Author: Jonathan Bennett

523 Articles

This RISC-V CPU Games In Rust From Inside The Game

July 17, 2023 by 14 Comments

[Xander Naumenko] has created something truly impressive — a working RISC-V CPU completely contained in a Terraria world. And then for added fun, he wrote the game of pong, playable in real time, from within the game of Terraria. It’s all based on the in-game wiring system, combined with a bit of a hack that uses the faulty lamp mechanic to create a very odd AND gate. In Terraria, the existing logic gates have timing issues that make them a no-go for complicated projects like this one. The faulty lamp is intended to do randomized outputs, by stacking multiple inputs to get a weighted output when a clock signal is applied. The hack is to simply give this device a single input, turning it into a clocked IF gate. Two of them together in series makes a clocked AND gate, and two in parallel make a clocked OR gate.

Why would [Xander] embark on this legendary endeavor? Apparently after over eight thousand hours clocked in game, one gets a bored of killing slimes and building NPC houses. And playing with the game’s wiring system turned on a metaphorical lightbulb, that the system could be used to build interesting systems. A prototype CPU, with a completely custom instruction set came next, and was powerful enough to compute Fibonacci. But that obviously wasn’t enough. Come back after the break for the rest of the story and the impressive video demonstration.

Continue reading “This RISC-V CPU Games In Rust From Inside The Game”

This Week In Security: Apple’s 0-day, Microsoft’s Mess, And More

July 14, 2023 by 4 Comments

First up, Apple issued an emergency patch, then yanked, and re-issued it. The problem was a Remote Code Execution (RCE) vulnerability in WebKit — the basis of Apple’s cross-platform web browser. The downside of a shared code base,is that bugs too are write-once, exploit-anywhere. And with Apple’s walled garden insisting that every browser on iOS actually run WebKit under the hood, there’s not much relief without a patch like this one.

The vulnerability in question, CVE-2023-37450, is a bit light on further details except to say that it’s known to be exploited in the wild. The first fix also bumped the browser’s user-agent string, adding an (a) to denote the minor update. This was apparently enough to break some brittle user-agent detection code on popular websites, resulting in an unhelpful “This web browser is no longer supported” message. The second patch gets rid of the notification.

Microsoft Loses It

Microsoft has announced that on May 15th, an attack from Storm-0558 managed to breach the email accounts of roughly 25 customers. This was pulled off via “an acquired Microsoft account (MSA) consumer signing key.” The big outstanding question is how Microsoft lost control of that particular key. According to an anonymous source speaking to The Washington Post, some of the targeted accounts were government employees, including a member of cabinet. Apparently the FBI is asking Microsoft this very same question.

Speaking of Microsoft, there’s also CVE-2023-36884, a vulnerability in Microsoft Office. This one appears to be related to the handling of HTML content embedded in Office documents, and results in code execution upon opening the document. This along with another vulnerability (CVE-2023-36874) was being used by storm- another unknown threat actor, Storm-0978 in an ongoing attack.

There’s an interesting note that this vulnerability can be mitigated by an Attack Surface Reduction (ASR) rule, that blocks Office from launching child processes. This might be a worthwhile mitigation step for this and future vulnerabilities in office. Continue reading “This Week In Security: Apple’s 0-day, Microsoft’s Mess, And More”

This Week In Security: Bogus CVEs, Bogus PoCs, And Maybe A Bogus Breach

July 7, 2023 by 3 Comments

It appears we have something of a problem. It’s not really a new problem, and shouldn’t be too surprising, but it did pop up again this week: bogus CVEs. Starting out in the security field? What’s the best way to jump-start a career? Getting a CVE find to your name certainly can’t hurt. And as a result, you get very junior security researchers looking for and reporting novel security vulnerabilities of sometimes dubious quality. Sometimes that process looks a lot like slinging reports against the wall to see what sticks. Things brings us to an odd bug report in the OBS Studio project.

A researcher put together a script to look for possible password exposure on Github projects, and it caught a configuration value named “password” in a .ini file, being distributed in the project source. Obvious credential leak in Git source, right? Except for the little detail that it was in the “locale” folder, and the files were named ca-es.ini, ja-jp.ini, and similar. You may be in on the joke by now, but if not, those are translation strings. It wasn’t leaked credentials, it was various translations of the word “password”. This sort of thing happens quite often, and from the viewpoint of a researcher looking at results from an automated tool, it can be challenging to spend enough time with each result to fully understand the code in question. It looks like this case includes a language barrier, making it even harder to clear up the confusion.

