This Week In Security: Bad Signs From Microsoft, An Epyc VM Escape

July 2, 2021 by 14 Comments

Code signing is the silver bullet that will save us from malware, right? Not so much, particularly when vendors can be convinced to sign malicious code. Researchers at G DATA got a hit on a Windows kernel driver, indicating it might be malicious. That seemed strange, since the driver was properly signed by Microsoft. Upon further investigation, it became clear that this really was malware. The file was reported to Microsoft, the signature revoked, and the malware added to the Windows Defender definitions.

The official response from Microsoft is odd. They start off by assuring everyone that their driver signing process wasn’t actually compromised, like you would. The next part is weird. Talking about the people behind the malware: “The actor’s goal is to use the driver to spoof their geo-location to cheat the system and play from anywhere. The malware enables them to gain an advantage in games and possibly exploit other players by compromising their accounts through common tools like keyloggers.” This doesn’t seem to really match the observed behavior of the malware — it seemed to be decoding SSL connections and sending the data to the C&C server. We’ll update you if we hear anything more on this one.
Continue reading “This Week In Security: Bad Signs From Microsoft, An Epyc VM Escape”

A Robot To Top Up Your Tesla

July 2, 2021 by 37 Comments

The convenience of just plugging in your car in the evening and not going into a gas station is great as long as you remember to do the plugging. You really don’t want to get caught with an empty battery while you’re in a rush. [Pat Larson]’s Tesla plugging robot might be a handy insurance policy if you count forgetfulness among your weaknesses.

The robot consists of a standard Tesla charging plug attached to a 2-axis robotic arm mounted on [Pat]’s garage wall. Everything is controlled by a Python script running on Raspberry Pi 4. After taking a picture with a camera module, it uses a Tensor Flow Lite machine learning model to determine the position of a reflector on the charging port cover. The platform moves back and forth to align with the charging port, after which it opens the charging port using the Tesla API. It then extends the arm towards the charging port, using ultrasonic proximity sensors for distance control, and again uses the camera module and Tensor Flow to look for the illuminated Tesla logo adjacent to the charging port. The charge plug is flipped out using a large servo, and after some final position adjustment, it takes the plunge. While robot won’t be winning any interior design contests, it does the job well, and adds a bit of convenience and peace of mind.

Other Tesla hacks we’ve seen include building a working Model S for $6500, turning an old Honda into a speed demon using Tesla parts, and a Casio F-91W that can unlock your Tesla.

Dumping 90’s Honda ECU Programming With Arduino

July 2, 2021 by 19 Comments

[P1kachu] owns a pair of early 1990’s Honda’s with custom tuning on their stock ECUs, and after having to get the ECU repaired on his ’93 civic, he found himself going down the rabbit hole of Honda ECU EPROM chips.

During the repair process, the tuning shop owner, or [Tuner-san] as [P1ikachu] refers to him, made a backup of the custom tuning to another EPROM chip.  This was done with an old Advantest R4945A EPROM programmer, which [Tuner-san] supposedly also used to clone Famicom cartridges back in the day. After realizing that [Tuner-san] could only clone the contents, but not view or modify it, he started looking at ways to do that.

EPROMS are programmed using higher voltage (12.5 V – 25 V) but to read them 5 V is used. The memory address is selected by setting each of the 15 address pins high or low, and then reading the status of the 8 data pins to extract one byte of data. Rinse and repeat for each of the 256 memory addresses on the Microchip 27C256 EPROM. One of the previous owners of [Pikachu]’s Civic made some unknown tuning changes, so he is in the process of looking at the dumped data to see what was changed. Once he has completed figuring out the programming table of the EPROM, he plans to do some testing with [Tuner-san] to possible smooth out the rev limited.

An interesting aspect of EPROMs is that they are erased using UV light, which sets all the memory bits to 1. During programming, selected bits can be set to 0, but it’s not possible to set them back to 1 without erasing the entire chip again.

Messing around with the computers in cars is not only for tuning, but can also expose some rather serious security flaws, especially in modern vehicles.

This Horrifying Robot Is Here To Teach You A Lesson

July 1, 2021 by 8 Comments

No, despite what it might look like, this isn’t some early Halloween project. The creepy creation before you is actually a tongue-in-cheek “robot” created by the prolific [Nick Bild], a topical statement about companies asking their remote workers to come back into the office now that COVID-19 restrictions are being lifted. Why commute every day when this ultra realistic avatar can sit in for you?

OK, so maybe it’s not the most impressive humanoid creation to ever grace the pages of Hackaday. But if you’re looking to spin up a simple telepresence system, you could do worse than browsing through the Python source code [Nick] has provided. Using a Raspberry Pi 4, a webcam, and a microphone, his client-server architecture combines everything the bot sees and hears into a simple page that can be remotely accessed with a web browser.

