News

3539 Articles

A Coolant Leak The Likely Culprit For Aussie Tesla Battery Bank Fire

September 28, 2021 by 36 Comments

Followers of alternative energy technology will remember how earlier in the year a battery container at Tesla’s Megapack Australian battery grid storage plant caught fire. Lithium ion batteries are not the easiest to extinguish once aflame, but fortunately the fire was contained to only two of the many battery containers on the site.

The regulator Energy Safe Victoria have completed their investigation into the incident, and concluded that it was caused by a coolant leak in a container which caused an electrical component failure that led to the fire. It seems that the container was in a service mode at the time so its protection systems weren’t active, and that also its alarm system was not being monitored. They have required that cooling systems should henceforth be pressure tested and inspected for leaks, and that alarm procedures should be changed for the site.

When a new technology such as large-scale battery storage is brought on-line, it is inevitable that their teething troubles will include catastrophic failures such as this one. The key comes in how those involved handle them, and for that we must give Tesla and the site’s operators credit for their co-operation with the regulators. The site’s modular design and the work of the firefighters in cooling the surrounding packs ensured that a far worse outcome was averted. Given these new procedures, it’s hoped that future installations will be safer still.

You can read our original coverage of the fire here, if you’re interested in more information.

[Main image source: CFA]

Image of CFS's SPARC reactor

Commonwealth Fusion’s 20 Tesla Magnet: A Bright SPARC Towards Fusion’s Future

September 27, 2021 by 62 Comments

After decades of nuclear fusion power being always ten years away, suddenly we are looking at a handful of endeavours striving to be the first to Q > 1, the moment when a nuclear fusion reactor will produce more power than is required to drive the fusion process in the first place. At this point the Joint European Torus (JET) reactor holds the world record with a Q of 0.67.

At the same time, a large international group is busily constructing the massive ITER tokamak test reactor in France, although it won’t begin fusion experiments until the mid-2030s. The idea is that ITER will provide the data required to construct the first DEMO reactors that might see viable commercial fusion as early as the 2040s, optimistically.

And then there’s Commonwealth Fusion Systems (CFS), a fusion energy startup.  Where CFS differs is that they don’t seek to go big, but instead try to make a tokamak system that’s affordable, compact and robust. With their recent demonstration of a 20 Tesla (T) high-temperature superconducting (HTS) rare-earth barium copper oxide (ReBCO) magnet field coil, they made a big leap towards their demonstration reactor: SPARC.

A Story of Tokamaks

CFS didn’t appear out of nowhere. Their roots lie in the nuclear fusion research performed since the 1960s at MIT, when a scientist called Bruno Coppi was working on the Alcator A (Alto Campo Toro being Italian for High Field Torus) tokamak, which saw first plasma in 1972. After a brief period with a B-revision of Alcator, the Alcator C was constructed with a big power supply upgrade. Continue reading “Commonwealth Fusion’s 20 Tesla Magnet: A Bright SPARC Towards Fusion’s Future”

NYT Crossword Decision Puzzles Many

September 24, 2021 by 48 Comments

Over at the New York Times (NYT) crossword puzzle desk, newly-appointed Games Editorial Director Everdeen Mason has caused a bit of a ruckus and hubbub (both six letter words with U as the 2nd and 5th letter) among digital puzzle solvers. In a short article published in early August, Ms. Mason announced the end of support for the crossword-solving program Across Lite, abruptly terminating a relationship between the two organizations spanning 25 years. But the ramifications extend much deeper than just one application.

The NYT first published its now-famous crossword puzzle back in 1942, appearing every Sunday, and in 1950 it became a daily feature. In 1993, Will Shortz was chosen as the fourth Crossword Puzzle Editor, a position he still holds today. The NYT online crossword puzzles first appeared in 1996 — puzzle files could be downloaded by modem and solved offline using the program Across Lite.

Modems aside, this basic method has continued until now, and a variety of programs and apps have sprung up over the years that allow not only offline play, but with tailored feature sets, such as support for the visually impaired, puzzle fanatics, puzzle creators, team playing, etc. Naturally the NYT joined the party as well, offering the crossword puzzles online and via smart phone apps.

Continue reading “NYT Crossword Decision Puzzles Many”

This Week In Security: Somebody’s Watching, Microsoft + Linux, DDoS

September 24, 2021 by 23 Comments

In case you needed yet another example of why your IoT devices shouldn’t be exposed to the internet, a large swath of Hikvision IP Cameras have a serious RCE vulnerability. CVE-2021-36260 was discovered by the firm Watchful_IP in the UK. In Hikvision’s disclosure, they refer to the problem as a command injection vulnerability in the device’s web interface. The vuln is pre-authentication, and requires no user interaction. This could be something as simple as a language chooser not sanitizing the inputs on the back-end, and being able to use backticks or a semicolon to trigger an arbitrary command.

