For most of us who didn’t do well in high school English class, spell checkers are a real game-changer. Sure, you can still swap a “to” and a “too,” but a spell checker will catch a lot of typos. But what about in your source code? You usually don’t spell check source code and even if you did, the rules are funny. After all, “my_proejct” is a perfectly fine variable name, but you probably meant “my_project.” That’s where a program called typos comes in. It aims to be a spell checker for source code that is fast enough and with a low enough false positive rate that you can run it against changed code and reject spelling problems.
Sure, if “my_proejct” is a one-time typo, the compiler or interpreter will probably catch it. But it won’t catch comments and it also won’t catch something you spell wrong consistently. For that you need something like typos.
There was a time when booting Linux from a floppy disk was the norm, but of course, those days are long gone. Even if you still had a working 3.5 inch drive, surely the size of the modern kernel alone would far exceed the 1.44 MB capacity of the disks, to say nothing of all the support software required to create a usable operating system. Well that’s what we thought, anyway.
But then [Krzysztof Krystian Jankowski] dropped Floppinux, a live Linux OS that boots from just a single floppy. There’s even a few hundred KB left over on the disk, allowing the user to tuck a few of their own programs and scripts onboard before booting it up. But most impressively, the project doesn’t rely on ancient software releases like so many other embedded systems do. Every component of Floppinux is pulled directly from the cutting edge, including version 5.13.0-rc2 of the Linux kernel which is literally just a few days old.
Floppinux running on the Asus Eee PC
Of course some concessions had to made in order cram the latest Linux kernel and build of BusyBox into slightly north of 1 MB, so Floppinux certainly isn’t what anyone would call a daily driver. The kernel is stripped down the absolute minimum, and is targeted for the decidedly poky i486. [Krzysztof] had to be very selective about which programs actually made the cut as well, so once the system is booted, there’s not a whole lot you can do with it outside of writing some shell scripts. But then, that was sort of the goal to begin with.
If you’re wondering how [Krzysztof] pulled it off, you don’t have to. He walks you though the entire process, down to the commands he used to do everything from pull down and compile the source code to creating the final disk image. Even if you don’t own a floppy drive, it’s well worth following his guide and booting the image up in QEMU just to say you’ve officially built a Linux system from scratch. It’s good for more than just bragging rights; learning how all the components of a minimal install like this fits together will no doubt come in handy the next time you find yourself poking around inside an embedded Linux device.
Writing a command line program that needs a little more pizzaz? Ncurses just not colorful or high res enough? Or maybe you want to bring the demo scene to the command line. Notcurses has your back. The demo is great, and looks like it can push out enough detail to pull off silliness like pushing an SNES game’s output straight to the console. What might be the most impressive element of the library is that while it can blit high res graphics through a terminal emulator with graphical support, it will also work on the basic Linux console, with no graphical system installed, by using some very old tricks. I know what you’re wondering: That’s all well and good, but can it run Doom? Yep. Come back after the break for a demo. Continue reading “Terminal Magic With Notcurses”→
Although bash scripts are regularly maligned, they do have a certain simplicity and ease of creation that makes them hard to resist. But sometimes you really need to do some heavy lifting in another language. I’ll talk about Python, but actually, you can use many different languages with this technique, although you might need a little adaptation, depending on your language of choice.
Of course, you don’t have to do anything special to call another program from a bash script. After all, that’s what it’s mainly used for: calling other programs. However, it isn’t very handy to have your script spread out over multiple files. They can get out of sync and if you want to send it to someone or another machine, you have to remember what to get. It is nicer to have everything in one file.
These days, embedded systems often have networks and that can make them significantly more complex. Networks are usually pretty nondeterministic and there are a variety of oddball conditions. For example, when your public-access pick and place machine gets written up on Hackaday and you suddenly get a 50X surge in traffic, how does your network stack handle it? While there’s no silver bullet for network testing, there are some tricks that can make it easier and one of those is the tcpreplay utilities that allow you to record complex network traffic and then play it back in a variety of ways. This has many benefits, especially if you manage to capture that one thing that triggers bad behavior sporadically. Being able to play it back on demand can speed up diagnostics considerably.
General Idea
You probably know that tcpdump allows you to grab packet captures from a network interface and save them to a file. If you prefer a GUI, you probably use Wireshark, which uses the same underlying library (libpcap) to grab the data. In fact, you can capture data using tcpdump and look at it with Wireshark, although there are other tools like tcptrace or Ngrep that can work with the output, also.
While the output of the command can be a little cryptic without tool support, a program called tcpreplay can take that data and feed it back in a variety of ways. Of course, you can modify the file first — there are tools to make that easier and — if you need to — you can craft your own network traffic by hand or using one of a variety of tools. This process is often called “packet crafting.”
Embedded Linux devices are everywhere these days, and sooner or later, you’re going to want to poke around in one of them. But how? That’s where posts like this one from [Felipe Astroza] come in. While his work is focused on the Foscam C1 security camera, the techniques and tools he outlines here will work on all sorts of gadgets that have a tiny penguin at their core.
Rather than trying to go in through the front door, [Felipe] starts his assault with the nuclear option: removing the SPI MX25L12835F flash chip from the camera’s PCB and dumping its contents with a Raspberry Pi. From there he walks through the use of different tools to determine the partition scheme of the chip and eventually extract passwords and other interesting bits of information from the various file systems within.
Getting ready to remove the flash chip.
That alone would be worth the read, but things really get interesting once [Felipe] discovers the FirmwareUpgrade program. Since the Foscam’s software updates are encrypted, he reasons that reverse engineering this binary would uncover the key and allow for the creation of custom firmware images that can be flashed through the stock interface.
Further investigation with Ghidra and friends identifies an interesting shared library linked to the executable in question, which is then disassembled in an effort to figure out how the key is being obfuscated. We won’t ruin the surprise, but [Felipe] eventually gets what he’s after.
We are always envious of the Star Trek Enterprise computers. You can just sort of ask them a hazy question and they will — usually — figure out what you want. Even the automatic doors seemed to know the difference between someone walking into a turbolift versus someone being thrown into the door during a fight. [River] decided to try his new API keys for the private beta of an AI service to generate Linux commands based on a description. How does it work? Watch the video below and find out.
Some examples work fairly well. In response to “email the Rickroll video to Jeff Bezos,” the system produced a curl command and an e-mail to what we assume is the right place. “Find all files in the current directory bigger than 1 GB” works, too.
