News

3606 Articles

Making Minty Fresh Music With Markov Chains: The After Eight Step Sequencer

May 18, 2021 by 7 Comments

Step sequencers are fantastic instruments, but they can be a little, well, repetitive. At it’s core, the step sequencer is a pretty simple device: it loops through a series of notes or phrases that are, well, sequentially ordered into steps. The operator can change the steps while the sequencer is looping, but it generally has a repetitive feel, as the musician isn’t likely to erase all of the steps and enter in an entirely new set between phrases.

Enter our old friend machine learning. If we introduce a certain variability on each step of the loop, the instrument can help the musician out a bit here, making the final product a bit more interesting. Such an instrument is exactly what [Charis Cat] set out to make when she created the After Eight Step Sequencer.

The After Eight is an eight-step sequencer that allows the artist to set each note with a series of potentiometers (which are, of course, housed in an After Eight mint tin). The potentiometers are read by an Arduino, which passes MIDI information to a computer running the popular music-oriented visual programming language Max MSP. The software uses a series of Markov Chains to augment the musician’s inputted series of notes, effectively working with the artist to create music. The result is a fantastic piece of music that’s different every time it’s performed. Make sure to check out the video at the end for a fantastic overview of the project (and to hear the After Eight in action, of course)!

[Charis Cat]’s wonderful creation reminds us of some the work [Sara Adkins] has done, blending human performance with complex algorithms. It’s exactly the kind of thing we love to see at Hackaday- the fusion of a musician’s artistic intent with the stochastic unpredictability of a machine learning system to produce something unique.

Thanks to [Chris] for the tip!

Continue reading “Making Minty Fresh Music With Markov Chains: The After Eight Step Sequencer”

Do You Really Own It? Motorcycle Airbag Requires Additional Purchase To Inflate

May 18, 2021 by 218 Comments

If you ride a motorcycle, you may have noticed that the cost of airbag vests has dropped. In one case, something very different is going on here. As reported by Motherboard, you can pick up a KLIM Ai-1 for $400 but the airbag built into it will not function until unlocked with an additional purchase, and a big one at that. So do you really own the vest for $400?

Given the nature of the electronics and computer business lately, we spend a good bit of time thinking of what it means to own a piece of technology. Do you own your cable modem or cell phone if you aren’t allowed to open it up? Do you own a piece of software that wants to call home periodically and won’t let you stop it?  Sometimes it makes sense that you are paying for a service. But there have been times where, for example, a speaker company essentially bricks devices that could work fine on their own even though you — in theory — own the device.

Continue reading “Do You Really Own It? Motorcycle Airbag Requires Additional Purchase To Inflate”

Telemetry Debate Rocks Audacity Community In Open Source Dustup

May 17, 2021 by 107 Comments

Starting an open source project is easy: write some code, pick a compatible license, and push it up to GitHub. Extra points awarded if you came up with a clever logo and remembered to actually document what the project is supposed to do. But maintaining a large open source project and keeping its community happy while continuing to evolve and stay on the cutting edge is another story entirely.

Just ask the maintainers of Audacity. The GPLv2 licensed multi-platform audio editor has been providing a powerful and easy to use set of tools for amateurs and professionals alike since 1999, and is used daily by…well, it’s hard to say. Millions, tens of millions? Nobody really knows how many people are using this particular tool and on what platforms, so it’s not hard to see why a pull request was recently proposed which would bake analytics into the software in an effort to start answering some of these core questions.

Now, the sort of folks who believe that software should be free as in speech tend to be a prickly bunch. They hold privacy in high regard, and any talk of monitoring their activity is always going to be met with strong resistance. Sure enough, the comments for this particular pull request went south quickly. The accusations started flying, and it didn’t take long before the F-word started getting bandied around: fork. If Audacity was going to start snooping on its users, they argued, then it was time to take the source and spin it off into a new project free of such monitoring.

The situation may sound dire, but truth be told, it’s a common enough occurrence in the world of free and open source software (FOSS) development. You’d be hard pressed to find any large FOSS project that hasn’t been threatened with a fork or two when a subset of its users didn’t like the direction they felt things were moving in, and arguably, that’s exactly how the system is supposed to work. Under normal circumstances, you could just chalk this one up to Raymond’s Bazaar at work.

But this time, things were a bit more complicated. Proposing such large and sweeping changes with no warning showed a troubling lack of transparency, and some of the decisions on how to implement this new telemetry system were downright concerning. Combined with the fact that the pull request was made just days after it was announced that Audacity was to be brought under new management, there was plenty of reason to sound the alarm.

