DisplayPort: Under The Hood

July 17, 2023 by Arya Voronova 14 Comments

Last time, we looked at all the things that make DisplayPort unique for its users. What about the things that make it unique for hackers? Let’s get into all the ways that DisplayPort can serve you on your modern tech wrangling adventures.

You Are Watching The AUX Channel

With DisplayPort, the I2C bus we’ve always seen come bundled with VGA, DVI and HDMI, is no more – it’s been replaced by the AUX bus. AUX is a 1 MHz bidirectional diffpair – just a bit too complex for a cheap logic analyzer, though, possibly, something you could wrangle with the RP2040’s PIOs. Hacking thoughts aside, it’s a transparent replacement for I2C, so that software doesn’t have to be rewritten – for instance, it usually does I2C device passthrough over AUX, so that EDID data can still be stored in a separate EEPROM chip on the monitor or eDP LCD panel.

AUX isn’t just a differential bus, it’s more pseudodifferential, like USB2 – for instance, AUX_P and AUX_N are used separately, with a combination of 1 MΩ and 100 kΩ pullups and pulldowns signaling different states of the physical connection – for instance, a pullup on AUX+ and a pulldown on AUX- means that an external device has been connected. If you’d like to learn which combination of resistors means what, you can find in the DisplayPort specification, which isn’t distributed openly but isn’t hard to come by, either.

Also, DisplayPort link training happens over AUX, and in order to facilitate that, a piece of DisplayPort controller’s external memory is usually exposed over the AUX channel, through a mechanism that’s called DPCD. If you dig a bit, using “DPCD” as the keyword, you can easily reach into the lower-level details of your DisplayPort connection. Some of the DPCD memory map is static, and some parts are FIFOs you can funnel data into, or out of. You can find a wide variety of documents online which describe the DPCD structure – for now, here’s a piece of Bash that works on Linux graphics drivers for AMD and Intel, and will show you you the first 16 bytes of DPCD:

# sudo dd if=/dev/drm_dp_aux0 bs=1 skip=256 count=16 |xxd 00000000: 0084 0000 0000 0000 0108 0000 0000 0000 ................ [...]

In particular, the 4th nibble (digit) here describes the amount of lanes for the DisplayPort link established – as you can see, my laptop uses a four-lane link. Also, the /dev/drm_dp_aux0 path might need to be adjusted for your device. In case you ever want to debug your DP link, having direct access to the DPCD memory space like this might help you quite a bit! For now, let’s move onto other practical aspects. Continue reading “DisplayPort: Under The Hood” →

Hackaday Links: July 16, 2023

July 16, 2023 by Dan Maloney 26 Comments

Last week, we noted an attempt to fix a hardware problem with software, which backfired pretty dramatically for Ford when they tried to counter the tendency for driveshafts to fall out of certain of their cars by automatically applying the electric parking brake.

This week, the story is a little different, but still illustrates how software and hardware can interact unpredictably, especially in the automotive space. The story centers on a 2015 Optima recall for a software update for the knock sensor detection system. We can’t find the specifics, but if this recall on a similar Kia model in the same model year range and a class-action lawsuit are any indication, the update looks like it would have made the KSDS more sensitive to worn connecting rod damage, and forced the car into “limp home mode” to limit damage to the engine if knocking is detected.

A clever solution to a mechanical problem? Perhaps, but because the Kia owner in the story claims not to have received the snail-mail recall notice, she got no warning when her bearings started wearing out. Result: a $6,000 bill for a new engine, which she was forced to cover out of pocket. Granted, this software fix isn’t quite as egregious as Ford’s workaround for weak driveshaft mounting bolts, and there may very well have been a lack of maintenance by the car’s owner. But if you’re a Kia mechanical engineer, wouldn’t your first instinct have been to fix the problem causing the rod bearings to wear out, rather than papering over the problem with software?

Continue reading “Hackaday Links: July 16, 2023” →

Sweet Hacks

July 15, 2023 by Elliot Williams 6 Comments

While talking about a solar powered portable Bluetooth speaker project on the podcast, I realized that I have a new category of favorite hacks: daily-use hacks.

If you read Hackaday long enough, you’ll start to categorize everything. There are the purely technical hacks, beautiful hacks, minimalist hacks, maximalist hacks, and then the straight-up oddball hacks. Sometimes what strikes us is the beauty of the execution. Sometimes it’s clever choice of parts that were designed to do exactly the right thing, and simply watching them do their job well is satisfying, and other times we like to see parts fooled into doing something they have no right to.

While I really like the above speaker build because it’s beautiful, and because it uses a clever choice of audio amplifier to work with the supercapacitors’ wild voltage swings, what really struck me about the project is that [Jamie Matthews] has been using it every day for the last nine months. It’s on his desk and he uses it to listen to music.

That’s a simple feat in a way, but it’s a powerful one. Some of my absolutely favorite projects of my own are similar – they are ones that I use all the time. Not the cliche “life hack”, which are usually like a clever way to peel a grapefruit, but rather hacks that become part of daily life. So look around you, and if you’re anything like me, you’ll find a number of these “daily driver” hacks. And if you do, celebrate them.

