Wednesday, April 25, 2012

LAN attack can put some Samsung TVs in endless restart loop

Researcher finds serious remote denial-of-service vulnerability in Samsung TV firmware

By Lucian Constantin
A vulnerability in the firmware of several network-enabled Samsung TV models and possibly Blu-ray players allows potential attackers to put the vulnerable devices into an endless restart loop that requires the intervention of a technician to terminate, according to independent security researcher Luigi Auriemma.
Auriemma discovered the flaw on April 19 and published a proof-of-concept exploit on his website. The bug is located in the code that allows Samsung devices to be controlled over the local area network (LAN) through special iOS or Android applications.
Auriemma performed his tests on a D6000 Samsung TV with the latest firmware installed, but according to the Google Play description of the "Samsung Remote" app for Android, the remote control feature is supported on TV models greater or equal to LCD 650, LED 6500, PDP 6500, LCD 550, LED 5500, PDP 5500 and Blu-ray device models greater or equal to BD-Player D5300, BD-HTS D5000, BD-AVR D7000 and BD-HDD Combo D6900/8200/8500/8900.
When the remote control app tries to connect for the first time to a Samsung TV, the TV displays a dialog on the screen asking the user to allow or deny the connection, Auriemma said in his public advisory. The initial data packet is sent over port 55000 and contains several fields with details about the remote device, including its name, MAC address and IP address.
However, if the controller name field contains invalid characters or a line break, the TV enters in an endless restart loop regardless of whether the user selects allow or deny on the dialog screen, Auriemma said.
For about five seconds the TV appears to operate normally. Then the controls stop working, both on the physical panel and on the TV remote, and after five more seconds the TV reboots.
This behavior repeats indefinitely until a technician intervenes using the service mode, which is possible because of the five seconds of normal operation after each reboot, Auriemma said. "The user can avoid the exploiting of the vulnerability by pushing the EXIT button on the controller when the message with allow/deny is displayed on the screen," he said.
Even though the network remote control feature is intended for Android or iOS devices, the control packet can be sent from any network-enabled computer. In fact, Auriemma's proof-of-concept exploit is packed as an .exe file.
This means that a potential attacker only needs to obtain access to the LAN that the TV has joined, in order to attack it. This can be done either by breaking into a wireless access point or by infecting a computer on the same network with malware.
Auriemma also found a secondary bug that causes the device to crash if the MAC address field in the data packet contains an overly long string. He suspects that this is because of a buffer-overflow vulnerability, but can't confirm it because he doesn't want to damage his TV. Many buffer overflow vulnerabilities can result in arbitrary code execution.
Auriemma didn't notify Samsung about the issues he found. "I wanted to report the problems to Samsung but an email address doesn't exist for these types of bugs," the researcher said.
Samsung did not immediately return a request for comment sent via email.

When touring the Large Hadron Collider, stay with your group

Tuesday, April 17, 2012

Space shuttle Discovery lands in Washington DC

Spaceship ends journey to Smithsonian atop 747; Washingtonians watch the skies

     The space shuttle Discovery, NASA's fleet leader and the world's most-flown spacecraft, arrived in Washington, D.C.Tuesday, where it will go on permanent display at the Smithsonian later this week.
The retired space plane was delivered to the nation's capital mounted to the space agency's Shuttle Carrier Aircraft, a modified Boeing 747 jumbo jet, on a final ferry flight that included a historic flyover of the National Mall and some of its nearby monuments and federal buildings.
The air- and spacecraft duo landed at Washington Dulles International Airport at 11:05 a.m. ET. The four-hour flight left the Kennedy Space Center in Florida at 7:00 a.m. ET, just after dawn. Guests at Kennedy's visitor complex and spectators along the space coast were treated to a final flyby of Discovery before the shuttle began its trip up the Eastern Seaboard.

The departure marked a final separation for Discovery and Kennedy Space Center, which had served as the shuttle's home base and launch site since it first arrived at the Florida spaceport atop the same carrier aircraft on Nov. 9, 1983. [ Photos: Discovery's Final Piggyback Flight in Pictures ]

In the three decades since, Discovery flew 39 missions — more than any other spacecraft in history — and logged more than a year in space. It became the first of NASA's three shuttles to be retired when it landed a final time from space on March 9, 2011.
Next stop: the Smithsonian Now on the ground at Dulles, Discovery — still atop the Shuttle Carrier Aircraft — will be moved to a remote apron at the airport where NASA has pre-staged large cranes to offload the orbiter starting on Wednesday.
On Thursday morning, Discovery will be rolled over to the Smithsonian National Air and Space Museum's Steven F. Udvar-Hazy Center, located adjacent to the airport, for a transfer ceremony. Many of the shuttle's former mission commanders, as well as Smithsonian and NASA officials, will take part in the public event, which will kick off a four-day "Welcome Discovery" festival at the northern Virginia museum.

