The fine researchers at Google have released the juicy details on EntrySign, the AMD Zen microcode issue we first covered about a month ago. And to give away the punchline: cryptography is hard. It’s hard in lots of ways, but the AMD problem here is all about keeping track of the guarantees provided by cryptographic primitives.
Continue reading “This Week In Security: Zen Jailbreak, Telegram Exploit, And VMware Hyperjack”
In the world of proprietary protocol darkness, it’s comforting to see that the RV realm (Recreational Vehicle, also known as a motorhome) has mostly settled on RV-C, an open protocol that lets various devices and systems inside an RV talk to each other over CAN. The undeniable openness of RV-C is surprising, but we haven’t seen many hobbyists tinker with it — yet.
Now, [Randy Ubillos] sets an example — his gift to us is an ESP32 firmware called RV-Bridge and it lets you control your RV’s RV-C network from HomeKit. After all, your motorhome could benefit from home automation, too!
The RV-C network in [Randy]’s family RV already had a factory-provided front-end and an iOS app, but naturally, it had a limited set of features. Having looked around online he found that both RV-C and HomeKit had open libraries for them, and set out to join these worlds together.
Now he’s released the first revision of RV-Bridge, fully-featured enough for comfortable day-to-day use, and with a setup guide for those who want to try it out! When it comes to hardware, you’ll want an ESP32 board with CAN support — [Randy] has found a perfect board for sale, and made it even more fitting by designing a 3D printed case for RV use; as usual, files are on GitHub!
Making your stock RV more comfy through hacker methods is exactly what we expect to grace our tips line! The kinds of RV projects we’ve seen so far, are also outstandingly cool, yet of different kind – things like building your own RVs out of something not meant to be an RV, whether it’s an abandoned airliner, a school bus, or a jet engine! Oh, and if your hackerspace owns a RV, you can always convert it to something else, be it a mobile hackerspace or a spaceship simulator.
The folks at NASA are taking a well-deserved victory lap this week after the splashy reveal of the first scientific images from the James Webb Space Telescope. As we expected, the first public release included a lot of comparisons to images obtained from Hubble, as the general public understandably sees Webb as the successor to the venerable space telescope, now in its third decade of service. So for a “let’s see what this baby can do” image, they turned Webb loose on a tiny patch of sky in the southern hemisphere containing galactic cluster SMACS 0723, and sent back images and spectroscopic data from galaxies up to 13 billion light years away. There are plenty of analyses of Webb’s deep field and the other images in the first release, but we particularly liked the takes by both Anton Petrov and Dr. Becky. They both talk about the cooler scientific aspects of these images, and how Webb is much more than just a $10 billion desktop image generator.
We always like to call out a commercial success stemming from projects that got their start on Hackaday.io, and so we’re proud to announce the release of MAKE: Calculus by Joan Horvath and Rich Cameron, a book that takes a decidedly different approach to teaching calculus than traditional courses. Geared to makers and hackers, who generally tend to have a visual style of learning, the book makes heavy use of 3D-printed models to illustrate the relationships between functions. The project started five years ago as a 2017 Hackaday Prize entry, and resulted in a talk at the 2019 Supercon. Their book is now available for preorder, and might be a great way to reacquaint themselves with calc, or perhaps even to learn it for the first time. Continue reading “Hackaday Links: July 10, 2022”
Early in the morning of February 24th, Dr. Jeffrey Lewis, a professor at California’s Middlebury Institute of International Studies watched Russia’s invasion of Ukraine unfold in realtime with troop movements overlaid atop high-resolution satellite imagery. This wasn’t privileged information — anybody with an internet connection could access it, if they knew where to look. He was watching a traffic jam on Google Maps slowly inch towards and across the Russia-Ukraine border.
As he watched the invasion begin along with the rest of the world, another, less-visible facet of the emerging war was beginning to unfold on an ill-defined online battlefield. Digital espionage, social media and online surveillance have become indispensable instruments in the tool chest of a modern army, and both sides of the conflict have been putting these tools to use. Combined with civilian access to information unlike the world has ever seen before, this promises to be a war like no other.