(And maybe even send ’em in to the tips line to share!)

Ask Hackaday: Learn Assembly First, Last, Or Never?

July 14, 2023 by Al Williams 154 Comments

A few days ago, I ran into an online post where someone pointed out the book “Learn to Program with Assembly” and asked if anyone had ever learned assembly language as a first programming language. I had to smile because, if you are a certain age, your first language may well have been assembly, even if it was assembly for machines that never existed.

Of course, that was a long time ago. It is more likely, these days, if you are over 40, you might have learned BASIC first. Go younger, and you start skewing towards Java, Javascript, or even C. It got me thinking, though: should people learn assembly, and if so, when?

Continue reading “Ask Hackaday: Learn Assembly First, Last, Or Never?” →

Hackaday Podcast 227: Open Source Software, Decoupling Caps, DIY VR

July 14, 2023 by Tom Nardi 1 Comment

Elliot Williams and Tom Nardi start this week’s episode by addressing the ongoing Red Hat drama and the trend towards “renting” software. The discussion then shifts to homebrew VR gear, a particularly impressive solar-powered speaker, and some promising developments in the world of low-cost thermal cameras. Stay tuned to hear about color-changing breadboards, an unofficial logo for repairable hardware, and five lines of Bash that aim to unseat the entrenched power of Slack. Finally, we’ll take the first steps in an epic deep-dive into the world of DisplayPort, and take a journey of the imagination aboard an experimental nuclear ocean liner.

Check out the complete show notes below, and as always, let us know what you think in the comments.

Or download the episode directly in glorious DRM-free MP3.

Continue reading “Hackaday Podcast 227: Open Source Software, Decoupling Caps, DIY VR” →

This Week In Security: Apple’s 0-day, Microsoft’s Mess, And More

July 14, 2023 by Jonathan Bennett 4 Comments

First up, Apple issued an emergency patch, then yanked, and re-issued it. The problem was a Remote Code Execution (RCE) vulnerability in WebKit — the basis of Apple’s cross-platform web browser. The downside of a shared code base,is that bugs too are write-once, exploit-anywhere. And with Apple’s walled garden insisting that every browser on iOS actually run WebKit under the hood, there’s not much relief without a patch like this one.

The vulnerability in question, CVE-2023-37450, is a bit light on further details except to say that it’s known to be exploited in the wild. The first fix also bumped the browser’s user-agent string, adding an (a) to denote the minor update. This was apparently enough to break some brittle user-agent detection code on popular websites, resulting in an unhelpful “This web browser is no longer supported” message. The second patch gets rid of the notification.

Microsoft Loses It

Microsoft has announced that on May 15th, an attack from Storm-0558 managed to breach the email accounts of roughly 25 customers. This was pulled off via “an acquired Microsoft account (MSA) consumer signing key.” The big outstanding question is how Microsoft lost control of that particular key. According to an anonymous source speaking to The Washington Post, some of the targeted accounts were government employees, including a member of cabinet. Apparently the FBI is asking Microsoft this very same question.

Speaking of Microsoft, there’s also CVE-2023-36884, a vulnerability in Microsoft Office. This one appears to be related to the handling of HTML content embedded in Office documents, and results in code execution upon opening the document. This along with another vulnerability (CVE-2023-36874) was being used by storm- another unknown threat actor, Storm-0978 in an ongoing attack.

There’s an interesting note that this vulnerability can be mitigated by an Attack Surface Reduction (ASR) rule, that blocks Office from launching child processes. This might be a worthwhile mitigation step for this and future vulnerabilities in office. Continue reading “This Week In Security: Apple’s 0-day, Microsoft’s Mess, And More” →

Keeping Thermal Plants Cool Without Breaking The Cooling Water Budget

July 13, 2023 by Maya Posch 19 Comments

Steam generators in thermal (steam-cycle) power plants require a constant influx of cool water to maximize the transfer of thermal energy. How this water is cooled again in the condensor after much of the steam’s thermal energy has been spent in the steam turbines or heat exchangers is a very important consideration in the design and construction of these plants. The most obvious and straightforward system is direct “once-through” cooling, where the water is drawn straight from a nearby river or other body of water and released after passing through the condenser. This type of system is by far the cheapest, but is also impacted by both the seasons and environmental considerations.

Where cool surface water is less abundantly available, evaporative cooling in a recirculating system such as with spray ponds and cooling towers is a good alternative. Although slightly more costly, a big benefit of these is that they require far less water and have much more control over the intake water temperature, which can raise plant efficiency. Finally, dry cooling is essentially a closed-loop system, which is exceedingly useful in areas where water is scarce. This latter type of cooling is what allows thermal plants to operate even in desert regions.

As the global climate changes – with more extreme weather events – picking the right cooling solution is more important than ever, and has us looking at retrofitting existing thermal plants with more efficient solutions. If you were ever curious how power plants keep the cool side cool, read on!

Continue reading “Keeping Thermal Plants Cool Without Breaking The Cooling Water Budget” →