All The Attacks On The RP2350

January 15, 2025 by Elliot Williams 30 Comments

Raspberry Pi’s new microcontroller, the RP2350, has a small section of memory that is meant for storing secrets. It’s protected by anti-glitching and other countermeasures, and the Raspberries wanted to test it. So this summer, they gave them out, pre-programmed with a secret string, as part of the badge for DEFCON attendees. The results of the cracking efforts are in, and it’s fair to say that the hackers have won.

First place went to [Aedan Cullen], who also gave a great talk about how he did it at 38C3. One of the coolest features of the RP2350, from a hacker perspective, is that it has dual ARM and dual RISC-V cores onboard, and they can be swapped out by multiplexers. The security module has a critical register that has disable bits for both of these processors, but it turns out that the ARM disable bits have priority. When [Aedan] glitched the security module just right, it disabled the ARM cores but left the RISC-V cores running in the secure context, with full debug(!), and the game was over. As of yet, there is no mitigation for this one, because it’s baked into the secure boot module’s silicon.

[Marius Muench] managed to pre-load malicious code into RAM and glitch a reboot-out-of-secure-mode on the USB module. This one is possibly fixable by checking other reboot flags. [Kévin Courdesses] has a sweet laser fault-injection rig that’s based on the 3D-printable OpenFlexure Delta Stage, which we’ve seen used for microscopy purposes, but here he’s bypassing the anti-glitching circuitry by exposing the die and hitting it hard with photons.

Finally, [Andrew Zonenberg] and a team from IOActive went at the RP2350 with a focused ion beam and just read the memory, or at least the pairwise-OR of neighboring bits. Pulling this attack off isn’t cheap, and it’s a more general property of all anti-fuse memory cells that they can be read out this way. Chalk this up as a mostly-win for the offense in this case.

If you want to read up on voltage glitching attacks yourself, and we promise we won’t judge, [Matthew Alt] has a great writeup on the topic. And ironically enough, one of his tools of choice is [Colin O’Flynn]’s RP2040-based Chip Shouter EMP glitcher, which he showed us how to make and use in this 2021 Remoticon talk.

Hackaday Europe 2025 Tickets On Sale, And CFP Extended Until Friday

January 14, 2025 by Elliot Williams 6 Comments

We’re opening up shop for Hackaday Europe, so get your tickets now! We’ve managed to get the ticket price down a bit this year, so you can join in all the fun for $145. And if you’re reading this right now, snap up one of the $75 early bird tickets as fast as you can.

Hackaday Europe is going down again in Berlin this year, on March 15th and 16th at MotionLab. It’s going to be a day and a half of presentations, lightning talks, badge hacking, workshops, and more. This is where Hackaday hangs out in person, and it’s honestly just a great time – if your idea of a great time is trading favorite PCB design tricks, crafting crufty code, and generally trading tales of hardware derring-do.

In short, it’s the best of Hackaday, live and in person. Throughout the weekend, all the meals are catered, we’ve got live music at night, and the soldering irons will be warmed up for you. It’s going to be great!

If you’re in town on Friday the 14th, we’ll be meeting up in the evening to get together over some pre-event food and drink, sponsored by Crowd Supply. It’s a nice opportunity to break the ice, get to know the people you’re going to be spending the next 48 hours with, and just mingle without missing that great talk or wonderful workshop. Continue reading “Hackaday Europe 2025 Tickets On Sale, And CFP Extended Until Friday” →

Second CNC Machine Is Twice As Nice

January 12, 2025 by Elliot Williams 10 Comments

[Cody Lammer] built a sweet CNC router. But as always, when you build a “thing”, you inevitably figure out how to build a better “thing” in the process, so here we are with Cody’s CNC machine v2.0. And it looks like CNC v1.0 was no slouch, so there’s no shortage of custom milled aluminum here.

The standout detail of this build is that almost all of the drive electronics and logic are hidden inside the gantry itself, making cabling a lot less of a nightmare than it usually is. While doing this was impossible in the past, because everything was just so bulky, he manages to get an ESP32 and the stepper drivers onto a small enough board that it can move along with the parts that it controls. FluidNC handles the G-Code interpretation side of things, along with providing a handy WiFi interface. This also allows him to implement a nice jog wheel and a very handy separate position and status indicator LCD on the gantry itself.

When you’re making your second CNC, you have not only the benefit of hindsight, but once you’ve cut all the parts you need, you also have a z-axis to steal and just bolt on. [Cody] mentions wanting a new z-axis with more travel – don’t we all! – but getting the machine up and running is the first priority. It’s cool to have that flexibility.

