Fixing Issues With Knockoff Altera USB Blasters

June 9, 2024 by 14 Comments

Using an external MCU as a crude clock source for the Altera CPLD. (Credit: [Doug Brown])
One exciting feature of hardware development involving MCUs and FPGAs is that you all too often need specific tools to program them, with [Doug Brown] suffering a price tag aneurysm after checking the cost of an official Altera/Intel USB Blaster (yours for $300) to program a MAX 10 FPGA device with. This led him naturally down the path of exploring alternatives, with the $69 Terasic version rejected for ‘being too expensive’ and opting instead for the Waveshare USB Blaster V2, at a regretful $34. The amazing feature of this USB Blaster clone is that while it works perfectly fine under Windows, it works at most intermittently under Linux.

This led [Doug] down the path of reverse-engineering and diagnosing the problem, ultimately throwing in the towel and downclocking the Altera CPLD inside the adapter after finding that it was running a smidge faster than the usual 6 MHz. This was accomplished initially by wiring in an external MCU as a crude (and inaccurate) clock source, but will be replaced with a 12 MHz oscillator later on. Exactly why the problem only exists on Linux and not on Windows will remain a mystery, with Waveshare support also being clueless.

Undeterred, [Doug] then gambled on a $9 USB Blaster clone (pictured above), which turned out to be not only completely non-functional, but also caused an instant BSOD on Windows, presumably due to the faked FTDI USB functionality tripping up the Windows FTDI driver. This got fixed by flashing custom firmware by [Vladimir Duan] to the WCH CH552G-based board after some modifications shared in a project fork. This variety of clone adapters can have a range of MCUs inside, ranging from this WCH one to STM32 and PIC MCUs, with very similar labels on the case. While cracking one open we had lying around, we found a PIC18 inside, but if you end up with a CH552G-based one, this would appear to fully fix it. Which isn’t bad for the merest fraction of the official adapter.

Thanks to [mip] for the tip.

Hackaday Links Column Banner

Hackaday Links: May 19, 2024

May 19, 2024 by 4 Comments

If there was one question we heard most often this week, it was “Did you see it?” With “it” referring to the stunning display of aurora borealis — and australis, we assume — on and off for several days. The major outburst here in North America was actually late last week, with aurora extending as far south as Puerto Rico on the night of the tenth. We here in North Idaho were well-situated for prime viewing, but alas, light pollution made things a bit tame without a short drive from the city lights. Totally worth it:

Hat tip to Tom Maloney for the pics. That last one is very reminiscent of what we saw back in 1989 with the geomagnetic storm that knocked Québec’s grid offline, except then the colors were shifted much more toward the red end of the spectrum back then.

Continue reading “Hackaday Links: May 19, 2024”

Going Canadian: The Rise And Fall Of Novell

April 22, 2024 by 47 Comments

During the 1980s and 1990s Novell was one of those names that you could not avoid if you came even somewhat close to computers. Starting with selling computers and printers, they’d switch to producing networking hardware like the famous NE2000 and the inevitability that was Novell Netware software, which would cement its fortunes. It wasn’t until the 1990s that Novell began to face headwinds from a new giant: Microsoft, which along with the rest of the history of Novell is the topic of a recent article by [Bradford Morgan White], covering this rise, the competition from Microsoft’s Windows NT and its ultimate demise as it found itself unable to compete in the rapidly changing market around 2000, despite flirting with Linux.

Novell was founded by two experienced executives in 1980, with the name being reportedly the misspelled French word for ‘new’ (nouveau or nouvelle). With NetWare having cornered the networking market, there was still a dearth of networking equipment like Ethernet expansion cards. This led Novell to introduce the 8-bit ISA card NE1000 in 1987, later followed by the 16-bit NE2000. Lower priced than competing products, they became a market favorite. Then Windows NT rolled in during the 1990s and began to destroy NetWare’s marketshare, leaving Novell to flounder until it was snapped up by Attachmate in 2011, which was snapped up by Micro Focus International 2014, which got gobbled up by Canada-based OpenText in 2023. Here Novell’s technologies got distributed across its divisions, finally ending Novell’s story.

Dial-Up Is Still, Just Barely, A Thing

March 6, 2024 by 93 Comments

In an era dominated by broadband and wireless cellular networks, it might come as a surprise to many that dial-up internet services still exist in the United States. This persistence is not a mere relic of nostalgia — but a testament to the diverse and uneven nature of internet infrastructure across the country.

Yes, dial-up internet, with those screechy, crackly tones, remains a useful tool in areas where modern, high-speed internet services are either unaffordable or unavailable. Subscriber numbers are tiny, but some plough on and access the Internet by the old ways, not the new.

