Adium vulnerable to remote code execution via libpurple

Adium is a popular instant messaging client for MacOS (OSX) that incorporates libpurple. The current release (1.5.10.2) is vulnerable to CVE-2017-2640 in libpurple, which permits execution of arbitrary code on the client.The Adium team has been aware of the vulnerability since at least March 15, but has not released an advisory to its users, for reasons unknown. Continue reading “Adium vulnerable to remote code execution via libpurple”

Breaks Observed in the Mars Rover Wheel Treads

A routine check of the aluminum wheels on NASA’s Curiosity Mars rover has found two small breaks on the rover’s left middle wheel—the latest sign of wear and tear as the rover continues its journey, now approaching the 10-mile (16 kilometer) mark.

The mission’s first and second breaks in raised treads, called grousers, appeared in a March 19 image check of the wheels, documenting that these breaks occurred after the last check, on Jan. 27.”All six wheels have more than enough working lifespan remaining to get the vehicle to all destinations planned for the mission,” said Curiosity Project Manager Jim Erickson at NASA’s Jet Propulsion Laboratory, Pasadena, California. “While not unexpected, this damage is the first sign that the left middle wheel is nearing a wheel-wear milestone,”The monitoring of wheel damage on Curiosity, plus a program of wheel-longevity testing on Earth, was initiated after dents and holes in the wheels were seen to be accumulating faster than anticipated in 2013. Testing showed that at the point when three grousers on a wheel have broken, that wheel has reached about 60 percent of its useful life. Curiosity already has driven well over that fraction of the total distance needed for reaching the key regions of scientific interest on Mars’ Mount Sharp.Curiosity Project Scientist Ashwin Vasavada, also at JPL, said, “This is an expected part of the life cycle of the wheels and at this point does not change our current science plans or diminish our chances of studying key transitions in mineralogy higher on Mount Sharp.”Curiosity is currently examining sand dunes partway up a geological unit called the Murray formation. Planned destinations ahead include the hematite-containing “Vera Rubin Ridge,” a clay-containing geological unit above that ridge, and a sulfate-containing unit above the clay unit.

Source: NASA

Welcome to the Android O Developer Preview!

Welcome to the Android O Developer Preview! You can download system images for a range of hardware devices that you can use for testing your app, from phones to tablets and TV.

https://developer.android.com/preview/download.html

To flash a system image:

  1. Download the appropriate system image for your device below, then unzip it to a safe directory.
  2. Connect your device to your computer over USB.
  3. Start the device in fastboot mode with one of the following methods:
    • Using the adb tool: With the device powered on, execute:adb reboot bootloader
    • Using a key combo: Turn the device off, then turn it on and immediately hold down the relevant key combination for your device. For example, to put a Nexus 5 (“hammerhead”) into fastboot mode, press and hold Volume Up + Volume Down + Power as the device begins booting up.
  4. If necessary, unlock the device’s bootloader using one of the following methods:
  5. If you are updating a Nexus 5X or Nexus 6P device using the hammerhead or angler builds, update your fastboot tool to the latest available version (>=23.0.1), and then run this command:fastboot flashing unlock
  6. If you are updating an older device, run this command:fastboot oem unlock

    The target device will show you a confirmation screen. (This erases all data on the target device.)

  7. Open a terminal and navigate to the unzipped system image directory.
  8. Execute the flash-all script. This script installs the necessary bootloader, baseband firmware(s), and operating system.

If you need the manual version, then the Nexus 6p steps is as follows:

./fastboot flash bootloader <bootloader file name here>.img
./fastboot flash radio <radio file name here>.img
./fastboot reboot-bootloader
./fastboot flash recovery recovery.img
./fastboot flash boot boot.img
./fastboot flash system system.img
./fastboot flash vendor vendor.img
./fastboot reboot

Once the script finishes, your device reboots. You should now lock the bootloader for security:

  1. Start the device in fastboot mode again, as described above.
  2. Execute:
    fastboot flashing lock
    or, for older devices, run:
    fastboot oem lock

Locking bootloader will wipe the data on some devices. After locking the bootloader, if you want to flash the device again, you must run fastboot oem unlock again, which will wipe the data.

