Month: January 2018

Spectre And Meltdown: Attackers Always Have The Advantage

January 10, 2018 by 45 Comments

While the whole industry is scrambling on Spectre, Meltdown focused most of the spotlight on Intel and there is no shortage of outrage in Internet comments. Like many great discoveries, this one is obvious with the power of hindsight. So much so that the spectrum of reactions have spanned an extreme range. From “It’s so obvious, Intel engineers must be idiots” to “It’s so obvious, Intel engineers must have known! They kept it from us in a conspiracy with the NSA!”

We won’t try to sway those who choose to believe in a conspiracy that’s simultaneously secret and obvious to everyone. However, as evidence of non-obviousness, some very smart people got remarkably close to the Meltdown effect last summer, without getting it all the way. [Trammel Hudson] did some digging and found a paper from the early 1990s (PDF) that warns of the dangers of fetching info into the cache that might cross priviledge boundaries, but it wasn’t weaponized until recently. In short, these are old vulnerabilities, but exploiting them was hard enough that it took twenty years to do it.

Building a new CPU is the work of a large team over several years. But they weren’t all working on the same thing for all that time. Any single feature would have been the work of a small team of engineers over a period of months. During development they fixed many problems we’ll never see. But at the end of the day, they are only human. They can be 99.9% perfect and that won’t be good enough, because once hardware is released into the world: it is open season on that 0.1% the team missed.

The odds are stacked in the attacker’s favor. The team on defense has a handful of people working a few months to protect against all known and yet-to-be discovered attacks. It is a tough match against the attackers coming afterwards: there are a lot more of them, they’re continually refining the state of the art, they have twenty years to work on a problem if they need to, and they only need to find a single flaw to win. In that light, exploits like Spectre and Meltdown will probably always be with us.

Let’s look at some factors that paved the way to Intel’s current embarrassing situation.

Continue reading “Spectre And Meltdown: Attackers Always Have The Advantage”

Friday Hack Chat: Assembling In Quantity With MacroFab

January 10, 2018 by 6 Comments

Building one of something is easy. You see it here every day, and yes, building a single robot, or a board to convert Segas to HDMI, or an Internet of Things thing is easy. Manufacturing is another story entirely. You’re going to have BOMs to work with, you’ll have suppliers, and you need to deal with assembly, programming, and packaging. Do you even know where you’re going to store all those boxes of parts? Manufacturing is a difficult task, but luckily there are assembly houses and contract manufacturers ready to ease the burden a little.

For this week’s Hack Chat, we’re going to be talking about Assembly as a Service through MacroFab. MacroFab is an online assembly house and contract manufacturer that makes creating hardware simple. If you thought sending a board file off to OSH Park and receiving a PCB in a week is amazing, you clearly haven’t experienced MacroFab. Here, you can upload your board and BOM, and with minimal effort, receive a completely populated product in a few weeks.

Our guest for this week’s Hack Chat will be [Parker Dillmann], MacroFab co-founder, with backgrounds in embedded design and DSP. He runs longhornengineer, a blog full of amazing projects that fit in well with the usual Hackaday fare. Shoutouts are especially deserved for the Game Boy VGA adapter.

During this week’s Hack chat, we’re going to be talking to [Parker] about manufacturing, the pitfalls, how you can better design for manufacturing (DFM), the machines used by MacroFab, pogo pin adapters, solder fountains, and all the cool stuff that turns one of a thing into thousands of a thing. If you’re wondering what MacroFab’s results look like, you’ve probably already held a few in your hands; the badge for this year’s Hackaday Superconference was manufactured by MacroFab, as were a lot of the independent badges at last year’s Def Con.

During this Hack Chat, we’ll be discussing:

  • What is the process for a first-time manufacturer?
  • Where can you find out how to design better for manufacturing?
  • What kinds of products are made at MacroFab?
  • What kinds of equipment is typically used for board assembly?

As always, we’re looking for questions from the community, you can add those as a comment on the Hack Chat event page.

join-hack-chat

Our Hack Chats are live community events on the Hackaday.io Hack Chat group messaging. This Hack Chat is going down Friday, January 12th at noon, Pacific time. Time Zones got you down? Here’s a handy countdown timer!

Click that speech bubble to the left, and you’ll be taken directly to the Hack Chat group on Hackaday.io.

You don’t have to wait until Friday; join whenever you want and you can see what the community is talking about.

