Josephine Peary, First Lady Of The Arctic

October 29, 2019 by Kristina Panos 24 Comments

In the late nineteenth century, there was only one Earthly frontier left to discover: the North Pole. Many men had died or gone insane trying to reach 90°N, which, unlike the solidly continental South Pole, hides within a shifting polar sea.

One of history’s most driven Pole-seekers, Robert Peary, shocked the world when he announced that his wife Josephine would accompany him on his expedition to Greenland. The world responded, saying that she, a Washington socialite with no specialized training, had absolutely no business going there. But if it weren’t for Jo’s contributions, Robert would probably have never made it to the Pole, or even out of Greenland. Sewing and cooking skills may not seem like much, but they are vital for surviving in the Arctic climate. She also hunted, and managed the group’s Inuit employees.

Josephine Peary was more than just the woman behind the man. An Arctic explorer in her own right, she spent three winters and eight summers on the harsh and unforgiving frontier. Back at home, her Arctic accounts painted a picture of a frozen and far-off world that most could only wonder about. Jo’s writing career brought in expedition money for her husband, which sometimes turned into bailout money.

Josephine Peary, DC debutante. Image via Bowdoin College

Woman About Washington

Josephine Cecilia Diebitsch was born May 22nd, 1863 to German immigrant parents who encouraged her to explore the world. Her father, Hermann, was a linguist at the Smithsonian Institute. Because of his position, the Diebitsch family rubbed elbows with much of high society. Though Jo was raised to be a Victorian lady and upheld those values, she had progressive ideas about what women could do with themselves in addition to being wives and mothers.
Continue reading “Josephine Peary, First Lady Of The Arctic” →

The Basics Of Persistence Of Vision Projects

October 29, 2019 by Lewin Day 6 Comments

Persistence of Vision (POV) is a curious part of the human visual system. It’s the effect by which the perception of an image lingers after light has stopped entering the eye. It’s why a spinning propeller appears as a disc, and why a burning sparkler appears to leave a trail in the air. It’s also commonly used as a display technology, where a series of flashing LEDs can be used to create messages that appear to float in the air. POV displays are a popular microcontroller project, and today, we’ll explore the basic techniques and skills required in such builds.

Continue reading “The Basics Of Persistence Of Vision Projects” →

The Young Engineers Guide To Career Planning

October 28, 2019 by Lewin Day 41 Comments

It’s often said that engineers aren’t born, they’re made. Or more accurately, taught, tested, and accredited by universities. If you’re in high school, you’re probably starting to think about potential career paths and may be considering an engineering degree. A lot of work goes into a good college application, and it might seem like the hardest part is getting in. However, if your end goal is to get yourself a great engineering job at the end of your studies, it pays to have your head up from day 1!

I Just Need A Degree, Right?

Back in my freshman days, there was a saying that was popular on campus, particularly with those studying STEM topics. “Ps get degrees.” Your college’s grading system might use different letters, but the basic gist was that a pass mark was all that was required to get your piece of paper at the end of your four years. While this is technically true, it’s only really a useful ethos if your aim is to simply get a degree. If your goal is to use that degree to score yourself a plum job in your field, it would be unwise to follow this credo.

This attitude will net you plenty of wonderful memories at the bar, but it will dent your chances of landing a solid job upon graduation. All in moderation!

The reality of the modern job market is that it’s highly competitive. Recruiters can receive hundreds of applications for a single job, meaning the vast majority of applicants don’t even make it to the interview stage. To trim down the pile, various criteria are used to pick out the ideal candidates. An easy way to do this is to sort by grades. Having a low GPA can therefore see your application relegated to the trashcan, before you even get a chance to impress anyone with your carefully honed skills. Continue reading “The Young Engineers Guide To Career Planning” →

SatNOGS Update Hack Chat

October 28, 2019 by Dan Maloney 3 Comments

Join us on Wednesday, October 30 at noon Pacific for the SatNOGS Update Hack Chat with Pierros Papadeas and the SatNOGS team!

Ever since the early days of the Space Race, people have been fascinated with satellites. And rightly so; the artificial moons we’ve sent into orbit are engineering marvels, built to do a difficult job while withstanding an incredibly harsh environment. But while most people are content to just know that satellites are up there providing weather forecasts and digital television, some of us want a little more.

Enter SatNOGS. Since winning the very first Hackaday Prize in 2014, SatNOGS has grown into exactly what Pierros Papadeas and the rest of the team envisioned: a globe-spanning network of open-source satellite ground stations, feeding continuous observations into an open, accessible database. With extensive documentation and an active community, SatNOGS has helped hundreds of users build ground stations with steerable antennas and get them connected. The network tracks hundreds of Low-Earth Orbit (LEO) satellites each day, including increasingly popular low-cost Cubesats.

