Hackaday Links: December 8, 2019

December 8, 2019 by Dan Maloney 14 Comments

Now that November of 2019 has passed, it’s a shame that some of the predictions made in Blade Runner for this future haven’t yet come true. Oh sure, 109 million people living in Los Angeles would be fun and all, but until we get our flying cars, we’ll just have to console ourselves with the ability to “Enhance!” photographs. While the new service, AI Image Enlarger, can’t tease out three-dimensional information, the app is intended to sharpen enlargements of low-resolution images, improving the focus and bringing up details in the darker parts of the image. The marketing material claims that the app uses machine learning, and is looking for volunteers to upload high-resolution images to improve its training set.

We’ve been on a bit of a nano-satellite bender around here lately, with last week’s Hack Chat discussing simulators for CubeSats, and next week’s focusing on open-source thrusters for PocketQube satellites. So we appreciated the timing of a video announcing the launch of the first public LoRa relay satellite. The PocketCube-format satellite, dubbed FossaSat-1, went for a ride to space along with six other small payloads on a Rocket Lab Electron rocket launched from New Zealand. Andreas Spiess has a short video preview of the FossaSat-1 mission, which was designed to test the capabilities of a space-based IoT link that almost anyone can access with cheap and readily available parts; a ground station should only cost a couple of bucks, but you will need an amateur radio license to uplink.

We know GitHub has become the de facto standard for source control and has morphed into a collaboration and project management platform used by everybody who’s anybody in the hacking community. But have you ever wished for a collaboration platform that was a little more in tune with the needs of hardware designers? Then InventHub might be of interest to you. Currently in a limited beta – we tried to sign up for the early access program but seem to have been put on a waiting list – it seems like this will be a platform that brings versioning directly to the ECAD package of your choice. Through plugins to KiCad, Eagle, and all the major ECAD players you’ll be able to collaborate with other designers and see their changes marked up on the schematic — sort of a visual diff. It seems interesting, and we’ll be keeping an eye on developments.

Amazon is now offering a stripped-down version of their Echo smart speaker called Input, which teams up with speakers that you already own to satisfy all your privacy invasion needs on the super cheap — only $10. At that price, it’s hard to resist buying one just to pop it open, which is what Brian Dorey did with his. The teardown is pretty standard, and the innards are pretty much what you’d expect from a modern piece of surveillance apparatus, but the neat trick here involved the flash memory chip on the main board. Brian accidentally overheated it while trying to free up the metal shield over it, and the BGA chip came loose. So naturally, he looked up the pinout and soldered it to a micro-SD card adapter with fine magnet wire. He was able to slip it into a USB SD card reader and see the whole file system for the Input. It was a nice hack, and a good teardown.

Hackaday Podcast 045: Raspberry Pi Bug, Rapidly Aging Vodka, Raining On The Cloud, And This Wasn’t A Supercon Episode

December 6, 2019 by Mike Szczys 5 Comments

Hackaday editors Mike Szczys and Elliot Williams talk over the last three weeks full of hacks. Our first “back to normal” podcast after Supercon turns out to still have a lot of Supercon references in it. We discuss Raspberry Pi 4’s HDMI interfering with its WiFi, learn the differences between CoreXY/Delta/Cartesian printers, sip on Whiskey aged in an ultrasonic jewelry cleaner, and set up cloud printing that’s already scheduled for the chopping block. Along the way, you’ll hear hints of what happened at Supercon, from the definitive guide to designing LEDs for iron-clad performance to the projects people hauled along with them.

Take a look at the links below if you want to follow along, and as always tell us what you think about this episode in the comments!

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (60 MB or so.)

Continue reading “Hackaday Podcast 045: Raspberry Pi Bug, Rapidly Aging Vodka, Raining On The Cloud, And This Wasn’t A Supercon Episode” →

This Week In Security: Tegra Bootjacking, Leaking SSH, And StrandHogg

December 6, 2019 by Jonathan Bennett 9 Comments

CVE-2019-5700 is a vulnerability in the Nvidia Tegra bootloader, discovered by [Ryan Grachek], and breaking first here at Hackaday. To understand the vulnerability, one first has to understand a bit about the Tegra boot process. When the device is powered on, a irom firmware loads the next stage of the boot process from the device’s flash memory, and validates the signature on that binary. As an aside, we’ve covered a similar vulnerability in that irom code called selfblow.

