News

3650 Articles

Procrastinators Rejoice! 2023 Supercon Call For Participation Extended

July 25, 2023 by 4 Comments

When we closed the official Call for Participation for both workshops and talks last week, a good handful of folks wrote to us and asked if they could slip their presentation application in after the deadline. Who are we to say “no” to potential presenters? We want to see all the ideas!

We’re officially extending the Call for Speakers and the Call for Workshops for another week. Get your outline in before Aug. 1st at 9:00 AM PDT, and it’ll be in the selection for Supercon. (And no, we’re not going to extend it twice!)

The Hackaday Superconference is really and truly our favorite event of the year. It’s small, but not too small. The ideas everyone brings with them, however, are big. It’s like the absolute best of Hackaday live and in person. If you’re looking for a place to give a technical talk, or just to regale us all with the trials and triumphs of hacking, you won’t find a more receptive audience anywhere. Plus, presenters get in free.

Behind the scenes, we’re still working on the badge, but we’ve got many of the details fully hammered down. Expect tickets to go on sale in the second week of August – early bird tickets sell out fast. Keep your eyes on Hackaday for the announcement post when it goes live.

We know that November seems a long way out, but we’re looking forward to seeing you all already. Hooray for Supercon!

PCIe For Hackers: Our M.2 Card Is Done

July 25, 2023 by 18 Comments

We’ve started designing a PCIe card last week, an adapter from M.2 E-key to E-key, that adds an extra link to the E-key slot it carries – useful for fully utilizing a few rare but fancy E-key cards. By now, the schematic is done, the component placement has been figured out, and we only need to route the differential pairs – should be simple, right? Buckle up.

Getting Diffpairs Done

PCIe needs TX pairs connected to RX on another end, like UART – and this is non-negotiable. Connectors will use host-side naming, and vice-versa. As the diagram demonstrates, we connect the socket’s TX to chip’s RX and vice-versa; if we ever get confused, the laptop schematic is there to help us make things clear. To sum up, we only need to flip the names on the link coming to the PCIe switch, since the PCIe switch acts as a device on the card; the two links from the switch go to the E-key socket, and for that socket’s purposes, the PCIe switch acts as a host.

While initially routing this board, I absolutely forgot about one more important thing for PCIe – series capacitors on every data pair, on the host TX side of the link. We need three capacitor pairs here – on TX of the PCIe switch uplink, and two pairs on TX side of the switch – again, naming is host-side. I only remembered this after having finished routing all the diffpairs, and, after a bit of deliberation, I decided that this is my chance to try 0201 capacitors. For that, I took the footprints from [Christoph]‘s wonderful project, called “Effect of moon phase on tombstoning” – with such a name, these footprints have got to be good.

We’ve talked about differential pair calculations before in one of the PCIe articles, and there was a demo video too! That said, let’s repeat the calculations on this one – I’ll show how to get from “PCB fab website information” to “proper width and clearance diffpairs”, with a few fun shortcuts. Our setup is, once again, having signals on outer layers, referenced to the ground layer right below them. I, sadly, don’t yet understand how to calculate differential impedance for signal layers sandwiched between two ground planes, which is to say – if there’s any commenters willing to share this knowledge, I’d appreciate your input tremendously! For now, I don’t see that there’d be a tangible benefit to such an arrangement, anyway.

Continue reading “PCIe For Hackers: Our M.2 Card Is Done”

DisplayPort: Tapping The Altmode

July 24, 2023 by 11 Comments

Really, the most modern implementation of DisplayPort is the USB-C DisplayPort altmode, synonymous with “video over USB-C”, and we’d miss out if I were to skip it. Incidentally, our last two articles about talking USB-PD have given a few people a cool new toy to play with – people have commented on the articles, reached out to me for debugging help, and I’ve even seen people build the FUSB302B into their projects! Hot on the heels of that achievement, let’s reach further and conquer one more USB-C feature – one that isn’t yet openly available for us to hack on, even though it deserves to be.

For our long-time readers, it’s no surprise to see mundane capabilities denied to hackers. By now, we all know that many laptops and phones let you get a DisplayPort connection out of a USB-C port. Given that the USB-C specifications are openly available, and we’ve previously implemented a PD sink using those specifications, you’d expect that we could do DisplayPort with the same ease. Yet, the DisplayPort altmode specification is behind a VESA membership paywall, with a hefty pricetag – a practice of theirs that has been widely criticized, counter to their purpose as a standards organization and having resulted in some of their standards failing.

Not to worry, however – we can easily find an assortment of PDFs giving a high-level overview and some details of the DisplayPort altmode, and here’s my favorite! I also have a device running MicroPython with a FUSB302 chip connected, and a few DisplayPort altmode devices of mine that I can disassemble. This, turns out, is more than enough for us to reverse-engineer our way into an open-source DisplayPort altmode library!

Continue reading “DisplayPort: Tapping The Altmode”

VanMoof E-Bike Bankruptcy: The Risks Of Cloud-Connected Transport

July 23, 2023 by 66 Comments

When the bankruptcy of VanMoof, the company behind a series of e-bikes, was announced recently, many probably shrugged at this news. After all, what is an e-bike but a regular bicycle that has some electronics and a battery strapped to it to assist with cycling? Unfortunately for owners of a VanMoof e-bike, their fancy wheels come with a Bluetooth-connected smartphone app that somehow involves storing a special encryption key on the VanMoof servers, as detailed by [Gergely Orosz] at the Pragmatic Engineer. Without this key that is connected to your VanMoof account, your VanMoof app cannot communicate with your VanMoof e-bike.

