Slider

4955 Articles

Hackaday Celebrates 15 Years And Oh How The Hardware Has Changed

September 5, 2019 by 56 Comments

Today marks exactly 15 years since Hackaday began featuring one Hack a Day, and we’ve haven’t missed a day since. Over 5,477 days we’ve published 34,057 articles, and the Hackaday community has logged 903,114 comments. It’s an amazing body of work from our writers and editors, a humbling level of involvement from our readers, and an absolutely incredible contribution to open hardware by the project creators who have shared details of their work and given us all something to talk about and to strive for.

What began as a blog is now a global virtual hackerspace. That first 105-word article has grown far beyond project features to include spectacular long-form original content. From our community of readers has grown Hackaday.io, launched in 2014 you’ll now find over 30,000 projects published by 350,000 members. The same year the Hackaday Prize was founded as a global engineering initiative seeking to promote open hardware, offering big prizes for big ideas (and the willingness to share them). Our virtual connections were also given the chance to come alive through the Hackaday Superconference, Hackaday Belgrade, numerous Hackaday Unconferences, and meetups all over the world.

All of this melts together into a huge support structure for anyone who wants to float an interesting idea with a proof of concept where “why” is the wrong question. Together we challenge the limits of what things are meant to do, and collectively we filter through the best ideas and hold them high as building blocks for the next iteration. The Hackaday community is the common link in the collective brain, a validation point for perpetuating great ideas of old, and cataloging the ones of new.

Perhaps the most impressive thing about the last 15 years of Hackaday is how much the technological landscape has changed. Hackaday is still around because all of us have actively changed along with it — always looking for that cutting edge where the clever misuse of something becomes the base for the next transformative change. So we thought we’d take a look back 15 years in tech. Let’s dig into a time when there were no modules for electronics, you couldn’t just whip up a plastic part in an afternoon, designing your own silicon was unheard of, and your parts distributor was the horde of broken electronics in your back room.

Continue reading “Hackaday Celebrates 15 Years And Oh How The Hardware Has Changed”

Dian Fossey, Gorilla Girl

September 3, 2019 by 37 Comments

Few people sacrifice themselves as completely as Dian Fossey did for the mountain gorillas of Africa. She fought tirelessly to protect them from poachers, cattle herders, zoo kidnappers, corrupt governments, and tourists. Dian left a comfortable life behind to make the misty slopes of an extinct volcano her home and headquarters. There, she patiently sought out the gorillas, mimicking their facial expressions and actions until they grew curious about her. Eventually, she had their complete trust and friendship, and considered them her family.

Dian spent eighteen years on and off living among the gorillas. She continually risked her health, life, and reputation to raise awareness of their plight and save them from extinction. While the mountain gorilla remains an endangered species, Dian’s research and conservation efforts have greatly contributed to their increased population in the years since her death.

Continue reading “Dian Fossey, Gorilla Girl”

3D Printing May Be The Key To Practical Scramjets

September 3, 2019 by 32 Comments

The first scramjet, an airbreathing jet engine capable of pushing an aircraft beyond Mach 5, was successfully flown in the early 1990s. But while pretty much any other technology you could imagine has progressed by leaps and bounds in the nearly 30 years that have passed, the state-of-the-art in hypersonic scramjets hasn’t moved much. We still don’t have practical hypersonic aircraft, military or otherwise, and any missiles that travel at those sort of speeds are rocket powered.

NASA’s X-43 hit Mach 9.6 in 2004

This is somewhat surprising since, at least on paper, the operating principle of the scramjet is simplicity itself. Air rushing into the engine is compressed by the geometry of the inlet, fuel is added, the mixture is ignited, and the resulting flow of expanded gases leaves the engine faster than it entered. There aren’t even any moving parts inside of a scramjet, it’s little more than a carefully shaped tube with fuel injectors and ignitors in it.

Unfortunately, pulling it off in practice is quite a bit harder. Part of the problem is that a scramjet doesn’t actually start working until the air entering the engine’s inlet is moving at around Mach 4, which makes testing them difficult and expensive. It’s possible to do it in a specially designed wind tunnel, but practically speaking, it ends up being easier to mount the engine to the front of a conventional rocket and get it up to speed that way. The downside is that such flights are one-way tickets, and end with the test article crashing into the ocean once it runs out of fuel.

But the bigger problem is that the core concept is deceptively simple. It’s easy to say you’ll just squirt some jet fuel into the stream of compressed air and light it up, but when that air is moving at thousands of miles per hour, keeping it burning is no small feat. Because of this, the operation of a scramjet has often been likened to trying to light a match in a hurricane; the challenge isn’t in the task, but in the environment you’re trying to perform it in.

