Lagrange Points And Why You Want To Get Stuck At Them

October 9, 2024 by Maya Posch 35 Comments

Visualization of the Sun-Earth Lagrange points.

Orbital mechanics is a fun subject, as it involves a lot of seemingly empty space that’s nevertheless full of very real forces, all of which must be taken into account lest one’s spacecraft ends up performing a sudden lithobraking maneuver into a planet or other significant collection of matter in said mostly empty space. The primary concern here is that of gravitational pull, and the way it affects one’s trajectory and velocity. With a single planet providing said gravitational pull this is quite straightforward to determine, but add in another body (like the Moon) and things get trickier. Add another big planetary body (or a star like our Sun), and you suddenly got yourself the restricted three-body problem, which has vexed mathematicians and others for centuries.

The three-body problem concerns the initial positions and velocities of three point masses. As they orbit each other and one tries to calculate their trajectories using Newton’s laws of motion and law of universal gravitation (or their later equivalents), the finding is that of a chaotic system, without a closed-form solution. In the context of orbital mechanics involving the Earth, Moon and Sun this is rather annoying, but in 1772 Joseph-Louis Lagrange found a family of solutions in which the three masses form an equilateral triangle at each instant. Together with earlier work by Leonhard Euler led to the discovery of what today are known as Lagrangian (or Lagrange) points.

Having a few spots in an N-body configuration where you can be reasonably certain that your spacecraft won’t suddenly bugger off into weird directions that necessitate position corrections using wasteful thruster activations is definitely a plus. This is why especially space-based observatories such as the James Webb Space Telescope love to hang around in these spots.

Continue reading “Lagrange Points And Why You Want To Get Stuck At Them” →

Hackaday Links: October 6, 2024

October 6, 2024 by Dan Maloney 22 Comments

Remember that time a giant cylindrical aquarium in a Berlin hotel bar catastrophically failed and left thousands of fish homeless? We sure do, and further recall that at the time, we were very curious about the engineering details of how this structure failed so spectacularly. At the time, we were sure there’d be plenty of follow-up on that score, but life happened and we forgot all about the story. Luckily, a faithful reader named Craig didn’t, and he helpfully ran down a few follow-up articles that came out last year that are worth looking at.

The first is from prosecutors in Berlin with a report offering three possibilities: that the adhesive holding together the acrylic panels of the aquarium failed; that the base of the tank was dented during recent refurbishment; or that the aquarium was refilled too soon after the repairs, leading to the acrylic panels drying out. We’re a little confused by that last one just from an intuitive standpoint, but each of these possibilities seems hand-wavy enough that the report’s executive summary could have been “Meh, Scheiße happens.”

Continue reading “Hackaday Links: October 6, 2024” →

Where Is The End Of DIY?

October 5, 2024 by Elliot Williams 70 Comments

Al and I were talking on the podcast about Dan Maloney’s recent piece on how lead and silver are refined and about the possibility of anyone fully understanding a modern cellphone. This lead to Al wondering at the complexity of the constructed world in which we live: If you think hard enough about anything around you right now, you’d probably be able to recreate about 0% of it again from first principles.

Smelting lead and building a cellphone are two sides of coin, in my mind. The process of getting lead out of galena is simple enough to comprehend, but it’s messy and dangerous in practice. Cellphones, on the other hand, are so monumentally complex that I’d wager that no single person could even describe all of the parts in sufficient detail to reproduce them. That’s why they’re made by companies with hundreds of engineers and decades of experience with the tech – the only way to build a cellphone is to split the complicated task into many subsystems.

Smelting lead is a bad DIY project because it’s simple in principle, but prohibitive in practice. Building a cellphone from the ground up is incomprehensible in principle, but ironically entirely doable in practice if you’re willing to buy into some abstractions.

Indeed, last week we saw a nearly completely open-source build of a simple smartphone, and the secret to making it work is knowing the limits of DIY. The cell modem, for instance, is a black box. It’s an abstract device that you can feed data to and read data from, and it handles the radio parts of the phone that would take forever to design from scratch. But you don’t need to understand its inner workings to use it. Knowing where the limits of DIY are in your project, where you’re willing to accept the abstraction and move on, can be critical to getting it done.

Of course, in an ideal world, you’d want the cell modem to be like smelting lead – something that’s possible to understand in principle but just not worth DIYing in practice. And of course, there are some folks out there who hack on cell modem firmware and others who could do the radio engineering. But despite my strong DIY urges, I’d have to admit that the essential complexity of the module simply makes it worth treating as a black box. It’s very probably the practical limit of DIY.

HackFest Enschede: The Type Of Indoor Event We Wanted All Along

October 4, 2024 by Jenny List 6 Comments

I’m sitting at a table writing this in the centre of a long and cavernous industrial building, the former print works of a local newspaper, I’m surrounded by hardware and software hackers working at their laptops, around me is a bustling crowd admiring a series of large projects on tables along the walls, and the ambient sound is one of the demoscene, chiptunes, 3D-printed guitars, and improbably hurdy-gurdy music. Laser light is playing on the walls, and even though it’s quite a journey from England to get here, I’m home. This is Hackfest Enschede, a two-day event in the Eastern Dutch city which by my estimation has managed the near-impossible feat of combining the flavour of both a hacker event and a maker faire all in one, causing the two distinct crowds to come together.