Although basic functionality of the e-bike will be retained, features such as setting the gear modes, changing assistance mode, locking the bicycle and other features not exposed on the bicycle itself will be lost. Essentially this is the equivalent of losing the remote control to a modern-day TV and getting locked out of 90% of the device’s features.

Fortunately, as [Gergely] and others are (urgently) pointing out to VanMoof e-bike owners, this special key can be downloaded with a Key Exporter project on GitHub, as well as obtained and used with an alternative app by Cowboy Bikes, which is a competitor of VanMoof. The unfortunate reality remains, however, that should you lose this special key, you are going to be in a world of pain as your expensive e-bike now is mostly an e-brick.

(Thanks to [Jan Praegert] for the tip)

2600 Breaks Free From DRM With PDF/EPUB Subscription

July 21, 2023 by 13 Comments

Hackaday has been online in some form or another since 2004, which for the Internet, makes us pretty damn old. But while that makes us one of the oldest surviving web resources for hacker types, we’ve got nothing on 2600 — they’ve been publishing their quarterly zine since 1984.

Summer 2023 Issue of 2600

While the physical magazine can still be found on store shelves, the iconic publication expanded into digital distribution some time ago, thanks largely to the Kindle’s Newsstand service. Unfortunately, that meant Amazon’s recent decision to shutter Newsstand threatened to deprive 2600 of a sizable chunk of their income. So what would any group of hackers do? They took matters into their own hands and spun-up their own digital distribution system.

As of today you’re able to subscribe to the digital version of 2600 in DRM-free PDF or EPUB formats, directly from the magazine’s official website. Which one you pick largely depends on how you want to read it: those looking for the highest fidelity experience should go with PDF, as it features an identical layout to the physical magazine, while those who are more concerned with how the content looks on their reader of choice would perhaps be better served by the flexibility of EPUB. After signing up you can download the current Summer issue immediately, with future issues hitting your inbox automatically. Load it onto your home-built Open Book, and you can really stick it to the establishment.

While the ending of this story seems to be a happy one, we can’t help but see it as a cautionary tale. How many other magazines would have the means and experience to offer up their own digital subscriptions? Or for that matter, how many could boast readers savvy enough to utilize it? The reality is many publications will be injured by Amazon’s decision, some mortally so. That’s a lot of power to be put into the hands of just one company, no matter how quick the shipping is.

This Week In Security: Dating App, WooCommerce, And OpenSSH

July 21, 2023 by 4 Comments

Up first this week is a report from vpnMentor, covering the unsecured database backing a set of dating apps, including 419 Dating. The report is a bit light on the technical details, like what sort of database this was, or how exactly it was accessed. But the result is 2.3 million exposed records, containing email address, photos — sometimes explicit, and more. Apparently also exposed were server backups and logs.

The good news here is that once [Jeremiah Fowler] discovered the database door unlocked and hanging open, he made a disclosure, and the database was secured. We can only hope that it wasn’t discovered by any bad actors in the meantime. The app has now disappeared from the Google Play store, and had just a bit of a sketchy air about it.

WooCommerce Under Siege

Back in March, CVE-2023-28121 was fixed in the WooCommerce plugin for WordPress. The issue here is an authentication bypass that allows an unauthenticated user to commandeer other user accounts.

Within a few months, working exploits had been derived from the details of the patch plugging the hole. It wasn’t hard. A function for determining the current user was explicitly trusting the contents of the X-WCPAY-PLATFORM-CHECKOUT-USER request header. Set that value in a request sent to the server, and ding, you’re administrator.

And now the cows are coming home to roost. Active exploitation started in earnest on July 14, and the folks at Wordfence clocked a staggering 1.3 million exploitation attempts on the 16th. What’s particularly interesting is that the Wordfence data gathering system saw a huge increase in requests for the readme.txt file that indicates the presence of the WooCommerce plugin on a WordPress site. These requests were observed before the attacks got started, making for an interesting early warning system. Continue reading “This Week In Security: Dating App, WooCommerce, And OpenSSH”

This RISC-V CPU Games In Rust From Inside The Game

July 17, 2023 by 14 Comments

[Xander Naumenko] has created something truly impressive — a working RISC-V CPU completely contained in a Terraria world. And then for added fun, he wrote the game of pong, playable in real time, from within the game of Terraria. It’s all based on the in-game wiring system, combined with a bit of a hack that uses the faulty lamp mechanic to create a very odd AND gate. In Terraria, the existing logic gates have timing issues that make them a no-go for complicated projects like this one. The faulty lamp is intended to do randomized outputs, by stacking multiple inputs to get a weighted output when a clock signal is applied. The hack is to simply give this device a single input, turning it into a clocked IF gate. Two of them together in series makes a clocked AND gate, and two in parallel make a clocked OR gate.

Why would [Xander] embark on this legendary endeavor? Apparently after over eight thousand hours clocked in game, one gets a bored of killing slimes and building NPC houses. And playing with the game’s wiring system turned on a metaphorical lightbulb, that the system could be used to build interesting systems. A prototype CPU, with a completely custom instruction set came next, and was powerful enough to compute Fibonacci. But that obviously wasn’t enough. Come back after the break for the rest of the story and the impressive video demonstration.

Continue reading “This RISC-V CPU Games In Rust From Inside The Game”