News

3606 Articles

Ask Hackaday: How Do You Prepare?

March 24, 2021 by 140 Comments

Last month, large parts of the southern United States experienced their coldest temperatures since the 1899 Blizzard. Some of us set new all-time lows, and I was right in the middle of the middle of it here in Southwestern Oklahoma. Since many houses in Texas and Oklahoma are heated with electricity, the power grids struggled to keep up with the demand. Cities in Oklahoma experienced some short-term rolling blackouts and large patches of the Texas grid were without power for several days. No juice, no heat.

In places where the power was out for an extended period of time, the water supply was potentially contaminated, and a boil order was in effect. Of course, this only works when the gas and power are on. In some places, the store shelves were empty, a result of panic buying combined with perishables spoiling without the power to keep them cold. For some, food and drinkable water was temporarily hard to come by.

There have been other problems, too. Houses in the south aren’t built for the extreme cold, and many have experienced frozen pipes, temporarily shutting off their water supply. In some cases, those frozen pipes break open, flooding the house once the water starts flowing again. For instance, here’s an eye-witness account of the carnage from The 8-bit Guy, who lives at ground zero in the DFW area.
Continue reading “Ask Hackaday: How Do You Prepare?”

Removing Supervisor Passwords And Learning Python

March 24, 2021 by 15 Comments

When learning a new programming language, it’s best to have a goal in mind and work towards it. [Timo] thought it was about time to learn python, and he also had a project in mind: removing the BIOS supervisor password from his old Thinkpad. From there it was just a few keystrokes (and some soldering) and he was able to change the BIOS password of this black box from the outside.

The build utilizes a BeagleBone to communicate with the laptop’s EEPROM via the I2C bus. An oscilloscope also monitors the bus to look for a specific window every four-seconds when the computer is not accessing the bus. During that short period, the EEPROM can be read and written to. Once the window opens, the BeagleBone executes the Python script, which attempts to read the EEPROM and can also perform actions such as removing or changing the BIOS supervisor password.

Of course, tinkering with the EEPROM on a laptop has a high risk of bricking the device, and not all laptops use the same security measures or even memory addresses for things like this, so documentation and precision are key. Also, with Thinkpads of this vintage it’s possible to replace the firmware on these chips entirely with a FOSS version called libreboot, and even though the process is difficult, it’s definitely recommended.

Continue reading “Removing Supervisor Passwords And Learning Python”

South Korean Mapping Satellite Reaches Orbit

March 24, 2021 by 4 Comments

South Korea’s space program achieved another milestone yesterday with the launch of the first Compact Advanced Satellite 500 (CAS500) in a planned series of five vehicles. A second-generation Russian Soyuz 2.1a lifted the Korean-made CAS500-1 from historic Baikonur Cosmodrome in southern Kazakhstan and successfully placed it into a 500 km sun-synchronous orbit, inclined by 97.7 degrees or 15 orbits/day. Living up to its reputation as a workhorse, the Soyuz then proceeded to deposit multiple other satellites into 600 km and 550 km orbits. The satellite is pretty substantial, being 2.9 m tall and 1.9 m diameter and topping the scales at 500 kg. (Don’t be confused, like we were, by this Wikipedia article that says it is a 1.3 kg CubeSat.)

South Korea already has over a dozen satellites in orbit, and the CAS500 adds a modular space platform to the mix. It was designed by the Korea Aerospace Research Institute (KARI) to provide a core backbone which can be easily adapted to other missions, not unlike a car manufacturer that sells several different models all based on the same underlying chassis. Another down-to-earth goal of the CAS500 program was to foster the transfer of core technologies from state-owned KARI to private industry. We wonder how such figures are calculated, but reportedly 91.3% of CAS500-1 was made in Korea. Subsequent flights will further involve local services and industry.

The purpose of the first two satellites is to provide images to the private sector, for example, online mapping and navigation platforms. How popular this will be is yet to be determined — as one local newspaper notes, the 2 meter image resolution (50 cm in monochrome) pales in comparison to Google’s advertised 15 cm resolution. The next three satellites will focus on space science imagery.

The Soyuz launch is shown below, and this short video clip from KARI shows a nice animation of the satellite. Try not to cringe at the simulated whooshing sound as two satellites pass each other in the vacuum of space — turn down the volume if you need to.

Continue reading “South Korean Mapping Satellite Reaches Orbit”

Traffic Jam In The Suez Canal; Container Ship Run Aground

March 23, 2021 by 66 Comments

A vital shipping lane has been blocked in Egypt, as a 220,000 ton container ship, the MV Ever Given, became lodged sideways in the channel Tuesday morning local time. The Suez Canal, long a region of trading and strategic importance, has been blocked to travel in both directions as authorities make frantic efforts to free the ship.

Live tracking shows a flurry of activity around the stricken vessel. If you find yourself transiting the Suez Canal next week, don’t do this. Everyone’s patience is going to be pretty thin.

The Ever Given is carrying goods from China to Rotterdam, making a northward journey through the canal. The exact reason for grounding remains unclear, though such incidents are often due to mechanical malfunction or navigational errors in the tight confines of the channel. Like many important waterways, the Suez Canal requires transiting vessels to take on a pilot. This is to ensure that ships passing through the canal have someone onboard with experience of navigating the 673-foot wide passage. However, incidents still happen, as with huge container ships, there is minimal room for error.

