[Clifford Wolf] wrote in to let us know about a project he recently completed called EmbedVM. It’s a virtual machine for AVR microcontrollers. The package has a relatively small overhead, taking up about 3kB of program memory. The VM can execute 74,000 instructions per second, and runs asynchronously from the microcontroller. As [Clifford] demonstrates in the videos after the break, this can be handy for preloading commands to prevent slowdown during heavy VM processor loads.

The snippet in the image above is an example program written in the C-like VM code which will play some [Rick Astley] on a speaker. This code can be run from RAM, EEPROM, or even external storage like an SD card. Recently there was a supplemental compiler project that even takes Python code and compiles it into VM byte-code. What a nice abstraction tool for making inexpensive microcontroller-based designs easily programmable for those that have a bit of Python experience.

If you don’t recognize the name, [Clifford Wolf] is also the author of OpenSCAD, a tool that is quite popular with 3D printing.

Read the rest of this entry »

Capture the Flag (CTF) is a long running tradition at hacker conventions. It pits teams of security researchers against each other on the same network. Every team gets an identical virtual machine image. The VM has a set of custom written services that are known to be vulnerable. The teams work to secure their image while simultaneously exploiting services on the machines of other teams. A scoring server monitors the match as it progresses and awards points to teams for keeping their services up and also for stealing data from their competitors.

The Chaos Communication Congress in Berlin December 27-30, 2008 will host a CTF competition. Most CTF matches are done head to head in the same room. While 25C3 will have local teams, it will also be wide open for international teams to compete remotely. Remote teams will host their own images on a VPN with the other competitors. Now is a good time to register and familiarize yourself with the scoring system. It will certainly be interesting to see how this competition plays out now that teams that can’t make the trip can still compete.