Slider

5040 Articles

How The Sony PlayStation Was Hacked

November 5, 2018 by 34 Comments

Playgrounds were the comment sections of their day. Every weekday from exactly 1:17 PM until 1:43 PM there were swings to be swung, rumors to be spread, and debates to be settled by whomever was the loudest (some things never change). Allegiances were formed and battle lines were drawn based solely on what video game console you supported. It was this playground system that perpetuated the urban myths of the time.

For PlayStation fans there was the myth that you could save Aerith from her fate in Final Fantasy VII if you just cast the right spell, or the secret code in Tomb Raider that would let you see all of Lara Croft. There was the myth that no one could possibly copy a PlayStation game because all the bottoms of the discs were black. Even the very existence of the first PlayStation, the Super Nintendo PlayStation prototype, was an urban legend. The difference was that last one turned out to be true.

Let’s jump in and take a look at the cat and mouse game between modchip makers looking to defeat the original PlayStation’s copy protection, and Sony’s efforts to protect their castle.
Continue reading “How The Sony PlayStation Was Hacked”

FT8: Saving Ham Radio Or Killing It?

November 2, 2018 by 179 Comments

It is popular to blame new technology for killing things. The Internet killed newspapers. Video killed the radio star. Is FT8, a new digital technology, poised to kill off ham radio? The community seems evenly divided. In an online poll, 52% of people responding says FT8 is damaging ham radio.  But ham operator [K5SDR] has an excellent blog post about how he thinks FT8 is going to save ham radio instead.

If you already have an opinion, you have probably already raced down to the comments to share your thoughts. I’ll be honest, I think what we are seeing is a transformation of ham radio and like most transformations, it is probably both killing parts of ham radio and saving others. But if you are still here, let’s talk a little bit about what’s going on in ham radio right now and how it relates to the FT8 question. Oddly enough, our story starts with the strange lack of sunspots that we’ve been experiencing lately. Continue reading “FT8: Saving Ham Radio Or Killing It?”

The Linux Throwie: Powering A Linux Server With A 0.3W Solar Panel

November 2, 2018 by 63 Comments

Have you ever had one of those moments, when you’re rummaging through your spare parts heap, and have a rather bizarre project idea that you can’t quite get out of your head? You know, the ones that have no clear use, but simply demand to be born, of glass and steel and silicon?

This time, the stubborn idea in question was sort of like a solar-rechargeable LED throwie, but instead of a blinking light, it has a fully cloud-accessible embedded Linux server in the form of a Raspberry Pi 3 Model B+. Your choice of embedded Linux board should work — I just happen to have a lot of these due to a shipping error.

There were two main challenges here: First, it would have to combine the smallest practical combination of solar panel, power supply, and Li-ion cell that could run the Raspberry Pi. Second, we’ll need to remotely activate and access the Pi regardless of where it is, as well as be able to connect it to WiFi without direct physical access. In this article we’ll be dealing with the first set of problems — stay tuned for the rest.

Continue reading “The Linux Throwie: Powering A Linux Server With A 0.3W Solar Panel”

Cooking Eggs With Magnets In Motion

November 2, 2018 by 71 Comments

It’s probably always going to be easier to just find some dry wood and make a cooking fire, but if you’re ever in a real bind and just happen to have a bunch of magnets and a treadmill motor, this DIY induction cooktop could be your key to a hot breakfast.

For those not familiar with them, induction cooktops are a real thing. The idea stretches all the way back to the turn of the last century, and involves using a strong magnetic field to induce eddy currents in the metal of a cooking vessel. As [K&J Magnetics] explains, the eddy currents are induced in a conductor by changing magnetic fields nearby. The currents create their own magnetic field which opposes the magnetic field that created it. The resulting current flows through the conductor, heating it up. For their cooktop, they chose to spin a bunch of powerful neodymium magnets with alternating polarity using an old treadmill motor. The first try heated up enough to just barely cook an egg. Adding more magnets resulted in more heat, but the breakthrough came with a smaller pan. The video below shows the cooktop in action.

It’s worth noting that commercial induction cooktops use coils and a high-frequency alternating current instead or rotating magnets. They also are notoriously fussy about cookware, too. So, kudos to [K&J] for finding success with such an expedient build. As a next step, we’d love to see the permanent magnets replaced with small coils that can be electrically commutated, perhaps with a brushless motor controller. Continue reading “Cooking Eggs With Magnets In Motion”

Apple Kernel Code Vulnerability Affected All Devices

November 1, 2018 by 81 Comments

Another day, another vulnerability. Discovered by [Kevin Backhouse], CVE-2018-4407 is a particularly serious problem because it is present all throughout Apple’s product line, from the Macbook to the Apple Watch. The flaw is in the XNU kernel shared by all of these products.

This is a buffer overflow issue in the error handling for network packets. The kernel is expecting a fixed length of those packets but doesn’t check to prevent writing past the end of the buffer. The fact Apple’s XNU kernel powers all their products is remarkable, but issues like this are a reminder of the potential downside to that approach. Thanks to responsible disclosure, a patch was pushed out in September.