Bring Up A PCB With Fewer Headaches

January 10, 2018 by 5 Comments

What’s the first thing you do when a new set of boards from the fab house hits the doorstep? Apply solder paste, populate the components, and stick it in the reflow oven? That’s one way to do it. But a lot of non-obvious things can go wrong at the fab house, like shorts and undrilled vias. One tiny mistake can mean hours of frustration and sanity questioning as you troubleshoot some problem that’s now buried under solder paste and 0603s.

Over on IO, [Bhavesh] tries to nip these problems in the bud with a comprehensive and explanatory guide to properly bringing up a PCB. Though it’s based on fab house boards, this soup-to-nuts plan is good for any project from kit building to custom stripboard circuits. When new boards arrive, [Bhavesh] does several continuity checks and visually inspects them with a microscope. In the case of a stripboard layout, it’s a good idea to verify there’s no continuity across cut traces. He goes on to cover solder paste, touching on proper handling and storage, application, and problem correction.

Our favorite part of this guide is the component sheets. Making these is a great preventive measure, like lining up all your ingredients on the counter before you bake a cake. If you know what you need, why not have it all ready?  [Bhavesh] uses a sheet for each component type, lists all the relevant values in ascending order, and lays out component reels next to them.

The guide covers solder paste, too—his stencils were late to arrive, so the guide deals with applying paste by hand. He suggests a plan for populating the board by starting in one corner and working in circle, placing small components first. Then it’s on to reflow and those all-important post-reflow checks for bridges and bad joints before letting the magic smoke out.

A great time to catch mistakes is before you send the order to the fab house. Hackaday’s own [Joshua Vasquez] has you more than covered there.

You Got A 3D Printer, Now What?

January 10, 2018 by 89 Comments

Given the incredibly low prices on some of the models currently on the market, it’s more than likely a number of Hackaday readers have come out of the holiday season with a shiny new desktop 3D printer. It’s even possible some of you have already made the realization that 3D printing is a bit harder than you imagined. Sure the newer generation of 3D printers make it easier than ever, but it’s still not the same “click and forget” experience of printing on paper, for instance.

In light of this, I thought it might be nice to start off the new year with some advice for those who’ve suddenly found themselves lost in a forest of PLA. Some of this information may seem obvious to those of us who’ve spent years huddled over a print bed, but as with many technical pursuits, we tend to take for granted the knowledge gained from experience. For my own part, the challenges I faced years ago with my first wooden 3D printer were wholly different than what I imagined. I assumed that the real challenge would be getting the machine assembled and running, but the time it took to build the machine was nothing in comparison to the hours and hours of trial and error it took before I gained the confidence to really utilize the technology.

Of course, everyone’s experience is bound to be different, and we’d love to hear about yours in the comments. Grand successes, crushing defeats, and everything in between. It’s all part of the learning process, and all valuable information for those who are just starting out.

Continue reading “You Got A 3D Printer, Now What?”

WiFi Alliance Announces Upcoming Fixes To WPA2

January 10, 2018 by 27 Comments

Last October, before Intel’s Management Engine was completely broken and the Spectre and Meltdown exploits drove Intel’s security profile further into the ground, we had a problem with wireless networking. WPA2 was cracked with KRACK, the Key Reinstallation Attack. The sky isn’t falling quite yet, but the fact remains that the best WiFi security currently available isn’t very secure at all.

This week, at the Consumer Electronics Show in Las Vegas, the WiFi Alliance announced they would introduce security enhancements in 2018. While it’s not said in the press release if this is a reaction to KRACK, the smart money says yes, this is indeed a reaction to KRACK.

Four new capabilities are outlined in the upcoming release of WPA3 this year. One feature will be protection for users who do not choose complex passwords. A second feature will simplify the process of configuring security on devices that have no display, ostensibly like that little button on your router that you’ve never pressed. The third feature will ‘strengthen user privacy in open networks’, while the fourth, the one we really care about, will add a 192-bit security suite which will, ‘further protect WiFi networks with higher security requirements’.

While most devices currently in service should have a patch for KRACK by now, there will always be thousands of unpatched devices, because, really, who is in charge of the router at your local coffee shop? We’re not sure about the timing of the WiFi Alliance’s announcement of upcoming security improvements: coming during CES when the entirety of the tech press is gawking at manned quadcopters and an endless variety of voice assistants. But we have to say better late than never.

