Lithium Sulfur Batteries Slated For Takeoff

August 23, 2020 by Al Williams 60 Comments

Spectrum recently published a post on a new lithium sulfur battery technology specifically targeting electric aviation applications. Although lots of electric vehicles could benefit from the new technology, airplanes are especially sensitive to heavy batteries and lithium-sulfur batteries can weigh much less than modern batteries of equivalent capacity. The Spectrum post is from Oxis Energy who is about to fly tests with the new batteries which they claim have twice the energy density of conventional lithium-ion batteries. The company also claims the batteries are safer, which is another important consideration when flying through the sky.

The batteries have a cathode comprised of aluminum foil coated with carbon and sulfur — which avoids the use of cobalt, a cost driver in traditional lithium cell chemistries. The anode is pure lithium foil. Between the two electrodes is a separator soaked in an electrolyte. The company says the batteries go through multiple stages as they discharge, forming different chemical compounds that continue to produce electricity through chemical action.

The safety factor is due to the fact that, unlike lithium-ion cells, the new batteries don’t form dendrites that short out the cell. The cells do degrade over time, but not in a way that is likely to cause a short circuit. However, ceramic coatings may provide protection against this degradation in the future which would be another benefit compared to traditional lithium batteries.

We see a lot of exciting battery announcements, but we rarely see real products with them. Time will tell if the Oxis and similar batteries based on this technology will take root.

FBI Reports On Linux Drovorub Malware

August 22, 2020 by Al Williams 26 Comments

The FBI and the NSA released a report on the Russian-based malware that attacks Linux known as Drovorub (PDF) and it is an interesting read. Drovorub uses a kernel module rootkit and allows a remote attacker to control your computer, transfer files, and forward ports. And the kernel module takes extraordinary steps to avoid detection while doing it.

What is perhaps most interesting though, is that the agencies did the leg work to track the malware to its source: the GRU — Russian intelligence. The name Drovorub translates into “woodcutter” and is apparently the name the GRU uses for the program.

A look inside the code shows it is pretty mundane. There’s a server with a JSON configuration file and a MySQL backend. It looks like any other garden-variety piece of code. To bootstrap the client, a hardcoded configuration allows the program to make contact with the server and then creates a configuration file that the kernel module actively hides. Interestingly, part of the configuration is a UUID that contains the MAC address of the server computer.

The rootkit won’t persist if you have UEFI boot fully enabled (although many Linux computers turn UEFI signing off rather than work through the steps to install an OS with it enabled). The malware is easy to spot if you dump raw information from the network, but the kernel module makes it hard to find on the local machine. It hooks many kernel functions so it can hide processes from both the ps command and the /proc filesystem. Other hooks remove file names from directory listings and also hides sockets. The paper describes how to identify the malware and they are especially interested in detection at scale — that is, if you have 1,000 Linux PCs on a network, how do you find which ones have this infection?

This is a modern spy story, but not quite what we’ve come to expect in Bond movies. “Well, Moneypenny, it appears Spectre is using the POCO library to generate UUIDs,” is hard to work into a trailer. We prefer the old days when high-tech spying meant nonlinear junction detectors, hacking Selectrics, moon probe heists, and passive bugging.

Microsoft Flight Simulator’s Data Insanity Spawns Enormous Buildings And Anomalies From OpenStreetMap

August 21, 2020 by Al Williams 32 Comments

The OpenStreetMap project is an excellent example of how powerful crowdsourced data can be, but that’s not to say the system is perfect. Invalid data, added intentionally or otherwise, can sometimes slip through the cracks and lead to some interesting problems. A fact that developers Asobo Studio are becoming keenly aware of as players explore their recently released Microsoft Flight Simulator 2020.

Like a Wiki, users can update OpenStreetMap and about a year ago, user nathanwright120 marked a 2 story building near Melbourne, Australia as having an incredible 212 floors (we think it’s this commit). The rest of his edits seem legitimate enough, so it’s a safe bet that it was simply a typo made in haste. The sort of thing that could happen to anyone. Not long after, thanks to the beauty of open source, another user picked up on the error and got it fixed up.

But not before some script written by Asobo Studio went through sucked up the OpenStreetMap data for Australia and implemented it into their virtual recreation of the planet. The result is that the hotly anticipated flight simulator now features a majestic structure in the Melbourne skyline that rises far above…everything.

