Gizmodo – Michmutters
Categories
Technology

Researcher Hacks Starlink Terminal to Warn SpaceX of Flaws

SpaceX has launched more than 3,000 of its internet satellites to low Earth orbit.

SpaceX has launched more than 3,000 of its internet satellites to low Earth orbit.
illustration: GDAPHOTO (AP)

A researcher from Belgium created a $25 hacking tool that could glitch Starlink’s internet terminals, and he is reportedly going to make this tool available for others to copy. Lennert Wouters, a security researcher at KU Leuven, demonstrated how he was able to hack into Elon Musk’s satellite dishes at the Black Hat Security Conference being held this week in Las Vegas, Wired reported.

During his presentation at the conference on Wednesday, Wouters went through the hardware vulnerabilities that allowed him to access the Starlink satellite terminal and create his own custom code. “The widespread availability of Starlink User Terminals (UT) exposes them to hardware hackers and opens the door for an attacker to freely explore the network,” Wouters wrote in the description of Wednesday’s briefing.

SpaceX has launched a total of 3,009 satellites to low Earth orbit, building out a megaconstellation designed to beam down connectivity to even the most distant parts of the world. Starlink customers get a 19-inch wide Dishy McFlatface (a clever name bestowed upon the company’s satellite dish) to install on their homes, or even carry with them on the road.

In order to hack the Starlink dish, Wouters created a modchip, or a custom circuit board that can be attached to the satellite dish, according to Wired. The modchip was put together using off-the-shelf parts that cost about $25 in total, and Wouters has reportedly made the details of the modchip available for download on Github. The small device can be used to access McFlatface’s software, launching an attack that causes a glitch and opens up previously locked parts of the Starlink system. “Our attack results in an unfixable compromise of the Starlink [user terminal] and allows us to execute arbitrary code,” Wouters wrote. “The ability to obtain root access on the Starlink [user terminal] is a prerequisite to freely explore the Starlink network.”

Wouters has previously warned SpaceX of flaws in their system. SpaceX did respond by updating the system, but Wouters argues that the only sure way to avoid this attack is to create a new version of the main chip, Wired reported.

In the process of building out its Starlink constellation, SpaceX has made some enemies along the way that make it vulnerable to potential attacks. The use of Starlink satellites to provide connectivity in Ukraine has angered the Russian government, which allegedly launched a cyberattack against American satellite company Viasat in February. A military researcher from China has also expressed a desire to destroy Starlink satellites, publishing a paper in May on “soft and hard kill methods” to counteract any threat posed by the internet constellation.

And though it may seem like it, but Wouters doesn’t actually want to bring down Starlink, instead he hopes his research can serve as a warning to better fortify the satellite dishes.

.

Categories
Technology

A Long-Known Linux Zero-Day Was Just Patched With Google’s Help

Image for article titled A Linux Zero-Day Was Finally Patched After Half a Decade of Inaction With Help From Google

photo: justin sullivan (Getty Images)

Google’s Threat Analysis Group revealed new details today about its efforts to identify and help patch a zero-day exploit impacting Android devices built by a commercial surveillance vendor and dating back to at least 2016. The research, presented at the Black Hat cybersecurity conference in Las Vegas, represents the latest attempt by Google to step up its efforts against a growing private surveillance industry that’s thriving, according to the researchers.

The vulnerability in question, referred to as CVE-2021-0920, was a zero day “in the wild” exploit in a garbage collection mechanism within the Linux kernel, the core piece of software that governs the entire Linux operating system. Google says the attackers, using an exploit chain that included the vulnerability, were able to remotely gain controls of users’ devices.

Google says it has previously attributed a number of Android zero-day exploits to the developer behind CVE-2021-0920. In this case, a Google spokesperson told Gizmodo the surveillance vendor used “several novel and unseen exploitation techniques to bypass existing defensive mitigations.” That, the spokesperson said, suggests the vendor is well funded.

Though the CVE-2021-0920 vulnerability was patched last September in response to Google’s research, they say the exploit was identified before 2016 and reported on the Linux Kernel Mailing List. A proper patch was offered up at the time, but Linux Foundation developers ultimately rejected it. Google shared the public Linux kernel email thread from the time which shows disagreement on whether or not to implement the patch.

