Slider

4980 Articles

Accident Forgiveness Comes To GPLv2

December 13, 2017 by 40 Comments

Years ago, while the GPLv3 was still being drafted, I got a chance to attend a presentation by Richard Stallman. He did his whole routine as St IGNUcius, and then at the end said he would be answering questions in a separate room off to the side. While the more causal nerds shuffled out of the presentation room, I went along with a small group of free software aficionados that followed our patron saint into the inner sanctum.

When my turn came to address the free software maestro, I asked what advantages the GPLv3 would have to a lowly hacker like myself? I was familiar with the clause about “Tivoization“, the idea that any device running GPLv3 code from the manufacturer should allow the user to be able to install their own software on it, but this didn’t seem like the kind of thing most individuals would ever need to worry about. Was there something in the new version of the GPL that would make it worth adopting in personal or hobby projects?

Yes, he really dresses up like this.

Interestingly, a few years after this a GPLv2 program of mine was picked up by a manufacturer and included in one of their products (never underestimate yourself, folks). So the Tivoization clause was actually something that did apply to me in the end, but that’s not the point of this story.

Mr. Stallman responded that he believed the biggest improvement GPLv3 made over v2 for the hobbyist programmer was the idea of “forgiveness” in terms of licensing compliance. Rather than take a hard line approach like the existing version of the GPL, the new version would have grace periods for license compliance. In this way, legitimate mistakes or misunderstandings of the requirements of the GPL could be resolved more easily.

So when I read the recent announcement from Red Hat that said they would be honoring the grace period for GPLv2 projects, I was immediately interested. Will the rest of the community follow Red Hat’s lead? Will this change anyone’s mind when deciding between the GPL v2 and v3? Is this even a good idea? Join me below as I walk through these questions.

Continue reading “Accident Forgiveness Comes To GPLv2”

Living On The Moon: The Challenges

December 12, 2017 by 185 Comments

Invariably when we write about living on Mars, some ask why not go to the Moon instead? It’s much closer and has a generous selection of minerals. But its lack of an atmosphere adds to or exacerbates the problems we’d experience on Mars. Here, therefore, is a fun thought experiment about that age-old dream of living on the Moon.

Inhabiting Lava Tubes

Lava tube with collapsed pits near Gruithuisen crater
Lava tube with collapsed pits near Gruithuisen crater

The Moon has even less radiation protection than Mars, having practically no atmosphere. The lack of atmosphere also means that more micrometeorites make it to ground level. One way to handle these issues is to bury structures under meters of lunar regolith — loose soil. Another is to build the structures in lava tubes.

A lava tube is a tunnel created by lava. As the lava flows, the outer crust cools, forming a tube for more lava to flow through. After the lava has been exhausted, a tunnel is left behind. Visual evidence on the Moon can be a long bulge, sometimes punctuated by holes where the roof has collapsed, as is shown here of a lava tube northwest from Gruithuisen crater. If the tube is far enough underground, there may be no visible bulge, just a large circular hole in the ground. Some tubes are known to be more than 300 meters (980 feet) in diameter.

Lava tubes as much as 40 meters (130 feet) underground can also provide thermal stability with a temperature of around -20°C (-4°F). Having this stable, relatively warm temperature makes building structures and equipment easier. A single lunar day is on average 29.5 Earth days long, meaning that we’ll get around 2 weeks with sunlight followed by 2 weeks without. During those times the average temperatures on the surface at the equator range from 106°C (224°F) to -183°C (-298°F), which makes it difficult to find materials to withstand that range for those lengths of time.

But living underground introduces problems too.

Continue reading “Living On The Moon: The Challenges”

Mike Harrison At The Superconference: Flying LCD Pixels

December 11, 2017 by 18 Comments

Mike Harrison, perhaps better known to us as the titular Mike of YouTube channel mikeselectricstuff, is a hardware hacking genius. He’s the man behind this year’s Superconference badge, and his hacks and teardowns have graced our pages many times. The best thing about Mike is that his day job is designing implausibly cool one-off hardware for large-scale art installations. His customers are largely artists, which means that they just don’t care about the tech as long as it works. So when he gets together with a bunch of like-minded hacker types, he’s got a lot of pent-up technical details that he just has to get out. Our gain.

He’s been doing a number of LCD installations lately. And he’s not using the standard LCD calculator displays that we all know and love, although the tech is exactly the same, but is instead using roughly 4″ square single pixels. His Superconference talk dives deep into the behind-the-scenes cleverness that made possible a work of art that required hundreds of these, suspended by thin wires in mid-air, working together to simulate a flock of birds. You really want to watch this talk.