The Best Of Both Worlds, In One Place

To give an idea of what’s here it’s time for a virtual trip round the hall. I’ll start with the music, aside from the demosceners there’s Printstruments with a range of 3D-printedmusical instruments, and Nerdy Gurdy, as you may have guessed, that hacker hurdy-gurdy I mentioned. This is perhaps one of few places I could have seen a spontaneous jam session featuring a 3D-printed bass and a laser-cut hurdy-gurdy. Alongside them were the Eurorack synthesisers of Sound Force, providing analogue electronic sounds aplenty. Continue reading “HackFest Enschede: The Type Of Indoor Event We Wanted All Along” →

Hackaday Podcast Episode 291: Walking In Space, Lead In The Earth, And Atoms Under The DIY Microscope

October 4, 2024 by Al Williams 2 Comments

What have you missed on Hackaday this week? Elliot Williams and Al Williams compare notes on their favorites from the week, and you are invited. The guys may have said too much about the Supercon badge this year — listen in for a few hints about what it will be about.

For hacks, you’ll hear about scanning tunneling microscopes, power management for small Linux systems, and lots of inertial measurement units. The guys talked about a few impossible hacks for consumer electronics, from hacking a laptop, to custom cell phones.

Of course, there are plenty more long-form articles of the week, including a brief history of what can go wrong on a spacewalk and how to get the lead out (of the ground). Don’t forget to take a stab at the What’s That Sound competition and maybe score a sweet Hackaday Podcast T-shirt.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Use this link to teleport a DRM-free MP3 to your location.

Continue reading “Hackaday Podcast Episode 291: Walking In Space, Lead In The Earth, And Atoms Under The DIY Microscope” →

This Week In Security: Zimbra, DNS Poisoning, And Perfctl

October 4, 2024 by Jonathan Bennett 6 Comments

Up first this week is a warning for the few of us still brave enough to host our own email servers. If you’re running Zimbra, it’s time to update, because CVE-2024-45519 is now being exploited in the wild.

That vulnerability is a pretty nasty one, though thankfully requires a specific change from default settings to be exposed. The problem is in postjournal. This logging option is off by default, but when it’s turned on, it logs incoming emails. One of the fields on an incoming SMTP mail object is the RCPT TO: field, with the recipients made of the to, cc, and bcc fields. When postjournal logs this field, it does so by passing it as a bash argument. That execution wasn’t properly sanitized, and wasn’t using a safe call like execvp(). So, it was possible to inject commands using the $() construction.

The details of the attack are known, and researchers are seeing early exploratory attempts to exploit this vulnerability. At least one of these campaigns is attempting to install webshells, so at least some of those attempts have teeth. The attack seems to be less reliable when coming from outside of the trusted network, which is nice, but not something to rely on.

New Tool Corner

What is that binary doing on your system? Even if you don’t do any security research, that’s a question you may ask yourself from time to time. A potential answer is WhoYouCalling. The wrinkle here is that WYC uses the Windows Event Tracing mechanism to collect the network traffic strictly from the application in question. So it’s a Windows only application for now. What you get is a packet capture from a specific executable and all of its children processes, with automated DNS capture to go along. Continue reading “This Week In Security: Zimbra, DNS Poisoning, And Perfctl” →

Supercon 2023: [Cory Doctorow] With An Audacious Plan To Halt The Internet’s Enshittification And Throw It Into Reverse

October 3, 2024 by Navarre Bartz 69 Comments

Those of us old enough to remember BBS servers or even rainbow banners often go down the nostalgia hole about how the internet was better “back in the day” than it is now as a handful of middlemen with a stranglehold on the way we interact with information, commerce, and even other people. Where’s the disintermediated future we were promised? More importantly, can we make a “new good web” that puts users first? [Cory Doctorow] has a plan to reverse what he’s come to call enshittification, or the lifecycle of the extractionist tech platform, and he shared it with us as the Supercon 2023 keynote.

As [Doctorow] sees it, there’s a particular arc to every evil platform’s lifecycle. First, the platform will treat its users fairly and provide enough value to accumulate as many as possible. Then, once a certain critical mass is reached, the platform pivots to exploiting those users to sell them out to the business customers of the platform. Once there’s enough buy-in by business customers, the platform squeezes both users and businesses to eke out every cent for their investors before collapsing in on itself.

Doctorow tells us, “Enshittification isn’t inevitable.” There have been tech platforms that rose and fell without it, but he describes a set of three criteria that make the process unavoidable.

Lack of competition in the market via mergers and acquisitions
Companies change things on the back end (“twiddle their knobs”) to improve their fortunes and have a united, consolidated front to prevent any lawmaking that might constrain them
Companies then embrace tech law to prevent new entrants into the market or consumer rights (see: DMCA, etc.)

Continue reading “Supercon 2023: [Cory Doctorow] With An Audacious Plan To Halt The Internet’s Enshittification And Throw It Into Reverse” →