Monthly Archives: February 2020

Japanese robot could call last orders on human bartenders

Posted on by

The repurposed industrial robot serves drinks in is own corner of a Japanese pub operated by restaurant chain Yoronotaki. An attached tablet computer face smiles as it chats about the weather while preparing orders.

The robot, made by the company QBIT Robotics, can pour a beer in 40 seconds and mix a cocktail in a minute. It uses four cameras to monitors customers to analyze their expressions with artificial intelligence (AI) software.

“I like it because dealing with people can be a hassle. With this you can just come and get drunk,” Satoshi Harada, a restaurant worker said after ordering a drink.

“If they could make it a little quicker it would be even better.”

Finding workers, especially in Japan’s service sector, is set to get even more difficult.

The government has eased visa restrictions to attract more foreign workers but companies still face a labor shortage as the population shrinks and the number of people over 65 increases to more than a third of the total.

Source: Japanese robot could call last orders on human bartenders – Reuters

Neural Networks Upscale Film from 1896 to 4K, Make It Look Like It Was Shot on a Modern Smartphone

Posted on by

Denis Shiryaev wondered if it could be made more compelling by using neural network powered algorithms (including Topaz Labs’ Gigapixel AI and DAIN) to not only upscale the footage to 4K, but also increase the frame rate to 60 frames per second. You might yell at your parents for using the motion smoothing setting on their fancy new TV, but here the increased frame rate has a dramatic effect on drawing you into the action.

Aside from it still being black and white (which could be dismissed as simply an artistic choice) and the occasional visual artifact introduced by the neural networks, the upgraded version of L’Arrivée d’un train en gare de La Ciotat looks like it could have been shot just yesterday on a smartphone or a GoPro. Even the people waiting on the platform look like the costumed historical reenactors you’d find portraying an old-timey character at a pioneer village.

Source: Neural Networks Upscale Film from 1896 to 4K, Make It Look Like It Was Shot on a Modern Smartphone

Google’s Takeout App Leaked Videos To Unrelated Users

Posted on by

In a new privacy-related fuckup, Google told users today that it might’ve accidentally imported your personal photos into another Google user’s account. Whoopsie!

First flagged by Duo Security CTO Jon Oberheide, Google seems to be emailing users who plugged into the company’s native Takeout app to backup their videos, warning that a bug resulted in some of those (hopefully G-rated) videos being backed up to an unrelated user’s account.

For those who used the “download your data” service between November 21 and November 25 of last year, some videos were “incorrectly exported,” the note reads. “If you downloaded your data, it may be incomplete, and it may contain videos that are not yours.”

Source: Google’s Takeout App Leaked Videos To Unrelated Users

Google Says Developers Can Now Purchase Latest Smart Glasses, still look stupid

Posted on by

Google is making it easier for developers to purchase the latest version of its smart glasses, with the company saying on Tuesday that the Glass Enterprise Edition 2 is now available from some hardware resellers.

“We’ve seen strong demand from developers and businesses who are interested in building new, helpful enterprise solutions for Glass,“ Google said in a blog post, adding that the new headset was already being used by people with jobs in logistics, manufacturing and field services.”

Source: Google Says Developers Can Now Purchase Latest Smart Glasses – Bloomberg

Iowa has already won the worst IT rollout award of 2020: Rap for crap caucus app chaps in vote zap flap

Posted on by

It’s all so painfully familiar: with a crunch date of February 3, the Democratic Party in Iowa decided to charge ahead with an IT rollout that comprised an entirely new software system spread out across thousands of sites to record the result of the Democratic caucus for its presidential nominee.

It was, inevitably, a complete failure. The results from the Iowa caucus were supposed to come in nearly 24 hours ago. Instead, it has become a rolling news cycle of tech catastrophe.

We’re not even going to bother to dig into lessons learned because they are the same ones that every sysadmin since the dawn of time has dealt with – and spends their entire career warning the suits about, to greater and lesser degrees of success.

[…]

We could write pages and pages of reports about how differently people experienced this almighty IT cock-up but what’s the point? If you’re reading The Reg you already know what the problem is and the details quickly become irrelevant.

Here’s what’s happened: the suits hired a company because they were swayed by their CVs and sales talk and didn’t run it past anyone that knew what they were doing. Then the suits didn’t listen to all the people telling them it was a bad idea and they should delay rollout. And they didn’t allow sufficient time for testing and training.