Anatomy of a Buffer Overflow

Buffer overflows aren’t new, but a reminder on what exactly is going on might be in order. In low level languages like C, the software designer is responsible for managing computer memory manually. They allocate memory, tagging a certain number of bytes for a given use. A buffer overflow is when the program writes more bytes into the memory location than are allocated, writing past the intended limit into parts of memory that are likely being used for a different purpose. In short, this overflow is written into memory that can contain other data or even executable code.

With a buffer overflow vulnerability, an attacker can write whatever code they wish to that out-of-bounds memory space, then manipulate the program to jump into that newly written code. This is referred to as arbitrary code execution. [Computerphile] has a great walk-through on buffer overflows and how they lead to code execution.

This Overflow Vulnerabilty Strikes Apple’s XNU Kernel

[Kevin] took the time to explain the issue he found in further depth. The vulnerability stems from the kernel code making an assumption about incoming packets. ICMP error messages are sent automatically in response to various network events. We’re probably most familiar with the “connection refused’ message, indicating a port closed by the firewall. These ICMP packets include the IP header of the packet that triggered the error. The XNU implementation of this process makes the assumption that the incoming packet will always have a header of the correct length, and copies that header into a buffer without first checking the length. A specially crafted packet can have a longer header, and this is the data that overflows the buffer.

Because of the role ICMP plays in communicating network status, a closed firewall isn’t enough to mitigate the attack. Even when sent to a closed port, the vulnerability can still trigger. Aside from updating to a patched OS release, the only mitigation is to run the macOS firewall in what it calls “stealth mode”. This mode doesn’t respond to pings, and more importantly, silently drops packets rather than sending ICMP error responses. This mitigation isn’t possible for watchOS and iOS devices.

The good news about the vulnerability is that a packet, malformed in this way, has little chance of being passed through a router at all. An attacker must be on the same physical network in order to send the malicious packet. The most likely attack vector, then, is the public WiFi at the local coffee shop.

Come back after the break for a demonstration of this attack in action.

Continue reading “Apple Kernel Code Vulnerability Affected All Devices”

Kepler Closes Eyes After A Decade Of Discovery

October 30, 2018 by 16 Comments

Since its launch in March 2009, the Kepler Space Telescope has provided us with an incredible amount of data about exoplanets within our galaxy, proving these worlds are more varied and numerous than we could ever have imagined. Before its launch we simply didn’t know how common planets such as ours were, but today we know the Milky Way contains billions of them. Some of these worlds are so hot they have seas of molten rock, others experience two sunsets a day as they orbit a pair of stars. Perhaps most importantly, thousands of the planets found by Kepler are much like our own: potentially playing host to life as we know it.

Kepler lived a fruitful life by any metric, but it hasn’t been an easy one. Too far into deep space for us to repair it as we did Hubble, hardware failures aboard the observatory nearly brought the program to a halt in 2013. When NASA announced the spacecraft was beyond hope of repair, most assumed the mission would end. Even by that point, Kepler was an unqualified success and had provided us with enough data to keep astronomers busy for years. But an ingenious fix was devised, allowing it to continue collecting data even in its reduced capacity.

Leaning into the solar wind, Kepler was able to use the pressure of sunlight striking its solar panels to steady itself. Kepler’s “eyesight” was never quite the same after the failure of its reaction wheels, and it consumed more propellant than originally intended to maintain this careful balancing act, but the science continued. The mission that had already answered many of our questions about our place in the galaxy would push ahead in spite of a failure which should have left it dead in space.

As Kepler rapidly burned through its supply of propellant, it became clear the mission was on borrowed time. It was a necessary evil, as the alternative was leaving the craft tumbling through space, but mission planners understood that the fix they implemented had put an expiration date on Kepler. Revised calculations could provide an estimate as to when the vehicle would finally run its tanks dry and lose attitude control, but not a definitive date.

For the last several months NASA has known the day was approaching, but they decided to keep collecting data until the vehicle’s thrusters sputtered and failed. So today’s announcement that Kepler has at long last lost the ability to orient itself came as no surprise. Kepler has observed its last alien sunset, but the search for planets, and indeed life, in our corner of the galaxy doesn’t end today.

Continue reading “Kepler Closes Eyes After A Decade Of Discovery”

Oliver Heaviside: Rags To Recognition, To Madness

October 30, 2018 by 45 Comments

Like any complex topic, electromagnetic theory has its own vocabulary. When speaking about dielectrics we may refer to their permittivity, and discussions on magnetic circuits might find terms like reluctance and inductance bandied about. At a more practical level, a ham radio operator might discuss the impedance of the coaxial cable used to send signals to an antenna that will then be bounced off the ionosphere for long-range communications.

It’s everyday stuff to most of us, but none of this vocabulary would exist if it hadn’t been for Oliver Heaviside, the brilliant but challenging self-taught British electrical engineer and researcher. He coined all these terms and many more in his life-long quest to understand the mysteries of the electromagnetic world, and gave us much of the theoretical basis for telecommunications.

Continue reading “Oliver Heaviside: Rags To Recognition, To Madness”