Retrotechtacular: The IBM 7070

March 29, 2024 by Al Williams 10 Comments

If you think of IBM mainframe computers, you most likely are thinking of the iconic S/360 or the slightly newer S/370. But what about the 7070 from 1958? It had transistors! It didn’t, however, use binary. Instead, it was a decimal-architecture machine. You can see a lost video of the machine below.

It was originally slated to upgrade the older IBM 650 and 705 computers. However, it wasn’t compatible with either, so IBM had to roll out the IBM7080, which was compatible, at least, with the 705. Both machines could run 650 code via emulation.

Continue reading “Retrotechtacular: The IBM 7070” →

Hackaday Podcast Episode 264: Cheap Minimills, 65-in-1 Electronics, And Time On Moon

March 29, 2024 by Dan Maloney 5 Comments

It was Dan’s turn behind the mic with Elliot this time as we uncovered the latest from the world of hacking, and what an eclectic mix it was. It was slightly heavy on machining, with a look at mini-mills that are better than nothing, and a DIY DRO that’s A-OK. We also kicked the nostalgia bucket over — whatever that means — and got a new twist on the old “65-in-1” concept, found hidden code in 80s music, and looked at color TV in the US and how it got that way. We’ve got ample alliteration about grep, thoughts about telling time on the Moon, and what does Canada have against the poor Flipper Zero, anyway?

Grab a copy for yourself if you want to listen offline.

Continue reading “Hackaday Podcast Episode 264: Cheap Minimills, 65-in-1 Electronics, And Time On Moon” →

This Week In Security: Peering Through The Wall, Apple’s GoFetch, And SHA-256

March 29, 2024 by Jonathan Bennett 1 Comment

The Linux command wall is a hold-over from the way Unix machines used to be used. It’s an abbreviation of Write to ALL, and it was first included in AT&T Unix, way back in 1975. wall is a tool that a sysadmin can use to send a message to the terminal session of all logged-in users. So far nothing too exciting from a security perspective. Where things get a bit more interesting is the consideration of ANSI escape codes. Those are the control codes that moves the cursor around on the screen, also inherited from the olden days of terminals.

The modern wall binary is actually part of util-linux, rather than being a continuation of the old Unix codebase. On many systems, wall runs as a setgid, so the behavior of the system binary really matters. It’s accepted that wall shouldn’t be able to send control codes, and when processing a message specified via standard input, those control codes get rejected by the fputs_careful() function. But when a message is passed in on the command line, as an argument, that function call is skipped.

This allows any user that can send wall messages to also send ANSI control codes. Is that really a security problem? There are two scenarios where it could be. The first is that some terminals support writing to the system clipboard via command codes. The other, more creative issue, is that the output from running a binary could be overwritten with arbitrary text. Text like:
Sorry, try again. [sudo] password for jbennett:

You may have questions. Like, how would an attacker know when such a command would be appropriate? And how would this attacker capture a password that has been entered this way? The simple answer is by watching the list of running processes and system log. Many systems have a command-not-found function, which will print the failing command to the system log. If that failing command is actually a password, then it’s right there for the taking. Now, you may think this is a very narrow attack surface that’s not going to be terribly useful in real-world usage. And that’s probably pretty accurate. It is a really fascinating idea to think through, and definitively worth getting fixed. Continue reading “This Week In Security: Peering Through The Wall, Apple’s GoFetch, And SHA-256” →

Fictional Computers: Colossus And Guardian

March 28, 2024 by Al Williams 27 Comments

We can learn a lot by looking at how writers and filmmakers imagine technology. While some are closer than others, there are some definite lessons like never make a killer computer without an off switch you can reach. We are especially interested in how computers appear in books, movies, and TV shows, and so in Computers of Fiction, we want to remember with you some of our favorites. This time, we are thinking about the 1970 movie Colossus: The Forbin Project. There were actually two computers: the titular Colossus, which was an American computer, and the Guardian, a similar Soviet computer.

The Story

In the United States, Dr. Forbin has created a supercomputer deep under a mountain. Colossus, the computer, is put in charge of the nuclear arsenal to eliminate human error in the defense of the country. Colossus gathered intelligence, analyzed it, and was able to launch its own missiles.

Colossus realizes there is another system.

Shortly after activation, however, the computer reaches a startling conclusion: “WARN: THERE IS ANOTHER SYSTEM.” It provides coordinates in the Soviet Union. That system is a similar system called Guardian. The computers decide they want to talk to each other. The President decides to allow it, hoping to learn more about the Soviet’s secret computer. The Soviets agree, too, presumably for the same reason. You can watch the original trailer below.

Continue reading “Fictional Computers: Colossus And Guardian” →

Retrotechtacular: TOPS Runs The 1970s British Railroad

March 27, 2024 by Al Williams 29 Comments

How do you make the trains run on time? British Rail adopted TOPS, a computer system born of IBM’s SAGE defense project, along with work from Standford and Southern Pacific Railroad. Before TOPS, running the railroad took paper. Lots of paper, ranging from a train’s history, assignments, and all the other bits of data required to keep the trains moving. TOPS kept this data in real-time on computer screens all across the system. While British Rail wasn’t the only company to deploy TOPS, they were certainly proud of it and produced the video you can see below about how the system worked.

There are a lot of pictures of old big iron and the narrator says it has an “immense storage capacity.” The actual computers in question were a pair of IBM System/370 mainframes that each had 4 MB of RAM. There were also banks of 3330 disk drives that used removable disk packs of — gasp — between 100 and 200 MB per pack.

As primitive and large as those disk drives were, they pioneered many familiar-sounding technologies. For example, they used voice coils, servo tracking, MFM encoding, and error-correcting encoding.

Continue reading “Retrotechtacular: TOPS Runs The 1970s British Railroad” →

The Roller Ship Was Not An Effective Way To Cross The High Seas

March 27, 2024 by Lewin Day 25 Comments

Boats come in all shapes and sizes. We have container ships, oil tankers, old-timey wooden sailing ships, catamarans, trimarans, and all sorts besides. Most are designed with features that give them a certain advantage or utility that justifies their construction for a given application.

The roller ship, on the other hand, has not justified its own repeat construction. Just one example was ever built, which proved unseaworthy and impractical. Let’s explore this nautical oddity and learn about why it didn’t make waves as its inventor may have hoped.

Continue reading “The Roller Ship Was Not An Effective Way To Cross The High Seas” →

2024 Hackaday Europe: Workshops Announced, Get Your Tickets

March 26, 2024 by Elliot Williams 6 Comments

There are only a few weeks left until Hackaday Europe takes place in Berlin on April 13th and 14th. With only one full day of programming, we simply can’t run as many workshops as we do at Supercon, but what we do have should tickle your fancy. As if that weren’t enough, there will be at least a few other impromptu workshops and activities to distract you from the talks.

If you’re thinking of attending, get your tickets now for both the event and the workshops of your choice. There are only a few left, and workshops sell out like hotcakes.

Continue reading “2024 Hackaday Europe: Workshops Announced, Get Your Tickets” →