Now you’re probably thinking, “I don’t use Hikvision cameras.” The sneaky truth is that a bunch of cameras with different brand names are actually Hikvision hardware, with their firmware based on the Hikvision SDK. The outstanding question about this particular vulnerability is whether it’s present in any of the re-labelled cameras. Since the exact vulnerability has yet to be disclosed, it’s hard to know for sure whether the relabeled units are vulnerable.  But if we were betting… Continue reading “This Week In Security: Somebody’s Watching, Microsoft + Linux, DDoS”

[Look Mum No Computer] sits inside his new museum of obsolete technology and synth oddities.

This (Obsolete Technology) Museum Is (Not) Obsolete

September 24, 2021 by 11 Comments

You know, we’re not sure how this escaped our attention for so long. Blame it on the summer heat. Did you know that [Look Mum No Computer] opened a museum of obsolete technology a few weeks ago?

Inside a new museum of obsolete technology and synth oddities.This Museum is (Not) Obsolete is located by the seaside in the Ramsgate section of Kent, England, where you’ll also find the Micro Museum, a collection of computing and video game history. [LMNK] says it took 10 months to build the museum, which is a maze of vintage delights including decades of computers and computer accessories, signal generators, VFDs, vacuum tubes, old phone equipment, and 50 years’ worth of 150-in-one electronics kits. This list doesn’t even sort of start to scratch the surface.

Around every turn there are forgotten technological gems and never-heard-ofs, plus the space is peppered with [LMNK]’s own superb synth creations. (Who could forget the Furby Organ?) The goal is to make it as interactive as possible, and to keep growing the collection. So far, [LMNK] has welcomed visitors of all backgrounds and ages, which is exactly what he was after. Can’t quite make it to Ramsgate? Us either. Do what we did and take the video tour below.

If you can get there, you might want to check out the National Museum of Computing, too.

Continue reading “This (Obsolete Technology) Museum Is (Not) Obsolete”

Rescuing A Wacom Digitizer From A Broken Lenovo Yoga Book

September 23, 2021 by 5 Comments

The Lenovo Yoga Book is a interesting thing, featuring a touch-surface keyboard that also doubles as a Wacom tablet. [TinLethax] sadly broke the glass of this keyboard when trying to replace a battery in their Yoga Book, but realised the Wacom digitizer was still intact. Thus began a project to salvage this part and repurpose it for the future.

The first step was to reverse engineer the hardware; as it turns out, the digitizer pad connects to a special Wacom W9013 chip which holds the company’s secret sauce (secret smoke?). As the GitHub page for [TinLethax]’s WacomRipoff driver explains, however, the chip communicates over I2C. Thus, it was a simple enough job to hook up a microcontroller, in this case an STM32 part, and then spit out USB HID data to a host.

It hasn’t all been smooth sailing, and it’s not 100% feature complete, but [TinLethax] was able to get the digitizer working as a USB HID input device. It appears the buttons and pressure sensitivity are functional, too.

If you’ve got a disused or defunct Yoga Book lying around, you might just consider the same mods yourself. We’ve seen some other great hacks in this space, too. Video after the break.

Continue reading “Rescuing A Wacom Digitizer From A Broken Lenovo Yoga Book”

Bluetooth Vulnerability: Arbitrary Code Execution On The ESP32, Among Others

September 23, 2021 by 21 Comments

Bluetooth has become widely popular since its introduction in 1999. However, it’s also had its fair share of security problems over the years. Just recently, a research group from the Singapore University of Technology and Design found a serious vulnerability in a large variety of Bluetooth devices. Having now been disclosed, it is known as the BrakTooth vulnerability.

Full details are not yet available; the research team is waiting until October to publicly release proof-of-concept code in order to give time for companies to patch their devices. The basic idea however, is in the name. “Brak” is the Norweigan word for “crash,” with “tooth” referring to Bluetooth itself. The attack involves repeatedly attempting to crash devices to force them into undesired operation.

The Espressif ESP32 is perhaps one of the worst affected. Found in all manner of IoT devices, the ESP32 can be fooled into executing arbitrary code via this vulnerability, which can do everything from clearing the devices RAM to flipping GPIO pins. In smart home applications or other security-critical situations, this could have dire consequences.

Other chipsets are affected to varying degrees, including parts from manufacturers like Texas Instruments and Cypress Semiconductor. Some parts are vulnerable to denial of service, while audio devices may be frozen up or shut down by the attack. The group claims over 1400 products could be affected by the bug.

Firmware patches are being rolled out, and researcher [Matheus E. Garbelini] has released code to build a sniffer device for the vulnerability on GitHub. If you’re involved with the design or manufacture of Bluetooth hardware, it might pay to start doing some homework on this one! Concerned vendors can apply for proof-of-concept test code here.