Spacing Out: OneWeb Rescue, Starlink Base Stations, And Rocket Tests

July 3, 2020 by Jenny List 23 Comments

Another couple of weeks, and a fresh crop of space news to run through as a quick briefing of the latest in the skies above us.

OneWeb's most recent launch, from Baikonur on the 21st of March 2020. — OneWeb’s most recent launch, from Baikonur on the 21st of March 2020. (OneWeb)

The global positioning orbits are getting pretty crowded, with GPS, Russia’s GLONASS, the EU’s Galileo, Japan’s QZSS, and now with the launch of the final satellite in their constellation, China’s BeiDou. As if five were not enough the chance that they might be joined by a sixth constellation from the United Kingdom resurfaced this week, as the UK government is expressing interest in supporting a rescue package for the troubled satellite broadband provider OneWeb. The idea of an independent GPS competitor from a post-Brexit UK has been bouncing around for a couple of years now, and on the face of it until this opportune chance to purchase an “oven ready” satellite constellation might deliver a route to incorporating a positioning payload into their design. The Guardian has its doubts, lining up a bevvy of scientists to point out the rather obvious fact that a low-earth-orbit satellite broadband platform is a very different prospect to a much-higher-orbiting global positioning platform. Despite the country possessing the expertise through its work on Galileo then it remains to be seen whether a OneWeb purchase would be a stroke of genius or a white elephant. Readers with long memories will know that British government investment in space has had its upsets before.

Happily for Brits, not all space endeavours from their islands end in ignominious retreat. Skyrora have scored another milestone, launching the first ever rocket skywards from the Shetland Islands. The Skylark Nano is a relatively tiny craft at only 2m high, and gathered research data during its flight to an altitude of 6km. We’ve followed their work before, including their testing in May of a Skylark L rocket on the Scottish mainland with a view to achieving launch capability in 2023.

A Starlink phased array end user antenna, spotted in Winsconsin. (darkpenguin22)

SpaceX’s Starlink is never far away from the news, with a fresh set of launches delayed for extra pre-launch tests, and the prospect of signing up to be considered for the space broadband firm’s beta test. Of more interest for Hackaday readers though are a few shots of prototype Starlink ground stations and user terminals that have made it online, on the roof of a Tesla Gigafactory and at a SpaceX facility in Wisconsin. What can be seen are roughly 1.5m radomes for the ground stations and much smaller dinner-plate-sized enclosed arrays for the user terminals. The latter are particularly fascinating as they conceal computer-controlled phased arrays for tracking the constellation as it passes overhead. This is a technology more at home in billion-dollar military radars than consumer devices, so getting it to work on a budget that can put it on a roof anywhere in the world must be a challenge for the Starlink engineers. We can’t wait to see the inevitable eventual teardown when it comes.

Elsewhere, the Virgin Galactic SpaceShip Two completed its second glide test over its Mojave Spaceport home since being grounded in 2019 for extensive refitting, and is now said to be ready for powered tests leading to eventual commercial service giving the extremely well-heeled the chance to float in the zero gravity of suborbital spaceflight. And finally, comes the news that NASA are naming their Washington DC headquarters building for Mary W. Jackson, their first African American female engineer, whose story some of you may be familiar with from the book and film Hidden Figures. The previously unnamed building sits on a section of street named Hidden Figures Way.

Hackaday Podcast 074: Stuttering Swashplate, Bending Mirrors, Chasing Curves, And Farewell To Segway

July 3, 2020 by Mike Szczys 5 Comments

Hackaday editors Elliot Williams and Mike Szczys recap a week of hacks. A telescope mirror that can change shape and a helicopter without a swashplate lead the charge for fascinating engineering. These are closely followed by a vibratory wind generator that has no blades to spin. The Open Source Hardware Association announced a new spec this week to remove “Master” and “Slave” terminology from SPI pin names. The Segway is no more. And a bit of bravery and rock solid soldering skills can resurrect that Macbook that has one dead GPU.

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (60 MB or so.)

Continue reading “Hackaday Podcast 074: Stuttering Swashplate, Bending Mirrors, Chasing Curves, And Farewell To Segway” →

This Week In Security: Palo Alto Scores A 10, Cursed Images, VM Escapes, And Malicious Music

July 3, 2020 by Jonathan Bennett 12 Comments

We’ve looked at many vulnerabilities over the years here on Hackaday, but it’s rather rare for a CVE to score a perfect 10 severity. This is reserved for the most severe and exploitable of problems. Palo Alto announced such a vulnerability, CVE-2020-2021, on the 29th. This vulnerability affects Palo Alto devices running PAN-OS that have SAML authentication enabled and a certain validation option disabled. The vulnerability is pre-authentication, but does require access to a service protected by SAML authentication. For example, a Palo Alto device providing a web-based VPN could be vulnerable. The good news is that the vulnerable settings aren’t default, but the bad news is that the official configuration guide recommends the vulnerable settings for certain scenarios, like using a third party authentication service.

The issue is in the Security Assertion Markup Language (SAML) implementation, which is an XML based open standard for authentication. One of the primary use cases for SAML is to provide a Single Sign On (SSO) scheme. The normal deployment of SAML SSO is that a central provider handles the authentication of users, and then asserts to individual services that the connecting user is actually who they claim to be.

