Hackaday Links: July 5, 2020

July 5, 2020 by Dan Maloney 8 Comments

Remember all the hubbub over Betelgeuse back in February? For that matter, do you even remember February? If you do, you might recall that the red giant in Orion was steadily dimming, which some took as a portent of an impending supernova. That obviously didn’t happen, but we now seem to have an explanation for the periodic dimming: an enormous dark spot on the star. “Enormous” doesn’t begin to describe this thing, which covers 70% of the face of a star that would extend past Jupiter if it replaced the sun. The dimming was originally thought to be dust being blown off the star as it goes through its death throes, but no evidence could be found for that, while direct observations in the terahertz range showed what amounted to a reduction in surface temperature caused by the enormous star spot. We just think it’s incredibly cool that Betelgeuse is so big that we can actually observe it as a disk rather than a pinpoint of light. At least for now.

If you think you’ve seen some challenging user interfaces, wait till you get a load of the cockpit of an F-15C Eagle. As part of a new series on human interfaces, Ars Technica invited Col. Andrea Themely (USAF-ret.) to give a tour of the fighter she has over 1,100 hours on. Bearing in mind that the Eagle entered service in 1976 and has been continually updated with the latest avionics — compare the video with the steam gauges of the cockpit of an F-15A — its cockpit is still a pretty busy place. As much as possible has been done to reduce pilot load, with controls being grouped by function and the use of color-coding — don’t touch the yellow and black stuff! — and the use of tactile feedback. It’s a fascinating deep dive into a workplace that few of us ever get to see, and we’re looking forward to the rest of the series.

Sad news from Seattle, where the Living Computers: Museum + Labs is closing up shop. The announcement only says they’re closing “for now”, so there’s at least some hope that the museum will be back once the COVID-19 downturn has run its course. We hope they do bounce back; it really was a great museum with a lot of amazing hardware on display. The Vintage Computer Festival PNW was held there in its inaugural year, an event we covered and had high hopes for in the future. We hope for the best for these educational and cultural institutions, but we can’t help but fear a little for their future.

So you suffer a partial amputation of your left hand, leaving you with only your thumb and your palm. That raises an interesting conundrum: you haven’t lost enough to replace the hand with a prosthetic one, but you still don’t have any fingers. That appears to be what happened to Ian Davis, and so he built his own partial prosthetic to replace his fingers. There’s not much backstory on his YouTube channel, but from what we can gather he has gone through several designs, most of which are myomechanical rather than myoelectric. Through a series of complex linkages, he’s able to control not only the opening and closing of the fingers, but also to splay them apart. It’s all in the wrist, as it were — his input gestures all come from flexing and extending his hand relative to his forearm, where the prosthesis is anchored. This results in a pretty powerful grip — much stronger than a myoelectric hand in a head-to-head test. And the coolness factor of his work is just off the scale. We’re looking forward to more from Ian, and hopefully enough background information for a full story on what he has accomplished.

A Reason To Code

July 4, 2020 by Elliot Williams 48 Comments

My son is just getting to the age that puts him in the crosshairs of all of the learn-to-code toys. And admittedly, we’ve been looking at some of those Logo-like toys where you can instruct a turtle-bot to make a few moves, and then to repeat them. After all, if breaking down a problem into sub-problems and automating the repetition isn’t the essence of programming, I don’t know what is.

But here’s the deal: I think drawing ‘bots are cooler than he does. If you ask a kid “hey, do you want a car that can draw?” that’s actually pretty low on the robot list. I’m not saying he won’t get into it once he’s got a little bit more coding under his belt and he can start to make it do fun things, but by itself, drawing just isn’t all that impressive. He can draw just fine, thank-you-very-much.

Meanwhile, I was making a robot arm. Or rather, I started up on yet another never-to-be-completed robot arm. (Frankly, I don’t know what I would do with a robot arm.) But at least I started with the gripper and wrist. Now that’s pretty cool for a kid, but the programming is waaaay too complicated. So I pulled the brains out and hooked up the servos to an RC plane remote. Just wiggling the thing around, duct-taped to the table, got him hooked. And this weekend, we’re building a remote controlled cherry-picker arm to put on a pole, because cherries are in season. His idea!