Now, both Aerojet Rocketdyne and Northrop Grumman think they may have found the solution: additive manufacturing. By 3D printing their scramjet engines, they can not only iterate through design revisions faster, but produce them far cheaper than they’ve been able to in the past. Even more importantly, it enables complex internal engine geometries that would have been more difficult to produce via traditional manufacturing.

Continue reading “3D Printing May Be The Key To Practical Scramjets”

This Week In Security: VPN Gateways, Attacks In The Wild, VLC, And An IP Address Caper

August 30, 2019 by 7 Comments

We’ll start with more Black Hat/DEFCON news. [Meh Chang] and [Orange Tsai] from Devcore took a look at Fortinet and Pulse Secure devices, and found multiple vulnerabilities. (PDF Slides) They are publishing summaries for that research, and the summary of the Fortinet research is now available.

It’s… not great. There are multiple pre-authentication vulnerabilities, as well as what appears to be an intentional backdoor.

CVE-2018-13379 abuses an snprintf call made when requesting a different language for the device login page. Snprintf is an alternative to sprintf, but intended to prevent buffer overflows by including the maximum string length to write to the target buffer, which sounds like a good idea but can lead to malicious truncation.

The code in question looks like snprintf(s, 0x40, "/migadmin/lang/%s.json", lang);.
When loading the login page, a request is made for a language file, and the file is sent to the user. At first look, it seems that this would indeed limit the file returned to a .json file from the specified folder. Unfortunately, there is no further input validation on the request, so a language of ../../arbitrary is considered perfectly legitimate, escaping the intended folder.  This would leak arbitrary json files, but sincesnprintf doesn’t fail if it exceeds the specified length, sending a request for a lang that’s long enough results in the “.json” extension not being appended to the request either.

A metasploit module has been written to test for this vulnerability, and it requests a lang of /../../../..//////////dev/cmdb/sslvpn_websession. That’s just long enough to force the json extension to fall off the end of the string, and it is Unix convention is to ignore the extra slashes in a path. Just like that, the Fortigate is serving up any file on its filesystem just for asking nice.

More worrying than the snprintf bug is the magic value that appears to be an intentional backdoor. A simple 14 character string sent as an http query string bypasses authentication and allows changing any user’s password — without any authentication. This story is still young, it’s possible this was intended to have a benign purpose. If it’s an honest mistake, it’s a sign of incompetence. If it’s an intentional backdoor, it’s time to retire any and all Fortinet equipment you have.

Pulse Secure VPNs have a similar pre-auth arbitrary file read vulnerability. Once the full report is released, we’ll cover that as well.

Exploitation in the Wild

But wait, there’s more. Hide your kids, hide your wife. Webmin, Pulse Secure, and Fortigate are already being exploited actively in the wild, according to ZDNet. Based on reports from Bad Packets, the Webmin backdoor was being targeted in scans within a day of announcement, and exploited within three days of the announcement. There is already a botnet spreading via this backdoor. It’s estimated that there are around 29,000 vulnerable Internet-facing servers.

Both Pulse Secure and Fortinet’s Fortigate VPN appliances are also being actively targeted. Even though the vulnerabilities were reported first to the vendors, and patched well in advance of the public disclosure, thousands of vulnerable devices remain. Apparently routers and other network appliance hardware are fire-and-forget solutions, and often go without important security updates.

VLC is Actually Vulnerable This Time

The VLC media player has released a new update, fixing 11 CVEs. These CVEs are all cases of mishandling malformed media files, and are only exploitable by opening a malicious file with VLC. Be sure to go update VLC if you have it installed. Even though no arbitrary code execution has been demonstrated for any of these issues, it’s likely that it will eventually happen.

Gray Market IP Addresses

With the exhaustion of IPv4 addresses, many have begun using alternative methods to acquire address space, including the criminal element. Krebs on Security details his investigation into one such story: Residential Networking Solutions LLC (Resnet). It all started with an uptick in fraudulent transactions originating from Resnet residential IP addresses. Was this a real company, actually providing internet connectivity, or a criminal enterprise?

Kilopower: NASA’s Offworld Nuclear Reactor

August 28, 2019 by 107 Comments

Here on Earth, the ability to generate electricity is something we take for granted. We can count on the sun to illuminate solar panels, and the movement of air and water to spin turbines. Fossil fuels, for all their downsides, have provided cheap and reliable power for centuries. No matter where you may find yourself on this planet, there’s a way to convert its many natural resources into electrical power.

