This Week In Security: Symbiote, Smart Locks, And CosmicStrand

July 29, 2022 by 23 Comments

Symbiote is a particularly nasty Linux rootkit, and we have the interesting case of two separate analysis releasing this week. Up first is [CyberMasterV] taking apart a very early sample of the malware. The primary purpose of Symbiote seems to be capturing SSH logins, and this version does so by hooking the Pluggable Authentication Modules (PAM) system to capture users logging in to the machine it resides on. It also watches for SSH and SCP binaries, and sniffs the terminal used by those binaries, thereby capturing outgoing credentials.

All this data gets packaged up as DNS queries and shuffled off to the Command and Control server. “Easy”, I hear you say, “just block DNS traffic to everywhere except a trusted DNS provider.” It’s more clever than that. The data is in the form of valid DNS subdomains. In full, it’s a DNS request to PacketNumber.MachineID.Data.px32.nss.atendimento-estilo[.]com, all appropriately encoded to be valid. Every request will be for a unique host name, so every request gets forwarded to the C&C controller, which does double duty as the authoritative DNS resolver for that domain. You might get some mileage out of blocking (or at least logging) very long DNS queries.

Symbiote also replaces the typical files and devices you would look at to find a potential problem. For instance, /proc/net/tcp is where the kernel reports open TCP connections. On an infected machine, a copy of this file is maintained by the malware, conveniently leaving out the connections resulting from the infections. Symbiote has a hook in fopen, so whenever a process tries to read this location, the read is redirected to the cooked version, neatly hiding the rootkit. This stealth feature is apparently also used to hide other malware from the same attackers that may be on the same machine.
Continue reading “This Week In Security: Symbiote, Smart Locks, And CosmicStrand”

PERSEUS-9, The Dual-6502 Portable Machine That Should Have Been

July 29, 2022 by 53 Comments

A question: does anyone who was around in the early days of the 8-bit computer revolution remember a dual-CPU 6502 portable machine like this one? Or just a dual-CPU machine? Or even just a reasonably portable computer? We don’t, but that begs a further question: if [Mitsuru Yamada] can build such a machine today with parts that were available in the era, why weren’t these a thing back then?

We’re not sure we have an answer to that question, but it just may be that nobody thought of it. Or, if they did, the idea of putting two expensive CPUs into a single machine was perhaps too exorbitant to take seriously. Regardless, the homemade mobile is another in a growing line of beautifully crafted machines in the PERSEUS line, all of which have a wonderfully similar look and feel.

For the PERSEUS-9, [Yamada-san] chose a weatherproof aluminum enclosure with just the right form-factor for a mobile computer, as well as a sturdy industrial look. Under the hood, there are two gorgeous wire-wrap boards, one of which is home to the 48-key keyboard and the 40×7 alphanumeric LED matrix display, while the other is a densely packed work of art holding the two 6502s and a host of other DIPs.

The machine is a combination of his PERSEUS-8 computer, his 6802 serial terminal, and the CI-2 floating point interpreter he built for the PERSEUS-8. A brief video of the assembly of this delightful machine is below. One of the many things about these builds that impress us is the precision with which the case is machined, apparently all by hand. How he managed to drill out all those holes for the keyboard without having one even slightly out of alignment without the aid of CNC is beyond us.

Continue reading “PERSEUS-9, The Dual-6502 Portable Machine That Should Have Been”

Love Is A Burning Flame, And So Is This Underwater Burning Ring Of Fire

July 29, 2022 by 22 Comments

When Johnny Cash wrote “Ring of Fire”, he was talking about love. But when an unnamed follower of [TheBackyardScientist] took it literally and suggested making actual rings of fire — underwater —  they rose to the challenge as you can see in the video below the break.

Of course there are several ingredients to underwater fire rings. First you need water, and a pool clearly does the job in this video. Second, you need flammable rings of gas. [TheBackyardScientist] decided to build a machine to create the gas rings, and it’s quite interesting to see them go through several iterations before settling on a voice coil based poppet valve design. We must say that it works absolutely swimmingly.

Lastly there needs to be fire. And for fire, you need something flammable, and something shocking. Forty thousands volts light up a spark plug, even underwater. The fuel is provided by what appears to be compressed air and acetylene but we’re not 100% sure. We are sure that it goes bang! quite sufficiently, as demonstrated by its aptitude for blowing things up.

We appreciated the engineering that went into the project but also the rapid iterations of ideas, the overcoming of serious obstacles and the actual science that went into the project. Even if it is just randomly making literal burning rings of fire.

Continue reading “Love Is A Burning Flame, And So Is This Underwater Burning Ring Of Fire”

New OS For Commodore 64 Adds Modern Features

July 28, 2022 by 43 Comments

The Commodore 64 was a revolutionary computer for its day and age. After four decades, though, it gets harder and harder to use these computers for anything more than educational or hobby electronics projects. [Gregory Nacu] is fiercly determined to challenge this idea, though, and has gone to great extremes to make this hardware still relevant in the modern age by writing a completely new operating system for the Commodore machines.