34C3: Vintage Verification, Stop Nuclear War With A 6502

January 10, 2018 by 11 Comments

Our better-traveled colleagues having provided ample coverage of the 34C3 event in Leipzig just after Christmas, it is left to the rest of us to pick over the carcass as though it was the last remnant of a once-magnificent Christmas turkey.  There are plenty of talks to sit and watch online, and of course the odd gem that passed the others by.

It probably doesn’t get much worse than nuclear conflagration, when it comes to risks facing the planet. Countries nervously peering at each other, each jealously guarding their stocks of warheads. It seems an unlikely place to find a 34C3 talk about 6502 microprocessors, but that’s what [Moritz Kütt] and [Alex Glaser] managed to deliver.

Policing any peace treaty is a tricky business, and one involving nuclear disarmament is especially so. There is a problem of trust, with so much at stake no party is anxious to reveal all but the most basic information about their arsenals and neither do they trust verification instruments manufactured by a state agency from another player. Thus the instruments used by the inspectors are unable to harvest too much information on what they are inspecting and can only store something analogous to a hash of the data they do acquire, and they must be of a design open enough to be verified. This last point becomes especially difficult when the hardware in question is a modern high-performance microprocessor board, an object of such complexity could easily have been compromised by a nuclear player attempting to game the system.

We are taken through the design of a nuclear weapon verification instrument in detail, with some examples and the design problems they highlight. Something as innocuous as an ATtiny microcontroller seeing to the timing of an analogue board takes on a sinister possibility, as it becomes evident that with compromised code it could store unauthorised information or try to fool the inspectors. They show us their first model of detector using a Red Pitaya FPGA board, but make the point that this has a level of complexity that makes it unverifiable.

The gamma ray energy spectrum of a cobalt-60 source as seen from an Apple II.
The gamma ray energy spectrum of a cobalt-60 source as seen from an Apple II.

Then comes the radical idea, if the technology used in this field is too complex for its integrity to be verified, what technology exists at a level that can be verified? Their answer brings us to the 6502, a processor in continuous production for over 40 years and whose internal structures are so well understood as to be de facto in the public domain. In particular they settle upon the Apple II home computer as a 6502 platform, because of its ready availability and the expandability of [Steve Wozniak]’s original design. All parties can both source and inspect the instruments involved.

If you’ve never examined a nuclear warhead verification device, the details of the system are fascinating. We’re shown the scintillation detector for measuring the energies present in the incident radiation, and the custom Apple II ADC board which uses only op-amps, an Analog Devices flash ADC chip, and easily verifiable 74-series logic. It’s not intentional but pleasing from a retro computing perspective that everything except perhaps the blue LED indicator could well have been bought for an Apple II peripheral back in the 1980s. They then wrap up the talk with an examination of ways a genuine 6502 system could be made verifiable through non-destructive means.

It is not likely that nuclear inspectors will turn up to the silos with an Apple II in hand, but this does show a solution to some of the problems facing them in their work and might provide pointers towards future instruments. You can read more about their work on their web site.

Ocelot Arcade System Illustrates The Scope Of Vector Graphics

January 9, 2018 by 15 Comments

Who knows how far the Vectrex system, or vector graphics gaming in general could have gone if not for the crash of ’83? The console wars might have been completely different if not for this market saturation-based reset button.

[Matt Carr] doesn’t own a Vectrex, but he does have a Tektronix 465 oscilloscope. After an intense labor of love and documentation, he also has a shiny new vector graphics arcade system that he built himself. It’s based on a dsPIC33 and uses a dual-channel DAC to produce wire frame 3-D graphics and send X-Y coordinates to the ‘scope via phono outputs. The PIC’s internal DAC is meant for audio and didn’t do so well with graphics, so [Matt] used a TLV5618A piggybacked on the PIC’s DAC pins.

The Ocelot doesn’t take cartridges, though it might someday. For now, changing games means getting out the PICkit. There are currently two to choose from: Star Lynx, an awesome flying shooter where you get to save a feline population, and Mattsteroids, which is exactly what it sounds like. There’s only one Ocelot in existence, and although it isn’t for sale, [Matt] has terrific technical documentation should you care to replicate it. One thing you might not be able to replicate is the awesome vintage advert he made for the Ocelot, which is cued up after the break.

Don’t have a ‘scope? You can do vector graphics on a CRT with an FPGA.

Continue reading “Ocelot Arcade System Illustrates The Scope Of Vector Graphics”