Hackaday Columns

4661 Articles

This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.

This Week In Security: IOS Wifi Incantations, Ghosts, And Bad Regex

December 4, 2020 by 8 Comments

I hope everyone had a wonderful Thanksgiving last week. My household celebrated by welcoming a 4th member to the family. My daughter was born on Wednesday morning, November 25th. And thus explains what I did last week instead of writing the normal Hackaday column. Never fear, we shall catch up today, and cover the news that’s fit to be noticed.

iOS Zero-click Wifi Attack

[Ian Beer] of Google’s Project Zero brings us the fruit of his lockdown-induced labors, a spectacular iOS attack. The target of this attack is the kernel code that handles AWDL, an Apple WiFi protocol for adhoc mesh networks between devices. The most notable feature that makes use of AWDL is AirDrop, Apple’s device-to-device file sharing system. Because AWDL is a proprietary protocol, the WiFi hardware can’t do any accelerated processing of packets. A few years back, there was an attack against Broadcom firmware that required a second vulnerability to jump from the WiFi chip to the device CPU. Here, because the protocol is all implemented in Apple’s code, no such pivot is necessary.

And as you’ve likely deduced, there was a vulnerability found. AWDL uses Type-Length-Value (TLV) messages for sending management data. For a security researcher, TLVs are particularly interesting because each data type represents a different code path to attack. One of those data types is a list of MAC addresses, with a maximum of 10. The code that handles it allocates a 60 byte buffer, based on that maximum. The problem is that there isn’t a code path to drop incoming TLVs of that type when they exceed 60 bytes. The remainder is written right past the end of the allocated buffer.

There is more fun to be had, getting to a full exploit, but the details are a bit too much to fully dive in to here. It interesting to note that [Ian] ran into a particular problem: His poking at the target code was triggering unexpected kernel panics. He discovered two separate vulnerabilities, both distinct from the vuln he was trying to exploit.

Finally, this exploit requires the target device to have AWDL enabled, and many won’t. But you can use Bluetooth Low Energy advertisements to trick the target device into believing an Airdrop is coming in from a trusted contact. Once the device enables AWDL to verify the request, the attack can proceed. [Ian] reported his findings to Apple way back in 2019, and this vulnerability was patched in March of 2020.

Via Ars Technica.
Continue reading “This Week In Security: IOS Wifi Incantations, Ghosts, And Bad Regex”

Remoticon Video: Circuit Sculpture Workshop

December 3, 2020 by 1 Comment

Circuit Sculpture was one of our most anticipated workshops of Hackaday Remoticon 2020, and now it’s ready for those who missed it to enjoy. A beginning circuit sculptor could hardly ask for more than this workshop, which highlights three different approaches to building firefly circuit sculptures and is led by some of the most prominent people to ever bend brass and components to their will — Jiří Praus, Mohit Bhoite, & Kelly Heaton.

For starters, you’ll learn the different tools and techniques that each of them uses to create their sculptures. For instance, Kelly likes to use water-based clay to hold components in specific orientations while forming the sculpture and soldering it all together. Jiří and Mohit on the other hand tend to use tape. The point is that there is no right or wrong way, but to instead have all of these tips and tricks under your belt as you sculpt. And that’s what this workshop is really about.

Continue reading “Remoticon Video: Circuit Sculpture Workshop”

Crossed Wires Crash Rockets

December 3, 2020 by 69 Comments

On November 17th, a Vega rocket lifted off from French Guiana with its payload of two Earth observation satellites. The booster, coincidentally the 17th Vega to fly, performed perfectly: the solid-propellant rocket engines that make up its first three stages burned in succession. But soon after the fourth stage of the Vega ignited its liquid-fueled RD-843 engine, it became clear that something was very wrong. While telemetry showed the engine was operating as expected, the vehicle’s trajectory and acceleration started to deviate from the expected values.

There was no dramatic moment that would have indicated to the casual observer that the booster had failed. But by the time the mission clock had hit twelve minutes, there was no denying that the vehicle wasn’t going to make its intended orbit. While the live stream hosts continued extolling the virtues of the Vega rocket and the scientific payloads it carried, the screens behind them showed that the mission was doomed.

Displays behind the hosts clearly showed Vega wasn’t following the planned trajectory.

