This Week In Security: Pacman, Hertzbleed, And The Death Of Internet Explorer

There’s not one, but two side-channel attacks to talk about this week. Up first is Pacman, a bypass for ARM’s Pointer Authentication Code. PAC is a protection built into certain ARM Processors, where a cryptographic hash value must be set correctly when pointers are updated. If the hash is not set correctly, the program simply crashes. The idea is that most exploits use pointer manipulation to achieve code execution, and correctly setting the PAC requires an explicit instruction call. The PAC is actually indicated in the unused bits of the pointer itself. The AArch64 architecture uses 64-bit values for addressing, but the address space is much less than 64-bit, usually 53 bits or less. This leaves 11 bits for the PAC value. Keep in mind that the application doesn’t hold the keys and doesn’t calculate this value. 11 bits may not seem like enough to make this secure, but keep in mind that every failed attempt crashes the program, and every application restart regenerate the keys.

What Pacman introduces is an oracle, which is a method to gain insight on data the attacker shouldn’t be able to see. In this case, the oracle works via speculation attacks, very similar to Meltdown and Spectre. The key is to attempt a protected pointer dereference speculatively, and to then observe the change in system state as a result. What you may notice is that this requires an attack to already be running code on the target system, in order to run the PAC oracle technique. Pacman is not a Remote Code Execution flaw, nor is it useful in gaining RCE.

One more important note is that an application has to have PAC support compiled in, in order to benefit from this protection. The platform that has made wide use of PAC is MacOS, as it’s a feature baked in to their M1 processor. The attack chain would likely start with a remote execution bug in an application missing PAC support. Once a foothold is established in uprivileged userspace, Pacman would be used as part of an exploit against the kernel. See the PDF paper for all the details.

Continue reading “This Week In Security: Pacman, Hertzbleed, And The Death Of Internet Explorer”

3D Printer Helps Make A Neat Lyric Video

These days, it’s a lot easier to get attention online if your lovely music comes with some kind of visual accompaniment. Of course, shooting a full-scale music video can be expensive, so lyric videos have become a more affordable, approachable avenue that are growing in popularity. [prash] whipped one up recently with the help of a 3D printer.

The video is a timelapse of a 3D print, something we’re very familiar with around these parts. [prash] embedded words in the various layers of the objects to be printed. Thus, as the prints are laid down on the build plate, the words are revealed to the camera shooting the time lapse. The scene is further improved by shaping the prints to reference the lyrics of the song, and using attractive infill designs like spirals and stripes. There are even some strategically placed clouds and pretty lighting to improve the effect.

It’s a neat use of 3D printing, and an artful one at that. We’re pretty confident that [prash] has put together a highly unique lyric video, and it’s much more impressive than the dodgy 3D printing [Will.i.am] featured in his not-quite-a-Britney song a decade ago. Video after the break.

Continue reading “3D Printer Helps Make A Neat Lyric Video”

72 DIY Musical Instruments Played In 7 Minutes

Humans have been making musical instruments from whatever items are close at hand for thousands of years, and we aren’t showing any signs of slowing down yet, least of all artist [Nicolas Bras] and collaborator [Sandrine Morais.] They have been designing and constructing quite a number of DIY instruments over the years, with this demo video highlighting a whopping 72 of them in the space of just seven minutes!

Clearly, [Nicolas] is one of those people who can play literally anything, and shows his skills off very well indeed if you ask us. Particularly fine sounding is the pilchards tin guitar found at 2:52 in the video, and the electric pipe beat box at 2:10 is also pretty fun.

Pretty much all the usual methods for producing sounds mechanically are covered, namely air resonating within a shaped enclosure (flutes, and such), string vibrations which might be sensed electrically (guitars, zithers, etc) and percussive instruments which vibrate an enclosed air mass (like the udu) or vibrate other things (like plates or bars). Looking over the YouTube channel, we can’t think of much they haven’t tried to make music with!

If all this sounds familiar, well, we covered [Nicolas] that time he was traveling for a gig and his instrument collection got lost in transit.

Continue reading “72 DIY Musical Instruments Played In 7 Minutes”

Automated Blinds Can Be A Cheap And Easy Build

Blinds are great for blocking out the sun, but having to get up to open and close them grows tiresome in this computationally-advanced age. [The Hook Up] decided to automate his home blinds instead, hooking them up to the Internet of Things with some common off-the-shelf parts.

