A less code-heavy edition today to give y'all a break from git cloneing.

Warpgate

Perhaps the most ubiquitous cybersecurity problem in any organization (outside of not patching installed software) the lack of something called "network segmentation". MITRE ATT&CK (a globally accessible knowledge base of defender resources, including adversary tactics and techniques based on real-world observations) defines it this way (where the above link goes):

Architect sections of the network to isolate critical systems, functions, or resources. Use physical and logical segmentation to prevent access to potentially sensitive systems and information. Use a DMZ to contain any internet-facing services that should not be exposed from the internal network. Configure separate virtual private cloud (VPC) instances to isolate critical cloud systems.

"DMZ" is "demilitarized zone" (a sizable chunk of cyber folk like to think they're soldiers fighting wars for some daft reason); VPCs are just logically isolated virtual networks.

In "flat" (i.e. non-segmented), internal networks, every compute resource is available in user-space, including administrative interfaces. In organization cloud computing environments, non-segmented networks mean that services like databases and middleware APIs (along with administrative interfaces) are all laid bare on the hostile internet.

Organizations tend to have these flat networks and/or fully public cloud networks because it's "easier". It absolutely is easier for attacks — like ransomware campaigns — to succeed in these types of environments.

When networks are segmented, or isolated from each other, one does need a way to get to them to get work done. There are multiple ways to enable this access, with a popular one being the use of a bastion host — another (sigh) military term usurped by digital warriors, which is nothing more than a server whose purpose is to provide access to a private network from an external network.

Warpgate is a Rust-based SSH and HTTPS bastion host that runs on Linux. For SSH use, Warpgate receives SSH connections with specifically formatted credentials, authenticates the user locally, connects to the target itself, and then connects both parties together while (optionally) recording the session. This is somewhat different from traditional SSH bastion hosts known as "jump hosts", where you SSH to the bastion, then SSH to the target system from said bastion.

When connecting through HTTPS, Warpgate presents a selection of available targets, and will then proxy all traffic in a session to the selected target. You can switch between targets at any time.

It has a simple (deliberate use of that word vs my usual "straightforward") setup process, a single binary, and supports multifactor authentication.

The documentation is great, which means I can leave you in the capable hands of the developers, vs make you read even more walls of text here.

Leave a comment

Submillimeter-scale multimaterial terrestrial robots

This section title is also the title of a paper by a group of Northwestern University researchers. Here's the abstract:

Robots with submillimeter dimensions are of interest for applications that range from tools for minimally invasive surgical procedures in clinical medicine to vehicles for manipulating cells/tissues in biology research. The limited classes of structures and materials that can be used in such robots, however, create challenges in achieving desired performance parameters and modes of operation. Here, we introduce approaches in manufacturing and actuation that address these constraints to enable untethered, terrestrial robots with complex, three-dimensional (3D) geometries and heterogeneous material construction. The manufacturing procedure exploits controlled mechanical buckling to create 3D multimaterial structures in layouts that range from arrays of filaments and origami constructs to biomimetic configurations and others. A balance of forces associated with a one-way shape memory alloy and the elastic resilience of an encapsulating shell provides the basis for reversible deformations of these structures. Modes of locomotion and manipulation span from bending, twisting, and expansion upon global heating to linear/curvilinear crawling, walking, turning, and jumping upon laser-induced local thermal actuation. Photonic structures such as retroreflectors and colorimetric sensing materials support simple forms of wireless monitoring and localization. These collective advances in materials, manufacturing, actuation, and sensing add to a growing body of capabilities in this emerging field of technology.

Northwestern's, Amanda Morris also has a good (and a bit more accessible) intro:

Northwestern University engineers have developed the smallest-ever remote-controlled walking robot — and it comes in the form of a tiny, adorable peekytoe crab.

Just a half-millimeter wide, the tiny crabs can bend, twist, crawl, walk, turn and even jump. The researchers also developed millimeter-sized robots resembling inchworms, crickets and beetles. Although the research is exploratory at this point, the researchers believe their technology might bring the field closer to realizing micro-sized robots that can perform practical tasks inside tightly confined spaces.

…

Smaller than a flea, the crab is not powered by complex hardware, hydraulics or electricity. Instead, its power lies within the elastic resilience of its body. To construct the robot, the researchers used a shape-memory alloy material that transforms to its "remembered" shape when heated. In this case, the researchers used a scanned laser beam to rapidly heat the robot at different targeted locations across its body. A thin coating of glass elastically returns that corresponding part of structure to its deformed shape upon cooling.

It's super neat, and (IMO) super creepy tech that will be the stuff of nightmares for many days/weeks/years to come (how long before these are used to kill people or invade privacy?).

Northwestern also has a video that I'll leave you with to explore further.

Share

Terraforming Mars (FOSS)

FryxGames’ Teraforming Mars (TM) is a great board game. This is how they introduce it:

The taming of the Red Planet has begun!

Corporations are competing to transform Mars into a habitable planet by spending vast resources, and using innovative technology to raise temperature, create a breathable atmosphere, and make oceans of water. As terraforming progresses, more and more people will immigrate from Earth to live on the Red Planet.

In Terraforming Mars, you control a corporation with a certain profile. Play project cards, build up production, place your cities and green areas on the map, and race for milestones and awards!

Will your corporation lead the way into humanity’s new era?

TM has replaced Catan as the default "family game" at home, and there are official, digital versions of it that you can play in solo mode or online with others.

If you're already familiar with TM or want to explore the game for the first time, you can also do so for free! A group of developers have built a FOSS (GPLv3) version that you can run on your own (it's pretty straightforward) or play right now on their Heroku instance.

Go forth and make Mars great again!

FIN

Does anyone have the over/under on the final UK government resignations count? That's got to be some good action, unless Sky News is right. (In other news, Haas sure was right back in 2017 about the declining global order. It's a great book if you need some beach/cottage/camping reading.) ☮