Join us as the SatNOGS crew stops by the Hack Chat to give us an update on their efforts over the last few years. We’ll discuss how winning the Hackaday Prize changed SatNOGS, how the constellation of satellites has changed and how SatNOGS is dealing with it, and what it takes to build a global network and the community that makes it work.

Our Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, October 30 at 12:00 PM Pacific time. If time zones have got you down, we have a handy time zone converter.

Click that speech bubble to the right, and you’ll be taken directly to the Hack Chat group on Hackaday.io. You don’t have to wait until Wednesday; join whenever you want and you can see what the community is talking about.

Hackaday Links: October 27, 2019

October 27, 2019 by Dan Maloney 13 Comments

A year ago, we wrote about the discovery of treasure trove of original documentation from the development of the MOS 6502 by Jennifer Holdt-Winograd, daughter of ~~the late~~ Terry Holdt, the original program manager on the project. Now, Ms. Winograd has created a website to celebrate the 6502 and the team that built it. There’s an excellent introductory video with a few faces you might recognize, nostalgia galore with period photographs that show the improbable styles of the time, and of course the complete collection of lab notes, memos, and even resumes of the team members. If there were a microchip hall of fame – and there is – the 6502 would be a first-round pick, and it’s great to see the history from this time so lovingly preserved.

Speaking of the 6502, did you ever wonder what the pin labeled SO was for? Sure, the data sheets all say pin 38 of the original 40-pin DIP was the “Set Overflow” pin, an active low that set the overflow bit in the Processor Status Register. But Rod Orgill, one of the original design engineers on the 6502, told a different story: that “SO” was the initials of his beloved dog Sam Orgill. The story may be apocryphal, but it’s a Good Doggo story, so we don’t care.

You may recall a story we ran not too long ago about the shortage of plutonium-238 to power the radioisotope thermoelectric generators (RTGs) for deep-space missions. The Cold War-era stockpiles of Pu-238 were running out, but Oak Ridge National Laboratory scientists and engineers came up with a way to improve production. Now there’s a video showing off the new automated process from the Periodic Videos series, hosted by the improbably coiffed Sir Martyn Poliakoff. It’s fascinating stuff, especially seeing workers separated from the plutonium by hot-cells with windows that are 4-1/2 feet (1.4 meters) thick.

Dave Murray, better known as YouTube’s “The 8-Bit Guy”, can neither confirm nor deny the degree to which he participated in the golden age of phone phreaking. But this video of his phreaking presentation at the Portland Retro Gaming Expo reveals a lot of suspiciously detailed knowledge about the topic. The talk starts at 4:15 or so and is a nice summary of blue boxes, DTMF hacks, war dialing, and all the ways we curious kids may or may not have kept our idle hands busy before the Interwebz came along.

Do you enjoy a puzzle? We sure do, and one was just laid before us by a tipster who prefers to stay anonymous, but for whom we can vouch as a solid member of the hacker community. So no malfeasance will befall you by checking out the first clue, a somewhat creepy found footage-esque video with freaky sound effects, whirling clocks, and a masked figure reading off strings of numbers in a synthesized voice. Apparently, these clues will let you into a companion website. We worked on it for a bit and have a few ideas about how to crack this code, but we don’t want to give anything away. Or more likely, mislead anyone.

And finally, if there’s a better way to celebrate the Spooky Season than to model predictions on how humanity would fare against a vampire uprising, we can’t think of one. Dominik Czernia developed the Vampire Apocalypse Calculator to help you decide when and if to panic in the face of an uprising of the ~~undead~~ metabolically ambiguous. It supports several models of vampiric transmission, taken from the canons of popular genres from literature, film, and television. The Stoker-King model makes it highly likely that vampires would replace humans in short order, while the Harris-Meyer-Kostova model of sexy, young vampires is humanity’s best bet except for having to live alongside sparkly, lovesick vampires. Sadly, the calculator is silent on the Whedon model, but you can set up your own parameters to model a world with Buffy-type slayers at your leisure. Or even model the universe of The Walking Dead to see if it’s plausible that humans are still alive 3599 days into the zombie outbreak.

Hackaday Podcast 041: The “How Not To” Episode Of Rebreathers, Chain Sprockets, Hovercraft, And Data Logging

October 25, 2019 by Mike Szczys 4 Comments

Hackaday Editors Mike Szczys and Elliot Williams shed some light on a true week of hacks. It seems as though all kinds of projects are doing this the “wrong” way this week and its delightful to see what they learn along the way. Hovercraft can work using the Coandă effect which uses the blowers on the outside. You can dump your Linux logs to soldered-on eMMC memory, and chain sprockets can be cut from construction brackets. If you really want to build your own rebreather you can. All of these hacks work, and seeing how to do something differently is an inspiring tribute to the art of hardware hacking… you can learn a lot by asking yourself why these particular techniques are not the most commonly used.

