A ZX Spectrum Raytracer, In BASIC

January 26, 2024 by Dave Rowntree 12 Comments

[Gabriel Gambetta] knows a few things about ray tracers, being the author of Tiny Raytracer, a raytracer written in just 912 bytes of JavaScript. As a long-time fellow sufferer of the UK-designed ZX Spectrum, could these two love affairs be merged? Could the Tiny Raytracer fit on the ZX Spectrum? In BASIC? The answer is an affirmative, albeit with our beloved speccy’s many limitations.

Ray tracing with only 15 primary colours

The story starts with [Gabriel]’s Computer Graphics From Scratch (CGFS) raytracer algorithms and an existing code base that was ported to the ZX Spectrum’s very limited BASIC dialect, using VSCode for editing, BAS2TAP to generate a tape image file (essentially an audio track) and executed with FUSE. With the toolchain sorted, [Gabriel] adds just enough code to deal with the ray intersection equations of a sphere, and renders a three-sphere scene to a 32×22 pixel colour image, taking a mere 15 minutes of runtime. Fellow sufferers will remember the spectrum had a 32×22 block attribute array (or colour array) with two colour values for foreground and background pixels. Each attribute block contains 8×8 pixels, each of which could be foreground (on) or background (off.) The next stage was then to expand the code to handle pixels as well as blocks, by simply expanding the raytracing to the full 256×176 resolution, and for each block simply determine the two most common colours, and run with those for the whole block. It sort of works, in a very spectrum-esq ‘attribute clash’ kind of fashion.

Continue reading “A ZX Spectrum Raytracer, In BASIC“ →

Laptop Memory Upgradable Again

January 14, 2024 by Bryan Cockfield 38 Comments

For some computing components, the bottleneck to improved speed and performance hasn’t been power consumption or clock speed but physical space. But a new memory standard may provide all of the power and space-saving benefits of soldered memory modules without losing any upgradability.

The standard is called compression attached memory modules (CAMM) and provides a way for small form factor computers to have upgradable memory without needing dual in-line memory module (DIMM) slots. Unlike DIMM, though, CAMM modules allow for modern high-speed low-power memory to be used and can take advantage of dual-channel properties even if only one memory module is installed. CAMM modules are held in place with small screws, similar to modern M.2 drives, and don’t have the massive footprint of a DIMM slot. This allows laptop manufacturers to save nearly as much space as having soldered memory.

While this won’t solve the problem of computer manufacturers offering only soldered memory as a cash-grab, hopefully, some take the new standard under their wing for those of us who value the upgradability of our hardware. There are of course some problems with newer standards, but right now it seems like the only other viable option is soldered modules or slower, heavier computers. Some may argue that these soldered-on modules can be upgraded in theory, but not without considerable effort.

The Hobbes OS/2 Archive Will Shut Down In April

January 10, 2024 by Maya Posch 27 Comments

The Hobbes OS/2 Archive is a large collection of OS/2 software that has been publicly available for many years, even as OS/2 itself has mostly faded into obscurity. Yet now it would appear that the entity behind the Hobbes OS/2 Archive, the Information & Communication Technologies department at the New Mexico State University, has decided to call it quits — with the site going permanently offline on April 15th, 2024.

Fortunately, from a cursory glance around the comment sections over at Hacker News and other places, it seems that backup efforts have already been made, and the preservation of the archive’s contents should be secure at this point in time. Regardless, it is always a shame to lose such a central repository, especially since IBM’s OS/2 operating system is still anything but dead. Whether for hobbyist, industrial or commercial use, there is still a vibrant community around today, as we noted in 2019 already in relation to the NYC’s subway system.

Beyond downloaded copies and boxed CDs bought on EBay, you can even get a modernized version of OS/2 called ArcaOS, which even comes with commercial support. Whatever the fate is of the Hobbes OS/2 Archive’s data, we hope it finds a loving new home somewhere.

Two pictures of the mobo side by side, both with kapton tape covering everything other than the flash chip. On the left, the flash chip is populated, whereas on the right it's not

Enabling Intel AMT For BIOS-over-WiFi

January 5, 2024 by Arya Voronova 28 Comments

Intel ME, AMT, SMT, V-Pro… All of these acronyms are kind of intimidating, all we know about them is that they are tied to remote control technologies rooted deep in Intel CPUs, way deeper than even operating systems go. Sometimes though, you want remote control for your own purposes, and that’s what [ABy] achieved. He’s got a HP ProDesk 600 G3 Mini, decided to put it into a hard to reach spot in his flat, somewhere you couldn’t easily fetch a monitor and a keyboard for any debugging needs. So, he started looking into some sort of remote access option in case he’d need to access the BIOS remotely, and went as far as it took to make it work. (Google Translate)

The features he needed are covered by Intel AMT — specifically, BIOS access over a WiFi connection. However, his mini PC only had SMT enabled from the factory, the cut-down version of AMT without features like wireless support. He figured out that BIOS dumping was the way, promptly did just that, found a suitable set of tools for his ME region version, and enabled AMT using Intel’s FIT (Flash Image Tool) software.