So no coding. He’s a little too young anyway, IMO. But silly little projects like these, stored deep in his subconscious, will give him a reason to program in the future, will make it plainly obvious that knowing how to program is useful. Now all I need is a reason to finish up a robot arm project…

Spacing Out: OneWeb Rescue, Starlink Base Stations, And Rocket Tests

July 3, 2020 by Jenny List 23 Comments

Another couple of weeks, and a fresh crop of space news to run through as a quick briefing of the latest in the skies above us.

OneWeb's most recent launch, from Baikonur on the 21st of March 2020. — OneWeb’s most recent launch, from Baikonur on the 21st of March 2020. (OneWeb)

The global positioning orbits are getting pretty crowded, with GPS, Russia’s GLONASS, the EU’s Galileo, Japan’s QZSS, and now with the launch of the final satellite in their constellation, China’s BeiDou. As if five were not enough the chance that they might be joined by a sixth constellation from the United Kingdom resurfaced this week, as the UK government is expressing interest in supporting a rescue package for the troubled satellite broadband provider OneWeb. The idea of an independent GPS competitor from a post-Brexit UK has been bouncing around for a couple of years now, and on the face of it until this opportune chance to purchase an “oven ready” satellite constellation might deliver a route to incorporating a positioning payload into their design. The Guardian has its doubts, lining up a bevvy of scientists to point out the rather obvious fact that a low-earth-orbit satellite broadband platform is a very different prospect to a much-higher-orbiting global positioning platform. Despite the country possessing the expertise through its work on Galileo then it remains to be seen whether a OneWeb purchase would be a stroke of genius or a white elephant. Readers with long memories will know that British government investment in space has had its upsets before.

Happily for Brits, not all space endeavours from their islands end in ignominious retreat. Skyrora have scored another milestone, launching the first ever rocket skywards from the Shetland Islands. The Skylark Nano is a relatively tiny craft at only 2m high, and gathered research data during its flight to an altitude of 6km. We’ve followed their work before, including their testing in May of a Skylark L rocket on the Scottish mainland with a view to achieving launch capability in 2023.

A Starlink phased array end user antenna, spotted in Winsconsin. (darkpenguin22)

SpaceX’s Starlink is never far away from the news, with a fresh set of launches delayed for extra pre-launch tests, and the prospect of signing up to be considered for the space broadband firm’s beta test. Of more interest for Hackaday readers though are a few shots of prototype Starlink ground stations and user terminals that have made it online, on the roof of a Tesla Gigafactory and at a SpaceX facility in Wisconsin. What can be seen are roughly 1.5m radomes for the ground stations and much smaller dinner-plate-sized enclosed arrays for the user terminals. The latter are particularly fascinating as they conceal computer-controlled phased arrays for tracking the constellation as it passes overhead. This is a technology more at home in billion-dollar military radars than consumer devices, so getting it to work on a budget that can put it on a roof anywhere in the world must be a challenge for the Starlink engineers. We can’t wait to see the inevitable eventual teardown when it comes.

Elsewhere, the Virgin Galactic SpaceShip Two completed its second glide test over its Mojave Spaceport home since being grounded in 2019 for extensive refitting, and is now said to be ready for powered tests leading to eventual commercial service giving the extremely well-heeled the chance to float in the zero gravity of suborbital spaceflight. And finally, comes the news that NASA are naming their Washington DC headquarters building for Mary W. Jackson, their first African American female engineer, whose story some of you may be familiar with from the book and film Hidden Figures. The previously unnamed building sits on a section of street named Hidden Figures Way.

Hackaday Podcast 074: Stuttering Swashplate, Bending Mirrors, Chasing Curves, And Farewell To Segway

July 3, 2020 by Mike Szczys 5 Comments

Hackaday editors Elliot Williams and Mike Szczys recap a week of hacks. A telescope mirror that can change shape and a helicopter without a swashplate lead the charge for fascinating engineering. These are closely followed by a vibratory wind generator that has no blades to spin. The Open Source Hardware Association announced a new spec this week to remove “Master” and “Slave” terminology from SPI pin names. The Segway is no more. And a bit of bravery and rock solid soldering skills can resurrect that Macbook that has one dead GPU.

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (60 MB or so.)

