This Week In Security: In Mudge We Trust, Don’t Trust That App Browser, And Firefox At Pwn2Own

August 26, 2022 by Jonathan Bennett 19 Comments

There’s yet another brouhaha forming over Twitter, but this time around it’s a security researcher making noise instead of an eccentric billionaire. [Peiter Zatko] worked as Twitter’s security chief for just over a year, from November 2020 through January 2022. You may know Zatko better as [Mudge], a renowned security researcher, who literally wrote the book on buffer overflows. He was a member at L0pht Heavy Industries, worked at DARPA and Google, and was brought on at Twitter in response to the July 2020 hack that saw many brand accounts running Bitcoin scans.

Mudge was terminated at Twitter January 2022, and it seems he immediately started putting together a whistleblower complaint. You can access his complaint packet on archive.org, with whistleblower_disclosure.pdf (PDF, and mirror) being the primary document. There are some interesting tidbits in here, like the real answer to how many spam bots are on Twitter: “We don’t really know.” The very public claim that “…<5% of reported mDAU for the quarter are spam accounts” is a bit of a handwave, as the monetizable Daily Active Users count is essentially defined as active accounts that are not bots. Perhaps Mr. Musk has a more legitimate complaint than was previously thought.
Continue reading “This Week In Security: In Mudge We Trust, Don’t Trust That App Browser, And Firefox At Pwn2Own” →

You Paid For This Paper. Now You Can Read It Without Paying Again

August 26, 2022 by Jenny List 44 Comments

There is probably very little among the topics covered here at Hackaday that doesn’t have its roots somewhere in scientific research. Semiconductor devices for example didn’t simply pop into being in Bell Labs or Texas Instruments, the scientists and engineers who created them did so standing on the shoulders of legions of earlier researchers who discovered the precursor steps that made them possible. As many readers will know, scientific research for its own sake is expensive, so much so that much of it is funded by governments, from your taxes. The research papers with the findings are then hidden from public view behind paywalls by the publishers who distribute them, an injustice which should soon be over for Americans, thanks to a White House memorandum paving the way for federally funded research to be freely available to the public at no cost by no later than 2025.

The academic publishing business originates in the days when paper was king, and it has several tiers. Officially an academic journal is usually the product of a professional body in its field, but it is normal for the publishing itself to be contracted out to a specialist academic publishing company. They accept submissions of papers, edit them, and arrange peer reviewers, before publishing the journals. Originally this was a paper process, but while journals are still printed it’s the Internet through which they are now read. The publishers pay nothing to the researcher for their paper and often only a nominal sum to the reviewers for their input, but charge a hefty subscription for access to the content. As you might imagine it’s an extremely lucrative business, so as this Hackaday scribe saw when she worked in that industry, the publishers and the learned bodies are in no hurry to kill their golden goose.

This move to open access may make few immediate waves outside the world of scientific publishing, but it affirms the principle that taxpayers should be able to see the fruits of their spending. As such it will be of benefit to less-well-off researchers and institutions worldwide. Rest in peace Aaron Swartz, if only you could have seen this day!

White House pic: Matt H. Wade, CC BY-SA 3.0.

Buy The Right To Build A Nakagin Tower Anywhere

August 25, 2022 by Jenny List 41 Comments

We’re guessing that among Hackaday’s readership are plenty of futurists, and while the past might be the wrong direction in which to look when considering futurism, we wouldn’t blame any of them for hankering for the days when futurism was mainstream.

Perhaps one of the most globally iconic buildings of that era could have been found in Tokyo, in the form of the Nakagin Capsule Tower, Kisho Kurokawa’s 1972 Metabolist apartment block. This pioneering structure, in which individual apartments were conceived as plug-in units that could be moved or changed at will, never achieved its potential and was dismantled, looking more post-apocalyptic than futuristic in early 2022, but it could live on in both digital form and reconstructed elsewhere as the rights to its design are being auctioned.

Unfortunately there appears to be some NFT mumbo-jumbo associated with the sale, but what’s up for auction is a complete CAD model along with the rights to build either real or virtual copies of the building. It’s unlikely that any Hackaday readers will pony up for their own Metabolist skyscraper, but the interest lies not only in the love of a future that never quite happened, but in the engineering behind the structure. Where this is being written as in many other places there is simultaneously a chronic housing shortage and a housing system wedded to the outdated building techniques of a previous century, so the thought of updated equivalents of the Nakagin Tower offering the chance of modular interchangeable housing in an era perhaps more suited to it than the 1970s is an intriguing one. Now that we’re living in the future, perhaps it’s time to give futurism another chance.

