BSD Breathes New Life Into Obsolete Equipment

January 4, 2019 by Bryan Cockfield 26 Comments

An old laptop or desktop computer that’s seen better days might still have a little bit of use left in it for a dedicated task. Grabbing a lightweight flavor of Linux and running a web server, firewall, or Super Nintendo emulator might get a few more years out of it. You can also get pretty creative repurposing obsolete single purpose machines, as [Kristjan] did with some old Cisco server equipment.

The computer in question isn’t something commonly found, either. It’s an intrusion detection system meant to mount in a server rack and protect the server itself from malicious activity. While [Kristjan] mentions that Cisco equipment seems to be the definition of planned obsolescence, we think that this Intel Celeron machine with an IDE hard drive may have gone around the bend quite some time ago. Regardless, it’s modern enough to put back to work in some other capacity.

To that end, a general purpose operating system was installed, and rather than use Linux he reached for BSD to get the system up and running. There’s one other catch, though, besides some cooling issues. Since the machine was meant to be used in a server, there’s no ACPI which means no software shutdown capability. Despite all the quirks, you can still use it to re-implement a network security system if you wanted to bring it full-circle.

Add A Trackpoint To A Mechanical Keyboard

January 2, 2019 by Rich Hawkes 19 Comments

People love their tech, and feel like something’s missing when it’s not there. This is the story of one person’s desire to have the venerable trackpoint in their new keyboard.

[Klapse] loves a Lenovo old-style non-chicklet keyboard, so, despite the cost, five were ordered. They very quickly ended up with keys that didn’t work, although the trackpoints still did. After buying a sixth which ended up the same, [Klapse] decided that maybe giving up on the Lenovo keyboards was the best idea. A quick stop at a local store scored a fill-in mechanical keyboard, but in the back of [klapse]’s mind the need for a trackpoint remained. Maybe one could be frankensteined in to the keyboard that was just purchased?

Underside of the trackpoint, fitted to the keyboard PCB

The keyboard’s circuit board had traces everywhere, with nowhere to drill through between the correct keys, typically between the G, H and Y keys. But there was a hole used for mounting the PCB nearby. between the H, J, U and Y keys. The trackpoint needed to be extended to reach all the way through the key caps, so [klapse] searched the house looking for something that might do. Turns out that a knitting needle fits perfectly.

At this point a side-hack emerged. [Klapse] found a drill bit small enough to make the necessary hole in the trackpoint shaft to fit the needle. But the bit was too small for the drill chuck. In true hacking style, the bit was wrapped with duct tape and held in the drill. Sure, it wobbled a lot and it was really difficult to get it to drill in the center of the shaft, but it worked, eventually. The needle was cut off and glued into the hole, the key caps were modified a bit to allow the trackpoint through and the rubber tip put back on.

They say, “desire to cram old tech into new is the mother of invention.” Or something similar, anyway. Check out how a Teensy liberated a Lenovo laptop keyboard trackpoint and all. Also, check out this custom keyboard with integrated trackpoint, of course.

Peering Into A Running Brain: SDRAM Refresh Analyzed From Userspace

December 28, 2018 by Ted Yapo 7 Comments

Over on the Cloudflare blog, [Marek] found himself wondering about computer memory, as we all sometimes do. Specifically, he pondered if he could detect the refresh of his SDRAM from within a running program. We’re probably not ruining the surprise by telling you that the answer is yes — with a little more than 100 lines of C and help from our old friend the Fast Fourier Transform (FFT), [Marek] was able to detect SDRAM refresh cycles every 7818.6 ns, lining right up with the expected result.

The “D” in SDRAM stands for dynamic, meaning that unless periodically refreshed by reading and writing, data in the memory will decay. In this kind of memory, each bit is stored as a charge on a tiny capacitor. Given enough time (which varies with ambient temperature), this charge can leak away to neighboring silicon, turning all the 1s to 0s, and destroying the data. To combat this process, the memory controller periodically issues a refresh command which reads the data before it decays, then writes the data back to fully charge the capacitors again. Done often enough, this will preserve the memory contents indefinitely. SDRAM is relatively inexpensive and available in large capacity compared to the alternatives, but the drawback is that the CPU can’t access the portion of memory being refreshed, so execution gets delayed a little whenever a memory access and refresh cycle collide.