Source: Iowa has already won the worst IT rollout award of 2020: Rap for crap caucus app chaps in vote zap flap • The Register

For details read the article – the amount of cockups will make you laugh, if not cry.

Researchers Find ‘Anonymized’ Data Is Even Less Anonymous Than We Thought

Posted on by

Dasha Metropolitansky and Kian Attari, two students at the Harvard John A. Paulson School of Engineering and Applied Sciences, recently built a tool that combs through vast troves of consumer datasets exposed from breaches for a class paper they’ve yet to publish.

“The program takes in a list of personally identifiable information, such as a list of emails or usernames, and searches across the leaks for all the credential data it can find for each person,” Attari said in a press release.

They told Motherboard their tool analyzed thousands of datasets from data scandals ranging from the 2015 hack of Experian, to the hacks and breaches that have plagued services from MyHeritage to porn websites. Despite many of these datasets containing “anonymized” data, the students say that identifying actual users wasn’t all that difficult.

“An individual leak is like a puzzle piece,” Harvard researcher Dasha Metropolitansky told Motherboard. “On its own, it isn’t particularly powerful, but when multiple leaks are brought together, they form a surprisingly clear picture of our identities. People may move on from these leaks, but hackers have long memories.”

For example, while one company might only store usernames, passwords, email addresses, and other basic account information, another company may have stored information on your browsing or location data. Independently they may not identify you, but collectively they reveal numerous intimate details even your closest friends and family may not know.

“We showed that an ‘anonymized’ dataset from one place can easily be linked to a non-anonymized dataset from somewhere else via a column that appears in both datasets,” Metropolitansky said. “So we shouldn’t assume that our personal information is safe just because a company claims to limit how much they collect and store.”

The students told Motherboard they were “astonished” by the sheer volume of total data now available online and on the dark web. Metropolitansky and Attari said that even with privacy scandals now a weekly occurrence, the public is dramatically underestimating the impact on privacy and security these leaks, hacks, and breaches have in total.

Previous studies have shown that even within independent individual anonymized datasets, identifying users isn’t all that difficult.

In one 2019 UK study, researchers were able to develop a machine learning model capable of correctly identifying 99.98 percent of Americans in any anonymized dataset using just 15 characteristics. A different MIT study of anonymized credit card data found that users could be identified 90 percent of the time using just four relatively vague points of information.

Another German study looking at anonymized user vehicle data found that that 15 minutes’ worth of data from brake pedal use could let them identify the right driver, out of 15 options, roughly 90 percent of the time. Another 2017 Stanford and Princeton study showed that deanonymizing user social networking data was also relatively simple.

Individually these data breaches are problematic—cumulatively they’re a bit of a nightmare.

Metropolitansky and Attari also found that despite repeated warnings, the public still isn’t using unique passwords or password managers. Of the 96,000 passwords contained in one of the program’s output datasets—just 26,000 were unique.

The problem is compounded by the fact that the United States still doesn’t have even a basic privacy law for the internet era, thanks in part to relentless lobbying from a cross-industry coalition of corporations eager to keep this profitable status quo intact. As a result, penalties for data breaches and lax security are often too pathetic to drive meaningful change.

Harvard’s researchers told Motherboard there’s several restrictions a meaningful U.S. privacy law could implement to potentially mitigate the harm, including restricting data access to unauthorized employees, maininting better records on data collection and retention, and decentralizing data storage (not keeping corporate and consumer data on the same server).

Until then, we’re left relying on the promises of corporations who’ve repeatedly proven their privacy promises aren’t worth all that much.

Source: Researchers Find ‘Anonymized’ Data Is Even Less Anonymous Than We Thought – VICE

Firefox now shows what telemetry data it’s collecting about you (if any)

Posted on by

There is now a special page in the Firefox browser where users can see what telemetry data Mozilla is collecting from their browser.

Accessible by typing about:telemetry in the browser’s URL address bar, this new section is a recent addition to Firefox.

The page shows deeply technical information about browser settings, installed add-ons, OS/hardware information, browser session details, and running processes.

The information is what you’d expect a software vendor to collect about users in order to fix bugs and keep a statistical track of its userbase.

A Firefox engineer told ZDNet the page was primarily created for selfish reasons, in order to help engineers debug Firefox test installs. However, it was allowed to ship to the stable branch also as a PR move, to put users’ minds at ease about what type of data the browser maker collects from its users.

The move is in tune with what Mozilla has been doing over the past two years, pushing for increased privacy controls in its browser and opening up about its practices, in stark contrast with what other browser makers have been doing in the past decade.