“Why would I apply a patch that’s an RFC, doesn’t have a proper commit message, lacks a proper signoff, and also lacks ACK’s and feedback from other knowledgable developers,” one developer wrote.

Responding to the Surveillance-for-Hire Era

Google has ramped up its efforts to spot and publicly identify spyware groups in recent years, partly in response to the sheer increase in the number of attacks. In testimonial delivered to the House Intelligence Committee earlier this year, Google Threat Analysis Group Director Shane Huntley said, “the growth of commercial spyware vendors and hack-for-hire groups has necessitated growth in TAG [threat analyses groups] to counter these threats.”

Huntley said his team’s recent findings suggest advanced commercial spyware firms, like Israel-based NSO Group, have managed to acquire hacking capabilities once reserved to the world’s most advanced state-sponsored intelligence agencies. The use of those techniques, which can include zero click exploits that take over a device potentially without a user ever engaging with malicious content, appear to be increasing and are being carried out at the behest of governments, Huntley suggested. Seven of the nine zero-day exploits discovered by Huntley’s team last year were reportedly developed by commercial providers and sold to state-sponsored actors. Highly technical surveillance techniques, once available to only a select group of countries, can now simply be purchased by the highest bidder.

“These vendors are enabling the proliferation of dangerous hacking tools, arming nation state actors that would not otherwise be able to develop these capabilities in-house,” Huntley said. “While use of surveillance technologies may be legal under national or international laws, they are found to be used by some state actors for antithetical purposes to democratic values: targeting dissidents, journalists, human rights workers, and opposition party politicians.”

“This industry appears to be thriving.” Huntley said.

Lucas Ropek contributed reporting.

.

Categories
Technology

SpaceX Avoids Explosion in Test of Starship Booster

The static fire test of Booster 7, in which one of the rocket's 33 Raptor engines was ignited.

The static fire test of Booster 7, in which one of the rocket’s 33 Raptor engines was ignited.
photo: SpaceX

Engineers at SpaceX have performed the first static fire test of Booster 7, a prototype of the Super Heavy first stage. The test, in which just one of the booster’s 33 Raptor engines was ignited, moves the company closer to its first orbital test of the revolutionary Starship system.

The test happened on August 8 at SpaceX’s Starbase facility in Boca Chica, Texas, according to a company tweet. Ground teams completed a single Raptor engine static fire test as the 227-foot-tall (69 meters) booster stood vertically at the “Mechazilla” launch tower. Booster 7 is equipped with 33 Raptor engines, but SpaceX, in a rare moment of caution, chose to ignite just one.

Encouragingly, a pair of spin-prime tests conducted earlier in the day did not result in an burst. SpaceX avoided a repeat of the July 11 incident in which a gaseous mixture of methane and oxygen was accidentally ignited, causing a significant explosion directly beneath the booster.

Spin-prime tests, in which propellants are pumped through the engines without igniting them, are typically done in preparation of static fire tests (static fire tests involve engine burns without an actual launch of the rocket). They’re done to test the plumbing, but the gasses produced during the July 11 spin-prime test got ignited by an unknown source. The resulting explosion damaged the prototype booster, sending it back to the Starbase factory for repairs.

Booster 7 returned to the launch pad on August 6 following the re-installation of 20 of the rocket’s 33 Raptor engines, accordingly to Teslarati. On August 8, “clearly indicative of a much more cautious second attempt at engine testing, SpaceX ‘primed’ just one of those 20 Raptors by flowing high-pressure gas through the engine to spin up its turbopumps without igniting its preburners (used to generate the gas that powers the turbopumps) or main combustion chamber,” as Teslarati reports.

Later that day, SpaceX ignited the lone Raptor engine. The company have you performed a static fire test of a Starship booster prototype before, but this marks the first static fire test of Booster 7, even if limited in scale. The test appeared to go smoothly, with the engine firing and shutting down following a four-second burn. Not content to stop there, SpaceX also performed static fire tests of two Raptors on an upper stage, namely the prototype Starship 24.

It’s a small step for Starship, but a potentially big leap for SpaceX, as it works to develop its revolutionary heavy launch system. The booster is the first stage of the fully reusable two-stage rocket, with the Starship spacecraft serving as the upper stage. SpaceX envisions Starship as a platform for delivering passengers and cargo to deep space, including future missions to Mars. It’s also NASA’s current first choice to serve as the human landing system for Artemis 3, scheduled for no earlier than 2025.

