This Week In Security: Zoom (Really This Time), Fingerprints, And Bloatware

April 10, 2020 by Jonathan Bennett 9 Comments

You were promised Zoom news last week, but due to a late night of writing, that story was delayed to this week. So what’s the deal with Zoom? Google, SpaceX, and even the government of Taiwan and the US Senate have banned Zoom. You may remember our coverage of Zoom from nearly a year ago, when Apple forcibly removed the Zoom service from countless machines. The realities of COVID-19 have brought about an explosion of popularity for Zoom, but also a renewed critical eye on the platform’s security.

“Zoombombing”, joining a Zoom meeting uninvited, made national headlines as a result of a few high profile incidents. The US DOJ even released a statement about it. Those incidents seem to have been a result of Zoom default settings: no meeting passwords, no “waiting room”, and meeting IDs that persist indefinitely. A troll could simply search google for Zoom links, and try connecting to them until finding an active meeting. Ars ran a great article on how to avoid getting zoombombed (thanks to Sheldon for pointing this out last week).

There is another wrinkle to the Zoom story. Zoom is technically an American company, but its Chinese roots put it in a precarious situation. Recently it’s been reported that encryption keying is routed through infrastructure in China, even though the calling parties are elsewhere. In some cases, call data itself goes through Chinese infrastructure, though that was labeled as a temporary bug. Zoom was also advertising its meetings as having end-to-end encryption. That claim was investigated, and discovered to be false. All meetings get decrypted at Zoom servers, and could theoretically be viewed by Zoom staff. Continue reading “This Week In Security: Zoom (Really This Time), Fingerprints, And Bloatware” →

No Windshield? No Problem, Says McLaren

April 9, 2020 by Kristina Panos 79 Comments

All the best sports cars look like they’re moving when they’re just sitting there, and the lines on McLaren’s newest limited-edition plaything redefine that look of speed standing still. Maybe it’s the sneering headlights or the streamlined, reverse-1966 Batmobile styling. Whatever it is, the 804-horsepower two-seater project Elva looks like it’s leaping off the line into the future.

But this future is free from the last thing we’d expect to see removed from any vehicle, especially a $1.7 million supercar — the windshield. Now that the headphone jack has been deemed expendable, it seems that nothing is sacred. The Elva is already a permanent convertible with no windows.

Though McLaren didn’t start this weird and windowless fire, the Elva is meant to fan the flames of futurism. She joins the ranks of a few windshield-free models from Ferrari, Mercedes-Benz, and Aston Martin. In the other guy’s cars, you’ll need a helmet above 30MPH unless you love the thunderous sounds of air buffeting and blown-out hair. It’s a young idea with a few bugs to work out.

Continue reading “No Windshield? No Problem, Says McLaren” →

The Real Lessons About 3D Printed Face Shields: Effective Engineering Response In Times Of Crisis

April 8, 2020 by Donald Papp 83 Comments

3D printed face shields and other health equipment is big news right now. Not long ago, Prusa Research rapidly designed and manufactured 3D printed face shields and donated them to the Czech Ministry of Health. Their effort is ongoing, and 3D printers cranking out health equipment like the NIH approved design has been peppering headlines ever since.

The Important Part Isn’t 3D Printers

The implied takeaway from all the coverage is that 3D printers are a solution to critical equipment shortages, but the fact that 3D printers are involved isn’t really the important part. We all know printers can make plastic parts, so what should be the real takeaway? The biggest lessons we can learn about Prusa’s ongoing effort are related to how they’ve gone about it.

Continue reading “The Real Lessons About 3D Printed Face Shields: Effective Engineering Response In Times Of Crisis” →

On 5G And The Fear Of Radiation

April 8, 2020 by Maya Posch 178 Comments

The world around us is a scary place, with a lot of visible and invisible dangers. Some of those invisible dangers are pretty obvious, such as that of an electrical shock from exposed wiring. Some are less obvious, for example the dangers of UV radiation to one’s skin and eyes commonly known, but also heavily underestimated by many until it’s too late. In the US alone, skin cancer ends up affecting about one in every five people.

Perhaps ironically, while the danger from something like UV radiation is often underestimated, other types of electromagnetic radiation are heavily overestimated. All too often, the distinction between what is and isn’t considered to be harmful appears to be made purely on basis of whether it is ‘natural’ radiation or not. The Sun is ‘natural’, ergo UV radiation cannot be harmful, but the EM radiation from a microwave or 5G wireless transceiver is human-made, and therefore harmful. This is, of course, backwards.

Rather than dismissing such irrational fears of radiation, let’s have a look at both the science behind radiation and the way humans classify ‘danger’, such as in the case of 5G cell towers. Continue reading “On 5G And The Fear Of Radiation” →

Linux Fu: Tracing System Calls

April 7, 2020 by Al Williams 11 Comments

One of the nice things about Linux and similar operating systems is that you can investigate something to any level you wish. If a program has a problem you can decompile it, debug it, trace it, and — if necessary — even dig into the source code for the kernel and most of the libraries the program is probably using. However, the tools to do this aren’t ones you use every day. One very interesting tool is strace. Using it you can see what system calls any program makes and that can sometimes give you important clues about how the program works or, probably more often, why it doesn’t work.

Let’s consider the least complex use of the command. Suppose you want to make symlink from testxmit.grc to the /tmp directory. That command is simple:

ln -sf testxmit.grc /tmp

But if you tell strace to run it, the command becomes:

strace ln -sf testxmit.grc /tmp

You might want to redirect the output to a file using the shell or the -o option, though. Some commands generate a lot and often the first page or two of output isn’t really what you care about anyway. Continue reading “Linux Fu: Tracing System Calls” →

3D Printering: When Resin Printing Gets Smelly

April 7, 2020 by Donald Papp 20 Comments

Nowadays, resin printers are highly accessible and can do some great stuff. But between isopropyl alcohol for part rinsing and the fact that some resins have a definite smell to them, ventilation can get important fast. The manufacturers don’t talk much about this part of the resin printing experience, but it’s there nevertheless. So what can be done when smells become a problem?

I recently had to deal with this when I printed several liters of resin worth of parts. That’s a lot of resin, and a lot of alcohol for part washing. Smells — which had never been much of a problem in my work area — suddenly became an issue.

Where Odors Come From

Smells come from two sources: the resin itself, and the isopropyl alcohol used for cleanup and part washing. Continue reading “3D Printering: When Resin Printing Gets Smelly” →

Getting To Space Is Even Harder During A Pandemic

April 6, 2020 by Tom Nardi 3 Comments

At this point, most of us are painfully aware of the restrictions that COVID-19 social distancing protocols have put on our daily lives. Anyone who can is working from home, major events are canceled, non-essential businesses are closed, and travel is either strongly discouraged or prohibited outright. In particularly hard hit areas, life and commerce has nearly ground to a halt with no clear end date in sight.

Naturally, there are far reaching consequences for this shutdown beyond what’s happening on the individual level. Large scale projects are also being slowed or halted entirely, as there’s only so much you can do remotely. That’s especially true when the assembly of hardware is concerned, which has put some industries in a particularly tight spot. One sector that’s really feeling the strain is aerospace. Around the world, space agencies are finding that their best laid plans are suddenly falling apart in the face of COVID-19.

In some cases it’s a minor annoyance, requiring nothing more than some tweaks to procedures. But when the movements of the planets are concerned, a delay of weeks or months changes everything. While things are still changing too rapidly to make an exhaustive list, we already know of a few missions that are being impacted in these uncertain times.

Continue reading “Getting To Space Is Even Harder During A Pandemic” →