Source: Firefox now shows what telemetry data it’s collecting about you | ZDNet

CIA Employee Accused Of Leaking Vault 7 cyber security tooling To WikiLeaks in 2017 Goes On Trial

Posted on by

The trial of a former Central Intelligence Agency software engineer who allegedly leaked thousands of pages of documents to WikiLeaks was set to begin Monday in federal court in New York. The leak has been described as one of the largest in the CIA’s history.

Joshua Schulte has pleaded not guilty to 11 criminal counts, including illegal transmission of unlawfully possessed national defense information and theft of government property.

WikiLeaks started publishing the documents, which it called “Vault 7,” in March 2017. Many of the documents are highly technical, and appear to describe agency practices for hacking a number of different targets.

As NPR’s Camila Domonoske and Greg Myre reported at the time, the documents are said to be to be internal guides to creating and using many kinds of hacking tools, “from turning smart TVs into bugs to designing customized USB drives to extract information from computers.”

Schulte’s lawyers did not respond to NPR’s requests for comment about the case.

In court filings ahead of the trial, they have expressed frustration at the pace with which they are required to review materials surfaced during the discovery process.

Some of the charges against Schulte stem from the Espionage Act, and defense lawyers say they are unconstitutionally overbroad and vague. They also said the law was intended to be used to prosecute those who transmit government secrets to foreign governments, and that it shouldn’t apply to leaking to WikiLeaks. The judge rejected those arguments.

“As alleged, Schulte utterly betrayed this nation and downright violated his victims,” William F. Sweeney Jr., the assistant director-in-charge of the FBI’s New York Field Office, said in a statement when the charges were announced. “As an employee of the CIA, Schulte took an oath to protect this country, but he blatantly endangered it by the transmission of Classified Information.”

Prosecutors have said that when Schulte was working at the CIA, he developed classified cyber tools, including tools to covertly gather data from computers.

The leak allegedly happened during a time of rising tension between Schulte and his CIA colleagues.

In the summer of 2015, according to prosecutors, Schulte started having “significant problems” in his group that stemmed from a feud with one of his colleagues. The feud deepened after the colleague reportedly complained about Schulte to management. Prosecutors say Schulte accused the employee of making a death threat against him and eventually filed a protective order against that person. They were reassigned to different teams.

Because of his reassignment, Schulte’s access to previous projects was revoked. But prosecutors say he reinstated his own administrative privileges. Management at the Center for Cyber Intelligence discovered it, and they attempted to revoke privileges and change passwords. But they missed credentials for one computer network, according to prosecutors, and in April 2016, Schulte allegedly stole vast quantities of information from the network and passed the data along to WikiLeaks.

The judge has granted measures to protect the anonymity of certain witnesses from the CIA who are expected to testify. During those sessions, the courtroom will be closed to press, except for two pool reporters who have agreed not to disclose the physical characteristics of these witnesses. Other reporters in an adjoining courtroom will be able to see a video feed that won’t show images of the witnesses.

Federal prosecutors originally indicted Schulte in 2017 on charges of receiving and possessing child pornography. They said they discovered more than 10,000 images and videos of child pornography encrypted on Schulte’s personal computer.

One of the prosecutors, Matthew Laroche, said at a hearing in 2017 that Schulte is “someone who’s shown himself to condone sexually dangerous behavior and has shown a proclivity to collect thousands of images of child pornography.”

In July 2019, the court severed the child pornography-related charges from the rest of the case, meaning that those accusations will be addressed at a separate trial.

Source: Ex-CIA Employee Accused Of Leaking Documents To WikiLeaks Goes On Trial : NPR

Twitter Helps Spread Disinformation During Iowa Caucuses

Posted on by

The Washington Post’s Tony Romm reported on Monday night that Twitter has decided it will allow certain right-wing accounts to spread disinformation about the Iowa Democratic Caucuses, including tweets that suggest the results are being “rigged.”

Trump campaign manager Brad Pascal tweeted on Monday, “Quality control = rigged?,” citing a second Trump campaign official who had used the hashtag #RiggedElection.

There is no evidence of vote tampering in Iowa and the Trump campaign’s claims are entirely baseless. (Technical issues with an app used by election officials have caused delays in tallying the results.)

Twitter’s decision would seem to provide political fraudsters with a clear message: deceiving voters into believing U.S. election results have been falsified is an acceptable use of Twitter’s platform.

