6502 Hacking Hack Chat

April 1, 2024 by 5 Comments

Join us on Wednesday, April 3rd at noon Pacific for the 6502 Hacking Hack Chat with Anders Nielsen!

Back in the early days of the personal computing revolution, you could have any chip you wanted…as long as it was 8-bits. We’ve come a long way since then, and while nobody seriously hopes for a wholesale return to the time when a Commodore 64 or Apple II was the home computing power play, there’s still a lot to be said for the seat-of-the-pants feeling of the day. Our engineering forebears had their work cut out for them, and building the home PC revolution from the ground up with microprocessors that by today’s standards were laughably limited is something worth celebrating.

join-hack-chatEvery retrocomputing enthusiast has their own favorite chip, and for Anders, it’s obviously the 6502 — enough to give birth to his 65uino project, which put the storied microprocessor at the heart of an Arduino pin-compatible microcontroller. It’s a neat project that seems to have caught a lot of people’s imaginations and opened up a world of hardware and software hacks that modern hardware just doesn’t need.

Getting closer to the silicon is the goal of retrocomputing, and Anders is making it easy to get involved. And we’re lucky enough to have him stop by the Hack Chat to talk all about teaching the 6502 some 21st-century tricks. Stop by and join in the discussion, and maybe you’ll catch the 8-bit bug too.

Our Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, April 3 at 12:00 PM Pacific time. If time zones have you tied up, we have a handy time zone converter.

OSHW Framework Laptop Expansion Hides Dongles

April 1, 2024 by 16 Comments

If you’ve got a wireless keyboard or mouse, you’ve probably got a receiver dongle of some sort tucked away in one of your machine’s USB ports. While modern technology has allowed manufacturers to shrink them down to the point that they’re barely larger than the USB connector itself, they still stick out enough to occasionally get caught on things. Plus, let’s be honest, they’re kind of ugly.

For owners of the Framework laptop, there’s now a solution: the DongleHider+ by [LeoDJ]. This clever open source hardware project is designed to bring these little receivers, such as the Logitech Unifying Dongle, into one of the Framework’s Expansion bays. The custom PCB is designed with a large notch taken out to fit the dongle’s PCB, all you need to do is solder it in with four pieces of stiff wire.

Continue reading “OSHW Framework Laptop Expansion Hides Dongles”

Wrencher-2: A Bold New Direction For Hackaday

April 1, 2024 by 44 Comments

Over the last year it’s fair to say that a chill wind has blown across the face of the media industry, as the prospect emerges that many content creation tasks formerly performed by humans instead being swallowed up by the inexorable rise of generative AI. In a few years we’re told, there may even be no more journalists, as the computers become capable of keeping your news desires sated with the help of their algorithms.

Here at Hackaday, we can see this might be the case for a gutter rag obsessed with celebrity love affairs and whichever vegetable is supposed to cure cancer this week, but we continue to believe that for quality coverage of the latest and greatest in the hardware hacking world, you can’t beat a writer made of good old-fashioned meat. Indeed, in a world saturated by low-quality content, the opinions of smart and engaged writers become even more valuable. So we’ve decided to go against the trend, by launching not a journalist powered by AI, but an AI powered by journalists.

Announcing Wrencher-2, a Hackaday chat assistant in your browser

Wrencher-2 is a new paradigm in online chat assistants, eschewing generative algorithms in favour of the collective expertise of the Hackaday team. Ask Wrencher-2 a question, and you won’t get a vague and made-up answer from a computer, instead you’ll get a pithy and on-the-nail answer from a Hackaday staffer. Go on – try it! Continue reading “Wrencher-2: A Bold New Direction For Hackaday”

Flipper Zero Panic Spreads To Oz: Cars Unaffected

April 1, 2024 by 15 Comments

A feature of coming to adulthood for any young person in the last quarter of the twentieth century would have been the yearly warnings about the danger of adulterated Halloween treats. Stories were breathlessly repeated of apples with razor blades in them, or of chocolate bars laced with rat poison, and though such tales often carried examples of kids who’d died horrible deaths in other far-away places, the whole panic was (as far as we know) a baseless urban legend.

