This Week In Security: The Time Kernel.org Was Backdoored And Other Stories

May 17, 2024 by 1 Comment

Researchers at Eset have published a huge report on the Ebury malware/botnet (pdf), and one of the high profile targets of this campaign was part of the kernel.org infrastructure. So on one hand, this isn’t new news, as the initial infection happened back in 2011, and was reported then. On the other hand, according to the new Eset report, four kernel.org servers were infected, with two of them possibly compromised for as long as two years. That compromise apparently included credential stealing or password cracking.

The Ebury attackers seem to gain initial access through credential stuffing — a huge list of previously captured credentials are tried one at a time. However, once the malware has a foothold in the network, a combination of automated and manual steps are taken to move laterally. The most obvious is to grab any private SSH keys from that system, and try using them to access other machines on the local network. Ebury also replaces a system library that gets called as a part of sshd, libkeyutils.so. This puts it in a position to quietly capture credentials.

For a targeted attack against a more important target, the people behind Ebury seem to go hands-on-keyboard, using techniques like Man-in-the-Middle attacks against SSH logins on the local network using ARP spoofing. In this case, someone was doing something nasty.

And that doesn’t even start to cover the actual payload. That’s nasty too, hooking into Apache to sniff for usernames and passwords in HTTP/S traffic, redirecting links to malicious sites, and more. And of course, the boring things you might expect, like sending spam, mining for Bitcoin, etc. Ebury isn’t exactly easy to notice, either, since it includes a rootkit module that hooks into system functions to hide itself. Thankfully there are a couple of ways to get a clean shell to look for the malware, like using systemd-run or launching a local shell on the system console.

And the multi-million dollar question: Who was behind this? Sadly we don’t know. A single arrest was made in 2014, and recovered files implicated another Russian citizen, but the latest work indicates this was yet another stolen identity. The rest of the actors behind Ebury have gone to great lengths to remain behind the curtain.

Continue reading “This Week In Security: The Time Kernel.org Was Backdoored And Other Stories”

Big Server Fan Becomes Fume Extractor

May 16, 2024 by 12 Comments

[Anthony Kouttron] wanted a fume extractor for his personal electronics lab, but he didn’t like the look of the cheap off-the-shelf units that he found. Ultimately, he figured it couldn’t be that hard to build own portable fume extractor instead.

The build is based around a mighty 110-watt centrifugal fan from an IBM server that’s rated at approximately 500 CFM. It’s a hefty unit, and it should be, given that it retails at over $200 on DigiKey. [Anthony] paired this fan with off-the-shelf HEPA and activated carbon filters. These are readily available from a variety of retailers. He didn’t want to DIY that part of the build, as the filter selection is critical to ensuring the unit actually captures the bad stuff in the air. He ended up building a custom power supply for the 12-volt fan, allowing it to run from common drill batteries for practicality’s sake.

Few of us have need for such a beefy fume extractor on the regular. Indeed, many hobbyists choose to ignore the risk from soldering or 3D printing fumes. Still, for those that want a beefy fume extractor they can build themselves, it might be worth looking over [Anthony]’s initial work.

We’ve seen some other great DIY fume extractors before, too. Even those that use drill batteries! If you’ve been cooking up your own solution, don’t hesitate to drop us a line!

DisplayPort: Hacking And Examples

May 16, 2024 by 16 Comments

So far, I’ve talked about why DisplayPort is the future, introduced the basics of how to work with it on the hacker level, took apart and tamed the DisplayPort altmode, and recently, went through the eDP (embedded DisplayPort) display technology. This time, I want to give you a project library to reference, so that your hacking goes as smoothly as possible – real-world examples of open-source DisplayPort boards, a few boards I’ve worked on, part numbers, and whatever other information you might need.

Even this wonderful build is not immune from wasting power on unnecessary video conversion

Over the past few years, I’ve noticed that a non-zero amount of cyberdeck builders buy eDP screens with HDMI converter boards on Aliexpress, then connect them to SBCs using USB-C to HDMI adapters, or ignore the onboard eDP port; even this super cool Framework-based cyberdeck has done that! I get that it’s the simplest option, but I do believe that you ought to know how to improve it. The issue is that this double-conversion decreases the battery life significantly by burning two extra ASICs doing video conversion back and forth. Every hour of battery life matters in a cyberdeck, doubly so if it’s based on a low-power device already – you could easily cut your battery life in half if you’re not careful!

With these projects and references in your arsenal, my aim is that DisplayPort becomes way more comfortable for you to work with. Thankfully, there are quite a few projects to reference by now – let’s delve in.

Right out of the gate – are you looking for an SBC with DisplayPort support? The BoardDB website, a database of single-board computers, has a DisplayPort filter – click this link with the filter already enabled and browse through.