Continue reading “Dial-Up Is Still, Just Barely, A Thing”

This Week In Security: Forksquatting, RustDesk, And M&Ms

March 1, 2024 by 14 Comments

Github is struggling to keep up with a malware campaign that’s a new twist on typosquatting. The play is straightforward: Clone popular repositories, add malware, and advertise the forks as the original. Some developers mistake the forks for the real projects, and unintentionally run the malware. The obvious naming choice is forksquatting, but the researchers at apiiro went with the safer name of “Repo Confusion”.

The campaign is automated, and GitHub is aware of it, with the vast majority of these malicious repositories getting removed right away. For whatever reason, the GitHub algorithm isn’t catching all of the new repos. The current campaign appears to publishing millions of forks, using code from over 100,000 legitimate projects. It’s beginning to seem that the squatting family of attacks are here to stay.

RustDesk and Odd Certificates

The RustDesk remote access software is interesting, as it’s open source, allows self-hosting, and written in Rust. I’ve had exploring RustDesk as a todo item for a long time, but a bit of concerning drama has just finished playing out. A user pointed out back in November that a test root certificate was installed as part of the RustDesk installation. That root cert is self-signed with SHA1. There is also concern that the RustDesk binaries are signed with a different certificate.

There have been new events since then. First, there was a Hacker News thread about the issue earlier this month. The next day, CVE-2024-25140 was registered with NIST, ranking an insane CVE 9.8 CVSS. Let’s cut through some FUD and talk about what’s really going on.

Continue reading “This Week In Security: Forksquatting, RustDesk, And M&Ms”

The Past, Present, And Future Of Inflatable Space Habitats

January 30, 2024 by 24 Comments

Recently, a prototype inflatable space station module built by Sierra Space exploded violently on a test stand at NASA’s Marshall Space Flight Center in Alabama. Under normal circumstances, this would be a bad thing. But in this case, Sierra was looking forward to blowing up their handiwork. In fact, there was some disappointment when it failed to explode during a previous test run.

LIFE Module Burst Test

That’s because the team at Sierra was looking to find the ultimate bust pressure of their 8.2 meter (26.9 foot) diameter Large Integrated Flexible Environment (LIFE) module — a real-world demonstration of just how much air could be pumped into the expanding structure before it buckled. NASA recommended they shoot for just under 61 PSI, which would be four times the expected operational pressure for a crewed habitat module.

By the time the full-scale LIFE prototype ripped itself apart, it had an internal pressure of 77 PSI. The results so far seem extremely promising, but Sierra will need to repeat the test at least two more times to be sure their materials and construction techniques can withstand the rigors of spaceflight.

Sierra is a targeting no earlier than 2026 for an in-space test, but even if they nail the date (always a dubious prospect for cutting edge aerospace projects), they’ll still be about 20 years late to the party. Despite how futuristic the idea of inflatable space stations may seem, NASA first started experimenting with the concept of expandable habitat modules back in the 1990s, and there were practical examples being launched into orbit by the early 2000s.

Continue reading “The Past, Present, And Future Of Inflatable Space Habitats”

How A Steam Bug Once Deleted All Of Someone’s User Data

January 20, 2024 by 14 Comments

In a retrospective, [Kevin Fang] takes us back to 2015, when on the Steam for Linux issue tracker [keyvin] opened an issue to report that starting the Steam client after moving the Steam folder had just wiped all of his user data, including his backup drive mounted under /media. According to [keyvin], he moved the standard ~/.local/share/steam to a drive mounted under /media and symlinked ~/.local/share/steam to this new location on the external drive. He then tried starting Steam, which failed, before Steam crashed and tried reinstalling itself. That’s when [keyvin] realized that Steam had apparently recursively deleted everything owned by his user from the root folder.

The infamous Valve code that made Linux users sad.
The infamous Valve code that made Linux users sad.

In the issue thread, user [doofy] got hit by the same bug when trying to directly start the ~/.local/share/steam/steam.sh script with debugging enabled. He then was the first to point out the rm -rf in that steam.sh script, but since this particular line is in a function only called when Steam tries to remove and reinstall itself to ‘fix’ a botched start, how did this happen? Ultimately it seems to be because of the STEAMROOT variable being set to an empty string, and another unset variable triggering the reset_steam() function, leading to the demise of all the user data.

Since then Valve has presumably fixed the issue, as no further users have filed tickets, but it’s concerning that a similar issue seems to still exist on Windows. Whether or not the original Linux issue has been fixed, it shows clearly how one should always check return values and perhaps, just maybe, never do an automated rm -rf or equivalent.

Continue reading “How A Steam Bug Once Deleted All Of Someone’s User Data”