Unfortunately, there’s little room for error when it comes to spaceflight. Despite reaching a peak altitude of roughly 250 kilometers (155 miles), the Vega’s Attitude Vernier Upper Module (AVUM) failed to maintain the velocity and heading necessary to achieve orbit. Eventually the AVUM and the two satellites it carried came crashing back down to Earth, reportedly impacting an uninhabited area not far from where the third stage was expected to fall.

Although we’ve gotten a lot better at it, getting to space remains exceptionally difficult. It’s an inescapable reality that rockets will occasionally fail and their payloads will be lost. Yet the fact that Vega has had two failures in as many years is somewhat troubling, especially since the booster has only flown 17 missions so far. A success rate of 88% isn’t terrible, but it’s certainly on the lower end of the spectrum. For comparison, boosters such as the Soyuz, Falcon 9, and Atlas have success rates of 95% or higher.

Further failures could erode customer trust in the relatively new rocket, which has only been flying since 2012 and is facing stiff competition from commercial launch providers. If Vega is to become the European workhorse that operator Arianespace hopes, figuring out what went wrong on this launch and making sure it never happens again is of the utmost importance.

Continue reading “Crossed Wires Crash Rockets”

Remoticon Video: How To Reverse Engineer A PCB

December 1, 2020 by 4 Comments

You hold in your hand a circuit board from a product you didn’t make. How does the thing work? What a daunting question, but it’s both solvable and approachable if you know what you’re doing. The good news is that Eric Schlaepfer knows exactly what he’s doing and boiled down the process of reverse engineering printed circuit boards into this excellent workshop. It was presented live during the 2020 Hackaday Remoticon, and the edited video, which you’ll find below, was just published. Slides for the talk have been published on the workshop project page.

Need proof that he has skills that we all want? Last year Eric successfully reverse-engineered the legendary Sound Blaster audio card and produced his own fully-functional drop-in replacement called the Snark Barker. And then re-engineered it to work with the ancient MCA bus architecture. Whoa.

Continue reading “Remoticon Video: How To Reverse Engineer A PCB”

Spacing Out: Rocks From The Moon, Rocks From Mars, A Near Miss, And Some Interesting Launches

December 1, 2020 by 4 Comments

Sure, the SpaceX crew made it safely to the ISS, but there’s plenty happening beyond just that particular horizon. The Chinese National Space Administration have launched their Chang’e 5 mission to collect and return lunar rock samples, a collaboration between NASA and ESA to do the same with samples from Mars has passed its review, and a pair of satellites came uncomfortably close to each other in a near-miss that could have had significant orbital debris consequences. It’s time for Spacing Out!

Bringing Alien Rocks to Earth

The Chang'e 5 mission on the launch pad. China News Service, CC BY 3.0.
The Chang’e 5 mission on the launch pad. China News Service, CC BY 3.0.

Ever since the NASA and Soviet lunar launches at the height of the Space Race, there have been no new missions to collect material from the Lunar surface and return it to Earth. That changed last week.

The Chang’e 5 mission launched in China on November 23rd will deliver moon rocks to earth, and as this is being written it has already entered Lunar orbit and separated into its constituent parts in preparation for landing. It’s a four-craft mission, with a lunar lander and ascent module going to the surface, and a service module and Earth return craft remaining in orbit to receive the samples and send them back to the planet for re-entry and retrieval. The hurdles facing the mission scientists and engineers are immense, and a safe sample return in mid-December will be an extremely impressive achievement.

Happily Chang’e 5 even has a hacker angle, as its telemetry has offered a bonanza to satellite-watchers who have turned their dishes skyward to capture the event. Daniel Estévez EA4GPZ has posted a collected analysis of data telemetry work by a variety of people worldwide, but the eye-candy prize goes to r00t.cz, who has successfully decoded image stream data to the extent that they have assembled a fragment of video captured from the craft during its journey.

Not to be outdone in the field of ambitious sample return missions, NASA and ESA’s joint plan to collect and return rock core samples from Mars has met with the approval of the independent review board set up to examine it. This will involve multiple craft from both agencies, with NASA’s already launched Perseverance rover collecting and containing the samples before leaving them on the surface for eventual collection by a future ESA rover. This will then pass them to a NASA ascent craft which will take them to Martian orbit and rendezvous with an ESA craft that will return them to Earth. We space-watchers are in for an exciting decade.

That Was a Close One!

