News

3606 Articles

The Trouble With Hubble: Payload Computer Glitch Stops Science At The Space Observatory

July 2, 2021 by 21 Comments

The Hubble Space Telescope’s remarkably long service life and its string of astonishing contributions to astronomy belie its troubled history. Long before its launch into low Earth orbit in 1990, Hubble suffered from design conflicts, funding and budgetary pressures, and even the death of seven astronauts. Long delayed, much modified, and mistakenly sent aloft with suboptimal optics, Hubble still managed to deliver results that have literally changed our view of the universe, and is perhaps responsible for more screensaver and desktop pictures than any other single source.

But all of that changed on June 13 of this year, when Hubble suffered a computer glitch that interrupted the flow of science data from the orbiting observatory. It’s not yet clear how the current issue with Hubble is going to pan out, and what it all means for the future of this nearly irreplaceable scientific asset. We all hope for the best, of course, but while we wait to see what happens, it’s worth taking the opportunity to dive inside Hubble for a look at its engineering and what exactly has gone wrong up there.

Continue reading “The Trouble With Hubble: Payload Computer Glitch Stops Science At The Space Observatory”

This Week In Security: Bad Signs From Microsoft, An Epyc VM Escape

July 2, 2021 by 14 Comments

Code signing is the silver bullet that will save us from malware, right? Not so much, particularly when vendors can be convinced to sign malicious code. Researchers at G DATA got a hit on a Windows kernel driver, indicating it might be malicious. That seemed strange, since the driver was properly signed by Microsoft. Upon further investigation, it became clear that this really was malware. The file was reported to Microsoft, the signature revoked, and the malware added to the Windows Defender definitions.

The official response from Microsoft is odd. They start off by assuring everyone that their driver signing process wasn’t actually compromised, like you would. The next part is weird. Talking about the people behind the malware: “The actor’s goal is to use the driver to spoof their geo-location to cheat the system and play from anywhere. The malware enables them to gain an advantage in games and possibly exploit other players by compromising their accounts through common tools like keyloggers.” This doesn’t seem to really match the observed behavior of the malware — it seemed to be decoding SSL connections and sending the data to the C&C server. We’ll update you if we hear anything more on this one.
Continue reading “This Week In Security: Bad Signs From Microsoft, An Epyc VM Escape”

Adding A Gentle Touch To Prosthetic Limbs With Somatosensory Stimulation

June 30, 2021 by 5 Comments

When Nathan Copeland suffered a car accident in 2004, damage to his spinal cord at the C5/C6 level resulted in tetraplegic paralysis. This left him initially at the age of 18 years old to consider a life without the use of his arms or legs, until he got selected in 2014 for a study at the University of Pittsburgh involving the controlling of a robotic limb using nothing but one’s mind and a BCI.

While this approach, as replicated in various other studies, works well enough for simple tasks, it comes with the major caveat that while it’s possible to control this robotic limb, there is no feedback from it. Normally when we try to for example grab an object with our hand, we are aware of the motion of our arm and hand, until the moment when our fingers touch the object which we’re reaching for.

In the case of these robotic limbs, the only form of feedback was of the visual type, where the user had to look at the arm and correct its action based on the observation of its position. Obviously this is far from ideal, which is why Nathan hadn’t just been implanted with Utah arrays that read out his motor cortex, but also arrays which connected to his somatosensory cortex.

As covered in a paper by Flesher et al. in Nature, by stimulating the somatosensory cortex, Nathan has over the past few years regained a large part of the sensation in his arm and hand back, even if they’re now a robotic limb. This raises the question of how complicated this approach is, and whether we can expect it to become a common feature of prosthetic limbs before long. Continue reading “Adding A Gentle Touch To Prosthetic Limbs With Somatosensory Stimulation”

The Great Windows 11 Computer Extinction Experiment

June 29, 2021 by 294 Comments

There was a time when a new version of Windows was a really big deal, such the launch of Windows 95 for which the tones of the Rolling Stones’ Start me up could be heard across all manner of media outlets. Gradually over years this excitement has petered out, finally leaving us with Windows 10 that would, we were told, be the last ever version of the popular operating system and thence only receive continuous updates

But here we are in 2021, and a new Windows has been announced. Windows 11 will be the next latest and greatest from Redmond, but along with all the hoopla there has been an undercurrent of concern. Every new OS comes with a list of hardware requirements, but those for Windows 11 seem to go beyond the usual in their quest to cull older hardware. Aside from requiring Secure Boot and a Trusted Platform Module that’s caused a run on the devices, they’ve struck a load of surprisingly recent processors including those in some of their current Surface mobile PCs off their supported list, and it’s reported that they will even require laptops to have front-facing webcams if they wish to run Windows 11.