The basic idea was to use stepper motors to turn the tilt rod which opens and closes the blinds. An early attempt to open blinds with unipolar stepper motors proved unsuccessful, when the weak motors weren’t capable of fully closing the blinds when running on 5 volts. Not wanting to throw out the hardware on hand, the motors were instead converted to bipolar operation. They were then hooked up to DRV8825 driver boards and run at 12 volts to provide more torque.

With the electromechanical side of things sorted out, it was simple to hook up the motor drivers to a NodeMCU, based on the ESP8266. The IoT-ready device makes it easy to control the motors remotely via the web.

The build came in at a low cost of around $10 per blind. That’s a good saving over commercial options which can cost hundreds of dollars in comparison. We’ve seen other work from [The Hook Up] before too, like his creative Flex Seal screen build. Video after the break.

Continue reading “Automated Blinds Can Be A Cheap And Easy Build”

Will The Real Commodore Please Stand Up?

The Commodore 64 is a much-loved 8-bit retro computer that first appeared in 1982 and finally faded away around a decade later. The Commodore company started by [Jack Tramiel] went on to make the Amiga, and eventually ceased trading some time in the late 1990s. All history, now kept alive only by enthusiasts, right? Well, not quite, as the C64 has been the subject of a number of revivals both miniature and full-sized over the years. The latest came in the form of a Kickstarter for the C64x, a seemingly legitimately-branded Commodore 64-shaped PC, but it seems that has now been paused due to a complaint from an Italian company claiming to be the real heirs of Commodore. So will the real Commodore please stand up?

The origin of the Kickstarter C64x breadbin C64 PC is well enough documented, having its roots in a legitimate 2010 offering for which the person behind the C64x appears to have gained the rights. The Italian company is also called Commodore and uses the familiar branding from the glory days to sell some Commodore-themed games, novelties, and a tablet computer, but its website is a little tight-lipped about how it came by the use of that IP. Could it have come upon those rights through the 1990s German owner of the brand, Escom? We’d be fascinated to know.

Continue reading “Will The Real Commodore Please Stand Up?”

3D-Printed Gear Press Can Squash Stuff, Kinda

A press is a useful thing to have, whether you like destroying stuff or you simply want to properly install some bearings. [Retsetman] decided to build one from scratch, eschewing the typical hydraulic method for a geared design instead.

The benefit of going with a gear press design is that [Retsetman] was able to 3D print the required gears himself. The design uses a series of herringbone gears to step down the output of two brushed DC motors. This is then turned into linear motion via a rack and pinion setup. Naturally, the strength of the gears and rack is key to the performance of the press. As you might expect, a fair few of the printed gears suffered failures during the development process.

The final press is demonstrated by smooshing various objects, in true YouTube style. It’s not really able to destroy stuff like a proper hydraulic press, but it can kind of crush a can and amusingly squash a teddy bear. If you’re really keen on making a gear press, though, you’re probably best served by going with a metal geartrain. Video after the break.

Continue reading “3D-Printed Gear Press Can Squash Stuff, Kinda”

1200 Addressable LEDs Make For The Perfect First Dance

The first dance of a newly married couple at the wedding reception is both a sentimental and memorable event, so why not make it even more so with something a bit special? Hackaday alumnus [Brett Haddoak] and his wife [Rachelle] certainly achieved that, with 1200 addressable LEDs turning her wedding dress into a real-life reproduction of Princess Aurora’s color changing dress from Disney’s Sleeping Beauty.

Tradition dictates that a groom must not see the dress before the Big Day, thus the LEDs were fixed to a petticoat and bustier that go underneath. The design would need so many LEDs that it crossed the limit that an Arduino can address, thus there were two Arduinos to control the whole. Electronics and batteries were worn in a pair of polo shorts, and after some nail-biting moments involving flaky connections, the whole thing came to life. The result can be seen in the video below the break, and certainly comes with a significant wow factor!

We would like to wish the happy couple all the best for the future, and we hope that this won’t be their last such electronic collaboration. If you’re hungry for more, it’s not the first light-up wedding outfit we’ve brought you.

Continue reading “1200 Addressable LEDs Make For The Perfect First Dance”