There’s a new malware strain targeting MacOS, Silver Sparrow, and it’s unusual for a couple reasons. First, it’s one of the few pieces of malware that targets the new M1 ARM64 processors. Just a reminder, that is Apple’s new in-house silicon design. It’s unusual for a second reason — it’s not doing anything. More precisely, while researchers have been watching, the command and control infrastructure didn’t provide a payload. Silver Sparrow has been positively found on nearly 30,000 machines.
The malware also has an intentional kill switch, where the presence of a particular file triggers a complete removal of the malware package. Researchers at Red Canary point out that this package behaves very much like a legitimate program, difficult to pick out as malware. Ars Technica got an off-the-record statement from Apple, indicating that they are tracking the situation, and have revoked the developer’s certificate used to sign the malware. It’s not entirely clear whether this prevents the malware running on already compromised machines, or just stops new infections.
So who’s behind Silver Sparrow? The observed stealth mode and other complexities suggest that this is more than a simple adware or ransomware campaign. Since it was discovered before the payload was delivered, we may never know what the purpose is. It may have been a government created campaign, targeting something specific. Continue reading “This Week In Security: Mysterious Mac Malware, An Elegant VMware RCE, And A JSON Mess”
Outputting data from a microcontroller over a serial port is convenient and easy, but formatting, visualizing, and analyzing the data can be tedious and frustrating. [Alex Spataru] knows this all too well, having spent too many hours building and debugging custom dashboards. To save himself and others the same frustration in the future, he created Serial Studio, a tool for quickly building dashboards for serial data.
The only input required for Serial Studio to create a dashboard is a simple JSON structure specifying the data’s format, and how it should be grouped and displayed. Originally Serial Studio required all the JSON data to be sent over serial, which is fine for simple data but quickly becomes cumbersome for more complex applications. To solve this, [Alex] added a feature allowing the JSON document with the format information loaded from the computer, while only the data is sent over serial.
Serial Studio includes several visualization options, including raw line graphs, bar/level indicator, dial indicator, the artificial horizon for IMU data, or a map widget. It can also output the formatted data to a CSV file for further analysis in other software. A console window is also included for viewing raw data or debugging purposes. See the usage demo after the break.
We like Serial Studio’s ease of use and adaptability, and we’ll likely use it for our own projects in the future. It is compatible with Linux, Windows, and Mac thanks to the Qt framework, and the code is open-source and available on GitHub.
If you’ve ever watched one of the BPS.Space model rocket launch videos, you’ll know how critical data logging, visualization and analysis is for [Joe Barnard]’s work. Serial Studio is perfect for such applications, and [Alex] used it extensively for simulated satellite competitions at his university. Continue reading “Serial Studio: Easily Visualise And Log Serial Data”
As the world settles into this pandemic, some things are still difficult to mentally reckon, such as the day of the week. We featured a printed day clock a few months ago that used a large pointer to provide this basic psyche-grounding information. In the years since then, [Jeff Thieleke] whipped up a feature-rich remix that adds indoor air quality readings and a lot more.
Like [phreakmonkey]’s original day tripper, an ESP32 takes care of figuring out what day it is and moves a 9 g servo accordingly. [Jeff] wanted a little more visual action, so the pointer moves a tad bit every hour. A temperature/humidity sensor and a separate CO₂ sensor output their readings to an LCD screen mounted under the pointer. Since [Jeff] is keeping this across the basement workshop from the bench, the data is also available from a web server running on the ESP32 via XML and JSON, and the day clock can get OTA updates.
Need a little more specificity than just eyeballing a pointer? Here’s a New Times clock that gives slightly more detail.
For all the technology we have, it can still be frustratingly difficult to get any concrete information from the media. Sometimes all you want to do is to cut through the noise and see some real numbers. Watching talking heads argue for a half hour probably isn’t going to tell you much about how the COVID-19 virus is spreading through your local community, but seeing real-time data pulled from multiple vetted sources might.
Having access to the raw data about COVID-19 cases, fatalities, and recoveries is, to put it mildly, eye-opening. Even if day to day life seems pretty much unchanged in your corner of the world, seeing the rate at which these numbers are climbing really puts the fight into perspective. You might be less inclined to go out for a leisurely stroll if you knew how many new cases had popped up in your neck of the woods during the last 24 hours.
But this article isn’t about telling you how to feel about the data, it’s about how you can get your hands on it. What you do with it after that is entirely up to you. Depending on where you live, the numbers you see might even make you feel a bit better. It’s information on your own terms, and in these uncertain times, that might be the best we can hope for.
Continue reading “Stay Informed: How To Pull Your Own COVID-19 Data”
Once upon a time, most things were single-purpose, like the pocket watch. Then somebody made a watch with a date function, and next thing you know, we had TV/VCR combos and Swiss army knives. Now, people pull computers out of their pockets just to check the time or the bed temperature of their RepRap.
[Owen]’s antidote for this multi-function madness is PrintEye, a simple interface that queries his printer and displays its vital signs on a pair of OLED peepers. It’s a parts bin special, and you know how much we love those. PrintEye connects to the Duet controller over UART, and does its firmware whispering with an ATMega328P. The ‘Mega sends a single M-command and gets back all the status and temperature data in JSON format. Then it parses the info and displays it on twin OLED screens.
Want to make one? [Owen]’s got all the files you need over on IO, but offers no hand-holding services. If you’ve never spun a board before, this could be your introduction. Have to have an internet connection? Check out the Octoprint monitor that inspired PrintEye.