Continue reading “The Great Windows 11 Computer Extinction Experiment”

This Week In Security: Schemeflood, Modern Wardialing, And More!

June 25, 2021 by 17 Comments

There’s been yet another technique discovered to fingerprint users, and this one can even work in the Tor browser. Scheme flooding works by making calls to application URLs, something like steam://browsemedia. If your machine supports the requested custom URL, a pop-up is displayed, asking permission to launch the external application. That pop-up can be detected by JavaScript in the browser. Detect enough apps, and you can build a reasonable fingerprint of the system the test is run on. Unlike some previous fingerprinting techniques, this one isn’t browser dependent — it will theoretically give the same results for any browser. This means even the Tor browser, or any browser being used over the Tor network, can give your potentially unique set of installed programs away.

Now for the good news. The Chrome devs are already working on this issue, and in fact, Chrome on my Linux desktop didn’t respond to the probes in a useful way. Feel free to check out the demo, and see if the results are accurate. And as for Tor, you really should be running that on a dedicated system or in a VM if you really need to stay anonymous. And disable JavaScript if you don’t want the Internet to run code on your computer.
Continue reading “This Week In Security: Schemeflood, Modern Wardialing, And More!”

Rocky Linux Is Ready For Prime Time!

June 24, 2021 by 23 Comments

For some small percentage of the Hackaday crowd, our world got turned upside down at the end of last year, when Red Hat announced changes to CentOS. That distro is the official repackage of Red Hat Enterprise Linux, providing a free, de-branded version of RHEL. The big problem was that CentOS 8 support has been cut way short, ending at the end of 2021 instead of the expected 2029. This caused no shortage of consternation in the community, and a few people and companies stepped forward to provide their own CentOS alternative, with AlmaLinux and Rocky Linux being the two most promising. AlmaLinux minted their first release in March, but the Rocky project made the decision to take things a bit slower. The wait is over, and the Rocky Linux 8.4 release is ready.

Not only are there ISOs for new installs, there is also a script to convert a CentOS 8 install to Rocky. Now before you run out and convert all your CentOS machines, there are a few caveats. First, the upgrade script is still being tested and fixed as problems are found. The big outstanding issue is that Secure Boot isn’t working yet. The process of spinning up a new Secure Boot shim and getting it properly signed is non-trivial, and takes time. The plan is to do an 8.4 re-release when the shim is ready, so keep an eye out for that, if you need Secure Boot support.

The future looks bright for enterprise Linux, with options such as Rocky Linux, AlmaLinux, and even CentOS Stream. It’s worth noting that Rocky has a newly formed company behind it, CIQ, offering support if you want it. The Rocky crew is planning a launch party online on June 25th, so tune in if that’s your thing. Regardless of which Linux OS you run, it’s good to have Rocky in the game.

ISS Gets Roll-Out Solar Panels In Post-Shuttle Fix

June 24, 2021 by 18 Comments

Astronauts are currently installing the first of six new solar arrays on the International Space Station (ISS), in a bid to bolster the reduced power generation capability of the original panels which have now been in space for over twenty years. But without the Space Shuttle to haul them into orbit, developing direct replacements for the Stations iconic 34 meter (112 foot) solar “wings” simply wasn’t an option. So NASA has turned to next-generation solar arrays that roll out like a tape measure and are light and compact enough for the SpaceX Dragon to carry them into orbit.

Space Shuttle Atlantis carrying part of the ISS truss.

Considering how integral the Space Shuttle was to its assembly, it’s hardly a surprise that no major modules have been added to the ISS since the fleet of winged spacecraft was retired in 2011. The few small elements that have been installed, such as the new International Docking Adapters and the Nanoracks “Bishop” airlock, have had to fit into the rear unpressurized compartment of the Dragon capsule. While a considerable limitation, NASA had planned for this eventuality, with principle construction of the ISS always intended to conclude upon the retirement of the Shuttle.

But the International Space Station was never supposed to last as long as it has, and some components are starting to show their age. The original solar panels are now more than five years beyond their fifteen year service life, and while they’re still producing sufficient power to keep the Station running in its current configuration, their operational efficiency has dropped considerably with age. So in January NASA announced an ambitious timeline for performing upgrades the space agency believes are necessary to keep up with the ever-increasing energy demands of the orbiting laboratory.

Continue reading “ISS Gets Roll-Out Solar Panels In Post-Shuttle Fix”