Chasing the Correct Hiccup

[Marek] figured that he could detect this “hiccup,” as he calls it, by running some memory accesses and recording the current time in a tight loop. Of course, the cache on modern CPUs would mean that for a small amount of data, the SDRAM would never be accessed, so he flushes the cache each time. The source code, which is available on GitHub, outputs the time taken by each iteration of the inner loop. In his case, the loop typically takes around 140 ns.

Hurray! The first frequency spike is indeed what we were looking for, and indeed does correlate with the refresh times.

The other spikes at 256kHz, 384kHz, 512kHz and so on, are multiplies of our base frequency of 128kHz called harmonics. These are a side effect of performing FFT on something like a square wave and totally expected.

As [Marek] notes, the raw data doesn’t reveal too much. After all, there are a lot of things that can cause little delays in a modern multitasking operating system, resulting in very noisy data. Even thresholding and resampling the data doesn’t bring refresh hiccups to the fore. To detect the SDRAM refresh cycles, he turned to the FFT, an efficient algorithm for computing the discrete Fourier transform, which excels at revealing periodicity. A few lines of python produced the desired result: a plot of the frequency spectrum of the lengthened loop iterations. Zooming in, he found the first frequency spike at 127.9 kHz, corresponding to the SDRAMs refresh period of 7.81 us, along with a number of other spikes representing harmonics of this fundamental frequency. To facilitate others’ experiments, [Marek] has created a command line version of the tool you can run on your own machine.

If this technique seems familiar, it may be because it’s similar the the Rowhammer attack we covered back in 2015, which can actually change data in SDRAM on vulnerable machines by rapidly accessing adjacent rows. As [Marek] points out, the fact that you can make these kinds of measurements from a userspace program can have profound security implications, as we saw with the meltdown and spectre attacks. We have to wonder what other vulnerabilities are lying inside our machines waiting to be discovered.

Thanks to [anfractuosity] for the tip!

Vintage Toys Live On Through 3D Printing

December 24, 2018 by Tom Nardi 5 Comments

We all have fond memories of a toy from our younger days. Most of which are still easy enough to get your hands on thanks to eBay or modern reproductions, but what if your childhood fancies weren’t quite as mainstream? What if some of your fondest memories involved playing with 1960’s educational games which are now so rare that they command hundreds of dollars on the second-hand market?

That’s the situation [Mike Gardi] found himself in recently. Seeing that the educational games which helped put him on a long and rewarding career in software development are now nearly unobtainable, he decided to try his hand at recreating them on his 3D printer. With his keen eye for detail and personal love of these incredible toys, he’s preserved them in digital form for future generations to enjoy.

His replica of “The Amazing Dr. Nim” needed to get scaled-down a bit in order to fit on your average desktop 3D printer bed, but otherwise is a faithful reproduction of the original injection molded plastic computer. The biggest difference is that his smaller version uses 10 mm (3/8 inch) steel ball bearings instead of marbles to actuate the three flip-flops and play the ancient game of Nim.

[Mike] has also created a replica of “Think-a-Dot”, another game which makes use of mechanical flip-flops to change the color of eight dots on the front panel. By dropping marbles in the three holes along the top of the game, the player is able to change the color of the dots to create various patterns. The aim of the game is to find the fewest number of marbles required to recreate specific patterns as detailed in the manual.

Speaking of which, [Mike] has included scans of the manuals for both games, and says he personally took them to a local shop to have them professionally printed and bound as they would have been when the games were originally sold. As such, the experience of owning one of these classic “computer” games has now been fully digitized and is ready to be called into corporeal form on demand.

