Phone connected to the DIY LTE network playing a YouTube video, with antennas in the background

Building Your Own 4G LTE Base Station

March 3, 2024 by 14 Comments

We’ve seen quite a few DIY 2G networks over the years, but the 4G field has been relatively barren. Turns out, there’s an open source suite called srsRAN that lets you use an SDR for setting up an LTE network, and recently, we’ve found a blog post from [MaFrance351] (Google Translate) that teaches you everything you could need to know if you ever wanted to launch a LTE network for your personal research purposes.

For a start, you want a reasonably powerful computer, a transmit-capable full-duplex software defined radio (SDR), suitable antennas, some programmable SIM cards, and a few other bits and pieces like SIM card programmers and LTE-capable smartphones for testing purposes. Get your hardware ready and strap in, as [MaFrance351] guides you through setting up your own base station, with extreme amounts of detail outlining anything you could get caught up on.

Continue reading “Building Your Own 4G LTE Base Station”

If You Thought Sega Only Made Electronic Games, Think Again

March 1, 2024 by 4 Comments

Most of us associate the name Sega with their iconic console gaming systems from the 1980s and 1990s, and those of us who maintain an interest in arcade games will be familiar with their many cabinet-based commercial offerings. But the company’s history in its various entities stretches back as far as the 1950s in the world of slot machines and eventually electromechanical arcade games. [Arcade Archive] is starting to tell the take of how one of those games is being restored, it’s a mid-1960s version of Gun Fight, at the Retro Collective museum in Stroud, UK.

The game is a table-style end-to-end machine, with the two players facing each other with a pair of diminutive cowboys over a game field composed of Wild West scenery. The whole thing is very dirty indeed, so a substantial part of the video is devoted to their carefully dismantling and cleaning the various parts.

This is the first video in what will become a series, but it still gives a significant look into the electromechanical underpinnings of the machine. It’s beautifully designed and made, with all parts carefully labelled and laid out with color-coded wiring for easy servicing. For those of us who grew up with electronic versions of Sega Gun Fight, it’s a fascinating glimpse of a previous generation of gaming, which we’re looking forward to seeing more of.

This is a faithful restoration of an important Sega game, but it’s not the first time we’ve featured old Sega arcade hardware.

Continue reading “If You Thought Sega Only Made Electronic Games, Think Again”

This Week In Security: Forksquatting, RustDesk, And M&Ms

March 1, 2024 by 14 Comments

Github is struggling to keep up with a malware campaign that’s a new twist on typosquatting. The play is straightforward: Clone popular repositories, add malware, and advertise the forks as the original. Some developers mistake the forks for the real projects, and unintentionally run the malware. The obvious naming choice is forksquatting, but the researchers at apiiro went with the safer name of “Repo Confusion”.

The campaign is automated, and GitHub is aware of it, with the vast majority of these malicious repositories getting removed right away. For whatever reason, the GitHub algorithm isn’t catching all of the new repos. The current campaign appears to publishing millions of forks, using code from over 100,000 legitimate projects. It’s beginning to seem that the squatting family of attacks are here to stay.

RustDesk and Odd Certificates

The RustDesk remote access software is interesting, as it’s open source, allows self-hosting, and written in Rust. I’ve had exploring RustDesk as a todo item for a long time, but a bit of concerning drama has just finished playing out. A user pointed out back in November that a test root certificate was installed as part of the RustDesk installation. That root cert is self-signed with SHA1. There is also concern that the RustDesk binaries are signed with a different certificate.

There have been new events since then. First, there was a Hacker News thread about the issue earlier this month. The next day, CVE-2024-25140 was registered with NIST, ranking an insane CVE 9.8 CVSS. Let’s cut through some FUD and talk about what’s really going on.

Continue reading “This Week In Security: Forksquatting, RustDesk, And M&Ms”

The Thinkpad in question, with a Linux shell open on its screen, showing that the device mode has been successfully enabled

ThinkPad X1 Carbon Turned USB Device Through Relentless Digging

March 1, 2024 by 15 Comments

In what’s perhaps one of the most impressive laptop reverse engineering posts in recent memory, [Andrey Konovalov] brings us an incredibly detailed story of how he’s discovered and successfully enabled a USB device controller in a ThinkPad X1 Carbon equipped with a 6th gen Intel CPU.

If you ever wanted to peek at the dirty secrets of a somewhat modern-day Intel CPU-based system, this write-up spares you no detail, and spans dozens of abstraction layers — from Linux drivers and modifying NVRAM to custom USB cable building and BIOS chip flashing, digging deep into undocumented PCH registers for the dessert.