Continue reading “Telemetry Debate Rocks Audacity Community In Open Source Dustup”

Gassing Up: Understanding The Liquid Fuel Distribution Network

May 17, 2021 by 40 Comments

When someone talks about “The Grid,” as in “dropping off the grid” or “the grid is down,” we tend to think in terms of the electromagnetic aspects of the infrastructure of modern life. The mind’s eye sees The Grid as the network of wires that moves electricity from power plants to homes and businesses, or the wires, optical cables, and wireless links that form the web of data lines that have stitched the world together informatically.

The Grid isn’t just about power and data, though. A huge portion of the infrastructure of the developed world is devoted to the simple but vital task of moving liquid fuels from one place to another as efficiently and safely as possible. This fuel distribution network, comprised of pipelines, railways, and tanker trucks, is very much part of The Grid, even if it goes largely unseen and unnoticed. At least until something major happens to shift attention to it, like the recent Colonial Pipeline cyberattack.

Continue reading “Gassing Up: Understanding The Liquid Fuel Distribution Network”

Increased Neutron Levels At Chernobyl-4: How Dangerous Is Corium?

May 14, 2021 by 60 Comments

When the Chernobyl nuclear plant suffered the power output surge that would destroy its #4 reactor, a substance called ‘corium‘ was formed. This originally lava-like substance formed out of the destroyed fuel rods along with surrounding materials, like concrete, that made up the reactor. The corium ultimately cooled down and left large amounts of solid corium in the rooms where it had pooled.

Over the past few days there have been numerous reports in the media regarding a ‘sudden surge’ in neutron flux levels from this corium, with some predicting a ‘second Chernobyl disaster’. Obviously, this has quite a few people alarmed, but how dire are these neutron output changes exactly, and what do they tell us about the condition of the corium inside the ruins of the #4 reactor building? Continue reading “Increased Neutron Levels At Chernobyl-4: How Dangerous Is Corium?”

This Week In Security: Fragattacks, The Pipeline, Codecov, And IPv6

May 14, 2021 by 26 Comments

Some weeks are slow, and the picking are slim when discussing the latest security news. This was not one of those weeks.

First up is Fragattacks, a set of flaws in wireless security protocols, allowing unauthenticated devices to inject packets into the network, and in some cases, read data back out. The flaws revolve around 802.11’s support for packet aggregation and frame fragmentation. The whitepaper is out, so let’s take a look.

Fragmentation and aggregation are techniques for optimizing wireless connections. Packet aggregation is the inclusion of multiple IP packets in a single wireless frame. When a device is sending many small packets, it’s more efficient to send them all at once, in a single wireless frame. On the other hand, if the wireless signal-to-noise ratio is less than ideal, shorter frames are more likely to arrive intact. To better operate in such an environment, long frames can be split into fragments, and recombined upon receipt.

There are a trio of vulnerabilities that are built-in to the wireless protocols themselves. First up is CVE-2020-24588, the aggregation attack. To put this simply, the aggregation section of a wireless frame header is unauthenticated and unencrypted. How to exploit this weakness isn’t immediately obvious, but the authors have done something clever.

First, for the purposes of explanation, we will assume that there is already a TCP connection established between the victim and an attacker controlled server. This could be as simple as an advertisement being displayed on a visited web page, or an image linked to in an email. We will also assume that the attacker is performing a Man in the Middle attack on the target’s wireless connection. Without the password, this only allows the attacker to pass the wireless frames back and forth unmodified, except for the aggregation header data, as mentioned. The actual attack is to send a special IP packet in the established TCP connection, and then modify the header data on the wireless frame that contains that packet.

When the victim tries to unpack what it believes to be an aggregated frame, the TCP payload is interpreted as a discrete packet, which can be addressed to any IP and port the attacker chooses. To put it more simply, it’s a packet within a packet, and the frame aggregation header is abused to pop the internal packet out onto the protected network. Continue reading “This Week In Security: Fragattacks, The Pipeline, Codecov, And IPv6”

Nuclear Reactors Get Small

May 13, 2021 by 92 Comments

Steve Martin was ahead of his time when he told us “Let’s get small!” While you usually think of a nuclear reactor as a big affair, there’s a new trend towards making small microreactors to produce power where needed instead of large centralized generation facilities. The U.S. Department of Energy has a video about the topic, you can watch below.

You probably learned in science class how a basic nuclear fission reactor works. Nuclear fuel produces heat from fission while a moderator like water prevents it from melting down both by cooling the reactor and slowing down neutrons. Control rods further slow down the reaction or — if you pull them out — speed it up. Heat creates steam (either directly or indirectly) and the steam turns a conventional electric generator that is no more high tech than it ever has been.

Continue reading “Nuclear Reactors Get Small”