This Week In Security: IOCONTROL, (Location) Leaking Cars, And Passkeys

January 3, 2025 by 11 Comments

Claroty’s TEAM82 has a report on a new malware strain, what they’re calling IOCONTROL. It’s a Linux malware strain aimed squarely at embedded devices. One of the first targets of this malware, surprisingly, is the Iraeli made Orpak gas station pumps. There’s a bit of history here, as IOCONTROL is believed to be used by CyberAv3ngers, a threat actor aligned with Iran. In 2023 a group aligned with Israel claimed to have compromised the majority of the gas stations in Iran. IOCONTROL seems to have been deployed as retribution.

There are a few particularly interesting aspects of this malware, and how TEAM82 went about analyzing it. The first is that they used unicorn to emulate the obscure ARM platform in question. This was quite an adventure, as they were running the malicious binary without the normal Linux OS under it, and had to re-implement system calls to make execution work. The actual configuration data was encrypted as the data section of the executable, presumably to avoid simple string matching detection and analysis.

Then to communicate with the upstream command and control infrastructure, the binary first used DNS-Over-HTTPS to resolve DNS addresses, and then used the MQTT message protocol for actual communications. Once in place, it has the normal suite of capabilities, like code execution, cleanup, lateral scanning, etc. An interesting speculation is that the level of control this malware had over these gas pumps, it was in a position to steal credit card information. This malware family isn’t limited to gas pumps, either, as it’s been spotted in IoT and SCADA devices from a whole host of vendors. Continue reading “This Week In Security: IOCONTROL, (Location) Leaking Cars, And Passkeys”

FPV Flying In Mixed Reality Is Easier Than You’d Think

January 3, 2025 by 12 Comments

Flying a first-person view (FPV) remote controlled aircraft with goggles is an immersive experience that makes you feel as if you’re really sitting in the cockpit of the plane or quadcopter. Unfortunately, while your wearing the goggles, you’re also completely blind to the world around you. That’s why you’re supposed to have a spotter nearby to keep watch on the local meatspace while you’re looping through the air.

But what if you could have the best of both worlds? What if your goggles not only allowed you to see the video stream from your craft’s FPV camera, but you could also see the world around you. That’s precisely the idea behind mixed reality goggles such as Apple Vision Pro and Meta’s Quest, you just need to put all the pieces together. In a recent video [Hoarder Sam] shows you exactly how to pull it off, and we have to say, the results look quite compelling.

Continue reading “FPV Flying In Mixed Reality Is Easier Than You’d Think”

Pico Pal Puts RP2350 Into Game Boy Color Shell

January 3, 2025 by 14 Comments

While modern gaming systems deliver ever more realistic experiences, there’s still something to be said for the consoles and handhelds of the 80s and 90s. For many, the appeal is nostalgic. Others are attracted to the “lo-fi” graphical and sound design of these games, necessitated by the limited hardware of the time.

That said nobody would claim those old systems were perfect. Which is why a hybrid approach like [Peter Khouly] has been working on with the Pico Pal might be the ultimate solution. This replacement motherboard for the Game Boy Color (GBC) is powered by the RP2350, meaning the external hardware will have the same look and feel as it did back in 1998, but you’ll still be able to reap the benefits of modern emulation.

While the origins of the project go a bit farther, [Peter] has been working on this particular variation of the Pico Pal GBC since August, and has kept a fascinating log of his progress. Just getting the RP2350 to emulate Pokémon isn’t really that big of a deal, but getting all the ancillary hardware implemented and fitted inside the case of the GBC is a different story. Especially since [Peter] intends to pack plenty of features into the final product, such as rechargable batteries, Bluetooth audio, real-time clock support, and digital video out.

The most recent status update is from just last week, where [Peter] goes over some of the new features he’s been working on. A major one is the soft power solution, where the physical power switch doesn’t just pull the plug like it did back in the 1990s. Instead, the switch triggers the board to save the game and enter into a low-power mode so that it can come right back on to where you left off. This does impact battery life, but so far, it looks like the Pico Pal GBC will be able to run for at least five hours on a charge, and more than twice that if you don’t mind turning off the audio.

It sounds like there’s still several gremlins to track down in the design, but even in its current state, the Pico Pal GBC looks very interesting. We’re immediately reminded of the phenomenal work [Bucket Mouse] has put in on a similar refit for the original DMG-1 Game Boy.

Dress Up Your 3D Prints With Toner-Transfer Labels

January 2, 2025 by 25 Comments

We’ve always found the various methods for adding text and graphics to 3D prints somewhat underwhelming. Embossed or debossed characters are fuzzy, at best, and multi-color printers always seem to bleed one color into the next. Still, the need for labels and logos is common enough that it’s worth exploring other methods, such as this easy toner transfer trick.

Home PCB makers will probably find the method [Squalius] describes in the video below very familiar, and with good reason. We’ve seen toner transfer used to mask PCBs before etching, and the basic process here is very similar. It starts with printing the desired graphics on regular paper using a laser printer; don’t forget to mirror the print. The printed surface is scuffed up a bit, carefully cleaned, and coated with a thick layer of liquid acrylic medium, of the kind used in paint pouring. The mirrored print is carefully laid on the acrylic, toner-side down, and more medium is brushed on the back of the paper. After the print dries, the paper is removed with a little water and some gentle friction, leaving the toner behind. A coat of polyurethane protects the artwork reasonably well.