The First View of TRAPPIST-1

See that black and white blob? That amorphous arrangement of pixels? That’s the newly discovered TRAPPIST-1 system, current darling of exoplanetary enthusiasts and alien-life optimists.

As announced last week, scientists identified seven Earth-sized planets orbiting the star, which appear to be rocky and temperate.

It’s an indirect picture of “shadows” of the planets, but a picture nonetheless. The gif is so, well, blobby, because it takes up such a tiny part of Kepler’s 95 megapixel camera: just 11 by 11 pixels.

“You absolutely are looking at a picture from a camera,” says Jessie Dotson, K2 Project Scientist, told me in a phone interview. “Kepler is essentially a really huge camera… but we don’t downlink all of that data. We just downlink the pixels, the part of the sky around the stars we’re interested in.”

“Imagine zooming into an image taken on your phone and only looking at 11×11 pixels,” Ethan Kruse, astronomer and graduate student at University of Washington explained via email.

Source: Here’s Our First View of TRAPPIST-1, the Alien Solar System With Earth-Sized Planets – Motherboard

Three Rockets Launched within Hours Explore Auroras over Alaska

Three NASA rockets carrying instruments into active auroras over Alaska to aid scientists studying the northern lights and the interactions of the solar wind with Earth’s upper atmosphere and ionosphere were launched within a nearly two-hour period March 2, 2017.

The instruments were successfully carried on Black IX sounding rockets from the Poker Flat Research Range north of Fairbanks. The first two rockets were launched nearly simultaneously at 12:41 a.m. and 12:42:30 a.m. EST as part of the Neutral Jets in Auroral Arcs mission. The third rocket launched at 2:50 a.m. EST was part of the Ionospheric Structuring: In Situ and Groundbased Low Altitude StudieS or ISINGLASS mission.

Preliminary reports indicate that data was received from instruments aboard all three rockets.

Phil Eberspeaker, chief of the Sounding Rocket Program Office, said,

“The ability to successfully launch these three rockets is a testament to the capabilities of the range, science and sounding rocket teams. Great coordination is required to institute the complex countdown required to prepare and launch three rockets in a short period. The team did a fantastic job executing these launches.”

Neutral Jet scientists at NASA’s Goddard Space Center in Greenbelt, Maryland, explain that electric fields drive the ionosphere, which, in turn, are predicted to set up enhanced neutral winds within an aurora arc. This experiment seeks to understand the height-dependent processes that create localized neutral jets within the aurora.

Flying the two similar payloads simultaneously to different altitudes provided researchers unprecedented vertical measurements within an aurora. The first rocket flew to an altitude of 205 miles of above the Earth and the second flew to 118 miles.

The third rocket, flown to 227 miles altitude, was preceded by another ISINGLASS launch on Feb. 22. As with the first rocket, the payload included the deployment of a sub-payload and also several instrumented deployable canisters. The use of these various miniature subsystems and the main payload will give researchers a multipoint view of spatial structures within the aurora.

Kristina Lynch, ISINGLASS principal investigator from Dartmouth College in Hanover, New Hampshire, said, “The visible light produced in the atmosphere as aurora is the last step of a chain of processes connecting the solar wind to the atmosphere. We are seeking to understand what structure in these visible signatures can tell us about the electrodynamics of processes higher up.”

The three rockets launched were part of five launched in January through March from the Poker Flat Research Range, operated by the University of Alaska Fairbanks, to study auroras. The Polar Night Nitric Oxide mission, from Va. Tech in Blacksburg, flew successfully on January 27.

The five launches from Alaska are supported through NASA’s Sounding Rocket Program at the agency’s Wallops Flight Facility at Wallops Island, Virginia, which is managed by NASA’s Goddard Space Flight Center in Greenbelt, Maryland. Orbital ATK provides mission planning, engineering services and field operations for the NASA Sounding Rocket Operations Contract. NASA’s Heliophysics Division manages the sounding-rocket program for the agency.

NASA/Terry Zaperach