News

3606 Articles

Fixing Joy-Con Drift With Recycle Bin Parts

July 16, 2021 by 16 Comments

Have you seen this yet? YouTuber [VK’s Channel] claims to have a permanent fix for Joy-Con drift — the tendency for Nintendo Switch controllers to behave as though they’re being moved around when they’re not even being touched. Like everyone else, [VK’s Channel] tried all the usual suspects: compressed air, isopropyl alcohol, contact cleaner, and even WD-40. But these are only temporary fixes, and the drift always comes back. None of the other fixes so far are permanent, either, like shimming the flat cable that connects the stick to the mobo, adding graphite to the worn pads inside, or trying to fix a possible bad antenna connection.

While calibrating a drifting Joy-Con, [VK’s Channel] noticed that applying pressure near the Y and B buttons corrected the issue immediately, so they got the idea to add a 1mm thick piece of card stock inside. [VK’s Channel] believes the issue is that there is no fastener connecting the plastic part of the joystick to the metal part on the bottom. Over time, using the joystick causes the bottom to sag, which makes the metal contacts inside lose their grip on the graphite pads. It’s been two months now and there is absolutely no drift in either of the Joy-Cons that [VK’s Channel] has shored up this way.

Nintendo is now fixing Joy-Cons for free. The problem is that they are replacing irreparable ones outright, so you have to agree that you will settle for a plain old gray, red, or blue instead of your special edition Zelda controllers or whatever you send them. Hopefully, this really is a permanent fix, and that Nintendo gives [VK’s Channel] a job.

You could forego the joysticks altogether and swap them out for touchpads. Suffering from XBOX drift instead? We have just the thing.

Continue reading “Fixing Joy-Con Drift With Recycle Bin Parts”

The Fix Is In: Hubble’s Troubles Appear Over For Now

July 16, 2021 by 29 Comments

Good news this morning from low Earth orbit, where the Hubble Space Telescope is back online after a long and worrisome month of inactivity following a glitch with the observatory’s payload computer.

We recently covered the Hubble payload computer in some depth; at the time, NASA was still very much in the diagnosis phase of the recovery, and had yet to determine a root cause. But the investigation was pointing to one of two possible culprits: the Command Unit/Science Data Formatter (CU/SDF), the module that interfaces the various science instruments, or the Power Control Unit (PCU), which provides regulated power for everything in the payload computer, more verbosely known as the SI C&DH, or Scientific Instrument Command and Data Handling Unit.

In the two weeks since that report, NASA made slow but steady progress, methodically testing every aspect of the SI C&DH. It wasn’t until just two days ago, on July 14, that NASA made a solid determination on root cause: the Power Control Unit, or more specifically, the power supply protection circuit on the PCU’s 5-volt rail. The circuit is designed to monitor the rail for undervoltage or overvoltage conditions, and to order the SI C&DH to shut down if the voltage is out of spec. It’s not entirely clear whether the PCU is actually putting out something other than 5 volts, or if the protection circuit has perhaps degraded since the entire SI C&DH was replaced in the last service mission in 2009. But either way, the fix is the same: switch to the backup PCU, a step that was carefully planned out and executed on July 15th.

To their credit, the agency took pains that everyone involved would be free from any sense of pressure to rush a fix — the 30-year-old spacecraft was stable, its instruments were all safely shut down, and so the imperative was to fix the problem without causing any collateral damage, or taking a step that couldn’t be undone. And further kudos go to NASA for transparency — the web page detailing their efforts to save Hubble reads almost like a build log on one of our projects.

There’s still quite a bit of work to be done to get Hubble back into business — the science instruments have to be woken up and checked out, for instance — but if all goes well, we should see science data start flowing back from the space telescope soon. It’s a relief that NASA was able to pull this fix off, but the fact that Hubble is down to its last backup is a reminder Hubble’s days are numbered, and that the best way to honor the feats of engineering derring-do that saved Hubble this time and many times before is to keep doing great science for as long as possible.

This Week In Security: REvil Goes Dark, Kaseya Cleanup, Android Updates, And Terrible Firmware

July 16, 2021 by 16 Comments

The funniest thing happened to REvil this week. Their online presence seems to have disappeared.
Their Tor sites as well as conventional sites all went down about the same time Tuesday morning, leading to speculation that they may have been hit by a law enforcement operation. This comes on the heels of a renewed push by the US for other countries, notably Russia, to crack down on ransomware groups operating within their borders. If it is a coordinated takedown, it’s likely a response to the extremely widespread 4th of July campaign launched via the Kaseya platform. Seriously, if you’re going to do something that risks ticking off Americans, don’t do it on the day we’re celebrating national pride by blowing stuff up.