Continue reading “Hackaday Podcast 074: Stuttering Swashplate, Bending Mirrors, Chasing Curves, And Farewell To Segway” →

This Week In Security: Palo Alto Scores A 10, Cursed Images, VM Escapes, And Malicious Music

July 3, 2020 by Jonathan Bennett 12 Comments

We’ve looked at many vulnerabilities over the years here on Hackaday, but it’s rather rare for a CVE to score a perfect 10 severity. This is reserved for the most severe and exploitable of problems. Palo Alto announced such a vulnerability, CVE-2020-2021, on the 29th. This vulnerability affects Palo Alto devices running PAN-OS that have SAML authentication enabled and a certain validation option disabled. The vulnerability is pre-authentication, but does require access to a service protected by SAML authentication. For example, a Palo Alto device providing a web-based VPN could be vulnerable. The good news is that the vulnerable settings aren’t default, but the bad news is that the official configuration guide recommends the vulnerable settings for certain scenarios, like using a third party authentication service.

The issue is in the Security Assertion Markup Language (SAML) implementation, which is an XML based open standard for authentication. One of the primary use cases for SAML is to provide a Single Sign On (SSO) scheme. The normal deployment of SAML SSO is that a central provider handles the authentication of users, and then asserts to individual services that the connecting user is actually who they claim to be.

The setting needed for this vulnerability to be exploitable is ‘Validate Identity Provider Certificate’ to be disabled. If this option is enabled, the SSO provider must use a CA signed SAML certificates. This doesn’t appear to mean that unsigned SSL certificates would be accepted, and only applies to certificates inside the SAML messages. It seems to be widely accepted that these certificates don’t need to be CA signed. In the official announcement, the vulnerability type is said to be “CWE-347 Improper Verification of Cryptographic Signature”. Continue reading “This Week In Security: Palo Alto Scores A 10, Cursed Images, VM Escapes, And Malicious Music” →

Inputs Of Interest: X-Bows Ergo-Mechanical Keyboard

July 2, 2020 by Kristina Panos 21 Comments

Okay, let’s just get this out of the way up front, shall we? This ergonomic mechanical keyboard was a free sample offered to me by X-Bows. They contacted me after I expressed interest in trying one in the comments of my post about the Kinesis Advantage. I had my doubts about this keyboard as far as my own personal ergonomic needs go, which are admittedly on the extreme side. TL;DR: I won’t be abandoning my curvy girls anytime soon. But I will say that I’m definitely impressed by the X-Bows.

X-Bows was founded by a doctor who saw a lot of RSI issues in programmers and writers and decided to take matters into his own hands. The keyboard was born on Kickstarter in 2017 and now comes in three models. They sent me the mid-range model called The Knight, which retails for $249, but seems to be on permanent sale for $199. The top-of-the-line Knight Plus has a magnetic, detachable 10-key that can attach to either side. Continue reading “Inputs Of Interest: X-Bows Ergo-Mechanical Keyboard” →

Why Are Digital Cameras Still Boring?

July 1, 2020 by Jenny List 102 Comments

In the matter of technological advancement, we are as a species, mostly insatiable. The latest toy, the fastest silicon, the largest storage, the list goes on. Take digital cameras as an example, what was your first one? Mine was a Casio QV200 in about 1997, I still have it somewhere though I can’t immediately lay my hands on it, and it could hold a what was for its time a whopping 64 VGA-resolution pictures in its 4Mb of onboard memory.

The QV200 showing off its VGA photography capabilities. It’s March 1998, and this is a brand-new PlayStation that I’m about to install a mod chip inside.

It’s a shock to realise that nearly a quarter century has passed since then, and its fixed-focus 640×480 camera module with a UV-sensitive CMOS sensor that gave everything a slight blue tint would not even grace the cheapest of feature phones in 2020. Every aspect of a digital camera has improved beyond measure since the first models in the 1980s and early 1990s that started to resemble what we’d know today as a standalone digital camera, they have near-limitless storage, excellent lenses, huge and faithfully-reproducing sensors, and broadcast-quality video capability.

But how playful have camera manufacturers been with the form factor? We see reporters in sci-fi movies toting cameras that look nothing like their film-based ancestors. What do our real-life digital cameras have on offer as far as creative body design goes?

Continue reading “Why Are Digital Cameras Still Boring?” →