Portal 2 Becomes An Impressively Capable Web Server

June 1, 2025 by 5 Comments

Portal 2 is mostly known as the successful sequel to Valve’s weird physics platformer, Portal. It’s not really known for being a webserver. That might change, though, given the hard work of [PortalRunner].

Quite literally, [PortalRunner] hacked the Source engine and Portal 2 to actually run a working HTTP web server. That required setting up the code to implement a TCP network socket that was suitable for web traffic, since the engine primarily functions with UDP sockets for multiplayer use. This was achieved with a feature initially put in the Source engine for server management in the Left 4 Dead games. From there, the game engine just had to be set up to reply to HTTP requests on that socket with the proper responses a visiting browser expects. If the game engine responds to a browser’s connection request with a bunch of HTML, that’s what the browser will display. Bam! You’ve got a web server running in Portal 2.

From there, [PortalRunner] went further, setting things up so that the status of in-game objects effects the HTML served up to visiting web browsers. Move objects in the game, and the served web page changes. It’s pretty fun, and the complexity and features [PortalRunner] implements only get more advanced from there. When he gets into stacking companion cubes to write HTML in visual form, you’ll want to applaud the Minecraftian glory of it all.

The devil is really in the details on this one, and it’s a great watch. In reality, making Portal 2 into a simple web server is far easier than you might have thought possible. Valve’s physics masterpiece really is popular with hackers; we see it popping up around here all the time. Video after the break.

Continue reading “Portal 2 Becomes An Impressively Capable Web Server”

This Week In Security: CIA Star Wars, Git* Prompt Injection And More

May 30, 2025 by 3 Comments

The CIA ran a series of web sites in the 2000s. Most of them were about news, finance, and other relatively boring topics, and they spanned 29 languages. And they all had a bit of a hidden feature: Those normal-looking websites had a secret login and hosted CIA cover communications with assets in foreign countries. A password typed in to a search field on each site would trigger a Java Applet or Flash application, allowing the spy to report back. This isn’t exactly breaking news, but what’s captured the Internet’s imagination this week is the report by [Ciro Santilli] about how to find those sites, and the fact that a Star Wars fansite was part of the network.

This particular CIA tool was intended for short-term use, and was apparently so effective, it was dragged way beyond it’s intended lifespan, right up to the point it was discovered and started getting people killed. And in retrospect, the tradecraft is abysmal. The sites were hosted on a small handful of IP blocks, with the individual domains hosted on sequential IP addresses. Once one foreign intelligence agency discovered one of these sites, the rest were fairly easily identified.
Continue reading “This Week In Security: CIA Star Wars, Git* Prompt Injection And More”

An Open-Source Wii U Gamepad

May 19, 2025 by 8 Comments

Although Nintendo is mostly famous for making great games, they also have an infamous reputation for being highly litigious not only for reasonable qualms like outright piracy of their games, but additionally for more gray areas like homebrew development on their platforms or posting gameplay videos online. With that sort of reputation it’s not surprising that they don’t release open-source drivers for their platforms, especially those like the Wii U with unique controllers that are difficult to emulate. This Wii U gamepad emulator seeks to bridge that gap.

The major issue with the Wii U compared to other Nintendo platforms like the SNES or GameCube is that the controller looks like a standalone console and behaves similarly as well, with its own built-in screen. Buying replacement controllers for this unusual device isn’t straightforward either; outside of Japan Nintendo did not offer an easy path for consumers to buy controllers. This software suite, called Vanilla, aims to allow other non-Nintendo hardware to bridge this gap, bringing in support for things like the Steam Deck, the Nintendo Switch, various Linux devices, or Android smartphones which all have the touch screens required for Wii U controllers. The only other hardware requirement is that the device must support 802.11n 5 GHz Wi-Fi.

Although the Wii U was somewhat of a flop commercially, it seems to be experiencing a bit of a resurgence among collectors, retro gaming enthusiasts, and homebrew gaming developers as well. Many games were incredibly well made and are still experiencing continued life on the Switch, and plenty of gamers are looking for the original experience on the Wii U instead. If you’ve somehow found yourself in the opposite position of owning of a Wii U controller but not the console, though, you can still get all the Wii U functionality back with this console modification.

Thanks to [Kat] for the tip!

Escaping US Tech Giants Leads European YouTuber To Open Source

May 17, 2025 by 113 Comments

The video (embedded below) by [TechAltar] is titled “1 Month without US tech giants“, but it could have been titled “1 Month with Open Source Tools” — because, as it turns out, once you get out of the ecosystem set up by the US tech giants, you’re into the world of open source software (OSS) whether you want to be or not.

From a (German-made) Tuxedo laptop running their own Linux distro to a Fairphone with e/OS (which is French), an open version of Android, [TechAlter] is very keen to point out whenever Europeans are involved, which is how we learned that KDE has a physical headquarters, and that it’s in Berlin. Who knew?

