Commodore 64 Web Server Brings 8-Bit Into The Future

June 1, 2023 by 28 Comments

These days, most webservers are big hefty rackmount rigs with roaring fans in giant datacenters. [naDDan]’s webserver is altogether more humble, as it runs on a single Commodore 64. 

The C64 is running Contiki OS, an operating system for 6502-based computers. It’s built with an eye to networking, requiring ethernet hardware for full functionality. In [naDDan]’s case, he’s outfitted his C64 with an ETFE network adapter in the cartridge port to get it online. It serves up the HTML file off a 1541C floppy drive, with the drive buzzing away every time someone loads up the page.

The page itself is simple, showing some basic information on a simple blue background. There is some scrolling text though, as is befitting the 8-bit era. It’s also available in four languages.

[naDDan’s] server can be found here, according to his video, but at the time of writing, it was down for the count. Whether that’s due to a dynamic DNS issue or the simple fact that an 8-bit 6502 isn’t up to heavy traffic is up for debate. Regardless, try for yourself and see how you go. Video after the break.

Hackaday Podcast 219: Lots Of Lasers, Heaps Of Ham Radio, And Breaching The Blood Brain Barrier

May 19, 2023 by No comments

Elliot and Dan teamed up for the podcast this week, bringing you the week’s sweetest hacks. And news too, as the ESA performed a little percussive maintenance on a Jupiter-bound space probe, and we learned about how to get an Orwellian free TV that exacts quite a price. We talked about Bitcoin mining two ways, including a way to put all that waste heat to good use — just don’t expect it to make good financial sense. Why would you stuff zip ties into a hot glue gun? It might just help with plastic repair. Lugging a tube transmitter up a mountain doesn’t sound like a good idea, but with the right design, it’s a lot of fun — and maybe you’ll be better able to tap into Schumann resonances while you’re up there.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Download a long series of ones and zeroes that, when appropriately interpreted, sound like two people talking about nerdy stuff!

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 219: Lots Of Lasers, Heaps Of Ham Radio, And Breaching The Blood Brain Barrier”

North Korean Karaoke Machine Teardown

May 19, 2023 by 9 Comments

Karaoke is a very popular pastime in Seoul — there are venues where you can sing on a stage, sing in rooms with your friends, and even sing solo in coin-operated karaoke booths on the bullet train. Apparently it is also popular in North Korea as well — [Martyn Williams] of the North Korea Tech blog reported on an interesting teardown by web hacker [Will Scott]. It is the Tianchi v700 machine, a Chinese product tailored for North Korean users, obtained online back in 2020.

Unlike the karaoke machines encountered by this author in South Korea, the v700 form factor is a 19.5-inch Android tablet with touch-screen and all the necessary interfaces you’d expect: external video, speakers, and microphone, as well as WiFi and Ethernet for content upgrade and online payment systems. Not surprisingly, the connectivity aspects of the machine are not used in the North Korean model, but with a large catalog of pre-loaded music, it’s perfectly usable as a stand-alone device.

[Will] dug into the innards of the machine and discovered it was powered by an Allwinner ARM processor (seemingly the H6 V200, a quad-core ARM Cortex-A53). He also found it uses a swappable external disk to hold the songs, but all the files were encrypted. You can read more details in the blog post linked above, but eventually he was successful in decoding the disk and accessing the material.

The V700 consults both “/proc/cpuinfo” to learn the CPU serial number of the device it is on, and a binary file associated with the device file system structure as part of its method for determining its AES (Advanced Encryption Standard) key. It then ignores all of these device-specific items, and reverts back to a static key “87654321” stored in the binary.

All the songs on the disk were posted up on the Internet Archive. Check them out if you’re curious what North Korean karaoke songs sound and look like. One video that caught our attention was about CNC machines (see the video linked below the break). [Martyn] has been covering technology issues related to North Korea since 2011. In 2016, he learned after the fact that his website had been banned by the South Korean authorities. Believing this was in error, he appealed the ban and eventually prevailed in the courts. We wrote about some of [Will]’s research on consumer computing technology back in 2017 if you’re interested in learning more.

Continue reading “North Korean Karaoke Machine Teardown”

USB Meets Core Memory In A Vintage ‘Scope

May 7, 2023 by 5 Comments

It’s normal today for even relatively modest instruments to have some form of computer control capability over Ethernet or USB. But five decades ago this was by no means a given, and when Tektronix shipped their P7001 digitiser module for their high-end oscilloscopes in 1971, they were initially designed to interface with a minicomputer. Not everybody has a PDP/11 lying around in 2023, but [Holger Lübben] wasn’t fazed by this. He set about creating a USB interface for this ancient piece of test equipment.

At its heart is a Teensy 4.1 which does the job of interfacing with the Tektronix 16-bit bus through a level shifting transceiver. The software for the Teensy comes with some demos, but sadly not the Tek BASIC of the original. We’re particularly impressed with the care to make the card frame for the module resemble as closely as possible an original Tektronix product.

