If predictions hold steady, nearly half of the United States will be covered in snow by the time this post goes live, with the Northeast potentially getting buried under more than 18 inches. According to the National Weather Service, the “unusually expansive and long-duration winter storm will bring heavy snow from the central U.S. across the Midwest, Ohio Valley, and through the northeastern U.S. for the remainder of the weekend into Monday.” If that sounds like a fun snow day, they go on to clarify that “crippling to locally catastrophic impacts can be expected”, so keep that in mind. Hopefully you didn’t have any travel plans, as CNBC reported that more than 13,000 flights were canceled as of Friday night. If you’re looking to keep up with the latest developments, we recently came across StormWatch (GitHub repo), a slick open source weather dashboard that’s written entirely in HTML. Stay safe out there, hackers.

Speaking of travel, did you hear about Sebastian Heyneman’s Bogus Journey to Davos? The entrepreneur (or “Tech Bro” to use the parlance of our times) was in town to woo investors attending the World Economic Forum, but ended up spending the night in a Swiss jail cell because the authorities thought he might be a spy. Apparently he had brought along a prototype for the anti-fraud device he was hawking, and mistakenly left it laying on a table while he was rubbing shoulders. It was picked up by security guards and found to contain a very spooky ESP32 development board, so naturally he was whisked off for interrogation. A search of his hotel room uncovered more suspicious equipment, including an electric screwdriver and a soldering iron. Imagine if a child had gotten their hands on them?

But the best part of the story is when Sebastian tries to explain the gadget’s function to investigators. When asked to prove that the code on the microcontroller wasn’t malicious, he was at a loss — turns out our hero used AI to create the whole thing and wasn’t even familiar with the language it was written in. In his own words: “Look, I’m not a very good hardware engineer, but I’m a great user of AI. I was one of the top users of Cursor last year. I did 43,000 agent runs and generated 25 billion tokens.” Oof. Luckily, the Swiss brought in a tech expert who quickly determined the device wasn’t dangerous. He was even nice enough to explain the code line-by-line to Sebastian before he was released. No word on whether or not they charged him for the impromptu programming lesson.

It wasn’t hard for the Swiss authorities to see what was inside the literal black box Sebastian brought with him, but what if that wasn’t possible? Well, if you’ve got an x-ray machine handy, that could certainly help. The folks at Eclypsium recently released a blog post that describes how they compared a legit FTDI cable with a suspect knock-off by peering at their innards. What we thought was particularly interesting was how they were able to correctly guess which one was the real deal based on the PCB design. The legitimate adapter featured things like ground pours and decoupling caps, and the cheap one…didn’t. Of course, this makes sense. If you’re looking to crank something out as cheaply as possible, those would be the first features to go. (Editor’s note: sarcasm.)

It doesn’t take an x-ray machine or any other fancy equipment to figure out that the Raspberry Pi 5 is faster than its predecessors. But quantifying just how much better each generation of Pi is compared to the other members of the family does require a bit more effort, which is why we were glad to see that The DIY Life did the homework for us. It’s not much of a spoiler to reveal that the Pi 5 won the head-to-head competition in essentially every category, but it’s still interesting to read along to see how each generation of hardware fared in the testing.

Finally, Albedo has released a fascinating write-up that goes over the recent flight of their Very Low Earth Orbit (VLEO) satellite, Clarity-1. As we explained earlier this week, operating at a lower orbit offers several tangible benefits to spacecraft. One of the major ones is that such an orbit decays quickly, meaning a spacecraft could burn up just months or even days after its mission is completed. For Albedo specifically, they’re taking advantage of the lower altitude to snap closeup shots of the Earth. While there were a few hiccups, the mission was overall a success, providing another example of how commercial operators can capitalize on this unique space environment.

See something interesting that you think would be a good fit for our weekly Links column? Drop us a line, we’ve love to hear about it.

Looking for a unique vacation spot? Have at least $10 million USD burning a hole in your pocket? If so, then you’re just the sort of customer the rather suspiciously named “GRU Space” is looking for. They’re currently taking non-refundable $1,000 deposits from individuals looking to stay at their currently non-existent hotel on the lunar surface. They don’t expect you’ll be able to check in until at least the early 2030s, and the $1K doesn’t actually guarantee you’ll be selected as one of the guests who will be required to cough up the final eight-figure ticket price before liftoff, but at least admission into the history books is free with your stay.

The whole idea reminds us of Mars One, which promised to send the first group of colonists to the Red Planet by 2024. They went bankrupt in 2019 after collecting ~$100 deposits from more than 4,000 applicants, and we probably don’t have to tell you that they never actually shot anyone into space. Admittedly, the Moon is a far more attainable goal, and the commercial space industry has made enormous strides in the decade since Mars One started taking applications. But we’re still not holding our breath that GRU Space will be leaving any mints on pillows at one-sixth gravity.

Speaking of something which actually does have a chance of reaching the Moon on time — on Saturday, NASA rolled out the massive Space Launch System (SLS) rocket that will carry a crew of four towards our nearest celestial neighbor during the Artemis II mission. There’s still plenty of prep work to do, including a dress rehearsal that’s set to take place in the next couple of weeks, but we’re getting very close. Artemis II won’t actually land on the Moon, instead performing a lunar flyby, but it will still be the first time we’ve sent humans beyond Low Earth Orbit (LEO) since Apollo 17 in 1972. We can’t wait for some 4K Earthrise video.

In more terrestrial matters, Verizon users are likely still seething from the widespread outages that hit them mid-week. Users from all over the US reported losing cellular service for several hours, though outage maps at the time showed the Northeast was hit particularly hard. At one point, the situation got so bad that Verizon’s own system status page crashed. In a particularly embarrassing turn of events, some of the other cellular carriers actually reached out to their customers to explain it wasn’t their fault if they couldn’t reach friends and family on Verizon’s network. Oof.

Speaking of phones, security researchers recently unveiled WhisperPair, an attack targeting Bluetooth devices that utilize Google’s Fast Pair protocol. When the feature is implemented correctly, a Bluetooth accessory should ignore pairing requests unless it’s actually in pairing mode, but the researchers found that many popular models (including Google’s own Pixel Buds Pro 2) can be tricked into accepting an unsolicited pairing request. While an attacker hijacking your Bluetooth headset might not seem like a huge deal at first, consider that it could allow them to record your conversations and track your location via Google’s Find Hub network.

Incidentally, something like WhisperPair is the kind of thing we’d traditionally leave for Jonathan Bennett to cover in his This Week in Security column, but as regular readers may know, he had to hang up his balaclava back in December. We know many of you have been missing your weekly infosec dump, but we also know it’s not the kind of thing that just anyone can take over. We generally operate under a “Write What You Know” rule around here, and that means whoever takes over the reins needs to know the field well enough to talk authoritatively about it. Luckily, we think we’ve found just the hacker for the job, so hopefully we’ll be able to start it back up in the near future.

Finally, we don’t generally promote crowdfunding campaigns due to their uncertain nature, but we’ll make an exception for the GameTank. We’ve covered the open hardware 6502 homebrew game console here in the past, and even saw it in the desert of the real (Philadelphia) at JawnCon 0x2 in October. The project really embraces the retro feel of using a console from the 1980s, even requiring you to physically swap cartridges to play different games. It’s a totally unreasonable design choice from a technical perspective, given that an SD card could hold thousands of games at once, but of course, that’s not the point. There’s a certain joy in plugging in a nice chunky cartridge that you just can’t beat.

See something interesting that you think would be a good fit for our weekly Links column? Drop us a line, we’ve love to hear about it.