HOME > RSS > TECHNOLOGY > hack a day

R S S : hack a day


PageRank : 2 %

VoteRank :
(0 - 0 vote)





tagsTags: , , , , , , ,


English

RSS FEED READER



Self-Contained Tape Loader For the ZX Spectrum

8 August, by Lewin Day[ —]

While these days we’re blessed with the magic of always-on internet connections and cloud services, back in the day software was delivered on physical media. Some of the most reviled media were data tapes, much maligned for their glacial loading times. However, the tangibility did give them some charm, and [JamHamster] decided to recreate this with his self-contained virtual tape loader.

The guts of the loader is a TZXDuino, a Spectrum tape emulator related to the Arduitape. It uses an Arduino Nano to store tape data files and replay them to load software on the retro platform. [JamHamster] combined this with a cassette tape shell and the head from a cassette audio adapter to make a digital tape emulator. The TZXDuino is crammed in the shell with a few mods, including a sensor that detects the play head moving inside the cassette to trigger playback. This stemmed from an earlier mod that did the same, just without an onboard battery.

It’s a tidy hack, and a very cool way to load games on your retro computer. With a firmware flash, it should be compatible with other systems too, thanks to the various computers supported by the wider Arduitape project. Tape emulators are popular with the community, thanks to eliminating the hassles of working with a now-obsolete format. Video after the break.


Virtual Software Defined Radio

8 August, by Al Williams[ —]

Software defined radio or SDR has changed the radio landscape forever. But to use one you need to buy some kind of hardware right? Maybe not. As [Tech Minds] shows in a recent video there are plenty of SDRs publically available on the Internet. We know that isn’t news, but the video does cover several different methods of finding and using SDR receivers including many that run totally in the browser.

Of course, there are a lot of reasons you might want to borrow an alien radio receiver, even if you have your own hardware. Maybe you don’t have a great antenna or maybe you want to hear a signal — maybe even your own — from a different location.

Some of these methods even have the ability to pipe audio data out to another program if you want to do some sort of decoding or processing.  The SPY network uses the SDR# software, so you will have to install something for that. On the other hand, the program doesn’t really treat local hardware and remote any differently, so you can do lots of different things. But many of the programs will work inside a normal browser. SDR Console also needs some software, as well.

WebSDR works totally in the browser. KiwiSDR uses the very cool OpenWebRX interface and apparently it decodes radio signals on the server side, making it easy to listen to different signals in the browser.

With everyone having a bit more free time at home lately, this is a great way to take up listening to the radio with zero extra investment. Of course, if you have the inclination and the antennas, you can get a cheap dongle, although you’ll need an HF converter to listen to the shortwave bands. Or you can hack a QCX transceiver.


Tired of Regular Keebs? Might Be Time to Split

8 August, by Kristina Panos[ —]

No matter how much geek cred your old vintage keyboard pulls, it’s not worth suffering through wrist pain or any other discomfort while using it. Especially now, when there are so many points of entry into the rabbit hole world of DIY mechanical keebs.

Once the wrist pain started, [Ben Congdon] switched from a big old Apple keeb to a Kinesis Freestyle — it’s basically a regular keyboard, but in two halves that can be placed far enough apart that [Ben]’s wrists are straight while typing. Comfortable as that split rectangle may be, it’s just not that cool looking, and he was ready to build something new, as long as it had enough keys.

[Ben] settled on building a Keebio Sinc, a new board which comes mostly soldered already and supports a handful of layouts. In the spirit of leaving doors open, [Ben] soldered in hot-swap sockets instead of permanently attaching the key switches to the PCB. This way, those Gateron reds can be easily switched out for something else, for instance should [Ben] want to try a little tactility down the road.

We think the Sinc is a cool offering precisely because it is such a full keyboard. Not everyone is ready to jump into 60% layouts or thumb clusters, and it’s nice to have options. This is entry-level ergo and DIY all at once. What’s not to like? Even if you want to go for something small and ortholinear, there are options. Here’s a build we saw recently that starts with a breakaway PCB that lets you choose between small and smaller.

Via reddit


HAWT Wind Turbine Is Mostly 3D Printed


7 August, by Lewin Day[ —]

Wind turbines are a great source of renewable energy, and a great DIY project, too. They can be built with all kinds of materials and the barrier for entry is low for the beginner. [Fab] has built just such a device, taking advantage of modern construction techniques, and dubbed it the WinDIY.

The WinDIY design is mostly 3D printed, with a familiar three-bladed design. The diameter of the rotor is 1.2 m, meaning that braking and regulating the turbine is required for safety in high winds. [Fab] is aiming to achieve this control with a combination of mechanical and electronic braking, as well as variable-pitch blades. The benefit of 3D printing the design is it allows iterations to be made quickly, particularly of parts with complex geometries that would be too time-consuming or expensive to machine otherwise.