Both Starship stages are powered by Raptor engines, which are more powerful than the Merlin engines used on the company’s Falcon 9 rockets. The Starship upper stage has already completed a series of suborbital tests, including a successful vertical landing on May 5, 2021. A launch of the fully stacked system has yet to take place, but SpaceX expects to perform an orbital test at some point this year. CEO Elon Musk expects this test will fail, saying a successful orbital test could happen at some point within the next 12 months.

The sight of a single Raptor engine burn is impressive, making it hard to imagine what it’ll look like when all 33 Raptor engines are set to go-mode. The successful test on August 8 suggests a full-fledged static fire test of Booster 7 is closely approaching.

More: Gigantic Crowds Expected for Inaugural Launch of NASA’s Mega Rocket.

.

Categories
Technology

Experimental Earbuds Can Detect Ear Infections With a Chirp

A picture of the galaxy buds pro worn in ear

photo: Gizmodo

Do you remember how your parents tried to convince you to eat your vegetables as a kid by promising they were good for your health? That’s the same tactic a lot of wearable makers are using today, by adding health-tracking features to devices like smartwatches. Now, researchers have developed a way for earbuds to track your ear health, too.

Every time Apple holds an event, it spends a few minutes touting the health benefits of wearing an Apple Watch, which has heart rate tracking features that can potentially identify heart problems before they become a serious complication. Yot’s also rumored that the long overdue update to Apple’s AirPods Pro wireless earbuds will potentially include body temperature measuringallowing the devices to detect a fever: an early symptom of countless other conditions.

It turns out the inherent capabilities of earbuds—namely blasting sound into your ears—also allows them to potentially detect conditions that can afflict the inner ear and the ear canal, as researchers from the University of Buffalo have found with an experimental device they’ve called EarHealth.

A diagram of the EarHealth system

What’s most interesting about EarHealth is that it relies on earbuds that more or less feature off-the-shelf hardware, although with an upgraded microphone inside designed to pick up sounds in the ear, not around the wearer. Based on shared images of the prototype, the EarHealth doesn’t even appear to rely on wireless earbuds, although an official release on the research on the University of Buffalo website does specifically mention the use of Bluetooth earbuds—which is good, because none of us want to go back to wires.

whereas the Apple Watch uses optical detection tricks to monitor heart health, the EarHealth uses sound instead. The earbuds emit a quick chirp which reverberates through the ear canal, producing unique sounds and echoes which are captured by the microphone. The captured sounds are then processed by a custom app on a connected smartphone that relies on a deep learning algorithm to generate a profile of the user’s inner ear geometry.

The first chirp is done while the user is healthy to generate a baseline profile of their inner ear, while later chirps, which can be regularly scheduled, generate profiles that are compared against the original to spot differences. estos can be used to diagnose one of three different conditions: earwax blockage, ruptured ear drums, and otitis media, which is a common infection or inflammation of the middle ear caused by colds or sore throats.

In tests done with 92 users that included 27 healthy subjects, 22 with ruptured eardrums, 25 with a confirmed case of otitis media, and 18 with earwax causing a blockage, the EarHealth had a diagnosis accuracy of 82.6%, but that can potentially be improved as the researchers refine both the hardware and the sample base of users. The benefit to using AI-powered algorithms is that they will continue to improve and become more accurate at making diagnoses over time as more sample data is made available.

.

Categories
Technology

Researchers Have Taught Machines How to Follow Lego Instructions

The enduring appeal of Lego comes not from the complexity of the sets, nor the adorable minifigure versions of pop culture icons, but from the build process itself, and turning a box of seemingly random pieces into a completed model. It’s a satisfying experience, and another one that robots might steal from you one daythanks to researchers at Stanford University.

Lego’s instruction manuals are a masterclass in how to visually convey an assembly process to a builder, no matter what their background is, their experience level, or what language they speak. Pay close attention to the required pieces and the differences between one image of the partly-assembled model and the next, and you can figure out where all the pieces need to go before moving on to the next step. Lego has refined and polished the design of its instruction manuals over the years, but as easy as they are for humans to follow, machines are only just learning how to interpret the step-by-step guides.

