The Thinkpad in question, with a Linux shell open on its screen, showing that the device mode has been successfully enabled

ThinkPad X1 Carbon Turned USB Device Through Relentless Digging

March 1, 2024 by 15 Comments

In what’s perhaps one of the most impressive laptop reverse engineering posts in recent memory, [Andrey Konovalov] brings us an incredibly detailed story of how he’s discovered and successfully enabled a USB device controller in a ThinkPad X1 Carbon equipped with a 6th gen Intel CPU.

If you ever wanted to peek at the dirty secrets of a somewhat modern-day Intel CPU-based system, this write-up spares you no detail, and spans dozens of abstraction layers — from Linux drivers and modifying NVRAM to custom USB cable building and BIOS chip flashing, digging deep into undocumented PCH registers for the dessert.

All [Andrey] wanted was to avoid tinkering with an extra Raspberry Pi. While using a PCIe connected device controller, he’s found a reference to intel_xhci_usb_sw-role-switch in Linux sysfs, and dove into a rabbit hole, where he discovered that the IP core used for the laptop’s USB ports has a ‘device’ mode that can be enabled. A dig through ACPI tables confirmed this, but also highlighted that the device is disabled in BIOS. What’s more, it turned out to be locked away behind a hidden menu. Experiments in unlocking that menu ensued, in particular when it comes to bypassing Intel Boot Guard, a mechanism that checks BIOS image signatures before boot.

Continue reading “ThinkPad X1 Carbon Turned USB Device Through Relentless Digging”

An Automotive Locksmith On The Flipper Zero And Car Theft

February 29, 2024 by 61 Comments

Here in the hacker community there’s nothing we love more than a clueless politician making a fool of themselves sounding off about a technology they know nothing about. A few days ago we were rewarded in spades by the Canadian Minister of Innovation, Science and Industry François-Philippe Champagne, who railed against the Flipper Zero, promising to ban it as a tool that could be used to gain keyless entry to a vehicle.

Of course our community has roundly debunked this assertion, as capable though the Flipper is, the car industry’s keyless entry security measures are many steps ahead of it. We’ve covered the story from a different angle before, but it’s worth returning to it for an automotive locksmith’s view on the matter from [Surlydirtbag].

He immediately debunks the idea of the Flipper being used for keyless entry systems, pointing out that thieves have been using RF relay based attacks which access the real key for that task for many years now. He goes on to address another concern, that the Flipper could be used to clone the RFID chip of a car key, and concludes that it can in the case of some very old vehicles whose immobilizers used simple versions of the technology, but not on anything recent enough to interest a car thief.

Of course, to many readers this will not exactly be news. But it’s still important, because perhaps some of us will have had to discuss this story with non-technical people who might be inclined to believe such scare stories. Being able to say “Don’t take it from me, take it from an automotive locksmith” might just help. Meanwhile there is still the concern of CAN bus attacks to contend with, something the manufacturers could have headed off had they only separated their on-board subsystems.

Continue reading “An Automotive Locksmith On The Flipper Zero And Car Theft”

MovieCart Plays Videos On The Atari 2600

February 23, 2024 by 11 Comments

The original Xbox and PlayStation 2 both let you watch DVD movies in addition to playing games. Seldom few consoles before or since offered much in the way of media, least of all the Atari 2600, which was too weedy to even imagine such feats. And yet, as covered by TechEBlog[Lodef Mode] built a cartridge that lets it play video.

It’s pretty poor quality video, but it is video! The MovieCart, as it is known, is able to play footage at 80×192 resolution, with a color palette limited by the capabilities of the Atari 2600 hardware. It’s not some sneaky video pass-through, either—the Atari really is processing the frames.

To play a video using the MovieCart, you first have to prepare it using a special utility that converts video into the right format for the cart. The generated video file is then loaded on a microSD card which is then inserted into the MovieCart. All you then have to do is put the MovieCart into the Atari’s cartridge slot and boot it up.  Sound is present too, in a pleasingly lo-fi quality. Control of picture brightness and sound volume is via joystick. You could genuinely watch a movie this way if you really wanted to. I’d put on House of Gucci.

Thanks to the prodigious storage available on microSD cards, you can actually play a whole feature length movie on the hardware this way. You can order a MovieCart of your very own from Tindie, and it even comes with a public domain copy of Night of the Living Dead preloaded on a microSD card.

We don’t see a big market for Atari 2600 movies, but it’s neat to see it done. Somehow it reminds us of the hacked HitClips carts from a while ago. Video after the break.