[Fab]’s writeup goes into great detail on topics like the design of the pitch control systems and other minutae, which should serve as a great reference for anyone else working on a similar project. If you’re looking for something with more of a sci-fi future vibe, consider attempting a vertical-axis build instead.

The HackadayPrize2020 is Sponsored by:

Hands-On: AND!XOR Unofficial DC28 Badge Embraces the Acrylic Stackup

7 August, by Mike Szczys[ —]

Still hot from the solder party, a new AND!XOR badge just landed on my desk courtesy of the hacking crew that has been living the #badgelife for the past five years. Originally based on the Futurama character Bender, the design has morphed to the point that it’s no longer recognizable as a descendant of that belligerent robot. Instead we have a skeletal midget whose face is half covered by a gear-themed mask.

At first glance, you might not even notice the character design because you’re too distracted by the beautiful composure of the hardware. This year’s badge includes a double stack-up of acrylic on top of a red circuit-board. Anyone who has used acrylic bezels in a badge design can tell you the cost for material and laser cutting time is significant. In this case the overall aesthetic of the badge is based upon the look of the mirrored gold with the art detail laser etched into the back. It’s a unique bling without even turning the power on.

When you do flip that hard switch next to three AAA batteries secured to the back of the badge, you’re greeted with RGB LEDs hidden under the etched parts of the faceplate, and both a 128×64 OLED screen and a 160×128 color LCD. The larger screen provides the menu system which is navigated via the Blackberry keyboard worn by the skeletal midget like a belt.

The Blackberry keyboard is a hot trend this year as we’ve seen the Blackberry PMOD KeyBoard that sells out every time it hits Tindie, and projects like the LoRa QWERTY Messenger sourcing them for delicious backlit user input. Why not? The original hardware was a homerun, so it makes sense the surplus replacement stock is now being embraced by hardware hackers.

If you don’t want to type everything with the edge of your thumb, the USB-C port on the bottom of the board provides terminal access. A really nice touch is that the badge also enumerates as USB mass storage, providing access to the readme file as well as a way to load new animations, images, and BASIC programs.

These things must have been a huge hassle to assemble. The keyboard is attached with some clear sticky mounting squares and two tiny screws that thread into holes on the faceplace. That’s not the hard part… the cable threads through a hole, loops somewhere under the stackup, and then snaps into a connector on the board. Four screw bosses hold the acrylic in place, and the two screens adhere to the spacer layer of acrylic. Taking it apart we get a nice look at the underside of the laser-etched acrylic.

An STM32F412RET6 is at the heart of the design. There are far fewer LED than in previous years so there is no dedicated LED driver. The choice there was to use APA-102 RGB LEDs which are driven with simple SPI signals. If you’re wondering about the cuttable traces seen in gold, [Zapp] says he uses them while prototyping the badges in case components need to be rerouted. Normally they’d be hidden, but since the board is covered by acrylic he left them in on the production board.

That beefy QR code? Yeah, it resolves to a sketchy URL:

https://secure.verylegit.link/private-key(3ad-shockwave-flash.jar.docm

Further investigation shows it leads to a 302 “moved temporarily” redirect which goes… and you’ve probably already guessed this… to a video of our friend Richard Paul Astley.

The Game, the Culture, the Goodies

The real fun of these badges are the puzzles and interactive activities wrapped inside the firmware. I haven’t had time to dive into those but they are as present as in all previous years, including a public Slack channel where friend exchanges can be done to unlock challenges within. A few guidelines for the capture the flag are mentioned on the project’s documentation page.

The AND!XOR badge is always one of the hottest unofficial DEF CON badges for collectors and this year is no different. Except of course it’s all extremely different since DC is actually cancelled and we’re all socially distancing. How do you distribute hundreds of badges when nobody is centrally located?

As always, they produced a few hundred of these badges. Some of them were sold, but most of the badges were given away for free, underwritten by the companies that sponsored this badge. The distribution scheme for the free badges was an awesome one, sending caches of badges to trusted hackers in locations all over North America which were then given to people who solved challenges or were “doing great hacker things”.

I can’t wrap up this review without mentioning how the badge was wrapped when it arrived. This stretchy sleeve provided a bit of padding around the anti-static bag and can be used as a pandemic mask. But look closely, you’ll see this is custom printed material that includes the silhouette of each of the AND!XOR badges that came before this. It’s unique, incredibly awesome, and a testament to the team’s devotion to making everything about their badges awesome because just because they can.


Separation Between WiFi and Bluetooth Broken by the Spectra Co-Existence Attack

7 August, by Pedro Umbelino[ —]

This year, at DEF CON 28 DEF CON Safe Mode, security researchers [Jiska Classen] and [Francesco Gringoli] gave a talk about inter-chip privilege escalation using wireless coexistence mechanisms. The title is catchy, sure, but what exactly is this about?