The setting needed for this vulnerability to be exploitable is ‘Validate Identity Provider Certificate’ to be disabled. If this option is enabled, the SSO provider must use a CA signed SAML certificates. This doesn’t appear to mean that unsigned SSL certificates would be accepted, and only applies to certificates inside the SAML messages. It seems to be widely accepted that these certificates don’t need to be CA signed. In the official announcement, the vulnerability type is said to be “CWE-347 Improper Verification of Cryptographic Signature”. Continue reading “This Week In Security: Palo Alto Scores A 10, Cursed Images, VM Escapes, And Malicious Music” →

Inputs Of Interest: X-Bows Ergo-Mechanical Keyboard

July 2, 2020 by Kristina Panos 21 Comments

Okay, let’s just get this out of the way up front, shall we? This ergonomic mechanical keyboard was a free sample offered to me by X-Bows. They contacted me after I expressed interest in trying one in the comments of my post about the Kinesis Advantage. I had my doubts about this keyboard as far as my own personal ergonomic needs go, which are admittedly on the extreme side. TL;DR: I won’t be abandoning my curvy girls anytime soon. But I will say that I’m definitely impressed by the X-Bows.

X-Bows was founded by a doctor who saw a lot of RSI issues in programmers and writers and decided to take matters into his own hands. The keyboard was born on Kickstarter in 2017 and now comes in three models. They sent me the mid-range model called The Knight, which retails for $249, but seems to be on permanent sale for $199. The top-of-the-line Knight Plus has a magnetic, detachable 10-key that can attach to either side. Continue reading “Inputs Of Interest: X-Bows Ergo-Mechanical Keyboard” →

Why Are Digital Cameras Still Boring?

July 1, 2020 by Jenny List 102 Comments

In the matter of technological advancement, we are as a species, mostly insatiable. The latest toy, the fastest silicon, the largest storage, the list goes on. Take digital cameras as an example, what was your first one? Mine was a Casio QV200 in about 1997, I still have it somewhere though I can’t immediately lay my hands on it, and it could hold a what was for its time a whopping 64 VGA-resolution pictures in its 4Mb of onboard memory.

The QV200 showing off its VGA photography capabilities. It’s March 1998, and this is a brand-new PlayStation that I’m about to install a mod chip inside.

It’s a shock to realise that nearly a quarter century has passed since then, and its fixed-focus 640×480 camera module with a UV-sensitive CMOS sensor that gave everything a slight blue tint would not even grace the cheapest of feature phones in 2020. Every aspect of a digital camera has improved beyond measure since the first models in the 1980s and early 1990s that started to resemble what we’d know today as a standalone digital camera, they have near-limitless storage, excellent lenses, huge and faithfully-reproducing sensors, and broadcast-quality video capability.

But how playful have camera manufacturers been with the form factor? We see reporters in sci-fi movies toting cameras that look nothing like their film-based ancestors. What do our real-life digital cameras have on offer as far as creative body design goes?

Continue reading “Why Are Digital Cameras Still Boring?” →

Your Own Open Source ASIC: SkyWater-PDK Plans First 130 Nm Wafer In 2020

June 30, 2020 by Al Williams 51 Comments

You might have caught Maya Posch’s article about the first open-source ASIC tools from Google and SkyWater Technology. It envisions increased access to make custom chips — Application Specific Integrated Circuits — designed using open-source tools, and made real through existing chip fabrication facilities. My first thought? How much does it cost to tape out? That is, how do I take the design on my screen and get actual parts in my hands? I asked Google’s Tim Ansel to explain some more about the project’s goals and how I was going to get my parts.

The goals are pretty straightforward. Tim and his collaborators would like to see hardware open up in the same way software has. The model where teams of people build on each other’s work either in direct collaboration or indirectly has led to many very powerful pieces of software. Tim’s had some success getting people interested in FPGA development and helped produce open tools for doing so. Custom ASICs are the next logical step.

Continue reading “Your Own Open Source ASIC: SkyWater-PDK Plans First 130 Nm Wafer In 2020” →

LED Art Hack Chat

June 29, 2020 by Dan Maloney 1 Comment

Join us on Wednesday, July 1 at noon Pacific for the LED Art Hack Chat with Aaron Oppenheimer!

From the first time humans crawled into a cave with a bit of charcoal to sketch scenes from the world around them, artists have been searching for new media and new ways to express themselves. Natural products ruled for thousands of years, with pigments stolen or crafted from nature as well as wood, ivory, bone, and stone for carving. Time and experience guided our ancestors to new and better formulations and different materials, to the point that what qualifies as art and what we’d normally think of as technology have, in many cases, blended into one, with the artist often engineering projects of mammoth proportions and breathtaking beauty.

Aaron Oppenheimer co-founded color+light, a company that specializes in large-scale custom art installations for companies like Google, Nike, and Nissan. One of their projects, the “Oddwood Tree”, is displayed alongside other gigantic art pieces at Area15 on the Las Vegas strip. His most recent project, fluora, is a digital houseplant, with addressable LEDs in the leaves that can be controlled by a smartphone app or respond to stimuli in the environment.

Aaron will join us on the Hack Chat to discuss the LED as artistic medium. Join us as we learn what it takes to make enormous art that’s strong enough to interact with yet responsive enough to be engaging.

Our Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, July 1 at 12:00 PM Pacific time. If time zones have you down, we have a handy time zone converter.

Click that speech bubble to the right, and you’ll be taken directly to the Hack Chat group on Hackaday.io. You don’t have to wait until Wednesday; join whenever you want and you can see what the community is talking about.

Continue reading “LED Art Hack Chat” →