By the end of the day Thursday, should all go as planned, Discovery will take its place in the Udvar-Hazy's James S. McDonnell Space Hangar as its centerpiece.
Discovery is replacing the shuttle prototype Enterprise, which had been on display at the museum since 2003. Enterprise will be flown to New York on April 23 to be displayed at the Intrepid Sea, Air and Space Museum this summer.
Leading the fleet into retirement Discovery is the first of NASA's now retired shuttle fleet to embark on a new mission as a museum exhibit.
In April 2011, NASA also awarded shuttle Endeavour to the California Science Center in Los Angeles and retained Atlantis for its own visitor complex at the Kennedy Space Center in Florida. Endeavour will depart for the west coast in September; Atlantis is scheduled to be rolled down the road two months later in November.
Discovery was first promised to the Smithsonian in 2008. The fleet leader, Discovery spent more than 365 days in space over the course of its 39 missions, more than any other vehicle to launch and return from Earth orbit.
The third of NASA's orbiters to enter service, Discovery deployed the Hubble Space Telescope and the Ulysses solar probe and was the first spacecraft to recover satellites from orbit. It also returned the shuttle program to flight after the losses of Challenger and Columbia in 1986 and 2003, respectively.
Discovery was the first shuttle to visit the International Space Station and delivered its largest laboratory, among other components.
Visit for continuing coverage of the delivery and display of NASA's retired space shuttles.

Monday, April 09, 2012

Five cool geek projects that could change your life. Or at the very least get you excited.


At the end of last week I slipped on a wet floor, did a wild, balletic (or so I thought) attempt to recover, and wrenched my knee and leg. The next four days were a blur of X-rays and Vicodin. Luckily nothing broken, but I've had better weekends.
I spent much of Saturday and Sunday browsing the Web and adding to my growing list of "Stuff I Must Write About". As an experiment, this week I'm going to give you a tasting menu of products and services you really should check out ...
* Shapeoko: This is a low cost Computer Numerical Control (CNC) machine for milling all kinds of materials, including plastics, woods, metals, and maybe even chocolate. The Shapeoko is available as a DIY, open source tool that can mill objects up to 7.87 inches along both X and Y axes, and 3.5 inches on the Z axis. You can use software such as Google Sketchup, Autodesk 123D, TinkerCAD, or Inkscape to create your objects. The mechanical parts-only kit is $199, the full kit is $649, and the premium kit, $999. The developers of the product are approaching this as a "jumpstart" kind of business and want 150 orders if they are to deliver any units at all. At the time of this writing they have 107 on order with 19 days to go ... I'd be surprised if they don't go to production. I might need one myself ...

* TinkerCAD: While I'm at it, check out TinkerCAD ... this is an impressive online service (written in JavaScript) for HTML5 compatible browsers with the WebGL library) that lets you create simple 3D objects and then print them using one of a number of fabricating services such as Shapeways. Rating: 5 out of 5

* Arena Partslist: If you have a need to create parts lists for any project, check this service out. It is cheap at $9 per user per month but free for personal use (for example, for your open source 3D fab projects). This is a slick, polished system that makes creating and managing a bill of materials extremely easy. Rating: 5 out of 5

* MongoDB: This NoSQL, free, open-source database is getting a lot of attention these days. Why? My theory is based on Darwinian evolution ... "looser" standards (in biology, less specialized genotypes) have a better chance of fitting a "natural" niche environment for success at survival (the dimensions of a "natural" niche aren't, in reality, so overly restrictive as to be unsurvivable for a reasonable number of individual implementations to flourish). As a friend of mine, John Hoebing, noted, "[MongoDB's] table/row/column replacement of collection/document/field is so much looser than [SQL]. Mongo [claims] that horizontal scalability is the killer app, but I'm guessing it's more the relaxed structure. Still, I am impressed, and am going to use [MongoDB] for my next db. Who doesn't need less structure?"

* Disk Doctor: So, is your OS X system running out of disk space? You've just installed an app or you started a new video project and you've got a warning that your startup disk is running out of space? Try Disk Doctor. It will scan your drive and examine your application caches, logs, extra languages (which can chew up a lot of space), your trash can, as well as your file and email downloads (the latter two items are usually minimal overheads) and at the click of a button, remove them. For $1.99 this utility is great value. Rating: 5 out of 5
Gibbs has a potpourri of products in Ventura, Calif. Your collection of delights to and follow him on Twitter (@quistuipater) and on Facebook (quistuipater).