Regular readers will have spotted this isn’t the first time we’ve brought you a taste of futuristic living.

Header: Svetlov Artem, CC0.

2022 Hackaday Supercon: Call For Proposals Extended

August 23, 2022 by Elliot Williams 5 Comments

Good news, procrastinators and those of you who simply have not yet worked up the nerve to submit! The 2022 Hackaday Supercon Call for Proposals has been extended one more week. You’ve been waiting until the last minute? Well, it’s now one minute past the last minute, but we’ve got your back. You have until Thurs, Sep. 1 to get your talk or workshop proposal in. (We’re not extending it twice!)

Everyone has a good story to share. Whether it’s a tale of software or hardware, or that tricky “firmware” that falls somewhere in the middle, we have a crowd who would love to hear it. You almost never leave a project as the same person who entered it, and you should tell us your story. We have two talk tracks, one for shorter talks and demos of around 20 minutes, and one for epic sagas of 45 minutes or so. Whether you’re a first-time presenter or a seasoned pro, we’d like to hear about your hacks.

To sweeten the pot, all presenters get in free. So what are you waiting for? Send in your ideas now – you’ve got a couple months to get the slides into shape.

The First-Ever Kansas City Keyboard Meetup Is This Weekend

August 23, 2022 by Kristina Panos 18 Comments

Sometimes, if you wait long enough for something you want, it will come to you. Whether it’s the law of attraction or just plain laziness, it has finally happened — there’s a keyboard meetup happening within a 500-mile radius of me. As far as I know, it’s the first one ever in Kansas City. I’m going, I’m bringing weird keyboards, and I might even have some Hackaday stickers to sprinkle around.

Although the event was originally planned to take place in the side room of a coffeehouse in the historic northeast, it was quickly moved to a much larger, co-working space downtown to accommodate all the maniacs like yours truly who want to bring a whole bunch of keebs. I’m even bringing some tables, y’all.

This’ll be more than just a show and tell, because what kind of object-focused nerd gathering would be complete without a swap meet element? You’re probably going to find that all kinds of keyboards and keyboard accessories are for sale, but you also might get lucky and win a cute bag of switches from Kinetic Labs, or a 3×4 macro pad from Boardsource (who will also have stickers on hand).

Come for the cool keyboards, and stay for the conversations you’ll strike up with the awesome folks who brought them. Who knows, maybe we’ll all infiltrate the slammin’ ice cream shop down the street.

Questions? Comments? Just want to share your excitement? Come join the Discord! If you’re planning to show up on Saturday, please take a second to fill out the head count document. If you do, it’ll probably net you a deli sandwich when you get there.

If you can’t make it, that’s okay — stay tuned for coverage of the event, and start planning for the next one, because hopefully, there will be many more to come.

Main and thumbnail images by Mingwei Lim on Unsplash

Batteries Get Tiny

August 20, 2022 by Al Williams 18 Comments

Steve Martin had a comedy routine that focused on the idea of “getting small.” That probably didn’t inspire the researchers at the Institute for Integrative Nanoscience when they set out to create a sub-square-millimeter microbattery. As you might expect, you won’t be starting your car with a battery the size of a grain of sand anytime soon, but these batteries do have a surprising capacity.

The key is creating what they call “micro-swiss rolls” where the electrodes are wrapped in a tiny cylinder. This isn’t a new idea. However, creating workable rolls at the scale where a grain of rice looks huge isn’t trivial.

Continue reading “Batteries Get Tiny” →

This Week In Security: Secure Boot Bypass, Attack On Titan M, KASLR Weakness

August 19, 2022 by Jonathan Bennett 9 Comments

It’s debatable just how useful Secure Boot is for end users, but now there’s yet another issue with Secure Boot, or more specifically, a trio of signed bootloaders. Researchers at Eclypsium have identified problems in the Eurosoft, CryptoPro, and New Horizon bootloaders. In the first two cases, a way-too-flexible UEFI shell allows raw memory access. A startup script doesn’t have to be signed, and can easily manipulate the boot process at will. The last issue is in the New Horizon Datasys product, which disables any signature checking for the rest of the boot process — while still reporting that secure boot is enabled. It’s unclear if this requires a config option, or is just totally broken by default.

The real issue is that if malware or an attacker can get write access to the EFI partition, one of these signed bootloaders can be added to the boot chain, along with some nasty payload, and the OS that eventually gets booted still sees Secure Boot enabled. It’s the perfect vehicle for really stealthy infections, similar to CosmicStrand, the malicious firmware we covered a few weeks ago.
Continue reading “This Week In Security: Secure Boot Bypass, Attack On Titan M, KASLR Weakness” →