Plus, Mike caught up with Alessandro Ranellucci at Maker Faire Rome last weekend. In addition to being the original author of slic3r, Alessandro has been Italy’s Open Source lead for the last several years. He talks about the legislation that was passed earlier this year mandating that software commissioned by the government must now be Open Source and released with an open license.

Take a look at the links below if you want to follow along, and as always tell us what you think about this episode in the comments!

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (60 MB or so.)

Continue reading “Hackaday Podcast 041: The “How Not To” Episode Of Rebreathers, Chain Sprockets, Hovercraft, And Data Logging” →

This Week In Security: The Robots Are Watching, Insecure VPNs, Graboids, And Biometric Fails

October 25, 2019 by Jonathan Bennett 10 Comments

A Japanese hotel chain uses robots for nearly everything. Check in, room access, and most importantly, bedside service. What could possibly go wrong with putting embedded Android devices, complete with mics and cameras, right in every hotel room? While I could imagine bedside robots ending badly in many ways, today we’re looking at the possibility that a previous guest installed an app that can spy on the room. The kiosk mode used on these devices left much to be desired. Each bot has an NFC reader, and all it takes is an URL read by that reader to break out of the kiosk jail. From there, a user has full access to the Android system underneath, and can install whatever software they wish.

[Lance Vick] discovered this potential problem way back in July, and after 90 days of inaction has released the vulnerability. More of these hotels are being rolled out for the 2020 Olympics, and this sort of vulnerability is sure to be present in other similar kiosk devices.

VPN Compromise

In March 2018, a server in a Finnish data center was compromised through a remote management system. This was probably a Baseboard Management Controller (BMC), which is as dangerous as it is useful. Most BMCs have their own Ethernet adapter, not controlled by the host computer, and allows a remote user to access the machine just as if they had a monitor and keyboard connected to it. This particularly server was one rented by NordVPN, who was apparently not notified of the data center breach.

So what was captured from this server? Apparently the OpenVPN credentials stored on that server, as well as a valid TLS key. (Document mirror via TechCrunch) It’s been noted that this key is now expired, which does mean that it’s not being actively exploited. There were, however, about 7 months between the server break-in and the certificate expiration, during which time it could have been used for man-in-the-middle attacks.

NordVPN has confirmed the breach, and tried to downplay the potential impact. This report doesn’t seem to entirely match the leaked credentials. An attacker with this data and root access to the server would have likely been able to decrypt VPN traffic on the fly.

Graboid

Named in honor of a certain sci-fi worm, Graboid is an unusual piece of malware aimed at Docker instances. It is a true worm, in that compromised hosts are used to launch attacks against other vulnerable machines. Graboid isn’t targeting a Docker vulnerability, but simply looking for an unsecured Docker daemon exposed to the internet. The malware downloads malicious docker images, one of which is used for crypto-currency mining, while another attempts to compromise other servers.

Graboid has an unusual quirk — the quirk that earned it the name: It doesn’t constantly mine or attempt to spread, but waits over a minute between bursts of activity. This was likely an attempt to mask the presence of mining malware. It’s notable that until discovered, the malicious Docker images were hosted on the Docker Hub. Be careful what images you trust, and look for the “Docker Official Image” tag.

Iran and Misdirection

Remember a couple weeks ago, when we discussed the difficulty of attack attribution? It seems a healthy dose of such paranoia might be warranted. The American NSA and British NCSC revealed that they now suspect Russian actors compromised Iranian infrastructure and deployed malware developed by Iranian coders. The purpose of this seems to have been redirection — to compromise targets and put the blame on Iran. To date it’s not certain that this particular gambit fooled any onlookers, but this is likely not the only such effort.

Android Biometrics

New Android handsets have had a rough week. First, the Samsung Galaxy S10 had an issue with screen protectors interfering with the under-the-screen fingerprint reader. This particular problem seems to only affect fingerprints that are enrolled after a screen protector has been applied. With the protector still in place, anyone’s fingerprint is able to unlock the device. What’s happening here seems obvious. The ultrasonic fingerprint scanner isn’t able to penetrate the screen protector, so it’s recording an essentially blank fingerprint. A patch to recognize these blank prints has been rolled out to devices in Samsung’s home country of South Korea, with the rest of the world soon to follow.

The second new handset is the Google Pixel 4, which includes a new Face Unlock feature. While many have praised the feature, there is trouble in paradise. The Pixel’s Face Unlock works even when the user is asleep or otherwise unmoving. To their credit, Apple’s Face ID also checks for user alertness, trying to avoid unlocking unless the user is intentionally doing so.

The humorous scenario is a child or spouse unlocking your phone while you’re asleep, but a more sobering possibility is your face being used against you unwillingly, or even while unconscious or dead. Based on leaks, it’s likely that there was an “eyes open” mode planned but cut before launch. Hopefully the bugs can be worked out of that feature, and it can be re-added in a future update. Until then, it’s probably best not to use Google’s Face Unlock on Pixel 4 devices.

Hackaday

Hackaday Columns

4431 Articles