Wednesday, April 04, 2012

Omnicorpdetroit Hackerspace Update

April Update
Hello Friends of OCD!  This Thursday, April 5th, is Open Hack night (8-11PM).  Come through, say hello, meet some new friends, and build something cool.  Starting this month we will be having a DJ spinning background music at the first open hack of each month.  Opening for our new First Thursday OHN we will have Kevin Sears bringing his large eclectic mix. If you cant make it out this Thursday, keep us in mind for our Third Thursday edition of OHN on April 19th. Also, this Thursday, is the monthly Detroit Locksport meeting.  This month will focus on something a bit more advanced: Picking Security Pins. More info can be found here:

Our Moped Mondays are also going strong.  Moped Mondays are every other Monday starting at 8pm.  This month we still have 2 more, on April 16th and April 30th.  Check out this beauty that Ted has been working on!  More info on Moped Mondays and the rest of Motor City Riot’s activities can be found here :

Lastly, we would also like to mention that our friends at the Digital Justice Coalition will be holding another Discotech at MOCAD on Sunday April 15th from 1pm-4pm.  Go check out what this great group of people are up to.  Here is a video from their last event:

Thanks for reading our update!  We appreciate your support
<3 OCD

Monday, April 02, 2012

Local Detroiter pushes recycling in Corktown

Fusion breakthrough

A plasma vortex forms inside an aneutronic fusion device and directly carries electrical current, without the need for turbines.
A small New Jersey company has reported a big step toward cracking nuclear fusion, the elusive energy source that many people regard as the Holy Grail of power.
Lawrenceville Plasma Physics Inc. said it has confined a gas at 1.8 billion degrees C. Its previous highest temperature was 1.1 billion degrees C, which it hit last year and which it says had stood as a fusion industry record since 1978.
As hot as the earlier 1.1 billion degrees C  might sound to you and me, it was too frigid to support LPP’s “aneutronic”  approach to fusion.
“The new work shatters those long-standing records, and, most importantly, achieves the temperature needed to burn aneutronic fuels,” the Lawrenceville, N.J.-based startup says in a press release.
Unlike today’s nuclear fission, nuclear fusion combines atoms, rather than splits them apart. Many people regard it as a potentially safe, cheap, CO2-free source of power that does not pose serious nuclear waste problems the way uranium-based fission does. It does not use uranium. Rather, it tends to deploy different forms of hydrogen, among other fuels.
The “aneutronic” form of fusion would use common hydrogen, rather than the isotopes of hydrogen on which several other fusion projects rely. (”Aneutronic” means “without neutrons” - normal hydrogen has no neutrons in its nucleus, just a proton).
If perfected, aneutronic fusion could be the ultimate of the ultimate power source, because it generates electricity directly, without using a turbine. Other forms of fusion, as well as nuclear fission, generate heat that creates steam (sometimes another gas) that drives a turbine.
But aneutronic requires severely higher temperatures than other forms of fusion, which theoretically operate at around 100 million-to-150 million degrees C. (And then there’s “cold fusion” which we’ll save for a rainy day; feel free to comment below).
Facing Fusion: LPP chief scientist Eric Lerner at work.
LPP’s 1.8 billion degrees in principle topples the temperature barrier. The accomplishment marks the second breakthrough of three that LPP says is necessary for it to commercialize fusion. LPP had already demonstrated that it can confine fuel long enough to burn it, at tens of nanoseconds.
Now for its third and final  trick: “We are still far from having sufficient density in the tiny hot regions to get net energy, but that is our next goal,” says Eric Lerner, LPP’s chief scientist.
LPP director of business development Derek Shannon told SmartPlanet that once it reaches sufficient densities, it will have also achieved a net balance of energy output to commercialize a fusion device. In over half a century of research and development, the fusion industry has not yet managed to achieve an economical “gain” of energy out compared to the energy required to produce fusion-based electricity.
Shannon said that LPP could commercialize its fusion device about four years after hitting the required density. It’s not clear how long that might take.
“The LPP research team is currently upgrading their fusion device to achieve the higher densities required for net energy, a goal they hope to achieve soon,” the press release states.
To reach 1.8 billion degrees C, the company is using a technology known as dense plasma force (DPF), which fires lighting-like magnetized plasma balls of fuel at each other in a compressed space.
LPP is experimenting with a hydrogen isotope, called deuterium, which is one of the two isotopes that “common” (neutronic) fusion uses (the other is tritium). LPP’s goal is to eventually use normal hydrogen and boron as its fuel.
Part of its vision is to install small, garage-sized 5 megawatt fusion devices to provide neighborhood power.
Other companies working on aneutronic fusion include Tri-Alpha Energy, a stealth startup in Irvine, Calif. Startup General Fusion of Burnaby, Canada, and Helion Energy of Redmond, Wash., are chasing “neutronic” fusion.
Between them and LPP, it’s looking more likely than ever that fusion could hit the market within a decade or so - which is faster than the large, international government backed projects like ITER in France and the National Ignition Facility at California’s Lawrence LIvermore National Laboratory will accomplish.