Things took a turn for the worse when a CVE was requested. The CVE Numbering Authority (CNA) that processed the request was MITRE, which issued CVE-2023-34585. It was a completely bogus CVE, and thankfully a more complete explanation from OBS was enough to convince the researcher of his error. That, however, brings us back to CVE-2023-36262, which was published this week. It’s yet another CVE, for the same non-issue, and even pointing at the same GitHub issue where the alleged bug is debunked. There’s multiple fails here, but the biggest disappointment is MITRE, for handing out CVEs twice for the same issue. Shout-out to [Netspooky] on Twitter for spotting this one. Continue reading “This Week In Security: Bogus CVEs, Bogus PoCs, And Maybe A Bogus Breach”

3D Audio Imaging With A Phased Array Microphone

July 4, 2023 by 28 Comments

Remember the scene from Blade Runner, where Deckard puts a photograph into a Photo Inspector? The virtual camera can pan and move around the captured scene, pulling out impossible details. It seems that [Ben Wang] discovered how to make that particular trick a reality, but with audio instead of video. The secret sauce isn’t a sophisticated microphone, but a whole bunch of really simple ones. In this case, it’s 192 of them, arranged on long PCBs working as the spokes of a wall-art wheel. Quite the conversation piece.

Continue reading “3D Audio Imaging With A Phased Array Microphone”

Quetzal-1 Satellite Goes Open Source

July 4, 2023 by 30 Comments

Back in 2020, students from Universidad Del Valle De Guatemala (UVG) pulled off a really impressive feat, designing and building a CubeSat that lasted a whopping 211 days in orbit. In addition to telemetry and radio equipment, it carried a black-and-white camera payload.

But it turns out space is hard. The first pictures were solid black or white, with the automatic exposure process failing pretty badly. A pair of good pictures were taken by waiting until the satellite was passing over Guatemala during sunrise or sunset. A hung I2C bus led to battery drain, and the team tried a system reset to clear the hung state. Sadly the craft never came back to life after the reset, likely because of one of the Lithium-Ion battery cells failed completely in the low charge state.

That was 2020, so why are we covering it now? Because the project just released a massive trove of open source design documents, the software that ran on the satellite and ground station, and all the captured telemetry from the flight. It’s the ultimate bootstrap for anyone else designing a CubeSat, and hopefully provides enough clues to avoid some of the same issues.

Even though the mission had problems, it did achieve a lot of milestones, including the first picture of Earth taken by a Central American satellite. Even coming online and making radio contact from orbit to an earthbound station is quite a feat. The team is already looking forward to Quetzal-2, so stay tuned for more!

And if you want the details on the Quetzal-1 design, and what went wrong with the electrical system, both PDF papers have been released. Seeing more open source in space is an encouraging development, and one that should continue to grow as the cost of payloads to orbit continues to fall. We’ve covered the UPSat satellite, the PyCubed framework, and even the RTL-SDR for listening to satellite radio traffic.

Cooling Paint You Can Actually Make

July 3, 2023 by 59 Comments

[NightHawkInLight] has been working on radiative sky paint. (Video, embedded below.) That’s a coating that radiates heat in the infrared spectrum at a wavelength that isn’t readily absorbed or reflected by the atmosphere. The result is a passive system that keeps materials a few degrees cooler in direct sunlight than an untreated piece in the shade. That sounds a bit like magic, but apparently the math checks out.

Continue reading “Cooling Paint You Can Actually Make”

Fujitsu Proprietary Keyboard Goes PS/2 With A Pico

July 1, 2023 by 8 Comments

One of our favorite retro-computing YouTubers, [Clint] from LGR, found himself a very interesting Fujitsu keyboard while thrift store shopping. It was a beautiful unit, but confusing, as this keyboard comes with an 8-pin DIN connector. A 5-pin DIN plug or 6-pin Mini-DIN would be easy to work with, but what was this odd connection? Turns out the Fujitsu N860-2500-T111 came with an Olympus CV-100 Video Processor, which was designed for medical imaging, potentially among other uses. And as often happened with old specialized hardware, the keyboard used a proprietary protocol for sending keystrokes.

[Clint] put out a call for anyone that could help him build an adapter, and [Andy] from Element14 answered the call. But this problem requires more than an adapter, mainly because the Fujitsu doesn’t have key rollover. It’s one key at a time, and that just doesn’t work for the sort of things [Clint] shows off on LGR. So, the electronic guts of the keyboard were removed, to be replaced with a Raspberry Pi Pico, wired directly to the keyboard matrix.

Continue reading “Fujitsu Proprietary Keyboard Goes PS/2 With A Pico”