classic hacks

2667 Articles

Researchers Break FPGA Encryption Using FPGA Encryption

April 23, 2020 by 18 Comments

FPGAs are awesome — they can be essentially configured into becoming any computing device you want. Simply load your selected bitstream into the device on boot, and it behaves like a different piece of hardware. With great power comes great responsibility.

You might try to hack a given FPGA system by getting between the EEPROM that stores the bitstream and the FPGA during bootup, but FPGA manufacturers are a step ahead of you. Xilinx 7 series FPGAs have an onboard encryption and signing engine, and facilities for storing a secret key. Once the security bit is set, bitstreams coming in have to be encrypted to protect from eavesdropping, and HMAC-signed to assure that they are authentic. You can’t simply read the bitstream in transit or inject your own.

Researchers at Ruhr University Bochum and Max Planck Institute for Cybersecurity and Privacy in Germany have figured out a way to use the FPGA’s own encryption engine against itself to break both of these security guarantees for the entire mainstream 7-series. The attack abuses a MultiBoot function that allows you to specify an address to begin execution after reboot. The researchers send 32 bits of the encoded payload as a MultiBoot address, the FPGA decrypts it and stores it in a register, and then resets because their command wasn’t correctly HMAC signed. But because the WBSTAR register is meant to be readable on boot after reset, the payload is still there in its decrypted form. Repeat for every 32 bits in the bitstream, and you’re done.

Pulling off this attack requires physical access to the FPGA’s debug pins and up to 12 hours, so you only have to worry about particularly dedicated adversaries, but the results are catastrophic — if you can reconfigure an FPGA, you can make it do essentially anything. Security-sensitive folks, we have three words of consolation for you: “restrict physical access”.

What does this mean for Hackaday? If you’re looking at a piece of hardware with a hardened Xilinx 7-series FPGA in it, you’ll be able to use it, although it’s horribly awkward for debugging due to the multi-hour encryption procedure. Anyone know of a good side-channel bootloader for these chips? On the other hand, if you’re just looking to dig secrets out from the bitstream, this is a one-time cost.

This hack is probably only tangentially relevant to the Symbiflow team’s effort to reverse-engineer an open-source toolchain for this series of FPGAs. They are using unencrypted bitstreams for all of their research, naturally, and are almost done anyway. Still, it widens the range of applicability just a little bit, and we’re all for that.

[Banner image is a Numato Lab Neso, and comes totally unlocked naturally.]

3D Print Your Way To A Bartop Arcade Cabinet

April 22, 2020 by 3 Comments

Custom arcade machines have always been a fairly common project in the hacker and maker circles, but they’ve really taken off with the advent of the Raspberry Pi and turn-key controller kits. With all the internals neatly sorted, the only thing you need to figure out is the cabinet itself. Unfortunately, that’s often the trickiest part. Without proper woodworking tools, or ideally a CNC router, it can be tough going to build a decent looking cabinet out of the traditional MDF panels.

But if you’re willing to leave wood behind, [Gerrit Gazic] might have a solution for you. This bartop arcade, which he calls the simplyRetro D8, uses a fully 3D printed cabinet. He’s gone through the trouble of designing it so there are no visible screw holes, so it looks like the whole thing was hewn from a chunk of pure synthwave ore. He notes that this can make the assembly somewhat tricky in a few spots, but we think it’s a worthy compromise.

Given the squat profile of the simplyRetro, the internals are packed in a bit tighter than we’re accustomed to seeing in a arcade build. But there’s still more than enough room for the Raspberry Pi, eight inch touch screen HDMI panel, and all the controls. To keep things as neat as possible, [Gerrit] even added integrated zip tie mount points; a worthwhile CAD tip that’s certainly not limited to arcade cabinets.

[Gerrit] has included not only the STL files for this design, but also the Fusion 360 Archive should you want to make any modifications. There’s also a complete Bill of Materials, as well as detailed instructions on how to pull it all together. If you’ve ever wanted your own arcade machine but felt a bit overwhelmed about figuring out all the nuances on your own, the simplyRetro could be the project you’ve been waiting for.

Of course if you do have access to a CNC or laser cutter, then there are some designs you could produce quite a bit faster.

A Jaw-Dropping Demo In Only 256 Bytes

April 21, 2020 by 58 Comments

“Revision” is probably the Olympics of the demoscene. The world’s best tiny graphics coders assemble, show off their works, and learn new tricks to pack as much awesome into as few bytes as possible or make unheard-of effects on limited hardware. And of course, there’s a competition. Winning this year’s 256-byte (byte!) competition, and then taking the overall crowd favorite award, was [HellMood]’s Memories.

If you watch it in the live-stream from Revision, you’ll hear the crowd going (virtually) wild, and the announcer losing his grip and gasping for words. It’s that amazing. Not only are more effects put into 28 bytes than we thought possible, but there’s a full generative MIDI score to go with it. What?!?

But almost as amazing is [HellMood]’s generous writeup of how he pulled it off. If you’re at all interested in demos, minimal graphics effects, or just plain old sweet hacks, you have your weekend’s reading laid out for you. [HellMood] has all of his references and influences linked in as well. You’re about to go down a very deep rabbit hole.

Continue reading “A Jaw-Dropping Demo In Only 256 Bytes”

Dissecting A Mechanical Voltage Regulator

April 20, 2020 by 55 Comments

When the fuel gauge of his 1975 Triumph Spitfire started going off the scale, the collected knowledge of the Internet indicated that [smellsofbikes] needed to replace a faulty voltage regulator behind the dash. For most people, that would be the end of the story. But he, like everyone who’s reading this right now, really wanted to see what the inside of a 45 year old voltage regulator looked like.