The whole thing is great fun, and honestly, players probably wouldn’t even mind if it got left in as a Easter egg. It’s certainly providing them with some free publicity; in the video below you can see a player by the name of Conor O’Kane land his aircraft on the dizzying edifice, a feat which has earned him nearly 100,000 views in just a few days.

But it does have us thinking about filtering crowdsourced data. If you ask random people to, say, identify flying saucers in NASA footage, how do you filter that? You probably don’t want to take one person’s input as authoritative. What about 10 people? Or a hundred?

Continue reading “Microsoft Flight Simulator’s Data Insanity Spawns Enormous Buildings And Anomalies From OpenStreetMap” →

This Week In Security: Bluetooth Hacking, NEC Phones, And Malicious Tor Nodes

August 21, 2020 by Jonathan Bennett 4 Comments

One of the fun things about vulnerability research is that there are so many places for bugs to hide. Modern devices have multiple processors, bits of radio hardware, and millions of lines of code. When [Veronica Kovah] of Dark Mentor LLC decided to start vulnerability research on the Bluetooth Low Energy protocol, she opted to target the link layer itself, rather than the code stack running as part of the main OS. What’s interesting is that the link layer has to process data before any authentication is performed, so if a vulnerability is found here, it’s guaranteed to be pre-authentication. Also of interest, many different devices are likely to share the same BLE chipset, meaning these vulnerabilities will show up on many different devices. [Veronica] shares some great info on how to get started, as well as the details on the vulnerabilities she found, in the PDF whitepaper. (Just a quick note, this link isn’t to the raw PDF, but pulls up a GitHub PDF viewer.) There is also a video presentation of the findings, if that’s more your speed.

The first vuln we’ll look at is CVE-2019-15948, which affects a handful of Texas Instruments BT/BLE chips. The problem is in how BLE advertisement packets are handled. An advertisement packet should always contain a data length of at least six bytes, which is reserved for the sending device address. Part of the packet parsing process is to subtract six from the packet length and do a memcpy using that value as the length. A malicious packet can have a length of less than six, and the result is that the copy length integer underflows, becoming a large value, and overwriting the current stack. To actually turn this into an exploit, a pair of data packets are sent repeatedly, to put malicious code in the place where program execution will jump to.

The second vulnerability of note, CVE-2020-15531 targets a Silicon Labs BLE chip, and uses malformed extended advertisement packets to trigger a buffer overflow. Specifically, the sent message is longer than the specification says it should be. Rather than drop this malformed message, the chip’s firmware processes it, which triggers a buffer overflow. Going a step further, this chip has non-volatile firmware, and it’s possible to modify that firmware permanently. [Veronica] points out that even embedded chips like these should have some sort of secure boot implementation, to prevent these sort of persistent attacks.
Continue reading “This Week In Security: Bluetooth Hacking, NEC Phones, And Malicious Tor Nodes” →

Transparent OLED Hitting The Market With Xiaomi’s Mi TV LUX Transparent Edition

August 21, 2020 by Maya Posch 46 Comments

One of the major advantages of OLED over LCD panels is that the former can be made using far fewer layers as the pixels themselves are emitting the light instead of manipulating the light from a backlight. This led some to ask the question of whether it’s possible to make an OLED panel that is transparent or at least translucent. As Xiaomi’s new Mi TV LUX OLED Transparent Edition shows, the answer there is a resounding ‘yes’. Better yet, for a low-low price of about $7,200 you can own one of these 55″ marvels.

Transparent OLED technology is not new, of course. Back in 2018 LG was showing off a prototype TV that used one of the early transparent OLED panels. In the video that is embedded after the break, [Linus] from Linus Tech Tips goes hands-on with that LG prototype while at LG in South Korea, while including a number of crucial details from an interview from one of the engineers behind that panel.

As it turns out, merely removing the opaque backing from an OLED panel isn’t enough to make it transparent. In order for an OLED panel to become transparent, the circuitry in the pixel layer and TFT layer need to be aligned as best as possible to allow for many, many tiny holes to be punched through the display.