We’re guessing very few of you will have this ancient test module on your bench, but the depth into which he goes over its internal design and programming makes this very much worth a read. If you fancy more vintage Tek goodness, take a look at this current probe.

A Dedicated GPU For Your Favorite SBC

May 5, 2023 by 35 Comments

The Raspberry Pi is famous for its low cost, versatile and open Linux environment, and plentiful I/O, making it a perfect device not only for its originally-intended educational purposes but for basically every hobbyist from gardeners to roboticists to amateur radio operators. Most builds tend to make use of the GPIO pins which allow easy connections to various peripherals and sensors, but the Pi also supports PCI devices which means that, in theory, it could use a GPU in much the same way that a modern computer would. After plenty of testing and development, [Jeff Geerling] brings us this custom graphics card interface for the Raspberry Pi.

The testing for all of these graphics cards has been done with a Pi Compute Module 4 and the end result is an interface device which looks much like a graphics card itself. It splits the PCI bus out onto a more familiar x16 slot connector and adds physical connections for power, USB, and Ethernet. When plugged into the carrier board, the Compute Module can be attached to any of a number of graphics cards, including the latest and highest-end of Nvidia and AMD offerings.

Perhaps unsurprisingly, though, the 4090 and 7900 cards don’t work with the Raspberry Pi. This is partially due to the 32-bit limitations of the Pi and other memory mapping issues, but even after attempting some workarounds Nvidia’s cards aren’t open-source enough to test properly (although the card is recognized by the Pi) and AMD’s drivers crash the system even after compiling a custom kernel. [Jeff] did find an Nvidia card that worked, although it requires using the USB interface and second-hand cards are selling for around $3000 USD. For a more economical choice there are some other graphics cards that he was eventually able to get working, albeit not with perfect performance, including some of the ones we’ve seen him test already.

Continue reading “A Dedicated GPU For Your Favorite SBC”

Send This FPV Bot Into The Crawlspace To Do Your Dirty Work

April 18, 2023 by 27 Comments

The least pleasant space in most houses is likely to be the space below it. Basements tend to be dank, dusty, and full of too many things that have too many legs. And even worse than the full basement is the dreaded crawlspace, which adds claustrophobia to the long list of unpleasantries that lie below. Sadly, though, a crawlspace might be a handy place to run wires, and if you’re hesitant to delve too deeply, this FPV cable-laying rig might be something to keep in mind.

This one comes to us from [Old Alaska] with very little detail other than what’s in the brief video below. The setup is clear enough — a need to run an Ethernet cable from one side of the house to the other, and a crawlspace to do it in. Also in the toolkit was an RC rock crawler with a field-expedient FPV camera. With Breaking Bad-style access to the crawlspace through a few floorboards, [Old Alaska] was able to deploy the crawler dragging a Cat 5 cable behind it. The terrain under the house made the rock crawler a good choice, with four-wheel-drive, locking differentials, and an articulating frame. The bot’s-eye view also makes it clear that actually crawling in this rubble-strewn crawlspace would be a painful affair.

With very little drama, [Old Alaska] was able to navigate the crawler across the crawlspace to the outer wall of the house, where he could fish the wire out and complete the connection — no fuss, no muss, no bloody knees. The only quibble we’d have is not running an extra length of pull rope with the wire. You never know when it’ll come in handy.

The whole thing reminds us of a more tactical version of [Cliff Stoll]’s subterranean inventory management bot.

Continue reading “Send This FPV Bot Into The Crawlspace To Do Your Dirty Work”

This Week In Security: QueueJumper, JS VM2 Escape, And CAN Hacking

April 14, 2023 by 9 Comments

You may not be familiar with the Microsoft Message Queuing (MSMQ) service, a store and forward sort of inter-process and inter-system communication service. MSMQ has become something of a legacy product, but is still available as an optional component in Windows. And in addition to other enterprise software solutions, Microsoft Exchange turns the service on by default. That’s why it’s a bit spooky that there’s a one packet Remote Code Execution (RCE) vulnerability that was just patched in the service.

CVE-2023-21554, also known as QueueJumper, is this unauthenticated RCE with a CVSS score of 9.8. It requires sending a packet to the service on TCP port 1801. The Check Point Research team scanned for listening MSMQ endpoints on the public Internet, and found approximately 360,000 of them. And no doubt far more are listening on internal networks. A one packet exploit is a prime example of a wormable problem, and now that the story has broken, and the patch is available, expect a rapid reverse engineering. Beware, the queue jumpers are coming.

JavaScript VM Escape

The VM2 library is a rather important JavaScript package that sandboxes code, letting a project run untrusted code securely. Or, that’s the idea. CVE-2023-29017 is an example of how hard sandboxing is to get right. It’s another CVSS 9.8 vulnerability, and this one allows a sandbox escape and code execution.

This one now has public Proof of Concept code, and this package has over 16 million monthly installs, so the attack surface is potentially pretty wide. The flaw is fixed in version 3.9.15. Continue reading “This Week In Security: QueueJumper, JS VM2 Escape, And CAN Hacking”