Naturally this work from home (WFH) bot wouldn’t be much good if it was just a one-way street, so [Nick] has also added a loudspeaker that replays whatever he says on the client side. To prevent a feedback loop, his software includes a function that toggles which direction the audio stream goes in by passing the appropriate commands to the bot over SSH; a neat trick to keep in mind for your own, less nightmarish, creations.

If you’re looking for something a bit more capable and have some cardboard laying around, this DIY telepresence mount for your phone might be a good place to start.

Continue reading “This Horrifying Robot Is Here To Teach You A Lesson”

Quick And Simple Morse Decoder

July 1, 2021 by 14 Comments

[Rostislav Persion] wrote a simple Morse Code decoder to run on his Arduino and display the text on an LCD shield. This is probably the simplest decoder possible, and thus its logic is pretty straightforward to follow. Simplicity comes at a price — changing the speed requires changing constants in the code. We would like to see this hooked up to a proper Morse code key, and see how fast [Rostislav] could drive it before it conks out.

In an earlier era of Morse code decoders, one tough part was dealing with the idiosyncrasies of each sender. Every operator’s style, or “fist”, has subtle variations in the timings of the dots, dashes, and the pauses between these elements, the letters, and the words. In fact, trained operators can recognize each other because of this, much like we can often recognize who is speaking on the phone just by hearing their voice. The other difficulty these decoders faced was detecting the signal in low signal-to-noise ratio environments — pulling the signal out of the noise.

A Morse decoder built today is more likely to be used to decode machine-generated signals, for example, debugging information or telemetry. This would more than likely be sent at fixed, known speeds over directly connected links with very high S/N ratios (a wire, perhaps). In these situations, a simple decoder like [Rostislav]’s is completely sufficient.

We wrote about a couple of Morse code algorithms back in 2014, the MorseDetector and the Magic Morse algorithm. While Morse code operators usually rank their skills by speed — the faster the better — this Morse code project for very low power transmitters turns that notion on its head by using speeds more suitably measured in minutes per word (77 MPW for that project). Have you used Morse code in any of your projects before? Let us know in the comments below.

Automate The Farm With Acorn

July 1, 2021 by 40 Comments

Farming has been undergoing quite a revolution in the past few years. Since World War 2, most industrial farming has relied on synthetic fertilizer, large machinery, and huge farms with single crops. Now there is a growing number of successful farmers bucking that trend with small farms growing many crops and using natural methods of fertilizing that don’t require as much industry. Of course even with these types of farms, some machinery is still nice to have, so this farmer has been developing an open-source automated farming robot.

The robot is known as Acorn and is the project of [taylor] who farms in California. The platform is powered by an 800 watt solar array feeding a set of supercapacitors for energy storage. It uses mountain bike wheels and tires fitted with electric hub motors which give it four wheel drive and four wheel steering to make it capable even in muddy fields. The farming tools, as well as any computer vision and automation hardware, can be housed under the solar panels. This prototype uses an Nvidia Jetson module to handle the heavy lifting of machine learning and automation, with a Raspberry Pi to handle the basic operation of the robot, and can navigate itself around a farm using highly precise GPS units.

While the robot’s development is currently ongoing, [taylor] hopes to develop a community that will build their own versions and help develop the platform. Farming improvements like this are certainly needed as more and more farmers shift from unsustainable monocultures to more ecologically friendly methods involving multiple simultaneous crops, carbon sequestration, and off-season cover crops. It’s certainly a long row to hoe but plenty of people are already plowing ahead.

Continue reading “Automate The Farm With Acorn”

ESP32 Turned Handy SWD Flasher For NRF52 Chips

July 1, 2021 by 9 Comments

Got an nRF52 or nRF51 device you need to flash? Got an ESP32 laying around collecting dust? If so, then firmware hacking extraordinaire [Aaron Christophel] has the open source code you need. His new project allows the affordable WiFi-enabled microcontroller to read and write to the internal flash of Nordic nRF52 series chips via their SWD interface. As long as you’ve got some jumper wires and a web browser, you’re good to go.

In the first video below [Aaron] demonstrates the technique with the PineTime smartwatch, but the process will be more or less the same regardless of what your target device is. Just connect the CLK and DIO lines to pins GPIO 21 and GPIO 19 of the ESP32, point your web browser to its address on the local network, and you’ll be presented with a straightforward user interface for reading and writing the chip’s flash.

As demonstrated in the second video, with a few more wires and a MOSFET, the ESP32 firmware is also able to perform a power glitch exploit on the chip that will allow you to read the contents of its flash even if the APPROTECT feature has been enabled. [Aaron] isn’t taking any credit for this technique though, pointing instead to the research performed by [LimitedResults] to explain the nuts and bolts of the attack.

We’re always excited when a message from [Aaron] hits the inbox, since more often that not it means another device has received an open source firmware replacement. From his earlier work with cheap fitness trackers to his wildly successful Bluetooth environmental sensor hacking, we don’t think this guy has ever seen a stock firmware that he didn’t want to immediately send to /dev/null.

Continue reading “ESP32 Turned Handy SWD Flasher For NRF52 Chips”