Day: June 9, 2023

This Weekend: VCF Swap Meet In Wall, NJ

June 9, 2023 by 4 Comments

There was a time where you could regularly find local swap meets to pick up computer hardware, ham radios, and other tech gear at the sort of cut-rate prices so often produced by a sense of camaraderie. But with the rise of websites like Craigslist and eBay, meeting up in person to buy and sell used hardware started to fall out of style. The fact that the prices had to go up due to the considerable cost of shipping such large and heavy objects was an unfortunate side-effect, but it wasn’t enough to stem the tide.

It’s unlikely that we’ll ever truly return to those early days. But if you’re within driving distance of Wall, New Jersey, you can take a step back in time on Saturday and experience a proper swap meet in all its glory. Hosted by the Vintage Computer Federation, the modest $5 entry fee goes to help support their worthy goal of preserving vintage computing history. After the swap meet officially wraps up at 2 PM, a short walk will take you over to their permanent exhibit located within the sprawling InfoAge Science and History Museum.

Continue reading “This Weekend: VCF Swap Meet In Wall, NJ”

This Week In Security: Minecraft Fractureiser, MOVEit, And Triangulation

June 9, 2023 by 2 Comments

Modded Minecraft is having a security moment, to match what we’ve seen in the Python and JavaScript repositories over the last few months. It looks like things started when a handful of burner accounts uploaded malicious mods to Curseforge and Bukkit. Those mods looked interesting enough, that a developer for Luna Pixel Studios (LPS) downloaded one of them to test-run. After the test didn’t pan out, he removed the mod, but the malicious code had already run.

Where this gets ugly is in how much damage that one infection caused. The virus, now named fractureiser, installs itself into every other Minecraft-related .jar on the compromised system. It also grabs credentials, cookies, cryptocurrency addresses, and the clipboard contents. Once that information was exfiltrated from the LPS developer, the attacker seems to have taken manual actions, using the purloined permissions to upload similarly infected mod files, and then marking them archived. This managed to hide the trapped files from view on the web interface, while still leaving them exposed when grabbed by the API. Once the malware hit a popular developer, it began to really take off.

It looks like the first of the malicious .jar files actually goes all the way back to mid-April, so it may take a while to discover all the places this malware has spread. It was first noticed on June 1, and investigation was started, but the story didn’t become public until the 7th. Things have developed rapidly, and the malware fingerprints has been added to Windows Defender among other scanners. This helps tremendously, but the safe move is to avoid downloading anything Minecraft related for a couple days, while the whole toolchain is inspected. If it’s too late and you’ve recently scratched that voxel itch, it might be worth it to take a quick look for Indicators of Compromise (IoCs).

Continue reading “This Week In Security: Minecraft Fractureiser, MOVEit, And Triangulation”

They Used To Be A Big Shot, Now Eagle Is No More

June 9, 2023 by 246 Comments

There once was a time when to make a PCB in our community was to use CadSoft EAGLE, a PCB design package which neatly filled the entry level of that category with a free version for non-commercial designs. Upgrading it to the commercial version was fairly inexpensive, and indeed that was a path which quite a few designers making the step from hobby project to small production would take.

Then back in 2017, CadSoft were bought by Autodesk, and their new version 8 of the software changed its licensing model from purchase to rental. It became a product with a monthly subscription and an online side, and there began an exodus of users for whom pay-to-play meant too much risk of losing access to their designs. Now six years later the end has come, as the software behemoth has announced EAGLE’s final demise after a long and slow decline. Continue reading “They Used To Be A Big Shot, Now Eagle Is No More”

Gesture Sensor Teardown Reveals Intel Heritage

June 9, 2023 by 5 Comments

A few years ago, there was a rush of products on the market to detect motion. The idea being you could interact with your computer like they do on science fiction movies, with giant expressive hand motions in the air. Most of these were aimed at desktop computer users but one company, YouSpace, wanted to bring this technology to retail stores. [IMSAI Guy] got one of their sensor devices and decided to see what was inside it. You can see, too, in the video below.

The device appeared to have a laser inside, which motivated the teardown. We aren’t sure exactly what YouSpace had planned, but you can see their now-defunct website on the Wayback machine. The use cases listed didn’t really help us get a clear picture, so maybe that was part of the problem.

Getting into the device was the first challenge. Like many modern smartphones, there didn’t appear to be any fasteners, so you simply had to pry the case apart. Inside the case: a tiny circuit board and a metal assembly containing the laser and cameras that were easy to remove. The main PCB appears to be an Intel off-the-shelf board that was in many Intel RealSense products, and currently go for about $50 on eBay. The camera assembly looks a bit like an Intel D430, so it is possible the entire thing was off-the-shelf hardware. Even the little connector board is, technically, a D400 Interposer.

The peek into the structured light project under the microscope was interesting. We expected it would look different, and [IMSAI Guy] clearly didn’t expect its appearance either. The chip was made to beam a known pattern that the cameras would use to deduce the shape of the surfaces it hits.

If you can find these on the surplus market, they would probably be a good deal if you need this hardware which is typically pretty expensive. Just beware, though. Intel announced in late 2021 they were “winding down” RealSense. We don’t know if there will be third-party support in the future or if the whole product line will just be orphaned.

We’ve seen the occasional project that uses structured light. The technique can be very precise.

Continue reading “Gesture Sensor Teardown Reveals Intel Heritage”