News

3639 Articles

Samsung Bricks Smart TVs

November 29, 2021 by 247 Comments

Earlier this Fall, a Samsung warehouse in South Africa was robbed and the thieves got away with a quantity of smart televisions. Samsung proceeded to implement a little-known feature called “TV Block” which is installed on all of their TV products. The serial numbers of the stolen TV sets are flagged in their servers, and if one of these sets tries to connect the internet in the future, it will recognize that it is stolen and proceed to brick itself, disabling all television functionality.

So while this real-life scenario makes sense, it is a bit alarming to realize the implication of such a feature — the manufacturer can reach into your TV and disable it from afar. One can assume that Samsung won’t abuse this capability, because acting otherwise would harm their reputation. In a press release, Samsung announced that any consumers whose sets were incorrectly bricked can have their sets un-bricked after demonstrating proper ownership.

Despite such good intentions, the mere existence of such a feature is worrisome. What someone hacks the system and begins bricking TVs all over the world willy-nilly? If you are concerned about this possibility, one option of course is to never connect your TV set to the internet. But in that case, it might be better to just buy a “dumb” television set instead.

Anti-theft immobilizers are not new — one system was patented over 100 years ago to thwart car thieves. Car stereo systems have also long featured technology that renders them unusable when stolen. Although this robbery brought Samsung’s “TV Block” to consumers’ attention, we wonder if other manufacturers have similar anti-theft systems which aren’t well publicized. If you know of any, please share in the comments below.

This Raspberry Pi Mini ITX Board Has Tons Of IO

November 28, 2021 by 27 Comments

The Raspberry Pi now comes in a wide variety of versions. There are tiny little Zeros, and of course the mainstream-sized boards. Then, there’s the latest greatest Compute Module 4, ready to slot on to a carrier board to break out all its IO. The Seaberry is one such design, as demonstrated by [Jeff Geerling], giving the CM4 a Mini ITX formfactor and a ton of IO. (Video embedded after the break.)

The Seaberry sports a full-sized x16 PCI-E port, with only 1x bandwidth but capable of holding full-sized cards. There’s also four mini-PCI-E slots along the top, with four M.2 E-key slots hiding underneath. The board then has a M.2 slot in the middle for NVME drives, and x1 PCI-E slot hanging off the side.

Ports include a USB 2.0, a Cisco-style serial console port, two HDMI ports, and a Gigabit Ethernet jack. Two seperate 12V connectors are provided allowing for a redundant power supply setup, which can be made triple redundant with the addition of the right Power-over-Ethernet hardware. Naturally, the Seaberry also features the usual 40-pin GPIO header, the 14-pin CM4 IO header, as well as the usual DSI, CSI and RTC hookups.

The Mini ITX design is a particular boon. The Seaberry can easily be slapped into a mini PC case, and the power button and activity LEDs work just like you’d expect.

In testing the board, [Jeff Geerling] filled up almost every slot, trying to see how many cards will run on an Compute Module 4 with 8GB of RAM. Throwing in an NVME SSD drive, several Coral TPUs for machine learning, multiple network cards and a SATA interface caused no problems.

Not everything worked due to driver limitations, but everything enumerated on the bus just fine. [Jeff’s] earlier work paid dividends here. His previous attempts trying to get GPUs working on the platform meant opening up an extended BAR space for PCI devices wasn’t a problem.

Further attempts involved adding in a 12-card carrier loaded up with 7 more TPUs, 5 more WiFi cards, and 3 more NVME drives. Outside of some kernel panics from excess NVME drives, the Pi CM4 was still able to detect everything, showing it can address more than 20 PCI-E devices without major issues.

Throwing so many devices at the Pi CM4 may not have an obvious application in the mainstream, but it’s sure to prove useful to someone. We’re certainly enjoying watching [Jeff] push the limits of what’s possible with the CM4, and we hope he gets GPUs working soon.

Continue reading “This Raspberry Pi Mini ITX Board Has Tons Of IO”

Arduino Plays The Glasses

November 22, 2021 by 8 Comments

Have you ever been on a city street and seen a busker playing music on glasses? Each glass has a different amount of water and produces a different note when tapped. [Cyberlab] must have seen them and created an Arduino robot to play tunes on glasses. You can see the result in the video below.

If we had done this, we might have had a solenoid per glass or used some linear component like a 3D printer axis to pick different glasses. [Cyberlab] did something smarter. The glasses go in a circle and a stepper motor points at the correct glass and activates a solenoid. The result is pretty good and it is a lot simpler than any of our ideas.

If you aren’t musically inclined, you might wonder how you’d program the songs. There’s an example of taking a music box score from a website — apparently, there are lots of these — and removing any polyphony from it. The site mentioned even has an editor where you can import MIDI files and work with them to produce a music box strip that you could then convert. Then you encode each note as a number from 0 to 6.

Of course, you also have to fill your glasses with the right amount of water. A piano tuning phone app should be useful. We’ve seen this done in a linear fashion before. You can even use a single glass for many notes with a little ingenuity.

