Hackaday Columns

4560 Articles

This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.

This Week In Security: The Time Kernel.org Was Backdoored And Other Stories

May 17, 2024 by 1 Comment

Researchers at Eset have published a huge report on the Ebury malware/botnet (pdf), and one of the high profile targets of this campaign was part of the kernel.org infrastructure. So on one hand, this isn’t new news, as the initial infection happened back in 2011, and was reported then. On the other hand, according to the new Eset report, four kernel.org servers were infected, with two of them possibly compromised for as long as two years. That compromise apparently included credential stealing or password cracking.

The Ebury attackers seem to gain initial access through credential stuffing — a huge list of previously captured credentials are tried one at a time. However, once the malware has a foothold in the network, a combination of automated and manual steps are taken to move laterally. The most obvious is to grab any private SSH keys from that system, and try using them to access other machines on the local network. Ebury also replaces a system library that gets called as a part of sshd, libkeyutils.so. This puts it in a position to quietly capture credentials.

For a targeted attack against a more important target, the people behind Ebury seem to go hands-on-keyboard, using techniques like Man-in-the-Middle attacks against SSH logins on the local network using ARP spoofing. In this case, someone was doing something nasty.

And that doesn’t even start to cover the actual payload. That’s nasty too, hooking into Apache to sniff for usernames and passwords in HTTP/S traffic, redirecting links to malicious sites, and more. And of course, the boring things you might expect, like sending spam, mining for Bitcoin, etc. Ebury isn’t exactly easy to notice, either, since it includes a rootkit module that hooks into system functions to hide itself. Thankfully there are a couple of ways to get a clean shell to look for the malware, like using systemd-run or launching a local shell on the system console.

And the multi-million dollar question: Who was behind this? Sadly we don’t know. A single arrest was made in 2014, and recovered files implicated another Russian citizen, but the latest work indicates this was yet another stolen identity. The rest of the actors behind Ebury have gone to great lengths to remain behind the curtain.

Continue reading “This Week In Security: The Time Kernel.org Was Backdoored And Other Stories”

DisplayPort: Hacking And Examples

May 16, 2024 by 16 Comments

So far, I’ve talked about why DisplayPort is the future, introduced the basics of how to work with it on the hacker level, took apart and tamed the DisplayPort altmode, and recently, went through the eDP (embedded DisplayPort) display technology. This time, I want to give you a project library to reference, so that your hacking goes as smoothly as possible – real-world examples of open-source DisplayPort boards, a few boards I’ve worked on, part numbers, and whatever other information you might need.

Even this wonderful build is not immune from wasting power on unnecessary video conversion

Over the past few years, I’ve noticed that a non-zero amount of cyberdeck builders buy eDP screens with HDMI converter boards on Aliexpress, then connect them to SBCs using USB-C to HDMI adapters, or ignore the onboard eDP port; even this super cool Framework-based cyberdeck has done that! I get that it’s the simplest option, but I do believe that you ought to know how to improve it. The issue is that this double-conversion decreases the battery life significantly by burning two extra ASICs doing video conversion back and forth. Every hour of battery life matters in a cyberdeck, doubly so if it’s based on a low-power device already – you could easily cut your battery life in half if you’re not careful!

With these projects and references in your arsenal, my aim is that DisplayPort becomes way more comfortable for you to work with. Thankfully, there are quite a few projects to reference by now – let’s delve in.

Right out of the gate – are you looking for an SBC with DisplayPort support? The BoardDB website, a database of single-board computers, has a DisplayPort filter – click this link with the filter already enabled and browse through.

Continue reading “DisplayPort: Hacking And Examples”

FLOSS Weekly Episode 783: Teaching Embedded With The Unphone

May 15, 2024 by No comments

This week Jonathan Bennett and Rob Campbell talk with Gareth Coleman and Hamish Cunningham! It’s all about the Unphone, an open source handset sporting an ESP32, color touchscreen, and LoRa radio. It’s open hardware, and used in a 3rd year university course to teach comp sci majors about hardware and embedded development.

Continue reading “FLOSS Weekly Episode 783: Teaching Embedded With The Unphone”

Hackaday Supercon 2024 Call For Participation: We Want You!

May 15, 2024 by 9 Comments

We’re tremendously excited to be able to announce that the Hackaday Supercon is on for 2024, and will be taking place November 1st through the 3rd in sunny Pasadena, California. As always, Supercon is all about you, the Hackaday community. So put on your thinking caps because we’d like to hear your proposals for talks and workshops! The Call for Speakers and Call for Workshops forms are online now, and you’ve got until July 9th to get yourself signed up.