On Tegra T4 devices, irom loads a single bootloader.bin, which in turn boots the system image. The K1 boot stack uses an additional bootloader stage, nvtboot, which loads the secure OS kernel before handing control to bootloader.bin. Later devices add additional stages, but that isn’t important for understanding this. The vulnerability uses an Android boot image, and the magic happens in the header. Part of this boot image is an optional second stage bootloader, which is very rarely used in practice. The header of this boot image specifies the size in bytes of each element, as well as what memory location to load that element to. What [Ryan] realized is that while it’s usually ignored, the information about the second stage bootloader is honored by the official Nvidia bootloader.bin, but neither the size nor memory location are sanity checked. The images are copied to their final position before the cryptographic verification happens. As a result, an Android image can overwrite the running bootloader code. Continue reading “This Week In Security: Tegra Bootjacking, Leaking SSH, And StrandHogg” →

Retrotechtacular: The Gyro-X

December 5, 2019 by Kristina Panos 42 Comments

In the 1950s, American automobiles bloomed into curvaceous gas-guzzlers that congested the roads. The profiles coming out of Detroit began to deflate in the 1960s, but many bloat boats were still sailing the streets. For all their hulking mass, these cars really weren’t all that stable — they still had issues with sliding and skidding.

One man sought to fix all of this by re-imagining the automobile as a sleek torpedo that would scream down the road and fly around turns. This man, Alex Tremulis, envisioned the future of the automobile as a two-wheeled, streamlined machine, stabilized by a gyroscope. He called it the Gyro-X.

Continue reading “Retrotechtacular: The Gyro-X” →

The Story Of A Secret Underground Parisian Society

December 4, 2019 by Sharon Lin 28 Comments

Deep in the heart of Paris, a series of underground tunnels snakes across the city. They cross into unkept public spaces from centuries ago that have since vanished from collective memory – abandoned basements, catacombs, and subways hundreds of miles apart.

Only a few groups still traverse these subterranean streets. One that came into public view a few years ago, Les UX (Urban eXperiment), has since claimed several refurbished developments, including restoring the long neglected Pantheon clock and building an underground cinema, complete with a bar and restaurant.

While the streets of Paris are tame during the day, at night is when Les UX really comes alive. A typical night might involve hiding in the shadows away from potential authorities roaming the streets, descending into the tunnels through a grate in the road, and carrying materials to an agreed upon drop off location. Other nights might involve wedging and climbing over pipes and ladders, following the routes into the basements of buildings left unguarded.
Continue reading “The Story Of A Secret Underground Parisian Society” →

AMSAT CubeSat Simulator Hack Chat

December 2, 2019 by Dan Maloney 1 Comment

Join us on Wednesday, December 4th at noon Pacific for the AMSAT CubeSat Simulator Hack Chat with Alan Johnston!

For all the lip service the world’s governments pay to “space belonging to the people”, they did a pretty good job keeping access to it to themselves for the first 50 years of the Space Age. Oh sure, private-sector corporations could spend their investors’ money on lengthy approval processes and pay for a ride into space, but with a few exceptions, if you wanted your own satellite, you needed to have the resources of a nation-state.

All that began to change about 20 years ago when the CubeSat concept was born. Conceived as a way to get engineering students involved in the satellite industry, the 10 cm cube form factor that evolved has become the standard around which students, amateur radio operators, non-governmental organizations, and even private citizens have designed and flown satellites to do everything from relaying ham radio messages to monitoring the status of the environment.

But before any of that can happen, CubeSat builders need to know that their little chunk of hardware is going to do its job. That’s where Alan Johnston, a teaching professor in electrical and computer engineering at Villanova University, comes in. As a member of AMSAT, the Radio Amateur Satellite Corporation, he has built a CubeSat simulator. Built for about $300 using mostly off-the-shelf and 3D-printed parts, the simulator lets satellite builders work the bugs out of their designs before committing them to the Final Frontier.

Dr. Johnston will stop by the Hack Chat to discuss his CubeSat simulator and all things nanosatellite. Come along to learn what it takes to make sure a satellite is up to snuff, find out his motivations for getting involved in AMSAT and CubeSat testing, and what alternative uses people are finding the platform. Hint: think high-altitude ballooning.

Our Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, December 4 at 12:00 PM Pacific time. If time zones have got you down, we have a handy time zone converter.

Click that speech bubble to the right, and you’ll be taken directly to the Hack Chat group on Hackaday.io. You don’t have to wait until Wednesday; join whenever you want and you can see what the community is talking about.

Supercon: The Things You Brought, And A Few You Forgot

December 2, 2019 by Kristina Panos 3 Comments

Part of the fun of Supercon is that there is so much available in one place. For the price of admission, you’re surrounded by expertise, power, and soldering irons. Digi-Key brought several large parts bins stuffed full of everything from passives to LEDs to chips for people use in hacking away on their badges. But one thing that makes the whole experience really special is the stuff people bring. We don’t just mean the projects you brought to show off, we mean the stuff you bring to enhance your Supercon experience, whether it be tools, bits and bobs, or other fun stuff to play with.

This year was my first Supercon, and you never forget your first. I had a great time, and was overwhelmed by how much awesomeness was going on in one place. I wish Supercon was a simulation I could run again and again so I could listen to every talk, attend every workshop, and spend time talking to everyone about the things they brought and the cool things they’re doing with their time and badges.

Continue reading “Supercon: The Things You Brought, And A Few You Forgot” →