Firefox logo displayed on screen

Firefox Brings The Fire: Shifting From GLX To EGL

You may (or may not) have heard that Firefox is moving from GLX to EGL for the Linux graphics stack. It’s an indicator of which way the tides are moving in the software world. Let’s look at what it means, why it matters, and why it’s cool.

A graphics stack is a complex system with many layers. But on Linux, there needs to be an interface between something like OpenGL and a windowing system like X11. X11 provides a fundamental framework for drawing and moving windows around a display, capturing user input, and determining focus, but little else. An X11 server is just a program that manages all the windows (clients). Each window in X11 is considered a client. A client connects to the server over a Unix process socket or the internet.

OpenGL focuses on what to draw within the confines of the screen space given by the window system. GLX (which stands for OpenGL Extension to the X window system) was originally developed by Silicon Graphics. It has changed over the years, gaining hardware acceleration support and DRI (Direct Rendering Interface). DRI is a way for OpenGL to talk directly to the graphical hardware if the server and the client are on the same computer. At its core, GLX provides OpenGL functions to X11, adds to the X protocol by allowing 3d rendering commands to be sent, and an extension that reads rendering commands and passes them to OpenGL.

EGL (Embedded-System Graphics Library) is a successor of GLX, but it started with a different environment in mind. Initially, the focus was embedded systems, and devices such as Android, Raspberry Pi, and Blackberry heavily lean on EGL for their graphical needs. Finally, however, Wayland decided to use EGL as GLX brought in X11 dependencies, and EGL offers closer access to hardware.

When Martin Stránský initially added Wayland support to Firefox, he used EGL instead of GLX. Additionally, the Wayland implementation had zero-copy GPU buffer sharing via DMABUF (a Linux kernel subsystem for sharing buffers). Unfortunately, Firefox couldn’t turn on this improved WebGL’s performance for X11 (it existed but was never stable enough). Nevertheless, features kept coming making Wayland (and consequently EGL) a more first-class citizen. Now EGL will be enabled by default in Firefox 94+ with Mesa 21+ drivers (Mesa is an implementation of OpenGL, Vulkan, and other specifications that translate commands into instructions the GPU can understand).

Continue reading “Firefox Brings The Fire: Shifting From GLX To EGL”

Water beading up on a feather

PFAS: The Organofluorines Your Biochemist Warned You About

Sometimes it begins to feel like a tradition that a certain substance or group of substances become highly popular due to certain highly desirable chemical or physical properties, only for these chemicals then to go on to turn out to form a hazard to the biosphere, human life, or both. In the case of per- and polyfluoroalkyl substances (PFAS) it’s no different. Upon the discovery that a subgroup of these – the fluorosurfactants – have the ability to reduce water surface tension significantly more than other surfactants, they began to be used everywhere.

Today, fluorosurfactants are being used in everything from stain repellents to paint, make-up, and foam used by firefighters. In a recent study of 231 cosmetic products bought in the US and Canada (Whitehead et al., 2021), it was found that all of them contained PFAS, even when not listed on the packaging. The problematic part here is that PFASs are very stable, do not decay after disposal, and bioaccumulate in the body where they may have endocrine-disrupting effects.

Some areas have now at least partially banned PFAS, but the evidence for this is so far mixed. Let’s review what we do know at this point, and which alternatives we have to continuing to use these substances. Continue reading “PFAS: The Organofluorines Your Biochemist Warned You About”

Blue Origin Rolls Out Test Article For Next-Gen Rocket

By any metric you care to use, this is a very exciting time for America’s space program. NASA is refocusing their efforts towards the Moon and beyond, SpaceX is launching routine crew and cargo flights to the International Space Station with reusable rockets, and if you’ve got deep enough pockets, there are now multiple companies offering suborbital pleasure trips requiring little more than a few hours worth of training. It’s taken longer than many people had hoped, but it seems we’re finally making the confident strides necessary to truly utilize space’s vast resources.

But things are just getting started. A new generation of massive reusable rockets are currently being developed, which promise to make access to space cheaper and faster than ever before. We’ve seen quite a bit of SpaceX’s Starship, thanks in no small part to the dramatic test flights that the media-savvy company has been regularly live streaming to YouTube. But Blue Origin, founded by Amazon’s Jeff Bezos, has been far more secretive about their New Glenn. That is, until now.

GS1 under construction in Florida.

On November 8th, Blue Origin rolled out their GS1 simulator for the New Glenn’s first stage. This stand-in for the real rocket will never fly, but it’s designed to perfectly recreate the dimensions, center of gravity, and mass, of the real thing. Ground teams will use the GS1 to practice safely transporting the booster, which is approximately half the length of the Saturn V, from their production facility to Launch Complex 36 (LC-36) at Cape Canaveral. It will also be used to test the fit and function of various pieces of ground support equipment, and eventually, the second stage stacking procedure.

For the uninitiated, it might seem like this is a lot of fuss over what’s ultimately just a hollow metal tube. But the introduction of a test article such as this has traditionally been a major milestone during the design and construction of rockets and spacecraft, dating back to the “boilerplate” test capsules used during the Mercury, Gemini, and Apollo programs; a sure sign that what was just an idea is now becoming a reality.