Speaking of Kaseya, they have finished their analysis, and published a guide for safely powering on their VSA on-premise hardware. Now that the fixes are available, more information about the attack itself is being released. Truesec researchers have been following this story in real time, and even provided information about the attack back to Kaseya, based on their observations. Their analysis shows that 4 separate vulnerabilities were involved in the attack. First up is an authentication bypass. It takes advantage of code that looks something like this: Continue reading “This Week In Security: REvil Goes Dark, Kaseya Cleanup, Android Updates, And Terrible Firmware”

Amazon Drones Don’t Go Far

July 15, 2021 by 41 Comments

If you are like us, you’ve wondered what all the hoopla about drones making home deliveries is about. Our battery-operated vehicles carry very little payload and still don’t have a very long range. Add sophisticated smarts and a couple of delivery packages and you are going to need a lot more battery. Or maybe not. Amazon’s recent patent filing shows a different way to do it.

In the proposed scheme, a delivery truck drives to a neighborhood and then deploys a bunch of wheeled or walking drones to deliver in the immediate area. Not only does that reduce the range requirement, but there are other advantages, as well.

Continue reading “Amazon Drones Don’t Go Far”

The Linux Kernel 5.14 Audio Update

July 13, 2021 by 39 Comments

You may remember the Pipewire coverage we ran a couple weeks ago, and the TODO item to fix up Firewire device support with Pipewire. It turns out that this is an important feature for kernel hackers, too, because the Alsa changes just got pulled into the 5.14 kernel, and included is the needed Firewire audio work. Shout-out to [Marcan] for pointing out this changeset. Yes, that’s the same as [Hector Martin], the hacker bringing Linux to the M1, who also discovered M1racles. We’ve covered some of his work before.

It turns out that some Firewire audio devices expect timing information in the delivery stream to match the proper playback time for the audio contained in the stream. A naive driver ends up sending packets of sound to the Firewire device that wanted to be played before the packet arrives. No wonder the devices didn’t work correctly. I’m running a 5.14 development kernel, and so far my Focusrite Saffire Pro40 has been running marvelously, where previous kernels quickly turned its audio into a crackling mess.

There is another fix that’s notable for Pipewire users, a reduction in latency for USB audio devices. That one turned out to be not-quite-correct, leading to a hang in the kernel on Torvald’s machine. It’s been reverted until the problem can be corrected, but hopefully this one will land for 5.14 as well. (Edit: The patch was cleaned up, and has been pulled for 5.14. Via Phoronix.) Let us know if you’d like to see more kernel development updates!

Checking Up On Earth’s Sister Planet: NASA’s Upcoming Venus Missions

July 9, 2021 by 36 Comments

Even as we bask in the knowledge that our neighboring planet Mars is currently home to a multitude of still functional landers, a triplet of rovers and with an ever-growing satellite network as well as the first ever flying drone on another planet, our other neighboring planet Venus is truly playing the wallflower, with Japan’s Akatsuki orbiter as the lone active Venusian mission right now.

That is about to change, however, with NASA having selected two new missions that will explore Venus by the end of this decade. The DAVINCI+ and VERITAS missions aim to respectively characterize Venus’ atmosphere and map its surface in unprecedented detail. This should provide us information about possible tectonic activity, as well as details about the Venusian atmosphere which so far have been sorely missing.

Despite Venus being the closest match to our planet Earth, how is it possible that we have been neglecting it for so long, and what can we expect from future missions, including and beyond these two new NASA missions?

Continue reading “Checking Up On Earth’s Sister Planet: NASA’s Upcoming Venus Missions”

This Week In Security: Print Nightmare Continues, Ransomware Goes Bigger, And ATM Jackpots!

July 9, 2021 by 29 Comments

For the second time, Microsoft has attempted and failed to patch the PrintNightmare vulnerability. Tracked initially as CVE-2021-1675, and the second RCE as CVE-2021-34527. We warned you about this last week, but a few more details are available now. The original reporter, [Yunhai Zhang] confirms our suspicions, stating on Twitter that “it seems that they just test with the test case in my report”.

Microsoft has now shipped an out-of-band patch to address the problem, with the caveat that it’s known not to be a perfect fix, but should eliminate the RCE element of the vulnerability. Except … if the server in question has the point and print feature installed, it’s probably still vulnerable. And to make it even more interesting, Microsoft says they have already seen this vulnerability getting exploited in the wild. Continue reading “This Week In Security: Print Nightmare Continues, Ransomware Goes Bigger, And ATM Jackpots!”