All in all, this is a very clean build, and it looks like a great improvement over the old machine. Of course, that’s the beauty of machine tools: they are the tools that you need to make the next tool you need. Want more on that subject? [Give Quinn Dunki’s machining series a read].

Fraens’ New Loom And The Limits Of 3D Printing

January 12, 2025 by Elliot Williams 8 Comments

[Fraens] has been re-making industrial machines in fantastic 3D-printable versions for a few years now, and we’ve loved watching his creations get progressively more intricate. But with this nearly completely 3D-printable needle loom, he’s pushing right up against the edge of the possible.

The needle loom is a lot like the flying shuttle loom that started the Industrial Revolution, except for making belts or ribbons. It’s certainly among the most complex 3D-printed machines that we’ve ever seen, and [Fraens] himself says that it is pushing the limits of what’s doable in plastic — for more consistent webbing, he’d make some parts out of metal. But that’s quibbling; this thing is amazing.

There are mechanical details galore here. For instance, check out the cam-chain that raises, holds, and lowers arms to make the pattern. Equally important are the adjustable friction brakes on the rollers that hold the warp, that create a controlled constant tension on the strings. (Don’t ask us, we had to Wikipedia it!) We can see that design coming in handy in some of our own projects.

On the aesthetic front, the simple but consistent choice of three colors for gears, arms, and frame make the build look super tidy. And the accents of two-color printing on the end caps is just the cherry on the top.

This is no small project, with eight-beds-worth of printed parts, plus all the screws, bearings, washers, etc. The models are for pay, but if you’re going to actually make this, that’s just a tiny fraction of the investment, and we think it’s going to a good home.

We are still thinking of making [Fraens]’s vibratory rock tumbler design, but check out all of his work if you’re interested in nice 3D-printed mechanical designs.

Continue reading “Fraens’ New Loom And The Limits Of 3D Printing” →

Blinkenlights-First Retrocomputer Design

January 11, 2025 by Elliot Williams 10 Comments

[Boz] wants to build a retrocomputer, but where to start? You could start with the computery bits, like say the CPU or the bus architecture, but where’s the fun in that? Instead, [Boz] built a righteous blinkenlights array.

What’s cool about this display is that it’s ready to go out of the box. All of the LEDs are reverse-mount and assembled by the board maker. The 19″ 2U PCBs serve as the front plates, so [Boz] was careful not to use any through-hole parts, which also simplified the PCB assembly, of course. Each slice has its own microcontroller and a few shift registers to get the bits lit up, and that’s all there is to it. They take incoming data at 9600 baud and output blinkiness.

Right now it pulls out its bytes from his NAS. We’re not sure which bytes, and we think we see some counters in there. Anyway, it doesn’t matter because it’s so pretty. And maybe someday the prettiness will lure [Boz] into building a retrocomputer to go under it. But honestly, we’d just relax and watch the blinking lights.

Continue reading “Blinkenlights-First Retrocomputer Design” →

In Praise Of Simple Projects

January 11, 2025 by Elliot Williams 34 Comments

Hackaday was at Chaos Communication Congress last week, and it’s one of those big hacker events that leaves you with so much to think about that I’m still processing it. Just for scope, the 38th CCC is a hacker event with about 15,000 attendees from all around Europe, and many from even further. If I were to characterize the crowd on a hardware-software affinity scale, I would say that it skews heavily toward the software side of the hacker spectrum.

What never ceases to amaze me is that there are a couple of zones that are centered on simple beginner soldering and other PCB art projects that are completely full 20 hours of the day. I always makes me wonder how it is possible to have this many hackers who haven’t picked up a soldering iron. Where do all these first-timers come from? I think I’m in a Hackaday bubble where not only does everyone solder at least three times a day, some of us do it with home-made reflow ovens or expensive microscopes.

But what this also means is that there’s tremendous reach for interesting, inviting, and otherwise cool beginner hardware projects. Hands-on learning is incredibly addictive, and the audience for beginner projects is probably ten times larger than that for intermediate or advanced builds. Having watched my own son putting together one of these kits, I understand the impact they can have personally, but it’s worth noting that the guy next to him was certainly in his mid-30s, and the girl across the way was even a few years younger than my son.

So let’s see some cool beginner projects! We’d love to feature more projects that could lure future hackers to the solder-smoky side.