But what happens when humans first land on Mars, a world that doesn’t offer these incredible gifts? Solar panels will work for a time, but the sunlight that reaches the surface is only a fraction of what the Earth receives, and the constant accumulation of dust makes them a liability. In the wispy atmosphere, the only time the wind could potentially be harnessed would be during one of the planet’s intense storms. Put simply, Mars can’t provide the energy required for a human settlement of any appreciable size.

The situation on the Moon isn’t much better. Sunlight during the lunar day is just as plentiful as it is on Earth, but night on the Moon stretches for two dark and cold weeks. An outpost at the Moon’s South Pole would receive more light than if it were built in the equatorial areas explored during the Apollo missions, but some periods of darkness are unavoidable. With the lunar surface temperature plummeting to -173 °C (-280 °F) when the Sun goes down, a constant supply of energy is an absolute necessity for long-duration human missions to the Moon.

Since 2015, NASA and the United States Department of Energy have been working on the Kilopower project, which aims to develop a small, lightweight, and extremely reliable nuclear reactor that they believe will fulfill this critical role in future off-world exploration. Following a series of highly successful test runs on the prototype hardware in 2017 and 2018, the team believes the miniaturized power plant could be ready for a test flight as early as 2022. Once fully operational, this nearly complete re-imagining of the classic thermal reactor could usher in a whole new era of space exploration.

Continue reading “Kilopower: NASA’s Offworld Nuclear Reactor”

Following Pigs: Building An Injectable Livestock Tracking System

August 27, 2019 by 43 Comments

I’m often asked to design customer and employee tracking systems. There are quite a few ways to do it, and it’s an interesting intersection of engineering and ethics – what information is reasonable to collect in different contexts, anonymizing and securely storing it, and at a fundamental level whether the entire system should exist at all.

On one end of the spectrum, a system that simply counts the number of people that are in your restaurant at different times of day is pretty innocuous and allows you to offer better service. On the other end, when you don’t pay for a mobile app, generally that means your private data is the product being bought and sold. Personally, I find that the whole ‘move fast and break things’ attitude, along with a general disregard for the privacy of user data, has created a pretty toxic tech scene. So until a short while ago, I refused to build invasive tracking systems – then I got a request that I simply couldn’t put aside…

Continue reading “Following Pigs: Building An Injectable Livestock Tracking System”

The Amazon Dash Button: A Retrospective

August 27, 2019 by 38 Comments

The Internet of Things will revolutionize everything! Manufacturing? Dog walking? Coffee bean refilling? Car driving? Food eating? Put a sensor in it! The marketing makes it pretty clear that there’s no part of our lives which isn’t enhanced with The Internet of Things. Why? Because with a simple sensor and a symphony of corporate hand waving about machine learning an iPhone-style revolution is just around the corner! Enter: Amazon Dash, circa 2014.

The first product in the Dash family was actually a barcode scanning wand which was freely given to Amazon Fresh customers and designed to hang in the kitchen or magnet to the fridge. When the Fresh customer ran out of milk they could scan the carton as it was being thrown away to add it to their cart for reorder. I suspect these devices were fairly expensive, and somewhat too complex to be as frequently used as Amazon wanted (thus the extremely limited launch). Amazon’s goal here was to allow potential customers to order with an absolute minimum of friction so they can buy as much as possible. Remember the “Buy now with 1-Click” button?

That original Dash Wand was eventually upgraded to include a push button activated Alexa (barcode scanner and fridge magnet intact) and is generally available. But Amazon had pinned its hopes on a new beau. Mid 2015 Amazon introduced the Dash Replenishment Service along with a product to be it’s exemplar – the Dash Button. The Dash Button was to be the 1-Click button of the physical world. The barcode-scanning Wands require the user to remember the Wand was nearby, find a barcode, scan it, then remember to go to their cart and order the product. Too many steps, too many places to get off Mr. Bezos’ Wild Ride of Commerce. The Dash Buttons were simple! Press the button, get the labeled product shipped to a preconfigured address. Each button was purchased (for $5, with a $5 coupon) with a particular brand affinity, then configured online to purchase a specific product when pressed. In the marketing materials, happy families put them on washing machines to buy Tide, or in a kitchen cabinet to buy paper towels. Pretty clever, it really is a Buy now with 1-Click button for the physical world.

There were two versions of the Dash button. Both have the same user interface and work in fundamentally the same way. They have a single button (the software can recognize a few click patterns), a single RGB LED (‘natch), and a microphone (no, it didn’t listen to you, but we’ll come back to this). They also had a WiFi radio. Version two (silently released in 2016) added Bluetooth and completely changed the electrical innards, though to no user facing effect.

In February 2019, Amazon stopped selling the Dash Buttons. Continue reading “The Amazon Dash Button: A Retrospective”