Thanksgiving is just round the corner and [mrak_ripple] was worried about serving food under social distancing conditions. Rather than bother with standard best practice, he chose to take a more exciting route – flinging side dishes with miniature siege weaponry. (Video, embedded below.)
The mashed potato trebuchet is a build in the modern style, relying on 8020 aluminium extrusion to allow for quick and easy assembly. It also takes advantage of what appears to be a heavy duty laser cutter, which creates strong steel brackets to hold everything together. The launcher cup to hold the mash is a 3D printed part, created in resin and held on the end of the arm with duct tape, since appropriate bolts didn’t fall to hand.
In the end, repeatability was a struggle, and we suspect the trebuchet won’t actually do food service on the holiday itself. However, it could certainly make for a fun game after dinner, seeing who can get the most mash onto a willing target. We’d love to see a mash cannon too, so if you’ve built one, drop us a line. Of course, if you’re into weirder, high performance designs, the flywheel trebuchet may be more your speed. Video after the break.
Ubuntu 20.04 is an incredibly popular operating system, perhaps the most popular among the Linux distributions due to its ease-of-use. In general, it’s a fairly trustworthy operating system too, especially since its source code is open. However, an update with the 20.04 revision has led to security researcher [Kevin Backhouse] finding a surprisingly easy way to escalate privileges on this OS, which we would like to note is not great.
The exploit involves two bugs, one in accountservice daemon which handles user accounts on the computer, and another in the GNOME Display Manager which handles the login screen. Ubuntu 20.04 added some code to the daemon which looks at a specific file on the computer, and with a simple symlink, it can be tricked into reading a different file which locks the process into an infinite loop. The daemon also drops its privileges at one point in this process, a normal security precaution, but this allows the user to crash the daemon.
The second bug for this exploit involves how the GNOME Display Manager (gdm3) handles privileges. Normally it would not have administrator privileges, but if the accountservice daemon isn’t running it escalates itself to administrator, where any changes made have administrator privileges. This provides an attacker with an opportunity to create a new user account with administrator privileges.
Of course, this being Ubuntu, we can assume that this vulnerability will be immediately patched. It’s also a good time to point out that the reason that open-source software is inherently more secure is that when anyone can see the source code, anyone can find and report issues like this which allow the software maintainer (or even the user themselves) to make effective changes more quickly.
Today we’re sad to report that one of the primary support cables at the Arecibo Observatory has snapped, nudging the troubled radio telescope closer to a potential disaster. The Observatory’s 300 meter reflector dish was already badly in need of repairs after spending 60 years exposed to the elements in Puerto Rico, but dwindling funds have made it difficult for engineers to keep up. Damage from 2017’s Hurricane Maria was still being repaired when a secondary support cable broke free and smashed through the dish back in August, leading to grave concerns over how much more abuse the structure can take before a catastrophic failure is inevitable.
The situation is particularly dire because both of the failed cables were attached to the same tower. Each of the remaining cables is now supporting more weight than ever before, increasing the likelihood of another failure. Unless engineers can support the dish and ease the stress on these cables, the entire structure could be brought down by a domino effect; with each cable snapping in succession as the demands on them become too great.
Workers installing the reflector’s mesh panels in 1963.
As a precaution the site has been closed to all non-essential personnel, and to limit the risk to workers, drones are being used to evaluate the dish and cabling as engineers formulate plans to stabilize the structure until replacement cables arrive. Fortunately, they have something of a head start.
Back in September the University of Central Florida, which manages the Arecibo Observatory, contacted several firms to strategize ways they could address the previously failed cable and the damage it caused. Those plans have now been pushed up in response to this latest setback.
Unfortunately, there’s still a question of funding. There were fears that the Observatory would have to be shuttered after Hurricane Maria hit simply because there wasn’t enough money in the budget to perform the relatively minor repairs necessary. The University of Central Florida stepped in and provided the funding necessary to keep the Observatory online in 2018, but they may need to lean on their partner the National Science Foundation to help cover the repair bill they’ve run up since then.
The Arecibo Observatory is a unique installation, and its destruction would be an incredible blow for the scientific community. Researchers were already struggling with the prospect of repairs putting the powerful radio telescope out of commission for a year or more, but now it seems there’s a very real possibility the Observatory may be lost. Here’s hoping that teams on the ground can safely stabilize the iconic instrument so it can continue exploring deep space for years to come.