Continue reading “Blue Origin Rolls Out Test Article For Next-Gen Rocket”

FlowIO Takes Top Honors In The 2021 Hackaday Prize

FlowIO Platform, a modular pneumatics controller for soft robotics and smart material projects, took home Grand Prize honors at the 2021 Hackaday Prize. Aside from the prestige of coming out on top of hundreds of projects and bragging rights for winning the biggest hardware design challenge on Earth, the prize carries an award of $25,000 and a Supplyframe DesignLab residency to continue project development. Four other top winners were also announced at the Hackaday Remoticon virtual conference on Saturday evening.

In a year full of challenges, this year’s Hackaday Prize laid down yet another gauntlet: to “Rethink, Refresh, and Rebuild.” We asked everyone to take a good hard look at the systems and processes that make the world work — or in some cases, not work — and reimagine them from a fresh perspective. Are there better ways to do things? What would you come up with if you started from a blank piece of paper? How can you support and engage the next generation of engineers, and inspire them to take up the torch? And what would you come up with if you just let your imagination run wild?

And boy, did you deliver! With almost 500 entries, this year’s judges had quite a task in front of them. Each of the five challenges — Refresh Displays, Rethink Work-From-Home Life, Reimagine Supportive Tech, Redefine Robots, and Reactivate Wildcard — had ten finalists, which formed the pool of entries for the overall prize. And here’s what they came up with.

Continue reading “FlowIO Takes Top Honors In The 2021 Hackaday Prize”

This Week In Security: Intel Atoms Spill Secrets, ICMP Poisons DNS, And The Blacksmith

Intel has announced CVE-2021-0146, a vulnerability in certain processors based on the Atom architecture, and the Trusted Platform Module (TPM) is at the center of the problem. The goal of the system around the TPM is to maintain system integrity even in the case of physical access by an attacker, so the hard drive is encrypted using a key stored in a secure chip on the motherboard. The TPM chip holds this encryption key and provides it during the boot process. When combined with secure boot, this is a surprisingly effective way to prevent tampering or data access even in the case of physical access. It’s effective, at least, when nothing goes wrong.

Earlier this year, we covered a story where the encryption key could be sniffed directly from the motherboard, by tapping the traces connecting the TPM to the CPU. It was pointed out that TPM 2.0 can encrypt the disk encryption key on the traces, making this attack impossible.

The entire Trusted Compute Model is based on the premise that the CPU itself is trustworthy. This brings us back to Intel’s announcement that a debug mode could be enabled via physical access. In this debug mode, the CPU master key can be extracted, leading to complete compromise. The drive encryption key can be recovered, and unsigned firmware can be loaded to the Management Engine. This means data in the TPM enclave and the TPM-stored encryption key can be compromised. Updated firmware is rolling out through motherboard vendors to address the problem. Continue reading “This Week In Security: Intel Atoms Spill Secrets, ICMP Poisons DNS, And The Blacksmith”

Privacy Report: What Android Does In The Background

We’ve come a long way from the Internet of the 90s and early 00s. Not just in terms of technology, capabilities, and culture, but in the attitude most of us take when accessing the ‘net. In those early days most users had a militant drive to keep any personal or identifying information to themselves beyond the occasional (and often completely fictional) a/s/l, and before eBay and Amazon normalized online shopping it was unheard of to even type in a credit card number. On today’s internet we do all of these things with reckless abandon, and to make matters worse most of us carry around a device which not only holds all of our personal information but also reports everything about us, from our browsing habits to our locations, back to databases to be stored indefinitely.

It was always known that both popular mobile operating systems for these devices, iOS and Android, “phone home” or report data about us back to various servers. But just how much the operating systems themselves did was largely a matter of speculation, especially for Apple devices which are doing things that only Apple can really know for sure. While Apple keeps their mysteries to themselves and thus can’t be fully trusted, Android is much more open which paradoxically makes it easier for companies (and malicious users) to spy on users but also makes it easier for those users to secure their privacy on their own. Thanks to this recent privacy report on several different flavors of Android (PDF warning) we know a little bit more on specifically what the system apps are doing, what information they’re gathering and where they’re sending it, and exactly which versions of Android are best for those of us who take privacy seriously.

Continue reading “Privacy Report: What Android Does In The Background”

Back of Rigol DS1104Z oscilloscope with the Ethernet and USB ports visible.

SCPI: On Teaching Your Devices The Lingua Franca Of Laboratories

One could be excused for thinking sometimes that the concept of connecting devices with other devices for automation purposes is a fairly recent invention. Yet for all the (relatively) recent hype of the Internet of Things and the ‘smart home’, laboratories have been wiring up their gear to run complicated measurement and test sequences for many decades now, along with factories doing much the same for automating production processes.

Much like the chaotic universe of IoT devices, lab equipment from different manufacturers feature a wide number of incompatible protocol and interface standards. Ultimately these would coalesce into IEEE-488.1 (GPIB) as the physical layer and by 1990 the first Standard Commands for Programmable Instruments (SCPI) standard was released that built on top of IEEE-488.

SCPI defines (as the name suggests) standard commands to interact with instruments. It has over the past decades gone on to provide remote interaction capabilities to everything from oscilloscopes and power supplies to exotic scientific equipment. Many off the shelf devices a hobbyist can buy today feature an SCPI interface via its Ethernet, USB or RS-232C port(s) that combined with software can be used to automate one’s home lab.

Even better is that it’s relatively straightforward to add SCPI functionality to one’s own devices as well, so long as it has at least an MCU and some way to communicate with the outside world.

Continue reading “SCPI: On Teaching Your Devices The Lingua Franca Of Laboratories”