Short Takes – 5-21-24

Space Force and Starfish Space lay out their roadmap for satellite docking mission. GeekWire.com article. Pull quote: “The Otter project will draw upon the $37.5 million in funding from the Space Force as well as $30 million in past and future venture capital investment, Starfish said. The aim of the demonstration mission will be to send an Otter spacecraft to geostationary Earth orbit, or GEO, to dock with and maneuver national security assets. The specific assets to be maneuvered and the detailed plan for operations have not yet been made public.”

"Securable" by Design. WHMurray.blogspot.com post. Pull quote: “By habit and culture, engineers use a complete specification for a system. By contrast, IT developers often work from a specification that is less than complete. A complete specification includes an expression or description:”

IT Cybersecurity Specialist. USAJobs.gov CSB job announcement. Summary: “This position is part of the Chemical Safety and Hazard Investigation Board. The incumbent is the Deputy CIO and will be responsible for serving as the agency's senior expert and consultant on the design, development, and integration of information technology (IT) systems.”  Job closes May 24^th, 2024.

Periodic Graphics: The chemistry of hydrangea color changes. CEN.ACS.org chemistry graphic. Pull quote: “Hydrangeas change colors depending on soil acidity. Here we take a look at the science behind their varying colors and how you can fine tune their hues with soil additives.”

Taking Down Big Laundry. SlugSec.UCSC.edu blog post. An interesting hacker report. Pull quote: “Injecting more realistic amounts such as $50 or $100, however, seems to fly under their radar. Our test transactions with smaller denominations are still present 5 months later.”

Why Your Wi-Fi Router Doubles as an Apple AirTag. KrebsOnSecurity.com article. This may have interesting positional security implications. Pull quote: “Plotting the locations returned by Apple’s WPS between November 2022 and November 2023, Levin and Rye saw they had a near global view of the locations tied to more than two billion Wi-Fi access points. The map showed geolocated access points in nearly every corner of the globe, apart from almost the entirety of China, vast stretches of desert wilderness in central Australia and Africa, and deep in the rainforests of South America.”

Hazard Communication Standard. Federal Register OSHA final rule. Way too complex to be summarized in even a series of blog posts. Summary: “The agency has determined that the revisions in this final rule will enhance the effectiveness of the HCS by ensuring employees are appropriately apprised of the chemical hazards to which they may be exposed, thus reducing the incidence of chemical-related occupational illnesses and injuries. The modifications to the standard include revised criteria for classification of certain health and physical hazards, revised provisions for updating labels, new labeling provisions for small containers, new provisions related to trade secrets, technical amendments related to the contents of safety data sheets (SDSs), and related revisions to definitions of terms used in the standard.”

ARPA-H announces program to automate cybersecurity for health care facilities. ARPA-H.gov press release. Pull quote: “Filling this gap in digital health security will take expertise from IT staff, medical device manufacturers and vendors, health care providers, human factors engineers, and cybersecurity experts to create a tailored and scalable software suite for hospital cyber-resilience. The UPGRADE platform will enable proactive evaluation of potential vulnerabilities by probing models of digital hospital environments for weaknesses in software. Once a threat is detected, a remediation (e.g., patch) can be automatically procured or developed, tested in the model environment, and deployed with minimum interruption to the devices in use in a hospital.” Hospitals are nearly as cyber complex as modern manufacturing facilities, it will be interesting to see how this works out.

Mars rover mission will use pioneering nuclear power source. Nature.com article. Pull quote: “ESA’s heater units will not only be a first for Europe, but the first anywhere to use americium-241, a by-product of plutonium decay that packs less power per gram than its predecessor. But americium-241 is more abundant and cheaper, meaning that even if the RHUs require more of the isotope to run, they might be less expensive overall. “Developing and launching a European RHU will be a first for ESA and a major achievement,” says Sutherland.”