Continue reading “Mike Harrison At The Superconference: Flying LCD Pixels”

What You Need To Know About The Intel Management Engine

December 11, 2017 by 96 Comments

Over the last decade, Intel has been including a tiny little microcontroller inside their CPUs. This microcontroller is connected to everything, and can shuttle data between your hard drive and your network adapter. It’s always on, even when the rest of your computer is off, and with the right software, you can wake it up over a network connection. Parts of this spy chip were included in the silicon at the behest of the NSA. In short, if you were designing a piece of hardware to spy on everyone using an Intel-branded computer, you would come up with something like the Intel Managment Engine.

Last week, researchers [Mark Ermolov] and [Maxim Goryachy] presented an exploit at BlackHat Europe allowing for arbitrary code execution on the Intel ME platform. This is only a local attack, one that requires physical access to a machine. The cat is out of the bag, though, and this is the exploit we’ve all been expecting. This is the exploit that forces Intel and OEMs to consider the security implications of the Intel Management Engine. What does this actually mean?

Continue reading “What You Need To Know About The Intel Management Engine”

The IBM PC That Broke IBM

December 11, 2017 by 129 Comments

It was the dawn of the personal computer age, a time when Apple IIs, Tandy TRS-80s, Commodore PETs, the Atari 400 and 800, and others had made significant inroads into schools and people’s homes. But IBM, whose name was synonymous with computers, was nowhere to be seen. And yet within a few years, the IBM PC would be the dominant player.

Those of us who were around at the time cherished one of those early non-IBM computers, and as the IBM PC came out, either respected it, looked down on it, or did both. But now, unless your desktop machine is a Mac, you probably own a computer that owes its basic design to the first IBM PC.

The Slow Moving Elephant

IBM System/360 Model 30 mainframe
IBM System/360 Model 30 mainframe by Dave Ross CC BY 2.0

In the 1960s and 1970s, the room-filling mainframe was the leading computing platform and the IBM System/360 held a strong position in that field. But sales in 1979 in the personal computer market were $150 million and were projected to increase 40% in 1980. That was enough for IBM to take notice. And they’d have to come up with something fast.

Fast, however, wasn’t something people felt IBM could do. Decisions were made through committees, resulting in such a slow decision process that one employee observed, “that it would take at least nine months to ship an empty box.” And one analyst famously said, “IBM bringing out a personal computer would be like teaching an elephant to tap dance.”

And yet, in just a few short years, IBM PCs dominated the personal computer market and the majority of today’s desktops can trace their design back to the first IBM PC. With even more built-in barriers which we cover below, how did the slow-moving elephant make this happen?

Continue reading “The IBM PC That Broke IBM”

Radiosondes: Getting Data From Upstairs

December 8, 2017 by 41 Comments

Ever since I first learned about radiosondes as a kid, I’ve been fascinated by them. To my young mind, the idea that weather bureaus around the world would routinely loft instrument-laden packages high into the atmosphere to measure temperature, pressure, and winds aloft seemed extravagant. And the idea that this telemetry package, having traveled halfway or more to space, could crash land in a field near my house so that I could recover it and take it apart, was an intoxicating thought.

I’ve spent a lot of time in the woods over the intervening years, but I’ve never seen a radiosonde in the wild. The closest I ever came was finding a balloon with a note saying it had been released by a bunch of schoolkids in Indiana. I was in Connecticut at the time, so that was pretty cool, but those shortsighted kids hadn’t put any electronics on their balloon, and they kind of left me hanging. So here’s a look at what radiosondes are, how they work, and what you can do to increase your chances of finding one.

Continue reading “Radiosondes: Getting Data From Upstairs”

Another Defeat Of The Intel Management Engine

December 7, 2017 by 53 Comments

If you have a computer with an Intel processor that’s newer than about 2007, odds are high that it also contains a mystery software package known as the Intel Management Engine (ME). The ME has complete access to the computer below the operating system and can access a network, the computer’s memory, and many other parts of the computer even when the computer is powered down. If you’re thinking that this seems like an incredible security vulnerability then you’re not alone, and a team at Black Hat Europe 2017 has demonstrated yet another flaw in this black box (PDF), allowing arbitrary code execution and bypassing many of the known ME protections.

[Mark Ermolov] and [Maxim Goryachy] are the two-man team that discovered this exploit, only the second of its kind in the 12 years that the ME has been deployed. Luckily, this exploit can’t be taken advantage of (yet) unless an attacker has physical access to the device. Intel’s firmware upgrades also do not solve the problem because the patches still allow for use of older versions of the ME. [Mark] and [Maxim] speculate in their presentation that this might be fixed on the next version of the ME, but also note that these security vulnerabilities would disappear if Intel would stop shipping processors with the ME.

We won’t hold our breath on Intel doing the right thing by eliminating the ME, though. It’s only a matter of time before someone discovers a zero-day (if they haven’t already, there’s no way to know) which could cripple pretty much every computer built within the last ten years. If you’re OK with using legacy hardware, though, it is possible to eliminate the management engine and have a computer that doesn’t have crippling security vulnerabilities built into it. This post was even written from one. Good luck doing anything more resource-intensive with it, though.