Supercon is a fantastic event to geek out with your fellow hackers, and to share the inevitable ups and downs that accompany any serious project. Like last year, we’ll be featuring both longer and shorter talks, and hope to get a great mix of both first-time presenters and Hackaday luminaries.

Honestly, just the crowd that Supercon brings together is reason enough to attend, but then you throw in the talks, the badge-hacking, the food, and the miscellaneous shenanigans … it’s an event you really don’t want to miss. And as always, presenters get in for free, get their moment in the sun, and get warm vibes from the Hackaday audience. Get yourself signed up now!

PCB Design Review: HDMI To LVDS Sony Vaio LCD Devboard

May 14, 2024 by 23 Comments

Today, we revisit another board from [Exentio] – a HDMI/DVI to LVDS transmitter for the Sony Vaio P display. This board is cool to review – it has a high-speed serial interface, a parallel interface, a healthy amount of power distribution that can be tricky to route, and many connectors to look over.

I’ve decided to show this review to you all because it demonstrates a PCB improvement concept we haven’t yet touched upon, that you should absolutely know about when doing board layout. Plus, I get a chance to talk about connector choice considerations!

The board is lovely. It integrates the DPI-LVDS circuit we’ve previously reviewed, but also a HDMI to parallel RGB chip from Texas Instruments, TFP401, a chip appreciated enough that even Adafruit has adapters with it. The fun thing about this chip is that it doesn’t even handle EDID like the usual HDMI to RGB/LVDS chips you get on cheap Aliexpress boards. So, there’s no firmware to take care of – it just receives a HDMI/DVI signal, converts it into parallel RGB, then converts that to LVDS, and off to the display it goes. The downside is that you have to provide your own EDID with an EEPROM, but that isn’t that tricky.

Again, this is a two-layer board, and, again, I like this – fitting tracks to the smallest possible space is a respectable and enjoyable challenge. This board has absolutely done well by this challenge. I do see how this board could be routed in an even better way, however, and it could be way way cleaner as a result. For a start, rotating the chip would improve the odds a whole lot.

The Chip Gets Rotated

Continue reading “PCB Design Review: HDMI To LVDS Sony Vaio LCD Devboard”

Supercon 2023: Building The Ultimate Apple IIe, Decades Later

May 14, 2024 by 3 Comments

The Apple II was launched in 1977, a full 47 years ago. The Apple IIe came out six years later, with a higher level of integration and a raft of new useful features. Apple eventually ended production of the whole Apple II line in 1993, but that wasn’t the end. People like [James Lewis] are still riffing on the platform to this day. Even better, he came to Supercon 2023 to tell us all about his efforts!

[James]’s talk covers the construction of the Mega IIe, a portable machine of his own design. As the name suggests, the project was based on the Mega II chip, an ASIC for which he had little documentation. He wasn’t about to let a little detail like that stop him, though.

The journey of building the Mega IIe wasn’t supposed to be long or arduous; the initial plan was to “just wire this chip up” as [James] puts it. Things are rarely so simple, but he persevered nonetheless—and learned all about the Apple II architecture along the way.

Continue reading “Supercon 2023: Building The Ultimate Apple IIe, Decades Later”

The Art Of Hackaday Hack Chat

May 13, 2024 by 15 Comments

Join us on Wednesday, May 15 at noon Pacific for the The Art of Hackaday Hack Chat with Joe Kim!

Here at Hackaday, we writers strive to bring you the freshest hacks and the best news from the world of engineering and science. When we miss the mark and make technical errors or stake out a controversial position on something, our readers will certainly let us know in the comments section. It’s a love-hate thing.

While we don’t always see eye to eye, there’s one thing that everyone seems to agree on: Hackaday’s art is amazing! Our unique look comes down to one man: art director Joe Kim. Joe’s creations have graced Hackaday’s pages for years, and his ability to come up with just the right art to illustrate subject matter that’s often complicated and abstract never ceases to amaze.

join-hack-chatA lot of you have asked about Hackaday’s art over the years, so we asked Joe to come on the Hack Chat to talk about the process of creating these mini masterpieces. If you’ve ever wondered about the art of Hackaday, or just wanted to say thanks for the visual feast, here’s your chance.

Our Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, May 15 at 12:00 PM Pacific time. If time zones have you tied up, we have a handy time zone converter.