Twitter did not respond to Gizmodo’s request for comment.

Earlier in the day, Charlie Kirk, the leader of a college-focused conservative group called Turning Point USA, tweeted that Iowa election officials were involved in “voter fraud” citing a debunked report by the right-wing activist group Judicial Watch.

The Judicial Watch report falsely claimed that the number of registered voters in Iowa exceeded the number of voting-age residents in each county. Judicial Watch’s fake figures were quickly shot down by Iowa’s Republican secretary of state, Paul D. Pate.

“It’s unfortunate this organization continues to put out inaccurate data regarding voter registration, and it’s especially disconcerting they chose the day of the Iowa Caucus to do this,” Pate said in a statement.

Pate continued: “My office has told this organization, and others who have made similar claims, that their data regarding Iowa is deeply flawed and their false claims erode voter confidence in elections. They should stop this misinformation campaign immediately and quit trying to disenfranchise Iowa voters.”

The Iowa secretary of state’s office pointed to “actual data” from the U.S. Census Bureau to say Judicial Watch’s claims about Iowa’s population are “greatly underestimated.”

Nevertheless, the tweet by Kirk invoking the debunked claim had over 42,500 retweets at press time.

Twitter spokesman Brandon Borrman told the Washington Post that the company would take no action against users working to sow mistrust in the official election results, which were not expected until Tuesday.

“The tweet is not in violation of our election integrity policy as it does not suppress voter turnout or mislead people about when, where, or how to vote,” Borrman told the Post, regarding tweets by prominent conservatives claiming the Democratic caucuses were “rigged.”

Twitter’s claim that such tweets do not “suppress voter turnout” is unlikely to go unchallenged by federal lawmakers who view this particular form of deception as an attempt to discourage participation in a “rigged” election.

The underlying message being propagated by the Trump campaign, Judicial Watch, and Turning Point USA seems an obvious one: Your vote doesn’t count, so why bother?

Source: Twitter Helps Spread Disinformation During Iowa Caucuses

 

Twitter had a flaw allowing the discovery of phone numbers attached to accounts en masse. And it’s been used in the wild multiple times.

Posted on by

Twitter has admitted a flaw in its backend systems was exploited to discover the cellphone numbers of potentially millions of twits en masse, which could lead to their de-anonymization.

In an advisory on Monday, the social network noted it had “became aware that someone was using a large network of fake accounts to exploit our API and match usernames to phone numbers” on December 24.

That is the same day that security researcher Ibrahim Balic revealed he had managed to match 17 million phone numbers to Twitter accounts by uploading a list of two billion automatically generated phone numbers to Twitter’s contact upload feature, and match them to usernames.

The feature is supposed to be used by tweeters seeking their friends on Twitters, by uploading their phone’s address book. But Twitter seemingly did not fully limit requests to its API, deciding that preventing sequential numbers from being uploaded was sufficiently secure.

It wasn’t, and Twitter now says that, as well as Balic’s probing, it “observed a particularly high volume of requests coming from individual IP addresses located within Iran, Israel, and Malaysia,” adding that “it is possible that some of these IP addresses may have ties to state-sponsored actors.”

Being able to connect a specific phone number to a Twitter account is potentially enormously valuable to a hacker, fraudster, or spy: not only can you link the identity attached to that number to the identity attached to the username, and potentially fully de-anonymizing someone, you now know which high-value numbers to hijack, via SIM swap attacks, for example, to gain control of accounts secured by SMS or voice-call two-factor authentication.

In other words, this Twitter security hole was a giant intelligence gathering opportunity,

Twitter says that it initially only saw one person “using a large network of fake accounts to exploit our API and match usernames to phone numbers,” and suspended the accounts. But it soon realized the problem was more widespread: “During our investigation, we discovered additional accounts that we believe may have been exploiting this same API endpoint beyond its intended use case.”

For what it’s worth Twitter apologized for its self-imposed security cock-up: “We’re very sorry this happened. We recognize and appreciate the trust you place in us, and are committed to earning that trust every day.”

It’s worth noting that users who did not add their phone number to their Twitter account or not allow it to be discovered via the API were not affected. Which points to a painfully obvious lesson: don’t trust any company with more personal information than they need to have.

Source: Twitter says a certain someone tried to discover the phone numbers used by potentially millions of twits • The Register

F-35: a $400 Billion Stealth Fighter That Can’t Climb, accellerate, shoot straight or be resupplied using the mandatory software

Posted on by

Here’s something the public didn’t know until today: If one of the U.S. military’s new F-35 stealth fighters has to climb at a steep angle in order to dodge an enemy attack, design flaws mean the plane might suddenly tumble out of control and crash.