Continue reading “MovieCart Plays Videos On The Atari 2600”

Car Driving Simulators For Students, Or: When Simulators Make Sense

February 21, 2024 by 69 Comments

There are many benefits to learning to fly an airplane, drive a racing car, or operate some complex piece of machinery. Ideally, you’d do so in a perfectly safe environment, even when the instructor decides to flip on a number of disaster options and you find your method of transportation careening towards the ground, or the refinery column you’re monitoring indicating that it’s mere seconds away from going critical and wiping out itself and half the refinery with it.

Still, we send inexperienced drivers in cars onto the roads each day as they either work towards getting their driving license, or have passed their driving exam and are working towards gaining experience. It is this inexperience with dangerous situations and tendency to underestimate them which is among the primary factors why new teenage drivers are much more likely to end up in crashes, with the 16-19 age group having a fatal crash nearly three times as high as drivers aged 20 and up.

After an initial surge in car driving simulators being used for students during the 1950s and 1960s, it now appears that we might see them return in a modern format.

Continue reading “Car Driving Simulators For Students, Or: When Simulators Make Sense”

Why Stealing A Car With Flipper Zero Is A Silly Idea

February 15, 2024 by 27 Comments

In another regular installment of politicians making ridiculous statements about technology, Canada’s Minister of Innovation, Science and Industry, [François-Philippe Champagne], suggested banning Flipper Zero and similar devices from sale in the country, while accusing them of being used for ‘stealing cars’ and similar. This didn’t sit right with [Peter Fairlie] who put together a comprehensive overview video of how car thieves really steal cars. Perhaps unsurprisingly, the main method is CAN bus injection, for which a Flipper Zero is actually a terribly clumsy device. Rather you’d use a custom piece of kit that automates the process.

You can also find these devices being sold all over the internet as so-called ‘Emergency Start’ devices for sale all over the internet, all of which use weaknesses in the car’s CAN bus network. The common problem appears to be that with these days even the lights on the car being part of the CAN network, an attacker can gain access for injection purposes. This way no key fob is needed, and the ignition system can be triggered with the usual safeties and lockouts being circumvented.

Ultimately, although the Flipper Zero is a rather cutesy toy, it doesn’t do anything that cannot be done cheaper and more effectively by anyone with a bit of CAN bus knowledge and a disregard for the law.

Thanks to [Stephen Walters] for the tip.

Continue reading “Why Stealing A Car With Flipper Zero Is A Silly Idea”

How Much Longer Will Cars Have Cigarette Lighter Ports?

February 1, 2024 by 101 Comments

Depending on the age of your car, it might contain a round 12 V power outlet in the dash, or possibly in the elbow compartment. And depending on your own age, you might know that as the cigarette lighter port. Whereas this thing used to have a single purpose — lighting cigars and cigarettes via hot coil — there are myriad uses today, from charging a phone to powering a dash camera to running one of those tire-inflating machines in a roadside emergency.

But how did it come to be a power source inside the vehicle? And how long will it stick around? With smoking on the decline for several decades, fewer and fewer people have the need for a cigarette lighter than do, say, a way to charge their phone. How long will the power source survive in this configuration?

Continue reading “How Much Longer Will Cars Have Cigarette Lighter Ports?”

Cheap Hack Gets PCI-X Card Working In PCI Slot

February 1, 2024 by 10 Comments

PCI and PCI-X are not directly compatible, and you’d be forgiven for thinking that means you’re out of luck if you need to use a PCI-X card in a machine that only has basic PCI slots. And yet, that needn’t be the case. As [Peter] shows us, you can work around this with a cheap hacky hack. Our favorite kind!

[Peter] had a PCI-X RAID card that he wanted to use on his Socket 7-based computer. The 3ware 9550SX PCI-X card is 3.3 V only, and doesn’t fit in a typical PCI slot. It’s not compatible mechanically or electrically. Enter a PCI-X riser, which gets around the missing notch that would normally not let the card sit in the slot. Other than that, it just took masking off some pins to avoid damage from the 5 V rail. Throughput is good, too, reportedly sitting at roughly 60-70 MB/s.

The hard part is probably finding a PCI-X riser; PCI-Express stuff is far more common. Few of us need to deal with PCI-X anymore, but if you’re working on some ancient industrial hardware or something, this hack might just save your beans from the roast pot one day.

Continue reading “Cheap Hack Gets PCI-X Card Working In PCI Slot”