Known as C64OS, it squeezes everything it can out of the 8 bit processor and 64 kB of memory. The new OS includes switchable desktop workspaces, a windowing system, draggable icons, a Mac-style menu bar at the top, and drop-down menus for the icons (known as aliases in the demonstrations). The filesystem is largely revamped as well and enables a more modern directory system to be used. There are still some limitations like a screen resolution of 320×200 pixels and a fixed color palette which only allows for a handful of colors, but this OS might give Windows 3.1 a run for its money.

The project is still being actively developed but it has come a long way into a fairly usable state. It can be run on original hardware as well as long as you have a method of getting the image to the antique machine somehow. If not, the OS can likely run on any number of C64 emulators we’ve featured in the past.

Thanks to [Stephen] for the tip!

Continue reading “New OS For Commodore 64 Adds Modern Features”

Inca Knots Inspire Quantum Computer

July 28, 2022 by 19 Comments

We think of data storage as a modern problem, but even ancient civilizations kept records. While much of the world used stone tablets or other media that didn’t survive the centuries, the Incas used something called quipu which encoded numeric data in strings using knots. Now the ancient system of recording numbers has inspired a new way to encode qubits in a quantum computer.

With quipu, knots in a string represent a number. By analogy, a conventional qubit would be as if you used a string to form a 0 or 1 shape on a tabletop. A breeze or other “noise” would easily disturb your equation. But knots stay tied even if you pick the strings up and move them around. The new qubits are the same, encoding data in the topology of the material.

Continue reading “Inca Knots Inspire Quantum Computer”

Foam Cutter Moves Like A Hot Knife Through Butter

July 28, 2022 by 13 Comments

Make enough attempts to cut foam using whatever you’ve got — utility knife, hacksaw, serrated plastic knife — and you’ll wish hard for something that cuts cleaner, faster, and better. While there are all sorts of ways to build a hot wire foam cutter, this design from [jasonwinfieldnz] is both interesting and imitable.

If you don’t already know it, nichrome wire is nifty stuff that’s readily available in thrift store hair dryers and toasters. It stretches as it heats up, and shrinks as it cools back down.

The interesting part of this build is that instead of using a spring to keep tension on the nichrome wire, [jasonwinfieldnz] designed and 3D-printed a bow out of PLA that does the job elegantly. While [jason] was initially concerned that the bow might possibly melt, he found in practice that although the bow does get warm to the touch, it’s nowhere near hot enough to even warp.

One nice touch is the simple fence that rides along two slots and secures with wingnuts. We also like that [jason] made this foam cutter largely from scrap material, and rather than buy a spool of nichrome, he opted for a skinny heating element and pillaging the wire.

If you’re a nichrome noob, know that it doesn’t take much juice to do the job. Even though a computer power supply is what [jason] had lying around, it’s complete overkill, so you would definitely want to limit the current. Check out the build video after the break.

Still not portable enough for you? All you really need is a 18650, some nichrome, and a few bits and bobs to hold it all together.

Continue reading “Foam Cutter Moves Like A Hot Knife Through Butter”

A Customizable Macropad To Make Anyone’s Tail Wag

July 28, 2022 by 4 Comments

[Gili Yankovitch] has always wanted some kind of macro keypad for all those boss-slaying combos he keeps up the sleeve of his wizard robe while playing WoW. Seventeen years later, he finally threw down the gauntlet and built one. But really, this is an understatement, because Paws is kind of the customizable macropad to end all customizable macropads.

This thing is completely bespoke, and yet cookie cutter at the same time — but we mean that in the best possible way. Paws can be made in any shape or form, and quite easily. How is this even possible, you ask? Well, every single key has its own microcontroller.

Yep, each key has an ATtiny85 and a cute little ribbon cable, and these form a token ring network that talks to an Arduino, which provides the keyboard interface to the computer. To make things even easier, [Gili] built a simple programming UI that automatically recognizes the configuration and number of keys, and lets the user choose the most important bit of all — the color of the LED.

[Gili] wanted to combine all the skills he’s learned since the worst timeline started in early 2020 — embedded software, CAD, electronics, and PCB design. We’d like to add networking to that list, especially since he figured out a nice workaround for the slowness of I²C and the limitations of communication between the ‘tiny85s and the Arduino. Though [Gili] may have started out with a tall order, he definitely filled it. Want to get your paws on the design files? Just claw your way over to GitHub.

If your customization interests lie more toward what program is in focus, be sure to check out Keybon, which was one of the many awesome winners of our Odd Inputs and Peculiar Peripherals contest.