Also, some versions of the F-35 can’t accelerate to supersonic speed without melting their own tails or shedding the expensive coating that helps to give the planes their radar-evading qualities.

The Pentagon’s $400-billion F-35 Joint Strike Fighter program, one of the biggest and most expensive weapons programs in history, has come under fire, so to speak, over more than a decade for delays, rising costs, design problems and technical glitches.

But startling reports by trade publication Defense News on Wednesday revealed flaws that previously only builder Lockheed Martin, the military, and the plane’s foreign buyers knew about.

[…]

The test reports Defense News obtained also reveal a second, previously little-known category 1 deficiency in the F-35B and F-35C aircraft. If during a steep climb the fighters exceed a 20-degree “angle of attack”—the angle created by the wing and the oncoming air—they could become unstable and potentially uncontrollable.

To prevent a possible crash, pilots must avoid steeply climbing and other hard maneuvers. “Fleet pilots agreed it is very difficult to max perform the aircraft” in those circumstances, Defense News quoted the documents as saying.

Source: America Is Stuck With a $400 Billion Stealth Fighter That Can’t Fight

Add a gun that can’t shoot straight to the problems that dog Lockheed Martin Corp.’s $428 billion F-35 program, including more than 800 software flaws.

The 25mm gun on Air Force models of the Joint Strike Fighter has “unacceptable” accuracy in hitting ground targets and is mounted in housing that’s cracking, the Pentagon’s test office said in its latest assessment of the costliest U.S. weapons system.

The annual assessment by Robert Behler, the Defense Department’s director of operational test and evaluation, doesn’t disclose any major new failings in the plane’s flying capabilities. But it flags a long list of issues that his office said should be resolved — including 13 described as Category 1 “must-fix” items that affect safety or combat capability — before the F-35’s upcoming $22 billion Block 4 phase.

The number of software deficiencies totaled 873 as of November, according to the report obtained by Bloomberg News in advance of its release as soon as Friday. That’s down from 917 in September 2018, when the jet entered the intense combat testing required before full production, including 15 Category 1 items. What was to be a year of testing has now been extended another year until at least October.

“Although the program office is working to fix deficiencies, new discoveries are still being made, resulting in only a minor decrease in the overall number” and leaving “many significant‘’ ones to address, the assessment said.

Cybersecurity ‘Vulnerabilities’

In addition, the test office said cybersecurity “vulnerabilities” that it identified in previous reports haven’t been resolved. The report also cites issues with reliability, aircraft availability and maintenance systems.

The assessment doesn’t deal with findings that are emerging in the current round of combat testing, which will include 64 exercises in a high-fidelity simulator designed to replicate the most challenging Russian, Chinese, North Korean and Iranian air defenses.

Despite the incomplete testing and unresolved flaws, Congress continues to accelerate F-35 purchases, adding 11 to the Pentagon’s request in 2016 and in 2017, 20 in fiscal 2018, 15 last year and 20 this year. The F-35 continues to attract new international customers such as Poland and Singapore. Japan is the biggest foreign customer, followed by Australia and the U.K.

[…]

Brett Ashworth, a spokesman for Bethesda, Maryland-based Lockheed, said that “although we have not seen the report, the F-35 continues to mature and is the most lethal, survivable and connected fighter in the world.” He said “reliability continues to improve, with the global fleet averaging greater than 65% mission capable rates and operational units consistently performing near 75%.”

Still, the testing office said “no significant portion” of the U.S.’s F-35 fleet “was able to achieve and sustain” a September 2019 goal mandated by then-Defense Secretary Jim Mattis: that the aircraft be capable 80% of the time needed to perform at least one type of combat mission. That target is known as the “Mission Capable” rate.

“However, individual units were able to achieve the 80% target for short periods during deployed operations,” the report said. All the aircraft models lagged “by a large margin” behind the more demanding goal of “Full Mission Capability.”

The Air Force’s F-35 model had the best rate at being fully mission capable, while the Navy’s fleet “suffered from a particularly poor” rate, the test office said. The Marine Corps version was “roughly midway” between the other two.

[…]

the Air Force model’s gun is mounted inside the plane, and the test office “considers the accuracy, as installed, unacceptable” due to “misalignments” in the gun’s mount that didn’t meet specifications.