The first casualties in the online component of the war have been websites. Two weeks ago, before the invasion began en masse, Russian cyberwarfare agents launched distributed denial of service (DDoS) attacks against Ukrainian government and financial websites. Subsequent attacks have temporarily downed the websites of Ukraine’s Security Service, Ministry of Foreign Affairs, and government. A DDoS attack is a relatively straightforward way to quickly take a server offline. A network of internet-connected devices, either owned by the aggressor or infected with malware, floods a target with request, as if millions of users hit “refresh” on the same website at the same time, repeatedly. The goal is to overwhelm the server such that it isn’t able to keep up and stops replying to legitimate requests, like a user trying to access a website. Russia denied involvement with the attacks, but US and UK intelligence services have evidence they believe implicates Moscow. Continue reading “The Invisible Battlefields Of The Russia-Ukraine War”
The list of requirements for hosting one of our weekly Hack Chats is pretty short: you’ve got to be knowledgeable, passionate, and above all else, willing to put those two quantities on display for a group of like-minded strangers. Beyond that, we’re not too picky. From industry insider to weekend hobbyist, high school dropout to double doctorate, if you’ve got something interesting to talk about, we’re ready to listen.
But in casting a such a wide net, we occasionally forget that we’ve got a considerable collection of potential hosts within our own worldwide roster of contributors. Among this cast of characters, few can boast the same incredible body of knowledge as Al Williams, who was able to pencil in some time this week to host the Logic Simulation Hack Chat.
Or at least, that was the idea. In reality the Chat covered a wide range of topics, and was peppered with fascinating anecdotes pulled from Al’s decades of experience in the field. Though to be fair, we expected no less. He was building hardware before many of us were born, and can take credit for designs that have been at the bottom of the ocean as well as launched into orbit. He’s been writing about it just as long too, with articles of his appearing in iconic print magazines such as Dr. Dobb’s Journal.
Al has seen and done so much that he still surprises us with the occasional nugget, and we’ve been working with him for years. It was only a week or two back that he started a story with “Back when I used to manage a gas pipeline…” in the middle of a conversation about utility metering.
Of course, that’s not to say some technical discussion didn’t sneak in there from time to time. Sure Al’s recollection of how they used to literally crawl over the schematics for the 68000 back at Motorola might stick out as a particular high point, but he also explains his personal preference for vendor-specific software tools over their more generic open source counterparts. He also draws comparisons between hardware description languages (HDLs) like Verilog and parametric CAD tools such as OpenSCAD in the way that they help model complex relationships in ways that can’t be easily done by more traditional means.
At one point the conversation lingers on the design and production of application-specific integrated circuits (ASICs), and how they compare to field-programmable gate arrays (FPGAs). Traditionally ASICs have been out of reach for the hobbyist, but with the recent collaboration between Google and SkyWater Technology to create an open source process design kit (PDK), they’re now within the capabilities of a dedicated individual. Matt Venn spoke on the topic during Remoticon 2021, and it’s good to see more folks in the community openly discussing the possibilities of custom silicon designed by hackers.
From there, things start really getting wild. From dreaming of virtual reality circuit simulators that let you fly amongst your creations like in Tron, to salivating over high-end technologies such as reflective memory, this Chat really runs the gamut. But then, that’s sort of why we hold them in the first place. Whether you actively participate or are just along for the ride, the Hack Chat gives everyone in the community a chance to gather around a virtual water cooler with fascinating characters that you won’t find anywhere else.
The Hack Chat is a weekly online chat session hosted by leading experts from all corners of the hardware hacking universe. It’s a great way for hackers connect in a fun and informal way, but if you can’t make it live, these overview posts as well as the transcripts posted to Hackaday.io make sure you don’t miss out.
Come one, come all, this is the megapost about the Hackaday Superconference. Join us in Pasadena on November 2-4 for the hardware conference you cannot miss. Get your ticket quickly as they will sell out!