A flotilla of tugboats dispatched to the area have begun working to free the ship, working in concert with excavators on the banks of the canal. This photo taken by [Julianne Cona] at the incident shows the sheer scale of the problem — with the excavator digging at the bow a tiny speck in the shadow of the gigantic ship.

We’re sure shipping firms and residents of the Netherlands are eager for a quick resolution, whether its to avoid costly delays or simply to get those online purchases sooner. If you live near the canal and want to keep an eye on what’s happening, you could always grab a software-defined radio and track things in real time. Alternatively, watch the progress on Vessel Finder. And, if you’ve got strong opinions on the proper procedure for navigating the Suez Canal, sound off in the comments!

Fire At Renesas Plant Fuels Chip Supply Woes

March 23, 2021 by 24 Comments

The small city of Naka (pop. 53K), a two-hour train ride from Tokyo on the eastern coast of Japan, was thrust into the international spotlight in the early dawn of Friday morning. A fire broke out among electroplating equipment in Renesas’s 300 nm N3 fabrication facility. It was extinguished before breakfast time, and fortunately nobody was injured nor were there any toxic chemical leaks. Only six hundred square meters on the first floor of the plant was damaged, but the entire building has to be closed for repairs. It will take approximately one month to restore normal operations, and CEO Hidetoshi Shibata is “concerned that there will be a massive impact on chip supplies”.

Renesas Naka Plant Location

In a press conference on Sunday afternoon, Renesas reports that the source of the fire has been determined, but the details are still unclear:

The casing of the equipment and the plating tank have relatively low resistance to heat, and the equipment ignited due to overcurrent. However, the cause of the overcurrent and the reason for the ignition is currently being investigated.

Semiconductors are already in short supply, as we reported back in January, forcing slowdowns at many auto manufacturers. The Naka plant primarily makes automotive semiconductors, worsening an already stressed supply chain. While the news focuses on the automotive sector, this shortage spills over into many other industries as well.

Continue reading “Fire At Renesas Plant Fuels Chip Supply Woes”

Playstation 3 controller and console

Digital PlayStation 3 Purchases May Only Live As Long As Your PRAM Battery Without Sony Servers

March 23, 2021 by 105 Comments

Word of Sony shutting down PlayStation storefront servers for PS3 this summer spread like wildfire on the internet Monday. The discourse in comment sections were filled with anti-DRM rhetoric and renewed pledges of physical-only game collections, because without content servers to connect to, your digital PS3 purchases will eventually become unplayable. Even if legitimate purchases are installed to the console’s hard drive before Sony “flips the switch”, they may only live on as long as the internal clock stays in sync. Which is why this guide to replace a PS3 PRAM battery written by [Andrew] has renewed importance. After a battery replacement the internal clock needs to be reset and this requires validation from the PlayStation network (you know, the one that’s soon to be shut down).

Game preservationist group [Does it play?] drove home the impact of such a business decision by Sony on Twitter. The thread is quick to point out that even if users are quick to re-download all of their purchases to a PS3 system before the purported July 2nd deadline, those games will eventually become unplayable if the system clock becomes desynchronized. Replacing the PRAM battery and reconnecting to the PlayStation Network prior to Sony shuttering their servers should buy the user some more playtime. However, without any further changes to Sony’s licensing policy little else can be done physically to ensure those digital PS3 games will work in perpetuity.

Sony isn’t the only one to have drawn the ire of digital rights advocates in regards to terminating their online services. Nintendo shuttered the DSI-Shop in 2017 and Microsoft turned off access to the original Xbox LIVE servers in 2010. The big three console makers have all let their consumers down by removing the ability to reacquire purchases in some way, but the fact that so many PS3 exclusives were only ever available digitally just further exacerbates issues with digital rights. Dropping in a fresh coin-cell may not be the permanent solution everyone is looking for at the moment, but it couldn’t hurt to re-familiarize yourself with the Cell processor.

Continue reading “Digital PlayStation 3 Purchases May Only Live As Long As Your PRAM Battery Without Sony Servers”

This Week In Security: Spectre In The Browser, Be Careful What You Clone, And Hackintosh

March 19, 2021 by 12 Comments

Google has been working on mitigations for the Spectre attack, and has made available a Proof of Concept that you can run in your browser right now. Spectre is one of the issues that kicked off the entire series of speculative execution vulnerabilities and fixes. What Google has demonstrated is that the Spectre attack can actually be pulled off in Javascript, right in the browser. Spectre is limited to reading memory allocated to the same process, and modern browsers have implemented measures like site isolation, which puts each site in a separate, sandboxed process.

These security features don’t mean that there is no practical dangers from Spectre. There are a handful of ways an attacker can run Javascript on another site, from something as simple as an interactive advertisement, to a cross-site scripting injection. Google has produced features and guidance to mitigate those dangers.

Via Bleeping Computer. Continue reading “This Week In Security: Spectre In The Browser, Be Careful What You Clone, And Hackintosh”