The mounts are also cracking, forcing the Air Force to restrict the gun’s use.

Source: F-35’s Gun That Can’t Shoot Straight Adds to Its Roster of Flaws – Bloomberg

The F-35’s problematic Autonomic Information Logistics System, or ALIS, will be replaced by a new system starting later this year, which it is hoped will be more user-friendly, more secure, and less prone to error. It’s also to be re-branded as ODIN, for Operational Data Integrated Network.

ODIN “incorporates a new integrated data environment,” according to the F-35 Joint Program Office, which put out a release about the change Jan. 21, just a few days after Pentagon acquisition and sustainment czar Ellen Lord told reporters about it outside a Capitol Hill hearing. The system will be “a significant step forward to improve the F-35 fleet’s sustainment and readiness performance,” the JPO said. ODIN is intended to reduce operator and administrator workload, increase F-35 mission readiness rates, and “allow software designers to rapidly develop and deploy updates in response” to operator needs.

The first “ODIN-enabled” hardware will be delivered to the various F-35 fleets late in 2020, with full operational capability planned by December, 2022, the JPO said, “pending coordination with user deployment schedules.” Some ALIS systems being used on aircraft carriers or with deployed units at that time may not get ODIN until they return.

ALIS is the vast information-gathering system that tracks F-35 data in-flight, relaying to maintainers on the ground the performance of various systems in near-real time. It’s meant to predict part failures and otherwise keep maintainers abreast of the health of each individual F-35. By amassing these data centrally for the worldwide F-35 fleet, prime contractor Lockheed Martin expected to better manage spare parts production, detect trends in performance glitches and the longevity of parts, and determine optimum schedules for servicing various elements of the F-35 engine and airframe. However, the system was afflicted by false alarms—leading to unnecessary maintenance actions—laborious data entry requirements and clumsy interfaces. The system also took long to boot up and be updated, and tablets used by maintainers were perpetually behind the commercial state of the art.

[…]

The Government Accountability Office published a number of reports faulting ALIS for adding unnecessary man-hours and complexity to the F-35 enterprise, saying in a November, 2019 report that USAF maintainers in just one unit reported “more than 45,000 hours per year performing additional tasks and manual workarounds because ALIS was not functioning” the way it was supposed to.

In early versions, ALIS also proved vulnerable to hacking and data theft, another reason for the overhaul of the system, to meet new cyber security needs.

Source: F-35 Program Dumps ALIS for ODIN – Air Force Mag

US’s secret spy payload offloaded: Rocket Lab demos missile muscle with second Electron guided home

Posted on by

Small-sat flinger Rocket Lab beat the winds to get the mysterious National Reconnaissance Office (NRO) payload off the New Zealand launchpad this morning.

After multiple holds due to ground winds, the Electron lifted off at 02:56 UTC on 31 January from the company’s Launch Complex 1 on the New Zealand Mahia Peninsula.

Dubbed “Birds of a Feather”, the mission was the 11th of the company’s Electron booster. While the details of the payload were light (NRO doesn’t like talking too much about its toys), the launch represented the second time Rocket Lab attempted to steer the spent booster back to Earth.

The launch itself went nominally, with main engine cut-off occurring just after two minutes, 30 seconds. The first stage then separated and began its journey back home while the second stage ignited to send the payload to orbit. Rocket Labs’ Kick Stage was then used to shepherd the satellite to the desired orbit.

Chief exec Peter Beck is keen on recovering those first stages and, like the previous mission, the Electron was fitted with the equipment necessary to survive a return to Earth (right up until smacking into the sea).

A reaction control system on the first stage spun the booster around 180 degrees at the six minute, 30 second mark and then maintained the correct angle of attack during the descent. A minute later, the spent booster encountered what Rocket Lab calls “The Wall” as the atmosphere became denser and the rocket decelerated from supersonic to subsonic speeds.

Beck described the aerodynamic forces involved as akin to “perching three elephants atop the Electron stack” in a chat with The Register back in August last year.

As with its predecessor, the booster made it back to Earth and disintegrated upon impact with the ocean – as planned – approximately nine minutes after launch.

Those hoping for a SpaceX-style propulsive landing on legs will be disappointed. Rocket Labs’ plans will see the returning booster eventually equipped with a parachute and snatched by helicopter.

The gang will then recycle the things to augment the production lines should the launch frequency ramp up in the way Beck hopes.

Source: US’s secret spy payload offloaded: Rocket Lab demos missile muscle with second Electron guided home