He also gives his experiences with NextCloud (also German), can be used as an OSS alternative Google Workspaces that we’ve written about before, but then admits that he was the sole user on his instance. To which one must question: if you’re the sole user, why do you need a cloud-based collaborative environment? To try it out before getting collaborators involved, presumably.

Regardless what you think of the politics motivating this video, it’s great to see open source getting greater traction. While [TechAltar] was looking for European alternatives, part of the glory of open source is that it doesn’t matter where you’re from, you can still contribute. (Unless you’re Russian.) Have you found yourself using more open source software (or hardware) of late? Do you think the current political climate could lead to a broadening of its reach? Is this the year of the linux desktop? Let us know what you think in the comments. Continue reading “Escaping US Tech Giants Leads European YouTuber To Open Source”

RTEMS Statement Deepens Libogc License Controversy

May 14, 2025 by 41 Comments

Earlier this month we covered the brewing controversy over libogc, the community-developed C library that functions as the backbone for GameCube and Wii homebrew software. Questions about how much of the library was based on leaked information from Nintendo had been circulating for decades, but the more recent accusations that libogc included code from other open source projects without proper attribution brought the debate to a head — ultimately leading Wii Homebrew Channel developer Hector Martin to archive the popular project and use its README as a central point to collect evidence against libogc and its developers.

At the time, most of the claims had to do with code being taken from the Real-Time Executive for Multiprocessor Systems (RTEMS) project. Martin and others in the community had performed their own investigations, and found some striking similarities between the two codebases. A developer familiar with both projects went so far as to say that as much as half the code in libogc was actually lifted from RTEMS and obfuscated so as to appear as original work.

While some of these claims included compelling evidence, they were still nothing more than accusations. For their part, the libogc team denied any wrongdoing. Contributors to the project explained that any resemblance between libogc code and that of either leaked Nintendo libraries or other open source projects was merely superficial, and the unavoidable result of developing for a constrained system such as a game console.

But that all changed on May 6th, when the RTEMS team released an official statement on the subject. It turns out that they had been following the situation for some time, and had conducted their own audit of the libogc code. Their determination was that not only had RTEMS code been used without attribution, but that it appeared at least some code had also been copied verbatim from the Linux kernel — making the license dispute (and its solution) far more complex.

Continue reading “RTEMS Statement Deepens Libogc License Controversy”

Move Over, Lithophane: 3D Printed 3D Photos With Gaussian Splats

May 10, 2025 by 24 Comments

If you had asked us yesterday “How do you 3D Print a Photo”, we would have said “well, that’s easy, do a lithophane”– but artist, hacker and man with a very relaxing voice [Wyatt Roy] has a much more impressive answer: Gaussian splats, rendered in resin.

Gaussian splats are a 3D scanning technique aimed at replicating a visual rather than geometry, like the mesh-based 3D-scanning we usually see on Hackaday. Using photogrammetry, a point cloud is generated with an associated 3D Gaussian function describing the colour at that point. Blend these together, and you can get some very impressive photorealistic 3D environments. Of course, printing a Gaussian smear of colour isn’t trivial, which is where the hacking comes in.

Continue reading “Move Over, Lithophane: 3D Printed 3D Photos With Gaussian Splats”

Libogc Allegations Rock Wii Homebrew Community

May 1, 2025 by 59 Comments

Historically, efforts to create original games and tools, port over open source emulators, and explore a game console’s hardware and software have been generally lumped together under the banner of “homebrew.” While not the intended outcome, it’s often the case that exploring a console in this manner unlocks methods to run pirated games. For example, if a bug is found in the system’s firmware that enables a clever developer to run “Hello World”, you can bet that the next thing somebody tries to write is a loader that exploits that same bug to play a ripped commercial game.

But for those who are passionate about being able to develop software for their favorite game consoles, and the developers who create the libraries and toolchains that make that possible, the line between homebrew and piracy is a critical boundary. The general belief has always been that keeping piracy at arm’s length made it less likely that the homebrew community would draw the ire of the console manufacturers.

As such, homebrew libraries and tools are held to a particularly high standard. Homebrew can only thrive if developed transparently, and every effort must be taken to avoid tainting the code with proprietary information or code. Any deviation could be the justification a company like Nintendo or Sony needs to swoop in.

Unfortunately, there are fears that covenant has been broken in light of multiple allegations of impropriety against the developers of libogc, the C library used by nearly all homebrew software for the Wii and GameCube. From potential license violations to uncomfortable questions about the origins of the project, there’s mounting evidence that calls the viability of the library into question. Some of these allegations, if true, would effectively mean the distribution and use of the vast majority of community-developed software for both consoles is now illegal.

Continue reading “Libogc Allegations Rock Wii Homebrew Community”