Anyone who has seen the film Gravity will be familiar with the Kessler syndrome, in which collisions between spacecraft and or debris could create a chain reaction of further collisions and render entire orbital spheres unusable to future craft because of the collision hazard presented by the resulting cloud of space debris. Because of this, spacecraft operators devote considerable resources towards avoiding such collisions, and it is not uncommon for slight orbital adjustments to be made to avoid proximity with other orbiting man-made objects.

On the 27th of November it seems that these efforts failed, with a terse announcement from Roscosmos of a near-miss between their Kanopus-V craft and the Indian CARTOSAT 2F. The two remote-imaging satellites passed as close as 224 metres from each other, which in space terms given their likely closing speeds would have been significantly too close for comfort. The announcement appears worded to suggest that the Indian craft was at fault, however it’s probably a fairer conclusion that both space agencies should have seen the other’s satellite coming. Fortunately we escaped a catastrophe this time, but it is to be hoped that all operators of such satellites will take note.

RocketLab Joins the Reusable Booster Club

Other recent launches that might excite the interest of readers are the New Zealand-based RocketLab launching their Electron rocket with  30 small satellites on board before for the first time retrieving their booster stage, and the Japanese Mitsubish Electric sending their JDRS-1 satellite to geosynchronous orbit. This last craft is of interest because it carries an optical data link rather than the more usual RF, and could prove the technology for future launches.

The coming weeks should be full of news from China on Chang’e 5’s progress. Getting a craft to the moon and returning it will be a huge achievement, and we hope nothing fails and we’ll see pictures of the first new Moon rocks on Earth since the 1970s. We don’t know how to say “Good luck and a successful mission!” in Chinese, so we’ll say it in English.

Amazon Sidewalk: Should You Be Co-Opted Into A Private Neighbourhood LoRa Network?

November 30, 2020 by 61 Comments

WiFi just isn’t very good at going through buildings. It’s fine for the main living areas of an average home, but once we venture towards the periphery of our domains it starts to become less reliable.  For connected devices outside the core of a home, this presents a problem, and it’s one Amazon hope to solve with their Sidewalk product.

It’s a low-bandwidth networking system that uses capability already built into some Echo and Ring devices, plus a portion of the owner’s broadband connection to the Internet.  The idea is to provide basic connectivity over longer distances to compatible devices even when the WiFi network is not available, but of most interest and concern is that it will also expose itself to devices owned by other people. If your Internet connection goes down, then your Ring devices will still provide a basic version of their functionality via a local low-bandwidth wide-area wireless network provided by the Amazon devices owned by your neighbours. Continue reading “Amazon Sidewalk: Should You Be Co-Opted Into A Private Neighbourhood LoRa Network?”

Precision Optics Hack Chat With Jeroen Vleggaar Of Huygens Optics

November 30, 2020 by 4 Comments

Join us on Wednesday, December 2nd at noon Pacific for the Precision Optics Hack Chat with Jeroen Vleggaar!

We sometimes take for granted one of the foundational elements of our technological world: optics. There are high-quality lenses, mirrors, filters, and other precision optical components in just about everything these days, from the smartphones in our pockets to the cameras that loom over us from every streetlight and doorway. And even in those few devices that don’t incorporate any optical components directly, you can bet that the ability to refract, reflect, collimate, or otherwise manipulate light was key to creating the electronics inside it.

The ability to control light with precision is by no means a new development in our technological history, though. People have been creating high-quality optics for centuries, and the methods used to make optics these days would look very familiar to them. Precision optical surfaces can be constructed by almost anyone with simple hand tools and a good amount of time and patience, and those components can then be used to construct instruments that can explore the universe wither on the micro or macro scale.

Jeroen Vleggaar, know better as Huygens Optics on YouTube, will drop by the Hack Chat to talk about the world of precision optics. If you haven’t seen his videos, you’re missing out!

When not conducting optical experiments such as variable surface mirrors and precision spirit levels, or explaining the Double Slit Experiment, Jeroen consults on optical processes and designs. In this Hack Chat, we’ll talk about how precision optical surfaces are manufactured, what you can do to get started grinding your own lenses and mirrors, and learn a little about how these components are measured and used.

join-hack-chatOur Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, December 2 at 12:00 PM Pacific time. If time zones baffle you as much as us, we have a handy time zone converter.

Click that speech bubble to the right, and you’ll be taken directly to the Hack Chat group on Hackaday.io. You don’t have to wait until Wednesday; join whenever you want and you can see what the community is talking about.

Continue reading “Precision Optics Hack Chat With Jeroen Vleggaar Of Huygens Optics”