Continue reading “DisplayPort: Hacking And Examples”

A thickness gauge, letter scale, push stick, and dial caliper

Measure Three Times, Design Once

May 16, 2024 by 35 Comments

Most of the Hackaday community would never wire a power supply to a circuit without knowing the expected voltage and the required current. But our mechanical design is often more bodged. We meet folks who carefully budget power to their microcontroller, sensors, and so on, but never measure the forces involved in their mechanical designs. Then they’re surprised when the motor they chose isn’t big enough for the weight of their robot.

An obstacle to being more numbers oriented is lack of basic data about the system. So, here are some simple tools for measuring dynamic properties of small mechanisms; distances, forces, velocities, accelerations, torques, and other things you haven’t thought about since college physics. If you don’t have these in your toolkit, how do you measure?

Continue reading “Measure Three Times, Design Once”

A Slice Of Simulation, Google Sheets Style

May 15, 2024 by 9 Comments

Have you ever tried to eat one jelly bean or one potato chip? It is nearly impossible. Some of us have the same problem with hardware projects. It all started when I wrote about the old bitslice chips people used to build computers before you could easily get a whole CPU on a chip. Bitslice is basically Lego blocks that build CPUs. I have always wanted to play with technology, so when I wrote that piece, I looked on eBay to see if I could find any leftovers from this 1970-era tech. It turns out that the chips are easy to find, but I found something even better. A mint condition AM2900 evaluation board. These aren’t easy to find, so the chances that you can try one out yourself are pretty low. But I’m going to fix that, virtually speaking.

This was just the second potato chip. Programming the board, as you can see in the video below, is tedious, with lots of binary switch-flipping. To simplify things, I took another potato chip — a Google Sheet that generates the binary from a quasi-assembly language. That should have been enough, but I had to take another chip from the bag. I extended the spreadsheet to actually emulate the system. It is a terrible hack, and Google Sheets’ performance for this sort of thing could be better. But it works.

Continue reading “A Slice Of Simulation, Google Sheets Style”

PCB Design Review: HDMI To LVDS Sony Vaio LCD Devboard

May 14, 2024 by 23 Comments

Today, we revisit another board from [Exentio] – a HDMI/DVI to LVDS transmitter for the Sony Vaio P display. This board is cool to review – it has a high-speed serial interface, a parallel interface, a healthy amount of power distribution that can be tricky to route, and many connectors to look over.

I’ve decided to show this review to you all because it demonstrates a PCB improvement concept we haven’t yet touched upon, that you should absolutely know about when doing board layout. Plus, I get a chance to talk about connector choice considerations!

The board is lovely. It integrates the DPI-LVDS circuit we’ve previously reviewed, but also a HDMI to parallel RGB chip from Texas Instruments, TFP401, a chip appreciated enough that even Adafruit has adapters with it. The fun thing about this chip is that it doesn’t even handle EDID like the usual HDMI to RGB/LVDS chips you get on cheap Aliexpress boards. So, there’s no firmware to take care of – it just receives a HDMI/DVI signal, converts it into parallel RGB, then converts that to LVDS, and off to the display it goes. The downside is that you have to provide your own EDID with an EEPROM, but that isn’t that tricky.

Again, this is a two-layer board, and, again, I like this – fitting tracks to the smallest possible space is a respectable and enjoyable challenge. This board has absolutely done well by this challenge. I do see how this board could be routed in an even better way, however, and it could be way way cleaner as a result. For a start, rotating the chip would improve the odds a whole lot.

The Chip Gets Rotated

Continue reading “PCB Design Review: HDMI To LVDS Sony Vaio LCD Devboard”

Hackaday Links Column Banner

Hackaday Links: May 12, 2024

May 12, 2024 by 9 Comments

Don’t pack your bags for the trip to exoplanet K2-18b quite yet — it turns out that the James Webb Space Telescope may not have detected signs of life there after all. Last year, astronomers reported the possible presence of dimethyl sulfide there, a gas that (at least on Earth) is generally associated with phytoplankton in the ocean. Webb used its infrared spectrometer instruments to look at the light from the planet’s star, a red dwarf about 111 light-years away, as it passed through the hydrogen-rich atmosphere. The finding was sort of incidental to the discovery of much stronger signals for methane and carbon dioxide, but it turns out that the DMS signal might have just been overlap from the methane signal. It’s too bad, because K2-18b seems to be somewhat Earth-like, if you can get over the lack of oxygen and the average temperature just below freezing. So, maybe not a great place to visit, but it would be nice to see if life, uh, found a way anywhere else in the universe.

Attention Fortran fans: your favorite language isn’t quite dead yet. In fact, it cracked the top ten on one recent survey, perhaps on the strength of its numerical and scientific applications. The “Programming Community Index” is perhaps a bit subjective, since it’s based on things like Google searches for references to particular languages. It’s no surprise then that Python tops such a list, but it’s still interesting that there’s enough interest in a 67-year-old programming language to make it onto the list. We’d probably not advise building a career around Fortran, but you never know.

Continue reading “Hackaday Links: May 12, 2024”