Drones coming to a sky near you as interest surges

 — Sharp-eyed dog walkers along the San Francisco Bay waterfront may have spotted a strange-looking plane zipping overhead recently that that looked strikingly like the U.S. stealth drone captured by Iran in December.
A few key differences: The flying wing seen over Berkeley is a fraction of the size of the CIA's waylaid aircraft. And it's made of plastic foam. But in some ways it's just like a real spy plane.
The 4 1/2-foot-wide aircraft, built by software engineers Mark Harrison and Andreas Oesterer in their spare time, can fly itself to specified GPS coordinates and altitudes without any help from a pilot on the ground. A tiny video camera mounted on the front can send a live video feed to a set of goggles for the drone's view of the world below.
"It's just like flying without all the trouble of having to be up in the air," Harrison said.
Thousands of hobbyists are taking part in what has become a global do-it-yourself drone subculture, a pastime that's thriving as the Federal Aviation Administration seeks to make the skies friendlier to unmanned aircraft of all sizes.
The use of drones in the U.S. by law enforcement and other government agencies has privacy advocates on edge. At the same time, some DIY drone flyers believe the ease of sending cheap pilotless planes and choppers airborne gives citizens a powerful tool for keeping public servants on the ground honest.
Drones are the signature weapon of U.S. wars in the 21st century. Just as Humvees became a presence on U.S. highways in the 1990s after the first war with Iraq, interest in non-military uses of drones from policing to farming is rising.
Government agencies currently need FAA permission on a case-by-case basis to fly drones domestically. Commercial use is banned except for a small number of waivers for companies building experimental aircraft. But lawmakers have instructed the agency to allow civilian use of drones in U.S. airspace by September 2015. The FAA is expected to take the first step this year by proposing rules that would permit limited use of small commercial drones.
Whether a border patrol drone the size of a single-engine passenger plane or a four-rotor police "quadcopter" equipped with gear to intercept cell phone signals, the increasing ease of aerial surveillance seems destined to be put to a constitutional test over privacy.
"Our concern is with all of the drones," said Jennifer Lynch, a staff attorney with the Electronic Frontier Foundation. Small aircraft are hard to see, and large drones can fly high enough to stay out of sight, she said. "I think they all pose different levels of privacy risk."
Lynch has sued the FAA for a list of the 300 waivers it has issued to allow drone use in the U.S. At the same time, she said drones in the hands of average citizens could have important uses.
Among the groups seeking to take advantage of the steep drop in price of drone technology are journalists who want to attach cameras to aircraft the size of small pizzas and that cost as much to buy — about $400 — as a one-hour helicopter rental for a photographer.
In the San Francisco Bay area, Occupy Wall Street activists built the so-called Occucopter designed to monitor police action against protesters from the sky.
In Idaho, wildlife biologists started using a drone for counting fish nets after a helicopter crash killed two colleagues and a pilot.
And researchers are developing techniques to use drones equipped with infrared sensors to detect patches of dry ground in orchards.
Hobbyists say drone prices have been driven down sharply even in the past two or three years mainly by the surge in popularity of smartphones. The chips smartphones use to determine whether they're being held vertically or horizontally or to locate themselves on a map are the same ones drones use to keep themselves flying straight, level and in the right direction.
The supply of such chips has spiked along with the use of smartphones, sending prices lower.
"Today if you have an iPhone or an Android, you basically have an autopilot in your pocket. You're just running the wrong app," said Chris Anderson, editor-in-chief of Wired magazine and founder of DIY Drones, an online community and company that sells drone kits and parts.
Anderson started DIY Drones in 2007 after spending the weekend building an electronic Lego robot and trying to fly a radio-controlled plane with his kids. The robot didn't impress the kids on its own, and the plane was hard to fly, Anderson said. So the family used the Legos to build a primitive autopilot and attached it to the plane. The kids thought it was cool for a few weeks, but Anderson became obsessed.
Anderson said safety is a top consideration of his group, and he supports strict observance of the FAA regulations developed in the 1970s to cover the amateur use of radio-controlled planes, which also apply to today's DIY drones. Those rules include restricting their altitude to 400 feet, requiring them to always be in view of their controller on the ground and prohibiting them from being flown over built-up areas.
That last rule reportedly led to trouble for some Los Angeles real estate agents, who were warned by police to stop using drones to take photos and video of homes for sale, according to the Los Angeles Times.
In Berkeley, Harrison and Oesterer spent more time tweaking wires and software than their drones spent in the air. Part of the reason was battery power: Their drones rely on the latest in lightweight laptop batteries to stay aloft but suck significantly more power. Still, both say would-be pilots don't need degrees in computer science or electrical engineering to send drones skyward.
Said Oesterer: "It's getting really close to plug-and-fly."