After prying open the metal case, he discovered that not only is the regulator mechanical in nature, but there’s even a tiny screw that allows you to adjust the output voltage. Luckily for us, not only is [smellsofbikes] curious enough to open it up, but he’s also got the tools and knowledge to explain how it works in the video after the break.

Put simply, the heart of the regulator is a bimetallic strip with a coil of wire wrapped around it. When power from the battery is passed through the coil it acts as a heater, which makes the strip move up and break the connection to the adjustable contact. With the connection broken and the heating coil off the strip rapidly cools, and in doing so returns to its original position and reconnects the heater; thus starting the process over again.

These rapid voltage pulses average out to around 10 VDC, though [smellsofbikes] notes that you can’t actually measure the output voltage of the regulator with a meter because it moves around too much to get any sort of accurate reading. He also mentions a unique quirk of this technology: due to the force of gravity acting on the bimetallic strip, the output of the regulator will actually change depending on its mounting orientation.

On the oscilloscope, [smellsofbikes] is able to show us what the output actually looks like. As you might expect, it looks like a mess to 21st century eyes. But these were simpler times, and it should go without saying there aren’t any sensitive electronics in a sports car from 1975. Interestingly, he says he’s now replaced the mechanical assembly with a modern regulator chip. Here’s hoping we’re around long enough to see if he gets another 50 years out of it.

Continue reading “Dissecting A Mechanical Voltage Regulator”

Wood And Carbon Rods Used For This Handsome And Effective Microphone

April 18, 2020 by 20 Comments

Anyone who was active in the phreaking scene or was even the least bit curious about the phone system back in the Ma Bell days no doubt remembers the carbon capsule microphone in the mouthpiece of many telephone handsets. With carbon granules sandwiched between a diaphragm and a metal plate, they were essentially sound-driven variable resistors, and they worked well enough to be the standard microphone for telephony for decades.

In an attempt to reduce complicated practices to their fundamentals, [Simplifier] has undertaken this surprisingly high-fidelity carbon microphone build that hearkens back to the early days of the telephone. It builds on previous work that was more proof of concept but still impressive. In both builds, the diaphragm of the microphone is a thin piece of wood, at first carved from a single block of softwood, then later improved by attaching a thin piece of pine to a red oak frame. The electrical side of the mic has four carbon rods running from the frame to the center of the diaphragm, where they articulate in a carbon block with small divots dug into it. As the diaphragm vibrates, the block exerts more or less pressure on the rods, varying the current across the mic and reproducing the sound. It works quite well, judging by the video after the break.

Congratulations to [Simplifier] for another great build and top-notch craftsmanship. We’ve seen homebrew vacuum tubes, conductive glass, and solar cells from him before, which sort of makes him the high-tech version of Primitive Technology. We’re looking forward to whatever comes next. Continue reading “Wood And Carbon Rods Used For This Handsome And Effective Microphone”

Belt The Quarantine Blues Into A Homemade Mic

April 12, 2020 by 15 Comments

If there’s any psychological good to be gleaned from quarantine, it’s that people are using the time to finish old projects while starting plenty of new ones. If you’re running out of ideas, or just want to feel better by doing some in-house recycling, dump out that bin and make a simple microphone.

All you need is some PETE #1 plastic, a piezo disk, and the right kind of tin can. The plastic gets heat-fused to the rolled edge of the can, and since it gets stretched and shrunk in the process, it forms a tight membrane that doubles as a percussion instrument.

You do your shouting into the other end, and your sound waves vibrate the membrane. The piezo picks up the vibrations and sends them to a 1/4″ jack so you can plug it into an amp.

Even if you are somehow sidestepping the blues, you can always use this to yell at people who threaten to get too close to you. This fun project is about as open as it gets, but we’re sure that you can think of ways around using a piezo disk. Let us know in the comments after you check out [Ham-made]’s music video.

We like [Ham-made]’s method for cutting down the juice jug without cutting into yourself. Just clamp a razor blade into your vise and move jug against it. Reminds us of another way to easily reuse plastic soda bottles by making them into rope.

Continue reading “Belt The Quarantine Blues Into A Homemade Mic”

Impressive Lever-Press Espresso Machine Has Finesse

April 8, 2020 by 8 Comments

Some people will do anything for a good cup of coffee, and we don’t blame them one bit — we’ve been known to pack up all our brewing equipment for road trips to avoid being stuck with whatever is waiting in the hotel room.

While this stylish lever-based industrial coffee machine made by [exthemius] doesn’t exactly make textbook espresso, it’s pretty darn close. Think of it like an Aeropress on steroids, or more appropriately, bulletproof coffee. As you can see in the demo after the break, the resulting coffee-spresso hybrid brew looks quite tasty.

Here’s how it works: finely-ground beans go in a pressurized portafilter basket that was scavenged from an entry-level prosumer espresso machine. Pour boiling water into the top of the cylinder, and pull the giant lever down slowly to force it through the portafilter. Presto, you’re in thin, brown flavor town.

We love the piston-esque plunger that [exthemius] made by layering washers and rubber gaskets up like a tiramisu. Although there are no plans laid out, there’s probably enough info in the reddit thread to recreate it.

If you ever do find yourself stuck with hotel house brand, soak it overnight to make it much more palatable.

Continue reading “Impressive Lever-Press Espresso Machine Has Finesse”