To understand this security flaw, or group of security flaws, we first need to know what wireless coexistence mechanisms are. Modern devices can support cellular and non-cellular wireless communications standards at the same time (LTE, WiFi, Bluetooth). Given the desired miniaturization of our devices, the different subsystems that support these communication technologies must reside in very close physical proximity within the device (in-device coexistence). The resulting high level of reciprocal leakage can at times cause considerable interference.

There are several scenarios where interference can occur, the main ones are:

  • Two radio systems occupy neighboring frequencies and carrier leakage occurs
  • The harmonics of one transmitter fall on frequencies used by another system
  • Two radio systems share the same frequencies

To tackle these kind of problems, manufacturers had to implement strategies so that the devices wireless chips can coexist (sometimes even sharing the same antenna) and reduce interference to a minimum. They are called coexistence mechanisms and enable high-performance communication on intersecting frequency bands and thus, they are essential to any modern mobile device. Despite open solutions exist, such as the Mobile Wireless Standards, the manufacturers usually implement proprietary solutions.

Spectra

Spectra is a new attack class demonstrated in this DEF CON talk, which is focused on Broadcom and Cypress WiFi/Bluetooth combo chips. On a combo chip, WiFi and Bluetooth run on separate processing cores and coexistence information is directly exchanged between cores using the Serial Enhanced Coexistence Interface (SECI) and does not go through the underlying operating system.

Spectra class attacks exploit flaws in the interfaces between wireless cores in which one core can achieve denial of service (DoS), information disclosure and even code execution on another core. The reasoning here is, from an attacker perspective, to leverage a Bluetooth subsystem remote code execution (RCE) to perform WiFi RCE and maybe even LTE RCE. Keep in mind that this remote code execution is happening in these CPU core subsystems, and so can be completely invisible to the main device CPU and OS.

Join me below where the talk is embedded and where I will also dig into the denial of service, information disclosure, and code execution topics of the Spectra attack.

Denial of Service

This happens when one wireless core denies transmission to the other core. DoS attacks are possible if one core is able to claim spectrum resources of the other core. As this is the basic working principle of any coexistence interface, all of them are vulnerable by definition, as long as one core keeps constantly claiming the resource for himself. Other DoS opportunities arise from one wireless core being able to crash another via shared RAM abuse.

Information Disclosure

One wireless core can infer data or actions of the other core. One example is when connecting an HID device like a keyboard. Timings and contents of keypresses can be observed on the host that receives those keystrokes. However, an attacker who has only code execution on a WiFi chip should not be able to make such observations. While the content of the keypresses are missing, it is possible for code running on the WiFi chip to infer timing statistics about the keys pressed in the Bluetooth side. This becomes interesting for inferring passwords and password lengths.

Code Execution

One wireless core can execute code within the other core. The security researchers demonstrate that it is possible to execute an arbitrary WiFi address with controlled contents via Bluetooth. This happens because when both cores are running, they share a RAM region which contain, among other information, a large function table. By overwriting a specific address, it is possible to control the WiFi core program counter. This means that a Bluetooth subsystem exploit can turn into a WiFi exploit. In addition, writing to the WiFi buffer and executing addresses produces various kernel panics on Android and iOS, indicating that further escalations into the host are possible and probably it’s just a matter of time until someone pops calc.

Conclusion

Although the research was centered on Broadcom and Cypress combo chips (which cover, by the way, all iPhones, MacBooks, iMacs, older Apple Watches, Samsung S and Note series, some Google Nexus, Raspberry Pi and so forth…) advisories were sent to Intel, MediaTek, Qualcomm, Texas Instruments, Marvell, NXP and they all mention similar coexistence interfaces in their devices. So, mutatis mutandis, and because of its very nature, some Spectra class vulnerabilities probably exist in other vendors too.

And since [Jiska] has a history breaking wireless stuff, we can probably expect a follow-up on this research and this class of inter-chip privilege escalation vulnerabilities. Can’t wait!


Hackaday Podcast 079: Wobble Sphere, Pixelflut, Skeeter Traps, and Tracing Apps

7 August, by Mike Szczys[ —]

Hackaday editors Mike Szczys and Elliot Williams gaze upon the most eye-popping projects from the past week. Who would have known that springy doorstops could be so artistic? Speaking of art, what happens if you give everyone on the network the chance to collectively paint using pixels? There as better way to catch a rat, and a dubious way to lure mosquitoes. We scratch our heads at sending code to the arctic, and Elliot takes a deep look at the contact tracing apps developed and in use throughout Europe.

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (~65 MB)

Places to follow Hackaday podcasts:

Episode 079 Show Notes:

New This Week:

Interesting Hacks of the Week:

Quick Hacks:

Can’t-Miss Articles:











mirPod.com is the best way to tune in to the Web.

Search, discover, enjoy, news, english podcast, radios, webtv, videos. You can find content from the World & USA & UK. Make your own content and share it with your friends.


HOME add podcastADD PODCAST FORUM By Jordi Mir & mirPod since April 2005....
ABOUT US SUPPORT MIRPOD TERMS OF USE BLOG OnlyFamousPeople MIRTWITTER