You may have been one of the many of us who received an email from Ubiquiti this week, recommending a password change. The email stated that there was an unauthorized access of Ubiquiti systems, and while there wasn’t evidence of user data being accessed, there was also not enough evidence to say emphatically that user data was not accessed. Ubiquiti has mentioned that the database that may have been accessed contains a user’s name, email address, hashed password, and optionally the mailing address and phone number.
Depending on how the Ubiquiti authentication system is designed, that hashed password may be enough to log in to someone’s account. In any case, updating your password would invalidate the potentially compromised hash. This event underscores a complaint voiced by Ubiquiti users: Ubiquiti has been making it difficult to administrate hardware without a cloud-enabled account. Continue reading “This Week In Security: Ubiquiti, Nissan, Zyxel, And Dovecot”→
The history of storage devices is quite literally a race between the medium and the computing power as the bottleneck of preserving billions of ones and zeros stands in the way of computing nirvana. The most recent player is the Non-Volatile Memory Express (NVMe), something of a hybrid of what has come before.
The first generations of home computers used floppy disk and compact cassette-based storage, but gradually, larger and faster storage became important as personal computers grew in capabilities. By the 1990s hard drive-based storage had become commonplace, allowing many megabytes and ultimately gigabytes of data to be stored. This would drive up the need for a faster link between storage and the rest of the system, which up to that point had largely used the ATA interface in Programmed Input-Output (PIO) mode.
This led to the use of DMA-based transfers (UDMA interface, also called Ultra ATA and Parallel ATA), along with DMA-based SCSI interfaces over on the Apple and mostly server side of the computer fence. Ultimately Parallel ATA became Serial ATA (SATA) and Parallel SCSI became Serial Attached SCSI (SAS), with SATA being used primarily in laptops and desktop systems until the arrival of NVMe along with solid-state storage.
All of these interfaces were designed to keep up with the attached storage devices, yet NVMe is a bit of an odd duck considering the way it is integrated in the system. NVMe is also different for not being bound to a single interface or connector, which can be confusing. Who can keep M.2 and U.2 apart, let alone which protocol the interface speaks, be it SATA or NVMe?
Let’s take an in-depth look at the wonderful and wacky world of NVMe, shall we?
While searching for a connector recently, I revisited an old project of mine called the Serial Squid. This was to have been my first open-source hardware design. After completing the entire design, PCB, BOM, and preparing for a crowd-funded campaign, I eventually gave up for reasons discussed below, I’ve always thought of this as a failure, but on further reflection I see it in a new light. There were some good lessons learned along the path to abandonment.
A Saturday afternoon. The work week was done, the household chores were wrapped up, and with almost a week left until Christmas, there was just enough wiggle room to deny that there was still a ton of work left to prepare for that event. It seemed like the perfect time to escape into the shop and knock out a quick project, one that has been on the back burner since at least March. I’m nothing if not skilled in the ways of procrastination.
This was to be a simple project — adding an aluminum plate to a plastic enclosure that would serve as an antenna entry point into my shack. Easy as pie — cut out an rectangle of aluminum, cut and drill a few holes, call it a day. Almost all of my projects start out that way, and almost every time I forget that pretty much every one of those builds goes off the rails at exactly the same point: when I realize that I don’t have the fasteners needed. That’s what happened with this build, which had been going swimmingly up to that point — no major screw-ups, no blood drawn. And so it was off to the hardware store I trundled, looking for the right fasteners to finish the job.
Finding hardware has long been where my productivity goes to die. Even though I live a stone’s throw from at least half a dozen stores, each with a vast selection of hardware and most open weekends and nights, the loss of momentum that results from changing from build-mode to procure-mode has historically been deadly to my projects. I’m sure I’m not the only one who has run into this issue, so the question is: what can a hacker do to prevent having to run out for just the right fasteners?
Once upon a time, bailing out of a plane involved popping open the roof or door, and hopping out with your parachute, hoping that you’d maintained enough altitude to slow down before you hit the ground. As flying speeds increased and aircraft designs changed, such escape became largely impossible.
Ejector seats were the solution to this problem, with the first models entering service in the late 1940s. Around this time, the United Kingdom began development of a new fleet of bombers, intended to deliver its nuclear deterrent threat over the coming decades. The Vickers Valiant, the Handley Page Victor, and the Avro Vulcan were all selected to make up the force, entering service in 1955 through 1957 respectively. Each bomber featured ejector seats for the pilot and co-pilot, who sat at the front of the aircraft. The remaining three crew members who sat further back in the fuselage were provided with an escape hatch in the rear section of the aircraft with which to bail out in the event of an emergency.
One of the nicest amenities of interpreted programming languages is that you can test out the code that you’re developing in a shell, one line at a time, and see the results instantly. No matter how quickly your write-compile-flash cycle has gotten on the microcontroller of your choice, it’s still less fun than writing blink_led() and having it do so right then and there. Why don’t we have that experience yet?
If you’ve used any modern scripting language on your big computer, it comes with a shell, a read-eval-print loop (REPL) in which you can interactively try out your code just about as fast as you can type it. It’s great for interactive or exploratory programming, and it’s great for newbies who can test and learn things step by step. A good REPL lets you test out your ideas line by line, essentially running a little test of your code every time you hit enter.
This is your development environment
The obvious tradeoff for ease of development is speed. Compiled languages are almost always faster, and this is especially relevant in the constrained world of microcontrollers. Or maybe it used to be. I learned to program in an interpreted language — BASIC — on computers that were not much more powerful than a $5 microcontroller these days, and there’s a BASIC for most every micro out there. I write in Forth, which is faster and less resource intensive than BASIC, and has a very comprehensive REPL, but is admittedly an acquired taste. MicroPython has been ported over to a number of micros, and is probably a lot more familiar.
But still, developing MicroPython for your microcontroller isn’t developing on your microcontroller, and if you follow any of the guides out there, you’ll end up editing a file on your computer, uploading it to the microcontroller, and running it from within the REPL. This creates a flow that’s just about as awkward as the write-compile-flash cycle of C.
What’s missing? A good editor (or IDE?) running on the microcontroller that would let you do both your exploratory coding and record its history into a more permanent form. Imagine, for instance, a web-based MicroPython IDE served off of an ESP32, which provided both a shell for experiments and a way to copy the line you just typed into the shell into the file you’re working on. We’re very close to this being a viable idea, and it would reduce the introductory hurdles for newbies to almost nothing, while letting experienced programmers play.
Or has someone done this already? Why isn’t an interpreted introduction to microcontrollers the standard?
This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter.
Want this type of article to hit your inbox every Friday morning? You should sign up!
One of the most basic and also most versatile communication interfaces on an MCU is the UART, or Universal Asynchronous Receiver/Transmitter. Usually found in the form of either a UART or USART, the former allows for pure asynchronous serial communication, whereas the latter adds flow control. When working with MCUs, they’re also one of the most common ways to output debug information.
While somewhat trickier to set up and use than a GPIO peripheral, the U(S)ART of ST’s STM32 families is fairly uncomplicated to use, and immediately provides one with an easy way to communicate in a bi-directional fashion with a device. In this article we’ll see what it takes to get started with basic UART communication on STM32 microcontrollers.
