News

3651 Articles

Trouble Brewing For RISC-V As Issue Of Technology Transfer Is Questioned

November 7, 2023 by 42 Comments

Within the messy world of international politics, a major consideration by governments concerns which types of kn0w-how and technology can be transferred and sold to other nations, with each type facing restrictions depending on how friendly the political relations are with the target country at that point in time. Amidst all of this, there are signs that a so far relatively minor player in the world of CPU instruction set architectures – RISC-V – may become a victim of this, as a bipartisan group of US politicians is petitioning the White House to restrict transfer of know-how (so-called Intellectual Property, or IP) to RISC-V, as this may benefit adversaries like China.

As a US citizen who is involved in the RISC-V ecosystem, [Andrew ‘bunnie’ Huang] feels rather strongly about this, and has written an open letter to the US President, pleading to not restrict the way that US citizens can deal with the Switzerland-based RISC-V organization. This comes as the California-based RISC-V startup SiFive has announced that it’ll lay off 20% of its workforce. Depending on how a restriction on RISC-V is implemented, this could mean that US citizens would be forbidden from contributing to this ISA and surrounding ecosystem.

China has made it clear that RISC-V is a big part of its strategy to loosen its dependence on the West along with its investments in its MIPS-based Loongson processors, all of which strengthens the case for restricting US participation in RISC-V, even if it forces US companies like SiFive to move countries or cease its operations.

(Thanks to [cbjamo] for the tip)

3D printed ring with 4-integrated electrodes for measuring bioimpedance for measuring blood pressure from the finger

Smart Ring Measures Blood Pressure

November 6, 2023 by 17 Comments

Continuous blood pressure monitoring has always been a major challenge for the biohacking community. Those giant arm cuffs aren’t exactly the kind of thing you want to wear all day and the wrist monitors aren’t super great either. So, [Kaan] and his research team set out to create a better continuous blood pressure monitor. This time as a ring.

When your heart beats, the volume of blood in the blood vessels increases ever so slightly. This increase in volume results in a decrease in electrical impedance because blood is fairly conductive. We’ve seen a similar volume measurement using light for detecting heart rate, but [Kaan] says with impedance, you won’t need to worry about the effect of skin tone on the accuracy of the measurement.

As far as the hardware is concerned, they inject a small, constant 10 kHz sinusoidal current into the finger through 2 current-injecting electrodes, and then measure the resulting voltage drop across the finger with two sensing electrodes, a standard 4-probe Kelvin approach. Their results seem pretty good. They are within 5.27 millimeters of mercury (mmHg) of the gold standard for systolic blood pressure and 3.87 mmHg for diastolic blood pressure across 10 subjects, which they say are within the American Association for the Advancement of Medical Instrumentation’s (AAMI) guidelines. That’s definitely something to catch your attention.

We’ve seen several attempts to measure blood pressure using the analogous photoplethysmography technique, but those generally don’t seem to work out. Will the impedance plethysmography approach overcome the optical technique’s shortcomings? Only time will tell.

Virginia To Get Large-Scale Wind Farm

November 6, 2023 by 89 Comments

If you go about 27 miles off the coast of Virginia, you’ll find two windmills jutting up out of the sea. Two windmills aren’t particularly interesting until you realize that these two are on the edge of a 2,100-acre lease that Dominion Energy is placing in Federal water. According to the company, those two will be joined by 176 more windmills on a nearly 113,000-acre adjacent lease. The project has been in the planning and pilot phase for a while, but it was recently given the green light by the US government. You can see a promotional video about the project below. There’s also a video of the first monopiles — the mounts for the windmills — arriving in the area.

The project will eventually have three offshore substations that feed the power to the state military reservation and, from there, to Naval Air Station Oceania, where it feeds the commercial power grid. The final project will power 660,000 homes.

Continue reading “Virginia To Get Large-Scale Wind Farm”

Supercon 2023 Is On: Live

November 4, 2023 by 3 Comments

Supercon is in full swing! If you weren’t able to join us in person, we’re streaming the main stage and you should absolutely check out the talks as they happen.

