• 1 Post
  • 18 Comments
Joined 1 year ago
cake
Cake day: July 1st, 2023

help-circle






  • doesn’t even matter. what matters is the meta data. if the data from the list say you like science videos with emphasis on electrical engineering, star wars podcasts and mmorpg let’s plays - does that data go away apon history deletion. what about meta-meta data. if the meta data puts you on group X that receive content Y, does that go away apon history deletion. and what kind of integration does that get with the rest of the google knowledge about you…







  • Open source libraries doesn’t mean it’s free.

    Firstly, even open source can have commercial licensing and can be free only for non-commercial use.

    Secondly, the process of producing an image from the sensor isn’t a straight forward process, the compression and containerization is only one part. In order to get the final picture all sort of processing is needed, all needs to be tweaked and integrated to work together. dropping some rando library (even if compatible with the hardware) in the middle of that isn’t some plug and play affair.

    Lastly, while a format or a standard is free to use, the algorithms and code can be subject to patents and additional licenses. In the case of HEIF, as I understand it, it’s just a container format. it is based HVEC, and that has a long list of patents behind it.

    To quote this article

    If there’s one major downside to both HEVC and HEIF, it’s that they’re covered by patents that may need to be licensed for use in various apps and services. While this was also the case for the h.264 codec, the HEVC codecs cost more. And per usual in the tech world, the needs served by HEVC and HEIF are also covered by other, competing standards, many of them freely available.


  • I’m not an expert, but I have some related experience. could be that what I know is only true to a specific case, so if someone has a different answer, if doesn’t necessarily conflict. With that out of the way…

    Pictures aren’t magically turn into a specific format, something has to do the work - getting the data from the sensor, compress it, add meta data, maybe do some other processing and pass it on to be saved.

    Somebody has to make it happen. you can either pay some person in company to learn the documentation and implement it (write the code). this cost the time of development and maybe some license or support fee. The other way is to buy IP (intellectual property). basically this means buying the code to do the work then imbed it in the project. this, of course, cost money.

    A company developing a new phone needs to balance the cost of implementing a solution - what is most convenient for the end users, what do they need, what do they want, what is the demand for new features and how much does is cost to implement. maybe they already have the code for something similar and only need to do small modifications and integration.

    Now I bet JPEG is the cheapest, probably tons of IPs floating around, older implementations are a certainly for big companies. users know it and it just works for them 99.9% of the time.

    Basically, why do something new if the old works and potentially cost more money to do.



  • I guess I wasn’t clear, real time OS absolutely are in use (I just said real-time software). my point was that they aren’t the same as what most people know and experience. attacking them isn’t like attacking some random IoT device or “hacking” some random server or PC.

    In my experience, people don’t have a good idea of how satellites operate and articles like this one don’t help.

    btw, love your username!


  • This became too long for me to grammar and spell check… apologies in advance.

    If you are talking about raining satellites down on earth, rods from god style, than I can assure you the risk is theortic at best.

    Lets, as it’s said, start from the beginning. In order for a satellite to hit the surface of earth, it has to be big enough, massive enough and dense enough. Not a lot of satellites are in that category. probably non that can be turned into a proper kinetic energy weapon.

    Then it needs the right trajectory. Too shallow and the speed fall will be gradual, the satellite will break up to small bits that will, in the worst case, fall out of the sky in their respective terminal velocity. Too steep of a trajectory and it will burn it’s self completely.

    Now lets say we have the perfect satellite and the perfect trajectory for reaching the target, on top of it being vulnerable to cyber attack. We reach the biggest hurdle - fuel. Satellite don’t carry as much as you might think. The stuff is heavy and expensive. Satellites will typically use a lot of their fuel in their initial orbit insertion or will carry only what is needed to keep their said orbit as long as their mission dictates. Why is that important? because big changes in a satellite orbit are very costly in terms of energy, i.e. fuel.

    Ok, ok, lets pretend we have a satellite with all the above criteria and has enough fuel. Now we need to make the manoeuver. oops, the satellite engines can’t make it in one go. see, satellites use small thrusters to do most of their manoeuvring, as they mostly do station keeping or small orbital changes. So now we’re talking about a series of maneuvers in order to carry out the deadly plan. and do it without the original owners getting control back.

    But what if it did happen, you ask. Then I have more bad news. The satellite will be tracked, it’s trajectory calculated and a warning would be issued. The damage would be light, but will generate lots of headlines.


  • What people don’t understand is that satellies don’t run traditional OS. They run simple state machine firmares and real-time software. Also, you don’t interact with them with something like a command line and general shell commands. So even if a bug or vulnerability were to be found in some library, driver or firmware and it’s far from a vector for attack.

    A way more plausible way of gaining control is to attack the ground equipment. Anothr method will be learning the command and telemetry dictionary by careful observation of the communication (not trivial, but lets assume possible).

    Now you have the problem of what to do with the control. The usual fanciful doomsday scenario is diverting the satellite to hit another one. this is extremely unlikely, manoeuvring satellites isn’t like making a car take a turn, it take careful planning and execution. Even then it’s not fast, the other satellite operator can see it coming and do a small manoeuver to be able to dodge. On top of all that, lots of nano and small satellites have a very limited propulsion system if at all.

    The other alternative is to hurt it’s ability to operate, which is a way more easy. But again, there are simpler and easier ways to that - mostly by jamming and disrupting communication.

    In conclusion, not that I think cyber security in satellites shouldn’t be a thing, but that article, based on an academic study of the code of 3 firmwares from amateur to research level small-sats, doesn’t impress me much.