Now, dumping the image could be done from a running system fully through software, but apparently, flashing back requires an external programmer. He went with the classic CH341, did the 3.3 V voltmod that’s required to make it safe for flash chip use, and proceeded to spend a good amount of time making it work. Something about the process was screwy, likely the proprietary CH341 software. Comments under the article highlight that you should use flashrom for these tasks, and indeed, you should.

This article goes into a ton of detail when it comes to working with Intel BIOS images — whichever kind of setting you want to change, be it AMT support or some entirely different but just as tasty setting, you will be well served by this write-up. Comments do point out that you might want to upgrade the Intel ME version while at it, and for what it’s worth, you can look into disabling it too; we’ve shown you a multitude of reasons why you should, and a good few ways you could.

It’s Pronounced GIF

January 2, 2024 by Jenny List 197 Comments

As the holiday season is upon us and a Hackaday scribe sits protected from the incoming Atlantic storms in her snug eyrie, it’s time for her to consider the basics of her craft. Writing, spelling, and the English language; such matters as why Americans have different English spellings from Brits, but perhaps most important of them all for Hackaday readers; is it “gif”, or is is “jif”? This or the jokey sentence about spellings might be considered obvious clickbait, but instead they’re a handle to descend into the study of language. Just how do we decide the conventions of our language, and should we even care too much about them?

Don’t Believe Everything You Read in School

A picture of an American classroom in 1004 — Not everything you learn here is worth holding on to. Harrison Keely, CC BY 4.0.

We are sent to school to Learn Stuff. During that time we are deprived of our liberty as a succession of adults attempt year after year to cram our heads with facts. Some of it we find interesting and other parts not so much, but for the majority of it, we are discouraged from thinking for ourselves and are instead expected to learn by rote a set of fixed curricula.

Thus while writers have to discover for themselves that English is a constantly evolving language through which they can break free of these artificial bounds that school has imposed upon them, far too many people remain afraid to put their head above the linguistic parapet.

The result is that perceived deviations from the rules are jumped upon by those afraid to move with the language, and we even find our own linguistic Holy Wars to fight. The one mentioned above about “gif” versus “jif” is a great example, does it really matter that much whether you pronounce it with a hard “G” because that’s how most people say it, or as though it were a “J” because the creator of the file format said it that way? Not really, because English is an evolving language in the hands of those who speak it, not those of the people who write school books. Continue reading “It’s Pronounced GIF” →

An exploded view render of a red 3D printed case with a green PCB is inside with visible USB-A connectors with a mouse and keyboard graphic above each and "A" and "B" labels above USB-C connectors on the other side.

Building A Better Keyboard And Mouse Switch

December 26, 2023 by Navarre Bartz 38 Comments

Switching inputs between desktops seems like something that should be simple but can prove to be a pain in reality. [Hrvoje Cavrak] decided to take matters into his own hands and build a better keyboard and mouse switch.

DeskHop is built from two Raspberry Pi Pico boards connected via UART and separated by an Analog Devices ADuM1201 dual-channel digital isolator. Through the magic of Pico-PIO-USB these RP2040s can be both host and device. To keep things simple, the PCB is single-sided, and the BOM only has five distinct components.

Once hooked up to your Windows, Mac, or Linux device, your mouse pointer “magically” goes from one screen to the other when dragged across the screen edge. Keyboard LEDs can be reprogrammed to indicate which device is active, and the real beauty of the device is that since it’s a hardware solution, you don’t have to install any software on a computer you might not have admin access to.

If you want to see some more ideas for keyboard and mouse switching, check out this Pi KVM with ATX signaling, this USB triplexer, or this Pi KVM on a PCIe card.

This Week In Security: Terrapin, Seized Unseized, And Autospill

December 22, 2023 by Jonathan Bennett 5 Comments

There’s a new SSH vulnerability, Terrapin (pdf paper), and it’s got the potential to be nasty — but only in an extremely limited circumstance. To understand the problem, we have to understand what SSH is designed to do. It replaces telnet as a tool to get a command line shell on a remote computer. Telnet send all that text in the clear, but SSH wraps it all inside a public-key encrypted tunnel. It was designed to safely negotiate an unfriendly network, which is why SSH clients are so explicit about accepting new keys, and alerting when a key has changed.

SSH uses a sequence counter to detect Man-in-the-Middle (MitM) shenanigans like packet deletion, replay, or reordering. That sequence isn’t actually included in the packet, but is used as part of the Message Authentication Check (MAC) of several encryption modes. This means that if a packet is removed from the encrypted tunnel, the MAC fails on the rest of the packets, triggering a complete connection reset. This sequence actually starts at zero, with the first unencrypted packet sent after the version banners are exchanged. In theory, this means that an attacker fiddling with packets in the pre-encryption phase will invalidate the entire connection as well. There’s just one problem.

The innovation from the Terrapin researchers is that an attacker with MitM access to the connection can insert a number of benign messages in the pre-encryption phase, and then silently drop the first number of messages in the encrypted phase. Just a little TCP sequence rewriting for any messages between, and neither the server nor client can detect the deception. It’s a really interesting trick — but what can we do with it?

For most SSH implementations, not much. The 9.6 release of OpenSSH addresses the bug, calling it cryptographically novel, but noting that the actual impact is limited to disabling some of the timing obfuscation features added to release 9.5.

Continue reading “This Week In Security: Terrapin, Seized Unseized, And Autospill” →