All [Andrey] wanted was to avoid tinkering with an extra Raspberry Pi. While using a PCIe connected device controller, he’s found a reference to intel_xhci_usb_sw-role-switch in Linux sysfs, and dove into a rabbit hole, where he discovered that the IP core used for the laptop’s USB ports has a ‘device’ mode that can be enabled. A dig through ACPI tables confirmed this, but also highlighted that the device is disabled in BIOS. What’s more, it turned out to be locked away behind a hidden menu. Experiments in unlocking that menu ensued, in particular when it comes to bypassing Intel Boot Guard, a mechanism that checks BIOS image signatures before boot.

Continue reading “ThinkPad X1 Carbon Turned USB Device Through Relentless Digging”

The White House Memory Safety Appeal Is A Security Red Herring

February 29, 2024 by 102 Comments

In the Holy Programming Language Wars, the lingua franca of system programming – also known as C – is often lambasted for being unsecure, error-prone, and plagued with more types of behavior that are undefined than ones that are defined by the C standards. Many programming languages were said to be ‘C killers’, yet C is still alive today. That didn’t stop the US White House’s Office of the National Cyber Director (ONCD) from putting out a report in which both C and C++ got lambasted for being ‘unsafe’ when it came to memory management.

The full report (PDF) is pretty light on technical details, while citing only blog posts by Microsoft and Google as its ‘expert sources’. The claim that memory safety issues are the primary cause of CVEs is not substantiated, or at least ignores the severity of CVEs when looking at the CISA statistics for active exploits. Beyond this call for ‘memory safety’, the report then goes on to effectively call for more testing and validation, while kicking in doors that were opened back in the 1970s already with the Steelman requirements and the High Order Language Working Group (HOLWG) of 1975.

What truly is the impact and factual basis of the ONCD report?

Continue reading “The White House Memory Safety Appeal Is A Security Red Herring”

A breadboard showing a tiny ESP32 board and two HMC5883L sensors connected to it on different pins

Avoid I2C Address Conflicts On ESP32 By Pin Muxing

February 28, 2024 by 20 Comments

Using hardware I2C on an ESP32? Do you need to connect multiple I2C devices with the same address? Normally, you wouldn’t be able to do that without extra parts, but on the ESP32, [BastelBaus] has found a nice hack — just connect your devices to different pins and slightly abuse the ESP32 GPIO muxing, no extra hardware required!

Initially, they tried separating SDA and SCL completely, and after a bit of tinkering, that’s worked out wonders! For this method, [BastelBaus] provides example Arduino code you could easily integrate into your project, and shows logic analyzer captures that demonstrate there’s barely any overhead. Later, they’ve also found out that you could multiplex only one of the pins, specifically, SDA, having the SCL line be common! As far as we see, this could also work out with split SCL, but do let us know if that doesn’t sound right.

Typically, such a problem is solved with an I2C multiplexer, and we’ve highlighted projects with them before. However, this simple method could also work on chips like the RP2040 or even the Raspberry Pi 4 — just a bit more limited, since the GPIO muxing for I2C has less available ports! Also, if you’re not using a chip with such a comfortable GPIO mux and you must use devices with overlapping addresses, check out the comment section under our I2C ecosystem article – there’s a fair few other methods you can use. And, if this method ever malfunctions for you, there’s a bunch of very straightforward ways you could debug your bus!

3D-Printed Automated Development Tank For Classic Photo Films

February 27, 2024 by 7 Comments

[packetandy] had a problem. He was still into classic analog photography, but local options for development were few and far between. After some frustration, he decided to take on the process himself, creating an automatic development tank for that very purpose.

For black and white film, developing is fairly straightforward, if dull and time consuming. The film requires constant agitation during development, which can be dull to do by hand. To get around this, [packetandy] decided to build a development tank rig that could handle agitation duties for him by wiggling the film around in his absence.

The tank itself is created by Patterson, and has a stick on top for agitating the film inside. The rig works by attaching a NEMA stepper motor to this stick to jerk it around appropriately. Rather than go with a microcontroller and custom code, [packetandy] instead just grabbed a programmable off-the-shelf stepper controller that can handle a variety of modes. It’s not sophisticated, but neither is the job at hand, and it does just fine.

It’s a nifty build that should see [packetandy]’s black-and-white photography on the up and up. Meanwhile, if simple development isn’t enough for you, consider diving into the world of darkroom robot automation if you’re so inclined!