[Squalius] has tested the method with PLA and PETG and reports good results. The text is clear and sharp, and even fine text and dithered graphics look pretty good. Durability could be better, and [Squalius] is looking for alternative products that might work better for high-wear applications. It looks like it works best on lightly textured surfaces, too, as opposed to surfaces with layer lines. We’d love to see if color laser prints work, too; [Squalius] says that’s in the works, and we’ve seen examples before that are reason for optimism.

Continue reading “Dress Up Your 3D Prints With Toner-Transfer Labels”

555 Timers Bring Christmas Charm To Miniature Village

January 2, 2025 by 10 Comments

The miniature Christmas village is a tradition in many families — a tiny idyllic world filled happy people, shops, and of course, snow. It’s common to see various miniature buildings for sale around the holidays just for this purpose, and since LEDs are small and cheap, they’ll almost always have some switch on the bottom to light up the windows.

This year, [Braden Sunwold] and his wife started their own village with an eye towards making it a family tradition. But to his surprise, the scale lamp posts they bought to dot along their snowy main street were hollow and didn’t actually light up. Seeing it was up to him to save Christmas, [Braden] got to work adding LEDs to the otherwise inert lamps.

Now in a pinch, this project could have been done with nothing more than some coin cells and a suitably sized LED. But seeing as the lamp posts were clearly designed in the Victorian style, [Braden] felt they should softly flicker to mimic a burning gas flame. Blinking would be way too harsh, and in his own words, look more like a Halloween decoration.

This could have been an excuse to drag out a microcontroller. But instead, [Braden] did as any good little Hackaday reader should do, and called on Old Saint 555 to save Christmas. After doing some research, he determined that a trio of 555s rigged as relaxation oscillators could be used to produce quasi-random triangle waves. When fed into a transistor controlling the LED, the result would be a random flickering instead of a more aggressive strobe effect. It took a little tweaking of values, but eventually he got it locked down and sent away to have custom PCBs made of the circuit.

With the flicker driver done, the rest of the project was pretty simple. Since the lamp posts were already hollow, feeding the LEDs up into them was easy enough. The electronics went into a 3D printed base, and we particularly liked the magnetic connectors [Braden] used so that the lamps could easily be taken off the base when it was time to pack the village away.

We can’t wait to see what new tricks [Braden] uses to bring the village alive for Christmas 2025. Perhaps the building lighting could do with a bit of automation?

Continue reading “555 Timers Bring Christmas Charm To Miniature Village”

The Ultimate Distraction Free Writing Environment

January 2, 2025 by 42 Comments

The art of writing has become a cluttered one to follow, typically these days through a graphical word processor. There may be a virtual page in front of you, but it’s encumbered by much UI annoyance. To combat this a variety of distraction free software and appliances have been created over the years.

But it’s perhaps [Liam Proven]’s one we like the most — it’s a bootable 16-bit DOS environment with a selection of simple text and office packages on board. No worries about being distracted by social media when you don’t even have networking.

The zip file, in the releases section of the repository, is based upon SvarDOS, and comes with some software we well remember from back in the day. There’s MS Word 5.5 for DOS, in the public domain since it was released as a Y2K fix, Arnor Protext, and the venerable AsEasyAs spreadsheet alongside a few we’re less familiar with. He makes the point that a machine with a BIOS is required, but those of you unwilling to enable BIOS emulation on a newer machine should be able to run it in a VM or an emulator. Perhaps it’s one to take on the road with us, and bang away in DOS alongside all the high-powered executives on the train with their fancy business projections.

We recently talked about SvarDOS, and it shouldn’t come as a surprise that our article linked to a piece [Liam] wrote for The Register.

A Modern Battery For A Classic Laptop

January 2, 2025 by 12 Comments

Aside from their ability to operate fairly well in extreme temperatures, lead-acid batteries don’t have many benefits compared to more modern battery technology. They’re heavy, not particularly energy dense, have limited charge cycles, and often can’t be fully discharged without damage or greatly increased wear. With that in mind, one can imagine that a laptop that uses a battery like this would be not only extremely old but also limited by this technology. Of course, in the modern day we can do a lot to bring these retro machines up to modern standards like adding in some lithium batteries to this HP laptop.

Simply swapping the batteries in this computer won’t get the job done though, as lead-acid and lithium batteries need different circuitry in order to be safe while also getting the maximum amount of energy out. [CYUL] is using a cheap UPS module from AliExpress which comes with two 18650 cells to perform this conversion, although with a high likelihood of counterfeiting in this market, the 18650s were swapped out with two that were known to be from Samsung. The USB module also needs to be modified a bit to change the voltage output to match the needs of the HP-110Plus, and of course a modernized rebuild like this wouldn’t be complete without a USB-C port to function as the new power jack.

[CYUL] notes at the end of the build log that even without every hardware upgrade made to this computer (and ignoring its limited usefulness in the modern world) it has a limited shelf life as the BIOS won’t work past 2035. Hopefully with computers like this we’ll start seeing some firmware modifications as well that’ll let them work indefinitely into the future. For modern computers we’ll hope to avoid the similar 2038 problem by switching everything over to 64 bit systems and making other software updates as well.