Facebook just announced their plans for the Oculus Quest 2 VR headset. You probably won’t be surprised, but they want more of your user data, and more control over how you use the hardware. To use the device at all, you’ll need a verified Facebook account. Worse, they’re restricting access to the wide world of community-developed applications by requiring a developer account to be able to “sideload” non-Facebook software onto the device. Guess who decides who gets to be a developer. Hint: it’s not the people developing software.
Our article suggests that this will be the beginning of a race to jailbreak the headset on the community’s part, and to get ahead of the hackers on Facebook’s. Like every new release of iOS gets a jailbreak within a week or two, and then Apple patches it up as fast as they can, are we going to see a continual game of hacker cat-and-mouse with Facebook?
I don’t care. And that’s not because I don’t care about open hardware or indie VR developers. Quite the opposite! But like that romance you used to have with the girl who was absolutely no good for you, the toxic relationship with a company that will not let you run other people’s games on their hardware is one that you’re better off without. Sure, you can try to fix it, or hack it. You can tell yourself that maybe Facebook will come around if you just give them one more chance. It’s going to hurt at first.
But in the end, there is going to be this eternal fight between the user and the company that wants to use them, and that’s just sad. I used to look forward to the odd game of cat and mouse, but nowadays the cats are just too well bankrolled to make it a fair fight. If you’re buying a Quest 2 today with the intent of hacking it, I’d suggest you spend your time with someone else. You’re signing up for a string of heartbreaks. Nip it in the bud. You deserve better. There are too many fish in the sea, right?
What are our options?
This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter.
Want this type of article to hit your inbox every Friday morning? You should sign up!
An international team at Penn State led by [Larry Cheng] made a breakthrough in printing sensors directly on skin without heat. The breakthrough here is the development of a room-temperature sintering technique. Typical sintering of copper happens at 300 C, and can be further lowered to 100 C by adding nanoparticles. But even 100 C is too hot, since skin starts to burn at around 40 C.
You can obtain their journal article if you want the details, but basically their technique combines the ingredients in peelable face masks and eggshells. With this printed circuit is applied to the skin, the sintering process only requires a hair dryer on the cool setting, and results can bend and fold without breaking the connections. A hot shower will remove the circuit without damaging the circuit or your skin. [Larry] says the circuits can be recycled.
They are using these sensors to monitor temperature, humidity, blood oxygen levels, and heart performance indicators. They’ve even linked these various on-body sensors with a WiFi network for ease of monitoring. After reading this report, we’re left wondering, if the sensor is directly on your skin, can it be really called wearable?
We’ve written about printable inks before, but for printed circuit board applications. We can’t help but wonder if this technology would help solve some problems inherent in that technology, as well. Thanks to [Qes] for the tip.
Most of the stories from this week are vulnerabilities dropped before fixes are available, many of them actively being exploited. Strap yourselves in!
Windows Kernel Crypto
The first is CVE-2020-17087, an issue in the Windows Kernel Cryptography Driver. The vulnerable system calls are accessible from unprivileged user-space, and potentially even from inside sandboxed environments. The resulting buffer overflow can result in arbitrary code executing in the kernel context, meaning this is a quick jump to root-level control over a victim system.
What exactly is the code flaw here that’s being attacked? It’s in a bit of buffer allocation logic, inside a binary-to-hex conversion routine. The function accepts an unsigned short length argument. That value is used to calculate the output buffer size, by multiplying it by six, and using an unsigned short to hold that value. See the problem? A sufficiently large value will roll over, and the output buffer size will be too small. It’s a value overflow that leads to a buffer overflow.
Because the problem is being actively exploited, the report has been made public just seven days after discovery. The flaw is still unpatched in Windows 10, as of the time of writing. It also seems to be present as far back as Windows 7, which will likely not receive a fix, being out of support. [Editor’s snarky note: Thanks, closed-source software.] Continue reading “This Week In Security: In The Wild, Through Your NAT, And Brave”→
We’ve seen the Jetsons, Star Wars, and Silent Running. In the future, all the menial jobs will be done by robots. But Walmart is reversing plans to have six-foot-tall robots scan store shelves to check stock levels. The robots, from a company called Bossa Nova Robotics, apparently worked well enough and Walmart had promoted the idea in many investor-related events, promising that robot workers would reduce labor costs while better stock levels would increase sales.
So why did the retail giant say no to these ‘droids? Apparently, they found better ways to check stock and, according to a quote in the Wall Street Journal’s article about the decision, shoppers reacted negatively to sharing the aisle with the roving machines.
