lately, and operating on that scale requires thinking about motion in a different way than we’ve been used to. Being able to move things at nanometer resolutions isn’t easy, but it’s not impossible, and it can even be accomplished on a DIYer’s budget — if you know what you’re doing.
To help us sort through the realities of nano-scale positioning, En-Te Hwu, a professor at the Technical University of Denmark who works on micromachines for intelligent drug delivery, has spun up some really interesting low-cost nanopositioning systems. Using old DVD players or off-the-shelf linear slides, he’s able to achieve nanoscale movement and sensing for a variety of purposes. He’ll stop by the Hack Chat to discuss how we can build nanopositioning and sensing into our projects, and to start exploring the world we can’t even see.
“Don’t worry, that’ll buff right out.” Alarming news this week as the James Webb Space Telescope team announced that a meteoroid had hit the space observatory’s massive primary mirror. While far from unexpected, the strike on mirror segment C3 (the sixth mirror from the top going clockwise, roughly in the “south southeast” position) that occurred back in late May was larger than any of the simulations or test strikes performed on Earth prior to launch. It was also not part of any known meteoroid storm in the telescope’s orbit; if it had been, controllers would have been able to maneuver the spacecraft to protect the gold-plated beryllium segments. The rogue space rock apparently did enough damage to be noticeable in the data coming back from the telescope and to require adjustment to the position of the mirror segment. While it certainly won’t be the last time this happens, it would have been nice to see one picture from Webb before it started accumulating hits.
When we think of robotics, the first thing that usually comes to mind for many of us is some sort of industrial arm that’s bolted to the floor, or perhaps a semi-autonomous rover trudging its way across the dusty Martian landscape. While these two environments are about as different as can be, the basic “rules” are pretty much the same. Being on firm ground ground gives the robot a clear understanding of its position and orientation, which greatly simplifies tasks such as avoiding collisions or interacting with nearby objects.
But what happens when that reference point goes away? How does a robot navigate when it’s flying through open space or hovering in mid-air? That’s just one of the problems that fascinates Nick Rehm, who stopped by to host this week’s Aerial Robotics Hack Chat to talk about his passion for flying robots. He’s currently an aerospace engineer at Johns Hopkins Applied Physics Laboratory, where he works on the unique challenges faced by autonomous flying vehicles such as the detection and avoidance of mid-air collisions, as well as the development of vertical take-off and landing (VTOL) systems. But before he had his Master’s in Aerospace Engineering and Rotorcraft, he got started the same way many of us did, by playing around with DIY projects.
In fact, regular Hackaday readers will likely recall seeing some of his impressive builds. His autonomous ekranoplan designed to follow a target using computer vision graced the front page in April. Back in 2020, we took a look at his recreation of SpaceX’s Starship prototype, which used a realistic arrangement of control surfaces and vectored thrust to perform the spacecraft’s signature “Belly Flop” maneuver — albeit with RC motors and propellers instead of rocket engines. But even before that, Nick recalls asking his mother for permission to pull apart a Wii controller so he could use its inertial measurement unit (IMU) in a wooden-framed tricopter he was working on.
Discussing some of these hobby builds leads the Chat towards Nick’s dRehmFlight project, a GPLv3 licensed flight control package that can run on relatively low-cost hardware, namely a Teensy 4.0 microcontroller paired with the GY-521 MPU6050 IMU. The project is designed to let hobbyists easily experiment with VTOL craft, specifically those that transition between vertical and horizontal flight profiles, and has powered the bulk of Nick’s own flying craft.
Moving onto more technical questions, Nick says one of the most difficult aspects when designing an autonomous flying vehicle is getting your constraints nailed down. What he means by that is having a clear goal of what the craft needs to do, and critically, how long it needs to do it. How far does the craft need to be able to fly? How fast? Does it need to loiter at the target location, and if so, for how long? The answers to these questions will largely dictate the form of the final vehicle, and are key to determining if it’s worth implementing the complexity of transitioning from VTOL to fixed-wing horizontal flight.
But according to Nick, the biggest challenge in aerial robotics is onboard state estimation. That is, the ability for the craft to know its position and orientation relative to the ground. While high-performance computers have gotten lighter and sensors have improved, he says there’s still no substitute for having a ground-based tracking system. He mentions that those fancy demonstrations you’ve seen with drones flying in formation and working collaboratively towards a task will almost certainly have an array of motion capture cameras tucked off to the side. This makes for an impressive show, but greatly limits the practical application of these drone swarms.
Nick’s custom Raspberry Pi 4-powered quadcopter lets him test autonomous flight techniques.
So what does the future of aerial robotics look like? Nick says open source projects like ArduPilot and PX4 are still great choices for hobbyists, but sees promise in newer platforms which pair the traditional autopilot with more onboard computing power, such as Auterion’s Skynode. More powerful flight controllers can enable techniques such as simultaneous localization and mapping (SLAM), which uses 3D scans of the environment to help the robot orient itself. He’s also very interested in technologies that enable autonomous flight in GPS-denied environments, which is critical for robotic craft that need to operate indoors or in situations where satellite navigation is unavailable or unreliable. In light of the incredible success of NASA’s Ingenuity helicopter, we imagine these techniques will also play an invaluable role in the future airborne exploration of Mars.
We want to thank Nick for hosting this week’s Aerial Robotics Hack Chat, which turned out to be one of the fastest hours in recent memory. His experience as both an avid hobbyist and a professional in the field provided exactly the sort of insight the Hackaday community looks for, and his gracious offer to keep in touch with several of those who attended the Chat to further discuss their projects speaks to how passionate he is about this topic. We expect to see great things from Nick going forward, and would love to have him join us again in the future to see what he’s been up to.
The Hack Chat is a weekly online chat session hosted by leading experts from all corners of the hardware hacking universe. It’s a great way for hackers connect in a fun and informal way, but if you can’t make it live, these overview posts as well as the transcripts posted to Hackaday.io make sure you don’t miss out.