One of the biggest challenges when it comes to machines learning to build with Lego is interpreting the two-dimensional images of the 3D models in the traditional printed instruction manuals (although, several Lego models can now be assembled through the company’s mobile app, which provides full 3D models of each step that can be rotated and examined from any angle). Humans can look at a picture of a Lego brick and instantly determine its 3D structure in order to find it in a pile of bricks, but for robots to do that, the researchers at Stanford University had to develop a new learning-based framework they call the Manual-to-Executable-Plan Network—or, MEPNet, for short-as detailed in a recently published paper.

Not only does the neural network have to extrapolate the 3D shape, form, and structure of the individual pieces identified in the manual for each step, it also needs to interpret the overall shape of the semi-assembled models featured in every step, no matter their orientation. Depending on where a piece needs to be added, Lego manuals will often provide an image of a semi-assembled model from a completely different perspective than the previous step did. The MEPNet framework has to decipher what it’s seeing, and how it correlates to the 3D model it generated as illustrated in previous steps.

photo of lego instruction converted into a 3D model by machine learning

screenshot: Ruocheng Wang, Yunzhi Zhang, Jiayuan Mao, Chin-Yi Cheng, and Jiajun Wu

The framework then needs to determine where the new pieces in each step fit into the previously generated 3D model by comparing the next iteration of the semi-assembled model to previous ones. Lego manuals don’t use arrows to indicate part placement, and at the most will use a slightly different color to indicate where new pieces need to be placed—which may be too subtle to detect from a scanned image of a printed page. The MEPNet framework has to figure this out on its own, but what makes the process slightly easier is a feature unique to Lego bricks: the studs on top, and the anti-studs on the underside that allow them to be securely attached to each other. MEPNet understands the positional limitations of how Lego bricks can actually be stacked and attached based on the location of a piece’s studs, which helps narrow down where on the semi-assembled model they can be attached.

So can you drop a pile of plastic bricks and a manual in front of a robot arm and expect to come back to a completed model in a few hours? Not quite yet. The goal of this research was to simply translate the 2D images of a Lego manual into assembly steps a machine can functionally understand. Teaching a robot to manipulate and assemble Lego bricks is a whole other challenge—this is just the first step—although we’re not sure if there are any Lego fans out there who want to pawn off the actual building process on a machine.

Where this research could have more interesting applications is potentially automatically converting old Lego instruction manuals into the interactive 3D build guides included in the Lego mobile app now. And with a better understanding of translating 2D images into three-dimensional brick-built structures, this framework could potentially be used to develop software that could translate images of any object and spit out instructions on how to turn it into a Lego model.

.

Categories
Technology

Higround Unveils Sonic the Hedgehog Themed Keyboard Collection

Photo of a Sonic the Hedgehog Keyboard

the sonic the hedgehog video games are more or less about one thing: blasting through a level with as much speed as possible. So as lovely as this Sonic-themed keyboard from Higround is, it seems almost antithetical to the spirit of the games, at least if you don’t have all your key positions perfectly memorized.

The keyboard is part of a new ‘capsule collection’ (yes, we’re just as upset about writing those words as you are about reading them) from Higround, who partnered with Sega to help pay tribute to the company’s most recognizable characters and one of its most beloved consoles.

Image for article titled These Sonic the Hedgehog Themed Keyboards Could Ironically Slow Your Typing Speed

The collection includes t-shirts, pants, bags, keycap sets, and even mouse pads, but the highlight definitely has to be the three heavily-themed keyboards. The most flamboyant of the bunch features elaborately decorated keys (with TTC Speed ​​Silver switches underneath) recreating the iconic Green Hill Zone from the first sonic the hedgehogwhile a slightly more subtle alternative mirrors the key art for sonic adventure 2.

The last keyboard of the bunch pays homage to the Dreamcast, with the console’s logo on the space bar and the arrow keys matching the colors and labels from its controller’s action buttons. Each keyboard appears to be completely free from labels to prioritize the artwork on the keycaps, but in reality, the alphanumeric labels have been moved onto the side of each key for aesthetic reasons, prioritizing form over function. At least there’s some form of safety net.

Higround’s Sega collection officially becomes available starting at noon, PST, on August 5, through the company’s website. Wthread pricing hasn’t been revealed for any of the items yet, other keyboard releases from the company have ranged in price from $135 to $145.

