PIC Powered AVR Programmer

November 18, 2009 by 28 Comments

[Texane] wrote in to let us know he has implemented AVR ISP programming using a PIC microcontroller. He wrote some code for an 18F4550 that uses the STK500 standard for In System Programming. This means that his hardware is compatible with AVRdude, the open source AVR programming software. There has long been an argument over the virtues of PIC versus AVR but we say why not both? If you have already honed your programming chops with PIC, you can build your own programmer and give the Atmel family a try.

The current implementation uses a serial port to connect the programmer to a computer. Keep your eye on this one as [texane] plans to add USB connectivity and has told us he will post schematics for the device as soon as that is complete.

Five Dollar Eprom Programmer

November 8, 2006 by 23 Comments


A couple years ago I spent a good week wiring up a fairly complex EPROM programmer so I could burn a prom for my jeeps EFI system. Today I ran across this $5 version. build built by Jay Kominek He uses shift registers to handle the addressing and IO lines, all driven directly by the parallel port. There’s no way to escape the number of pins that have to be wired up, but the schematic itself is pretty simple.
[By the way, arcade supply shops are a great source for cheap UV erase EPROMS.]

[Update: I’d forgotten about the voltage change (3 vs 5 if I remember) needed to write UV EPROMS vs EEPROMS. With a little mod, you can certainly use this for EPROMS as well.]

PIC Programmer Built From Broken Monitor

April 14, 2006 by 35 Comments

pic programmer

Khoa wanted to give a friend a microcontroller programmer(cache), but didn’t want to spend the money. He found almost every part he needed inside of a broken monitor he had in the closet. The only parts he had to provide were the perf board and the serial port. Even the socket was in the monitor. It was too wide, but he just cut out the center spar and made the socket narrower.

Continue reading “PIC Programmer Built From Broken Monitor”

AI Is Only Coming For Fun Jobs

July 5, 2025 by 38 Comments

In the past few years, what marketers and venture capital firms term “artificial intelligence” but is more often an advanced predictive text model of some sort has started taking people’s jobs and threatening others. But not tedious jobs that society might like to have automated away in the first place. These AI tools have generally been taking rewarding or enjoyable jobs like artist, author, filmmaker, programmer, and composer. This project from a research team might soon be able to add astronaut to that list.

The team was working within the confines of the Kerbal Space Program Differential Game Challenge, an open-source plugin from MIT that allows developers to test various algorithms and artificial intelligences in simulated spacecraft situations. Generally, purpose-built models are used here with many rounds of refinement and testing, but since this process can be time consuming and costly the researchers on this team decided to hand over control to ChatGPT with only limited instructions. A translation layer built by the researchers allows generated text to be converted to spacecraft controls.

We’ll note that, at least as of right now, large language models haven’t taken the jobs of any actual astronauts yet. The game challenge is generally meant for non-manned spacecraft like orbital satellites which often need to make their own decisions to maintain orbits and avoid obstacles. This specific model was able to place second in a recent competition as well, although we’ll keep rooting for humans in certain situations like these.

Why GitHub Copilot Isn’t Your Coding Partner

July 4, 2025 by 75 Comments

These days ‘AI’ is everywhere, including in software development. Coming hot on the heels of approaches like eXtreme Programming and Pair Programming, there’s now a new kind of pair programming in town in the form of an LLM that’s been digesting millions of lines of code. Purportedly designed to help developers program faster and more efficiently, these ‘AI programming assistants’ have primarily led to heated debate and some interesting studies.

In the case of [Jj], their undiluted feelings towards programming assistants like GitHub Copilot burn as brightly as the fire of a thousand Suns, and not a happy kind of fire.

Whether it’s Copilot or ChatGPT or some other chatbot that may or may not be integrated into your IDE, the frustration with what often feels like StackOverflow-powered-autocomplete is something that many of us can likely sympathize with. Although [Jj] lists a few positives of using an LLM trained on codebases and documentation, their overall view is that using Copilot degrades a programmer, mostly because of how it takes critical thinking skills out of the loop.

Regardless of whether you agree with [Jj] or not, the research so far on using LLMs with software development and other tasks strongly suggests that they’re not a net positive for one’s mental faculties. It’s also important to note that at the end of the day it’s still you, the fleshy bag of mostly salty water, who has to justify the code during code review and when something catches on fire in production. Your ‘copilot’ meanwhile gets off easy.

This Week In Security: MegaOWNed, Store Danger, And FileFix

June 27, 2025 by 7 Comments

Earlier this year, I was required to move my server to a different datacenter. The tech that helped handle the logistics suggested I assign one of my public IPs to the server’s Baseboard Management Controller (BMC) port, so I could access the controls there if something went sideways. I passed on the offer, and not only because IPv4 addresses are a scarce commodity these days. No, I’ve never trusted a server’s built-in BMC. For reasons like this MegaOWN of MegaRAC, courtesy of a CVSS 10.0 CVE, under active exploitation in the wild.

This vulnerability was discovered by Eclypsium back in March and it’s a pretty simple authentication bypass, exploited by setting an X-Server-Addr header to the device IP address and adding an extra colon symbol to that string. Send this along inside an HTTP request, and it’s automatically allowed without authentication. This was assigned CVE-2024-54085, and for servers with the BMC accessible from the Internet, it scores that scorching 10.0 CVSS.

We’re talking about this now, because CISA has added this CVE to the official list of vulnerabilities known to be exploited in the wild. And it’s hardly surprising, as this is a near-trivial vulnerability to exploit, and it’s not particularly challenging to find web interfaces for the MegaRAC devices using tools like Shodan and others.

There’s a particularly ugly scenario that’s likely to play out here: Embedded malware. This vulnerability could be chained with others, and the OS running on the BMC itself could be permanently modified. It would be very difficult to disinfect and then verify the integrity of one of these embedded systems, short of physically removing and replacing the flash chip. And malware running from this very advantageous position very nearly have the keys to the kingdom, particularly if the architecture connects the BMC controller over the PCIe bus, which includes Direct Memory Access.

This brings us to the really bad news. These devices are everywhere. The list of hardware that ships with the MegaRAC Redfish UI includes select units from “AMD, Ampere Computing, ASRock, ARM, Fujitsu, Gigabyte, Huawei, Nvidia, Supermicro, and Qualcomm”. Some of these vendors have released patches. But at this point, any of the vulnerable devices on the Internet, still unpatched, should probably be considered compromised. Continue reading “This Week In Security: MegaOWNed, Store Danger, And FileFix”

The Tao Of Bespoke Electronics

June 25, 2025 by 60 Comments

If you ever look at projects in an old magazine and compare them to today’s electronic projects, there’s at least one thing that will stand out. Most projects in “the old days” looked like something you built in your garage. Today, if you want to make something that rivals a commercial product, it isn’t nearly as big of a problem.

Dynamic diode tester from Popular Electronics (July 1970)

For example, consider the picture of this project from Popular Electronics in 1970. It actually looks pretty nice for a hobby project, but you’d never expect to see it on a store shelf.

Even worse, the amount of effort required to make it look even this good was probably more than you’d expect. The box was a standard case, and drilling holes in a panel would be about the same as it is today, but you were probably less likely to have a drill press in 1970.

But check out the lettering! This is a time before inkjet and laser printers. I’d guess these are probably “rub on” letters, although there are other options. Most projects that didn’t show up in magazines probably had Dymo embossed lettering tape or handwritten labels.

Continue reading “The Tao Of Bespoke Electronics”