This is really a fascinating way of preserving physical objects, and we’re interested to see if it catches on with other toys and games which otherwise might be lost to time. As storage capacities get higher and our ability to digitize the world around us improve, we suspect more and more of our physical world will get “backed up” onto the Internet.

Behold The WT-220: A ‘Clever’ VT-220 Terminal

December 20, 2018 by Donald Papp 27 Comments

[John Whittington] failed to win a bid for an old VT-220 serial terminal on eBay, so he decided to make his own version and improve it along the way. The result is the Whitterm-220 (or WT-220) which has at its core a Raspberry Pi and is therefore capable of more than just acting as a ‘dumb’ serial terminal.

Rear of the WT-220 with paint-filled laser engraving and all necessary connectors.

The enclosure is made from stacked panels of laser-cut plywood with an acrylic plate on the back for labels and connectors, where [John] worked paint into the label engravings before peeling off the acrylic’s protective film. By applying paint after laser-engraving but before peeling off the film, it acts as a fill and really makes the text pop.

Near the front, one layer of clear acrylic among the plywood layers acts as a light guide and serves as a power indicator, also doing double duty as TX/RX activity lights. When power is on, that layer glows, serving as an attractive indicator that doesn’t interfere with looking at the screen. When data is sent or received, a simple buffer circuit tied to the serial lines lights up LEDs to show TX or RX activity, with the ability to enable or disable this functionality by toggling a GPIO pin. A video overview is embedded below, where you can see the unit in action.

Continue reading “Behold The WT-220: A ‘Clever’ VT-220 Terminal” →

This 6502 Made From 74-Series Logic Can Run At 20 MHz

December 15, 2018 by Jenny List 26 Comments

If you always wished you could get closer to the hardware with the 6502 in your classic microcomputer you’re in luck, because [Drass] has created a beautiful implementation of a 6502 using TTL logic chips. What makes it special is that it sits on a very neat set of PCBs, and due to its use of 74AC series logic it can run at much higher speeds than the original. A 20 MHz 6502 would have been revolutionary in the mid-1970s.

Neat reworking of what looks to be a reversed bus.

Through a flying ribbon cable, it can plug directly into the 6502 socket on classic microcomputers, and the website shows it running a variety of software on a Commodore VIC20. There is also a custom SBC as part of the suite, so no need for a classic micro if you want to put the CPU through its paces. The boards are not quite perfect, the website has a picture of some very neat reworking where it appears that a bus has been applied to a chip in reverse, but it certainly has the feel of a professional design about it.

This is a very tidy 6502, but it’s not the first we’ve seen and neither is it the most dis-integrated. There is a fascinating world of 74 logic CPUs to be explored, so it’s difficult to pick only one other to show you.

Thanks [Jeff] for the tip.

RISC-V Will Stop Hackers Dead From Getting Into Your Computer

December 13, 2018 by Brian Benchoff 35 Comments

The greatest hardware hacks of all time were simply the result of finding software keys in memory. The AACS encryption debacle — the 09 F9 key that allowed us to decrypt HD DVDs — was the result of encryption keys just sitting in main memory, where it could be read by any other program. DeCSS, the hack that gave us all access to DVDs was again the result of encryption keys sitting out in the open.

Because encryption doesn’t work if your keys are just sitting out in the open, system designers have come up with ingenious solutions to prevent evil hackers form accessing these keys. One of the best solutions is the hardware enclave, a tiny bit of silicon that protects keys and other bits of information. Apple has an entire line of chips, Intel has hardware extensions, and all of these are black box solutions. They do work, but we have no idea if there are any vulnerabilities. If you can’t study it, it’s just an article of faith that these hardware enclaves will keep working.

Now, there might be another option. RISC-V researchers are busy creating an Open Source hardware enclave. This is an Open Source project to build secure hardware enclaves to store cryptographic keys and other secret information, and they’re doing it in a way that can be accessed and studied. Trust but verify, yes, and that’s why this is the most innovative hardware development in the last decade.

Continue reading “RISC-V Will Stop Hackers Dead From Getting Into Your Computer” →