The full schedule is here, and you’ll find all the streams over on our YouTube channel. Come join in the fun.

For those of you are here with us in Pasadena, we’ve got a signup form for anyone who wants to submit a Lightening Talk for Sunday.

Hint: absolutely don’t miss Cory Doctorow’s keynote speech, taking place at 10:00 AM Pacific.

This Week In Security: CVSS 4, OAuth, And ActiveMQ

November 3, 2023 by 4 Comments

We’ve talked a few times here about the issues with the CVSS system. We’ve seen CVE farming, where a moderate issue, or even a non-issue, gets assigned a ridiculously high CVSS score. There are times a minor problem in a library is a major problem in certain use cases, and not an issue at all in others. And with some of those issues in mind, let’s take a look at the fourth version of the Common Vulnerability Scoring System.

One of the first tweaks to cover is the de-emphasis of the base score. Version 3.1 did have optional metrics that were intended to temper the base score, but this revision has beefed that idea up with Threat Metrics, Environmental Metrics, and Supplemental Metrics. These are an attempt to measure how likely it is that an exploit will actually be used. The various combinations have been given names. Where CVSS-B is just the base metric, CVSS-BT is the base and threat scores together. CVSS-BE is the mix of base and environmental metrics, and CVSS-BTE is the combination of all three.

Another new feature is multiple scores for a given vulnerability. A problem in a library is first considered in a worst-case scenario, and the initial base score is published with those caveats made clear. And then for each downstream program that uses that library, a new base score should be calculated to reflect the reality of that case. Continue reading “This Week In Security: CVSS 4, OAuth, And ActiveMQ”

The Taylor and Amy Show

The Avon Computer Goth Challenge

November 2, 2023 by 9 Comments

Hot off the heels of their musical debut 6502 song the good folk at the Taylor and Amy Show are at it again. This time instead of assaulting our auditory senses, they play with our perception of color all while keeping the spirit of retro computing alive.

To back up a bit, I had the pleasure of witnessing the discovery of the Avon Beauty Vision Computer while at the Vintage Computer Festival Mid-West (VCFMW) this past September. We had visited the home of our friend [Jim W] from VCFMW who nonchalantly pulled down from the shelf the reddest computer I have ever seen.

A crowd quickly gathered at this newfound treat, designed and built before the invention of the Blue LED, was fallen upon and the process of prying out its secrets began. I was not privy to the negotiations, but I did notice a brightly colored red suitcase being exfiltrated by highly trained operatives later that night.

Continue reading “The Avon Computer Goth Challenge”

Toy Gaming Controller Makes The Big Leagues

November 1, 2023 by 5 Comments

Some of the off-brand video game consoles and even accessories for the major brands can leave a lot to be desired. Whether it’s poor build quality or a general lack of support or updates, there are quite a few things on the market not worth anyone’s time or money. [Jonathan] was recently handed just such a peripheral, a toy game controller originally meant for a small child, but upon further inspection it turned into a surprisingly hackable platform, capable of plenty of IoT-type tasks.

The controller itself was easily disassembled, and the functional buttons within were wired to a Wemos D1 Mini instead of the originally-planned ESP32 because of some wiring irregularities and the fact that the Wemos D1 Mini having the required amount of I/O. It’s still small enough to be sealed back inside the controller as well, powered by the batteries that would have powered the original controller.

For the software, [Jonathan] is using MQTT to register button presses with everything easily accessible over Wi-Fi, also making it possible to update the software wirelessly. He was able to use it to do a few things as proof-of-concept, including playing a game in PyGame and controlling a Sonos speaker, but for now he’s using it to control an LED sculpture. With something this easily modified, though, it would be pretty straightforward to use it instead for a home automation remote control, especially since it is already set up to use MQTT.

Continue reading “Toy Gaming Controller Makes The Big Leagues”