.

Categories
Technology

James Gunn Confirms No Eros

Image for article titled Guardians of the Galaxy Vol. 3 Won't See One Big Cosmic Character's Return

screenshot: Marvel Studios

Godzilla vs. king 2 you have begun filming. Jameela Jamil talks she hulk‘s Titania. Plus, good news for moonhavenand what’s coming on Westworld, ghostsand Primal. Spoilers away!

Image for article titled Guardians of the Galaxy Vol. 3 Won't See One Big Cosmic Character's Return

Mission: Impossible – Dead Reckoning

dead line reports Holt McCallany (mind hunter) have joined the cast of Mission: Impossible – Dead Reckoning as Bernstein, the United States Secretary of Defense.


creepers

Bloody-Disgusting reports Jake Manley, Adeline Rudolph, Francesca Reale, Laurence O’Faurain, Nicholas Hamilton, Javier Botet, Skylan Brooks, and Kai Caster will star in the film adaptation of David Morrell’s creepers. Manley will play Rick, “the official leader of the Creepers” while Rudolph plays Diane, “the unofficial leader of the group, and Rick’s rebellious, defying, impulsive girlfriend.” Reale has been cast as Cora, “a parkour expert and the key in the group who opens doors wherever they’re closed while keeping everyone honest” while O’Faurain joins as Balenger, “a mysterious, brooding, powerful stranger with a secret and who isn’t who he says he is.” Hamilton is said to play Tod, “leader of the Scavengers, a rival urbex group and who is particularly cruel and vicious” opposite Botet as the supernatural Pale Creature” whose domain is the abandoned Paragon Hotel.” Brooks has been cast as Vernon, “the 4th Creeper, a wise-cracking tech-nerd who is not doing a good job of hiding his true feelings for Cora” while Caster rounds out the cast as JD, a former Creeper “exiled after breaking their code and further betraying them by joining the rival Scavs.”


Guardians of the Galaxy, Vol. 3

During a recent interview with Extra, James Gunn confirmed Harry Styles’ Eros/Starfox does not appear in Guardians of the Galaxy, Vol. 3.

Nope. I’m setting the record straight. Starfox doesn’t pop up.

James Gunn Says Harry Styles’ Starfox Is NOT in Guardians of the Galaxy Vol. 3 (Exclusive)


Shazam! Fury of the Gods

Meanwhile, David F. Sandberg confirmed Rizwan Manji appears as an unnamed character in Shazam! Fury of the Gods.


Godzilla Vyes king 2

Godzilla vs. Kong 2 is currently filming under the working title Origins.


Kung Fu

dead line reports Kim Rhodes and Ben Levin have joined the third season of Kung Fu in recurring roles. Rhodes will play Carrie, “the representative of a restaurant investment group that takes an interest in Harmony dumplings” while Levin has been cast as Bo, “a barista/vigilante whose extracurricular crime fighting leads to a collision with Nicky and her siblings.”


moonhaven

moonhaven has been officially renewed for a second season at AMC+. [Deadline]


She-Hulk: Attorney at Law

Jameela Jamil described her character Titania as both “annoying” and “unselfconscious” in a recent interview with ScreenRant.

Titania stands out because I think she’s the most annoying of them, actually. I think she almost does n’t need to use her strength from her; she could just annoy you to death. And I think that is a superpower that we haven’t really utilized enough.

She’s also very glamorous. I like the fact that she’s a bit curvy, and I like the fact that she’s completely unselfconscious. Ella she’s completely unselfconscious and so, so weird. We’ll see.


ghosts

ghosts has released a “this year on…” trailer for its second season premiering on September 29.

Ghosts Season 2 Teaser Promo


Westworld

The hosts endure spiritual conversion in the trailer for “Metanoia,” next week’s episode of Westworld.

Westworld 4×07 “Metanoia” Promo


Primal

Finally, Spear and Fang battle vikings in a new clip from this week’s episode of Primal.

Primal | S2E4 Sneak Peek: Spear and Fang Battle the Warrior Clan | adult swim


Banner art by Jim Cook

Want more io9 news? Check out when to expect the latest Marvel and starwars releases, what’s next for the DC Universe on film and TVand everything you need to know about House of the Dragon and Lord of the Rings: The Rings of Power.

.