Author: Jenny List

3428 Articles

An Analog Charge Pump Fabrication-Time Attack Compromises A Processor

April 25, 2017 by 47 Comments

We will all be used to malicious software, computers and operating systems compromised by viruses, worms, or Trojans. It has become a fact of life, and a whole industry of virus checking software exists to help users defend against it.

Underlying our concerns about malicious software is an assumption that the hardware is inviolate, the computer itself can not be inherently compromised. It’s a false one though, as it is perfectly possible for a processor or other integrated circuit to have a malicious function included in its fabrication. You might think that such functions would not be included by a reputable chip manufacturer, and you’d be right. Unfortunately though because the high cost of chip fabrication means that the semiconductor industry is a web of third-party fabrication houses, there are many opportunities during which extra components can be inserted before the chips are manufactured. University of Michigan researchers have produced a paper on the subject (PDF) detailing a particularly clever attack on a processor that minimizes the number of components required through clever use of a FET gate in a capacitive charge pump.

On-chip backdoors have to be physically stealthy, difficult to trigger accidentally, and easy to trigger by those in the know. Their designers will find a line that changes logic state rarely, and enact a counter on it such that when they trigger it to change state a certain number of times that would never happen accidentally, the exploit is triggered. In the past these counters have been traditional logic circuitry, an effective approach but one that leaves a significant footprint of extra components on the chip for which space must be found, and which can become obvious when the chip is inspected through a microscope.

The University of Michigan backdoor is not a counter but an analog charge pump. Every time its input is toggled, a small amount of charge is stored on the capacitor formed by the gate of a transistor, and eventually its voltage reaches a logic level such that an attack circuit can be triggered. They attached it to the divide-by-zero flag line of an OR1200 open-source processor, from which they could easily trigger it by repeatedly dividing by zero. The beauty of this circuit is both that it uses very few components so can hide more easily, and that the charge leaks away with time so it can not persist in a state likely to be accidentally triggered.

The best hardware hacks are those that are simple, novel, and push a device into doing something it would not otherwise have done. This one has all that, for which we take our hats off to the Michigan team.

If this subject interests you, you might like to take a look at a previous Hackaday Prize finalist: ChipWhisperer.

[Thanks to our colleague Jack via Wired]

Hackaday Prize Entry: MCXY – Mini Laser Cut Aluminum 3D Printer

April 24, 2017 by 11 Comments

With the easy availability of cheap and 3D printers from the usual Chinese websites, you might think that there could be little room for another home-made 3D printer project. fortunately, the community of 3D printer making enthusiasts doesn’t see it that way.

[Bobricius] has a rather nice 3D printer design in the works that we think you’ll like. It follows the MakerBot/Ultimaker style of construction in that it is a box rather than a gantry, and it is assembled from CNC-cut aluminum for a sturdy and pleasing effect. Whar sets it apart though is its size, at only 190x190x251mm and with an 80x80x80mm print volume, it’s tiny. You might wonder why that could be an asset, but when you consider that he already has a much larger printer it becomes obvious that something small and portable for quick tiny prints could be an asset.

Unusually for a home-made 3D printer, it has no 3D printed parts, instead, it is laser cut throughout. And also unusually all the CAD work was done in EAGLE, better known for PCB work. It’s a work in progress we’re featuring today because it’s a Hackaday Prize entry, but it looks as though the finished item will be something of a little gem.

Homemade 3D printers can be particularly impressive, for example, we’ve shown you this excellent SLA printer.

The HackadayPrize2017 is Sponsored by:

Official Launch Of The Asus Tinker Board

April 24, 2017 by 57 Comments

Earlier this year, a new single board computer was announced, and subsequently made its way onto the market. The Tinker Board was a little different from the rest of the crop of Raspberry Pi lookalikes, it didn’t come from a no-name company or a crowdfunding site, instead it came from a trusted name, Asus. As a result, it is a very high quality piece of hardware, upon which we remarked when we reviewed it.

Unfortunately, though we were extremely impressed with the board itself, we panned the Asus software and support offering of the time, because it was so patchy as to be non-existent. We had reached out to Asus while writing the review but received no answer, but subsequently they contacted us with a sorry tale of some Tinker Boards finding their way onto the market early, before their official launch and before they had put together their support offering. We updated our review accordingly, after all it is a very good product and we didn’t like to have to pan it in our review.

This week then, news has come through from Asus that they have now launched the board officially. There is a new OS version based on Debian 9, which features hardware acceleration for both the Chromium web browser and the bundled UHD media player. There is also an upcoming Android release though it is still in beta at time of writing and there is little more information.

The Tinker Board is one of the best of the current crop of Raspberry Pi-like single board computers, and it easily trounces the Pi itself on most counts. To see it launched alongside a meaningful software and support offering will give it a chance to prove itself. In our original review we urged tech-savvy readers to buy one anyway, now it has some of the backup it deserves we’d urge you to buy one for your non-technical family members too.

Retrofitting An Amstrad CPC6128 With A Floppy Emulator

April 22, 2017 by 18 Comments

In the home computer boom of 1980s Britain, you could describe Amstrad as the third-placed home-grown player after Sinclair and Acorn. If you were a computer enthusiast kid rather than a gamer kid, you wanted Acorn’s BBC Micro, your parents bought you Sinclair’s ZX Spectrum because it was cheaper, and you thought the Amstrads were cool because they came with a better monitor than your family’s cast-off 1970s TV.