Continue reading “Arduino Plays The Glasses”

FlowIO Takes Top Honors In The 2021 Hackaday Prize

November 20, 2021 by 8 Comments

FlowIO Platform, a modular pneumatics controller for soft robotics and smart material projects, took home Grand Prize honors at the 2021 Hackaday Prize. Aside from the prestige of coming out on top of hundreds of projects and bragging rights for winning the biggest hardware design challenge on Earth, the prize carries an award of $25,000 and a Supplyframe DesignLab residency to continue project development. Four other top winners were also announced at the Hackaday Remoticon virtual conference on Saturday evening.

In a year full of challenges, this year’s Hackaday Prize laid down yet another gauntlet: to “Rethink, Refresh, and Rebuild.” We asked everyone to take a good hard look at the systems and processes that make the world work — or in some cases, not work — and reimagine them from a fresh perspective. Are there better ways to do things? What would you come up with if you started from a blank piece of paper? How can you support and engage the next generation of engineers, and inspire them to take up the torch? And what would you come up with if you just let your imagination run wild?

And boy, did you deliver! With almost 500 entries, this year’s judges had quite a task in front of them. Each of the five challenges — Refresh Displays, Rethink Work-From-Home Life, Reimagine Supportive Tech, Redefine Robots, and Reactivate Wildcard — had ten finalists, which formed the pool of entries for the overall prize. And here’s what they came up with.

Continue reading “FlowIO Takes Top Honors In The 2021 Hackaday Prize”

This Week In Security: Intel Atoms Spill Secrets, ICMP Poisons DNS, And The Blacksmith

November 19, 2021 by 21 Comments

Intel has announced CVE-2021-0146, a vulnerability in certain processors based on the Atom architecture, and the Trusted Platform Module (TPM) is at the center of the problem. The goal of the system around the TPM is to maintain system integrity even in the case of physical access by an attacker, so the hard drive is encrypted using a key stored in a secure chip on the motherboard. The TPM chip holds this encryption key and provides it during the boot process. When combined with secure boot, this is a surprisingly effective way to prevent tampering or data access even in the case of physical access. It’s effective, at least, when nothing goes wrong.

Earlier this year, we covered a story where the encryption key could be sniffed directly from the motherboard, by tapping the traces connecting the TPM to the CPU. It was pointed out that TPM 2.0 can encrypt the disk encryption key on the traces, making this attack impossible.

The entire Trusted Compute Model is based on the premise that the CPU itself is trustworthy. This brings us back to Intel’s announcement that a debug mode could be enabled via physical access. In this debug mode, the CPU master key can be extracted, leading to complete compromise. The drive encryption key can be recovered, and unsigned firmware can be loaded to the Management Engine. This means data in the TPM enclave and the TPM-stored encryption key can be compromised. Updated firmware is rolling out through motherboard vendors to address the problem. Continue reading “This Week In Security: Intel Atoms Spill Secrets, ICMP Poisons DNS, And The Blacksmith”

Russian Anti-Satellite Weapon Test Draws Widespread Condemnation

November 17, 2021 by 44 Comments

On the morning of November 15, a Russian missile destroyed a satellite in orbit above Earth.  The successful test of the anti-satellite weapon has infuriated many in the space industry, put astronauts and cosmonauts alike at risk, and caught the attention of virtually every public and private space organisation on the planet.

It’s yet another chapter in the controversial history of military anti-satellite operations, and one with important implications for future space missions. Let’s examine what happened, and explore the greater context of the operation.

Continue reading “Russian Anti-Satellite Weapon Test Draws Widespread Condemnation”

This Week In Security: Unicode Strikes, NPM Again, And First Steps To PS5 Crack

November 12, 2021 by 33 Comments

Maybe we really were better off with ASCII. Back in my day, we had space for 256 characters, didn’t even use 128 of them, and we took what we got. Unicode opened up computers to the languages of the world, but also opened an invisible backdoor. This is a similar technique to last week’s Trojan Source story. While Trojan Source used right-to-left encoding to manipulate benign-looking code, this hack from Certitude uses Unicode characters that appear to be whitespace, but are recognized as valid variable names.

const { timeout,ㅤ} = req.query;
Is actually:
const { timeout,\u3164} = req.query;

The extra comma might give you a clue that something is up, but unless you’re very familiar with a language, you might dismiss it as a syntax quirk and move on. Using the same trick again allows the hidden malicious code to be included on a list of commands to run, making a hard-to-spot backdoor.

The second trick is to use “confusable” characters like ǃ, U+01C3. It looks like a normal exclamation mark, so you wouldn’t bat an eye at if(environmentǃ=ENV_PROD){, but in this case, environmentǃ is a new variable. Anything in this development-only block of code is actually always enabled — imagine the chaos that could cause.

Neither of these are ground-breaking vulnerabilities, but they are definitely techniques to be wary of. The authors suggest that a project could mitigate these Unicode techniques by simply restricting their source code to containing only ASCII characters. It’s not a good solution, but it’s a solution. Continue reading “This Week In Security: Unicode Strikes, NPM Again, And First Steps To PS5 Crack”