Day: May 31, 2024

This Week In Security: Operation Endgame, Appliance Carnage, And Router Genocide

May 31, 2024 by 3 Comments

This week saw an impressive pair of takedowns pulled off by law enforcement agencies around the world. The first was the 911 S5 botnet, Which the FBI is calling “likely the world’s largest botnet ever”. Spreading via fake free VPN services, 911 was actually a massive proxy service for crooks. Most lately, this service was operating under the name “Cloud Router”. As of this week, the service is down, the web domain has been seized, and the alleged mastermind, YunHe Wang, is in custody.

The other takedown is interesting in its own right. Operation Endgame seems to be psychological warfare as well as actual arrests and seizures. The website features animated shorts, a big red countdown clock, and a promise that more is coming. The actual target was the ring that manage malware droppers — sort of middlemen between initial shellcode, and doing something useful with a compromised machine. This initial volley includes four arrests, 100+ servers disrupted, and 2,000+ domains seized.

The arrests happened in Armenia and Ukraine. The messaging around this really seems to be aimed at the rest of the gang that’s out of reach of law enforcement for now. Those criminals may still be anonymous, or operating in places like Russia and China. The unmistakable message is that this operation is coming for the rest of them sooner or later. Continue reading “This Week In Security: Operation Endgame, Appliance Carnage, And Router Genocide”

Tell Time And Predict The Heavens With This Astronomical Timepiece

May 31, 2024 by 2 Comments

Looking for a new project, or just want to admire some serious mechanical intricacy? Check out [illusionmanager]’s Astronomical Clock which not only tells time, but shows the the positions of the planets in our solar system, the times of sunrise and sunset, the phases of the moon, and more — including solar and lunar eclipses.

One might assume that the inside of the Astronomical Clock is stuffed with a considerable number of custom gears, but this is not so. The clock’s workings rely on a series of tabs on movable rings that interact with each other to allow careful positioning of each element. After all, intricate results don’t necessarily require complex gearing. The astrolabe, for example, did its work with only a few moving parts.

The Astronomical Clock’s mechanical elements are driven by a single stepper motor, and the only gear is the one that interfaces the motor shaft to the rest of the device. An ESP32-C3 microcontroller takes care of everything else, and every day it updates the position of each element as well as displaying the correct time on the large dial on the base.

The video below shows the clock in operation. Curious its inner workings? You can see the entire construction process from beginning to end, too.

Continue reading “Tell Time And Predict The Heavens With This Astronomical Timepiece”

Screenshot of the Kaby Lake CPU pinout next to the Coffee Lake CPU pinout, showing just how few differences there are

Intel’s Anti-Upgrade Tricks Defeated With Kapton Tape

May 31, 2024 by 60 Comments

If you own an Intel motherboard with a Z170 or Z270 chipset, you might believe that it only supports CPUs up to Intel’s 7th generation, known as Kaby Lake. Even the CPU socket’s pinout is different in the next generation — we are told, it will fit the same socket, but it won’t boot. So if you want a newer CPU, you’ll have to buy a new motherboard while you’re at it. Or do you?

Turns out, the difference in the socket is just a few pins here and there, and you can make a 8th or 9th generation Coffee Lake CPU work on your Z170/270 board if you apply a few Kapton tape fixes and mod your BIOS, in a process you can find as “Coffee Mod”. You can even preserve compatibility with the 6th/7th generation CPUs after doing this mod, should you ever need to go back to an older chip. Contrasting this to AMD’s high degree of CPU support on even old Ryzen motherboards, it’s as if Intel introduced this incompatibility intentionally.

There’s been a number of posts on various PC forums and YouTube videos, going through the process and showing off the tools used to modify the BIOS. Some mods are exceptionally easy to apply. For example, if you have the Asus Maximus VIII Ranger motherboard, a single jumper wire between two pads next to the EC will enable support without Kapton tape, a mod that likely could be figured out for other similar motherboards as well. There’s a few aspects to keep in mind, like making sure your board’s VRMs are good enough for the new chip, and a little more patching might be needed for hyper-threading, but nothing too involved.

Between money-grab features like this that hamper even the simplest of upgrades and increase e-waste, fun vulnerabilities, and inability to sort out problems like stability power consumption issues, it’s reassuring to see users take back control over their platforms wherever possible, and brings us back to the days of modding Xeon CPUs to fit into 775 sockets.

Don’t get too excited though, as projects like Intel BootGuard are bound to hamper mods like this on newer generations by introducing digital signing for BIOS images, flying under the banner of user security yet again. Alas, it appears way more likely that Intel’s financial security is the culprit.

Continue reading “Intel’s Anti-Upgrade Tricks Defeated With Kapton Tape”