Amstrad were not a computer company headed by a technical wizard, instead they were a consumer electronics company whose founder [Alan Sugar] had a keen nose for the preferences of the consumer. Thus the Amstrad machines were different from some of their competitors: they were more polished, more appliances than experimental tools. Mass storage devices such as tape decks and floppy drives were built-in, every Amstrad came with its own dedicated monitor, and keyboards were decent quality as you’d see on a “proper” computer.

The high-end Amstrad model was the CPC6128. It came with a 3″ floppy drive, and of most interest, it could run the CP/M operating system. If your parents bought you an Amstrad CPC as a 1980s teen, it wouldn’t have been this one, so they are considerably less common than their 64k brethren with the cassette deck. One has found its way into [Drygol]’s hands though, and because the vintage 3″ floppies are unobtainable nowadays he’s fitted a floppy emulator board that stores data on an SD card.

In a sense, in that this is simply the fitting of an off-the-shelf board to a computer, it’s Not A Hack. But misses the point. This is an unusual home computer from the 8-bit era and his write-up is as much a teardown as it is  a howto. We don’t often get to see inside a 6128.

Fitting the board required the fabrication of a cable, with some very neat soldering work. The board has an LCD display, which is mounted in the floppy opening with a 3D printed bezel. The result is a very usable retro computer, without too much in the way of wanton remodeling.

This is probably the first real Amstrad 6128 we’ve shown you, but that hasn’t stopped enthusiasts making a clone with original chips, and another on an FPGA.

 

An 8-Bit Transport Triggered Architecture CPU In TTL

April 21, 2017 by 37 Comments

When we are introduced to the internals of a microprocessor, it is most likely that we will be shown something like one of the first generation of 8-bit CPUs from the 1970s. There will be the familiar group of registers and counters, an arithmetic and logic unit (ALU), and an instruction decoder with associated control logic. A complex instruction set causes the decoder to marshal registers and ALU to perform all the various functions in the right order. CPUs may have moved on in many ways since the 1970s, but the block diagram of an 8080 or similar still provides a basic grounding for the beginner.

So when we tell you about another home-made CPU using TTL logic chips, you might expect it to follow this well-worn path. Fortunately though the hardware hacking community is always capable of springing surprises upon us, and [Szoftveres] has done just that with his design. It’s a one-instruction-set machine following a transport triggered architecture, and that means it deviates sharply from the conventional architecture described above. Each instruction is a move between the different physical functions of the processor, and computation is achieved by the physical functions working on the data as it is moved into them and presenting the result on their outputs ready to be moved elsewhere. The result is a computer that is in its own way beautifully simple, though at the expense of some inflexibility and lack of some hardware functions we take for granted in more conventional processors.

This machine has been built on a piece of stripboard, and has an accompanying board with display, keypad, and a modem. There is a small board based upon an ATmega8 microcontroller which performs the function of fast program loading, and can be removed once the code is loaded. Software can be written in a C-like language anc compiled using the compiler in his GitHub repository, and he has produced a YouTube video of the machine in operation. This project is well worth reading through in-depth, for its introduction to this slightly unusual architecture.

Continue reading “An 8-Bit Transport Triggered Architecture CPU In TTL”

Pi Network Attenuators: Impedance Matching For The Strong Of Signal

April 20, 2017 by 29 Comments

If you catch a grizzled old radio amateur propping up the bar in the small hours, you will probably receive the gravelly-voiced Wisdom of the Ancients on impedance matching, antenna tuners, and LC networks. Impedance at RF, you will learn, is a Dark Art, for which you need a lifetime of experience to master. And presumably a taste for bourbon and branch water, to preserve the noir aesthetic.

It’s not strictly true, of course, but it is the case that impedance matching at RF with an LC network can be something of a pain. You will calculate and simulate, but you will always find a host of other environmental factors getting in the way when it comes down to achieving a match. Much tweaking of values ensues, and probably a bit of estimating just how bad a particular voltage standing wave ratio (VSWR) can be for your circuit.

Continue reading “Pi Network Attenuators: Impedance Matching For The Strong Of Signal”

A Robot Arm With The Tender Grip Of An Octopus

April 19, 2017 by 30 Comments

If you’ve ever experimented with a robot gripper, you’ll know that while it is easy to make an analogue of the human ability to grip between thumb and forefinger, it is extremely difficult to capture the nuances of grip with the benefit of touch feedback to supply only just enough of the force required to grip and hold an object. You as a human can pick up a delicate eggshell without breaking it using the same hand you might use to pick up a baseball or a cricket ball, but making your robot do the same thing is something of an engineering challenge.

The robot gripper is something that has exercised the minds of the folks at Festo, and the solution they have arrived at is as beautiful as it is novel. They have produced a gripper based upon the action of an octopus tentacle,  though unlike the muscle of the real thing they’ve created a silicone tube which bends inwards when inflated. Its inner surface is covered with octopus-like suckers, some of which can be activated by a vacuum. The result is a very capable and versatile gripper which due to its soft construction is ideal for use in environments in which robots and humans interact.

They’ve put up a slick video showing the device in action, which we’ve put below the break. Tasks such as gripping a rolled-up magazine or a plastic bottle that would tax more conventional grippers are performed faultlessly.

Continue reading “A Robot Arm With The Tender Grip Of An Octopus”