Looking at [Linus]’s experiences with the LG prototype, it does appear that this kind of technology would be highly suitable for signage purposes, while also allowing for something like an invisible television or display in a room that could be placed in front of a painting or other decoration. Once displaying an image, the screen is bright enough that you can comfortably make out the image. Just don’t put any bright lights behind the TV.

Anyone else anxious waiting for sub-10″ versions of these panels?

Continue reading “Transparent OLED Hitting The Market With Xiaomi’s Mi TV LUX Transparent Edition” →

IBM Reveals POWER10 CPU Based On The OpenPOWER ISA 3.1 Specification

August 19, 2020 by Maya Posch 22 Comments

This week, IBM revealed their POWER10 CPU, which may not seem too exciting since it’s primarily aimed at big iron like mainframes and servers. The real news for most is that it is the first processor to be released that is based on the open Power ISA specification v3.1. This new version of the Power ISA adds a number of new instructions as well as the notion of optionality. It updates the v3.0 specification that was released in 2015, right after the founding of the OpenPOWER Foundation.

Currently, a number of open source designs for the Power ISA exists, including MicroWatt (Power v3.0, VHDL) and the similar ChiselWatt (written in Scala-based Chisel). In June of this year, IBM also released the VHDL code for the IBM A2 processor on Github. This is a multi-core capable, 4-way multithreaded 64-bit design, with silicon-implementations running at up to 2.3 GHz and using the Power ISA v2.06 specification.

The ISA specifications and other relevant technical documentation can be obtained from the OpenPOWER website, such as for example the Power ISA v3.0B specification from 2017. The website also lists the current cores and communities around the Power ISA.

(Main image: POWER10 CPU, credit IBM)

E3D Teaches Additive 3D-Printers How To Subtract

August 18, 2020 by Sonya Vasquez 29 Comments

We might’ve thought that extrusion based 3D printers have hit their peak in performance capabilities. With the remaining process variables being tricky to model and control, there’s only so much we can expect on dimensional accuracy from extruded plastic processes. But what if we mixed machines, adding a second machining process to give the resulting part a machined quality finish? That’s exactly what the folks at E3D have been cooking up over the last few years: a toolchanging workflow that mixes milling and 3D printing into the same process to produce buttery smooth part finishes with tighter dimensional accuracy over merely 3D printing alone.

Dubbed ASMBL (Additive/Subtractive Machining By Layer), the process is actually the merging of two complimentary processes combined into one workflow to produce a single part. Here, vanilla 3D printing does the work of producing the part’s overall shape. But at the end of every layer, an endmill enters the workspace and trims down the imperfections of the perimeter with a light finishing pass while local suction pulls away the debris. This concept of mixing og coarse and fine manufacturing processes to produce parts quickly is a re-imagining of a tried-and-true industrial process called near-net-shape manufacturing. However, unlike the industrial process, which happens across separate machines on a large manufacturing facility, E3D’s ASMBL takes place in a single machine that can change tools automatically. The result is that you can kick off a process and then wander back a few hours (and a few hundred tool changes) later to a finished part with machined tolerances.

What are the benefits of such an odd complimentary concoction, you might ask? Well, for one, truly sharp outer corners, something that’s been evading 3D printer enthusiasts for years, are now possible. Layer lines on vertical surfaces all but disappear, and the dimensional tolerances of holes increases as the accuracy of the process is more tightly controlled (or cleaned up!) yielding parts that are more dimensionally accurate… in theory.

But there are certainly more avenues to explore with this mixed process setup, and that’s where you come in. ASMBL is still early in development, but E3D has taken generous steps to let you build on top of their work by posting their Fusion 360 CAM plugin, the bill-of-materials and model files for their milling tool, and even the STEP files for their toolchanging motion system online. Pushing for a future where 3d printers produce the finer details might just be a matter of participating.

It’s exciting to see the community of 3D printer designers continue to rethink the capabilities of its own infrastructure when folks start pushing the bounds beyond pushing plastic. From homebrew headchanging solutions that open opportunity by lowering the price point, to optical calibration software that makes machines smarter, to breakaway Sharpie-assisted support material, there’s no shortage of new ideas to play with in an ecosystem of mixed tools and processes.

Have a look at ASMBL at 2:29 in their preview after the break.

Continue reading “E3D Teaches Additive 3D-Printers How To Subtract” →