It’s difficult not to be reminded of those times today then, as we read news from Australia warning about the threat from the Flipper Zero wireless hacking tool. It has the same ingredients, of an imaginary threat earnestly repeated by law enforcement officers, and lapped up by a credulous media with little appetite for verifying what they print.

This is a story which first appeared in mid-February in Canada, when a government minister singled out the Flipper Zero as a car theft tool and promised to ban it. This prompted a storm of derision from tech-savvy Canadians and others who immediately pointed out that vehicle security has long ago eclipsed the capabilities of the Flipper, and that there are far more pertinent threats such as those from CAN bus attacks or even RF boosters. Despite this debunking, it seems to have spread. Where will Flipper Mania pop up next?

Canada and Australia are both countries with a free press; that press should be doing their job on these stories by fact-checking and asking pertinent questions when the facts don’t fit the story. When it comes to technology stories it seems not doing this has become the norm.

Thanks [Peter Caldwell] for the tip.

anfractuosity's test setup showing the Pi under test and a few pieces of equipment used to perform the attack

Cold Boot Attack You Can Do With A Pi

April 1, 2024 by 2 Comments

A cold boot attack is a way to extract RAM contents from a running system by power cycling it and reading out RAM immediately after loading your own OS. How easy is it for you to perform such an attack? As [anfractuosity] shows, you can perform a cold boot attack with a Raspberry Pi, with a reasonably simple hardware setup and a hefty chunk of bare-metal code.

[anfractuosity]’s setup is simple enough. The Pi 4 under attack is set up to boot from USB drive, and a relay board has it switch between two possible USB drives to boot from: one with a program that fills RAM with , and another with a program that extracts RAM out through UART. The process is controlled by another Pi controlling the relays through GPIOs, that also monitors the target Pi’s UART and uses it as a channel to extract memory.

The outcomes are pretty impressive. After 0.75s of power-down, most of the image could be extracted. That’s without any cooling, so abusing a can of electronics duster is likely to improve these results dramatically. Want to play with cold boot attacks? [anfractuosity]’s code is great for getting your feet wet. Furthermore, the code examples provided serve as a wonderful playground for general memory attack research.

Raspberry Pi not fun enough for you anymore? Well then, you can always start playing with Android phones!

3D Printing Computer Space

March 31, 2024 by 6 Comments

The first computer game available as a commercial arcade cabinet is unsurprisingly, a rare sight here in 2024. Nolan Bushnel and Ted Dabney’s 1971 Computer Space was a flowing fiberglass cabinet containing a version of the minicomputer game Spacewar! running on dedicated game hardware. The pair would of course go on to found the wildly successful Atari, leaving their first outing with its meager 1500 units almost a footnote in their history.

Unsurprisingly with so relatively few produced, few made it out of the United States, so in the UK there are none to be found. [Arcade Archive] report on a fresh build of a Computer Space cabinet, this time not in fiberglass but via 3D printed plastic.

The build itself is the work of [Richard Horne], and in the video he takes us through the design process before printing the parts and then sticking them all together to make the cabinet. Without a real machine to scan or measure he’s working from photographs of real machines, working out dimensions by reference to other cabinets such as PONG that appear alongside them. The result is about as faithful a model of the cabinet as could be made, and it’s cut into the many pieces required for 3D printing before careful assembly.

This is the first in a series, so keep following them to see a complete and working Computer Space take shape.

Continue reading “3D Printing Computer Space

Exploit The Stressed-out Package Maintainer, Exploit The Software Package

March 31, 2024 by 10 Comments

A recent security vulnerability — a potential ssh backdoor via the liblzma library in the xz package — is having a lot of analysis done on how the vulnerability was introduced, and [Rob Mensching] felt that it was important to highlight what he saw as step number zero of the whole process: exploit the fact that a stressed package maintainer has burned out. Apply pressure from multiple sources while the attacker is the only one stepping forward to help, then inherit the trust built up by the original maintainer. Sadly, [Rob] sees in these interactions a microcosm of what happens far too frequently in open source.

Maintaining open source projects can be a high stress activity. The pressure and expectations to continually provide timely interaction, support, and updates can easily end up being unhealthy. As [Rob] points out (and other developers have observed in different ways), this kind of behavior just seems more or less normal for some projects.

The xz/liblzma vulnerability itself is a developing story, read about it and find links to the relevant analyses in our earlier coverage here.