Supercon 2023: Alex Lynd Explores MCUs In Infosec

April 24, 2024 by 9 Comments

The average Hackaday reader hardly needs to be reminded of the incredible potential of the modern microcontroller. While the Arduino was certainly transformative when it hit the scene, those early 8-bit MCUs were nothing compared to what’s on the market now. Multiple cores with clock speeds measured in the hundreds of megahertz, several MB of flash storage, and of course integrated WiFi capability mean today’s chips are much closer to being fully-fledged computers than their predecessors.

It’s not hard to see the impact this has had on the electronics hobby. In the early 2000s, getting your hardware project connected to the Internet was a major accomplishment that probably involved bringing some hacked home router along for the ride. But today, most would consider something like an Internet-connected remote environmental monitor to be a good starter project. Just plug in a couple I2C sensors, write a few lines of Python, and you’ve got live data pouring into a web interface that you can view on your mobile device — all for just a few bucks worth of hardware.

But just because we’re keenly aware of the benefits and capabilities of microcontrollers like the ESP32 or the Pi Pico, doesn’t mean they’ve made the same impact in other tech circles. In his talk Wireless Hacking on a $5 Budget, Alex Lynd goes over some examples of how he’s personally put these devices to work as part of his information security (infosec) research.

Continue reading “Supercon 2023: Alex Lynd Explores MCUs In Infosec”

The First European Pocket Calculator Came From Yugoslavia

April 24, 2024 by 7 Comments

At the start of the 1970s the pocket calculator was the last word in personal electronics, and consumers in Europe looked eagerly towards Japan or the USA for a glimpse of new products. Meanwhile the European manufacturers, perhaps Philips in the Netherlands, or Olivetti in Italy, would no doubt have been putting their best engineers on to the task of delivering the first domestic European models.

So who was first with a European-made calculator? Not the Dutch, the Italians, the Germans, or even the Brits, instead that honour went to the Yugoslavians. Digitron is a company located in Buje, in modern-day Croatia, and they pipped everyone else in Europe to the post back in 1971 with their DB800 model.

We read about the achievement through the above-linked exhibition, but perhaps the greatest surprise comes in finding relatively little technical information online about these machines. Other early calculators have been subjected to extensive teardowns, so we can see all manner of interesting period tech. This one however, other than references to using Japanese parts, has very little. Whose chip did it use, and were there any quirky design choices made? We hope that someone out there has one and is prepared to give the world a peek.

Meanwhile, we’ve looked at a few older calculators ourselves.

Mining And Refining: Uranium And Plutonium

April 24, 2024 by 23 Comments

When I was a kid we used to go to a place we just called “The Book Barn.” It was pretty descriptive, as it was just a barn filled with old books. It smelled pretty much like you’d expect a barn filled with old books to smell, and it was a fantastic place to browse — all of the charm of an old library with none of the organization. On one visit I found a stack of old magazines, including a couple of Popular Mechanics from the late 1940s. The cover art always looked like pulp science fiction, with a pipe-smoking father coming home from work to his suburban home in a flying car.

But the issue that caught my eye had a cover showing a couple of rugged men in a Jeep, bouncing around the desert with a Geiger counter. “Build your own uranium detector,” the caption implored, suggesting that the next gold rush was underway and that anyone could get in on the action. The world was a much more optimistic place back then, looking forward as it was to a nuclear-powered future with electricity “too cheap to meter.” The fact that sudden death in an expanding ball of radioactive plasma was potentially the other side of that coin never seemed to matter that much; one tends to abstract away realities that are too big to comprehend.

Things are more complicated now, but uranium remains important. Not only is it needed to build new nuclear weapons and maintain the existing stockpile, it’s also an important part of the mix of non-fossil-fuel electricity options we’re going to need going forward. And getting it out of the ground and turned into useful materials, including its radioactive offspring plutonium, is anything but easy.

Continue reading “Mining And Refining: Uranium And Plutonium”

Chinese Subs May Be Propelled Silently By Lasers

April 24, 2024 by 53 Comments

If sharks with lasers on their heads weren’t bad enough, now China is working on submarines with lasers on their butts. At least, that’s what this report in the South China Morning Post claims, anyway.

According to the report, two-megawatt lasers are directed through fiber-optic cables on the surface of the submarine, vaporizing seawater and creating super-cavitation bubbles, which reduce drag on the submarine. The report describes it as an “underwater fiber laser-induced plasma detonation wave propulsion” system and claims that the system could generate up to 70,000 newtons of thrust, more than one of the turbofan engines on a 747.

The report (this proxy can get around the paywall) claims that the key to the system are the tiny metal spheres that direct the force of the cavitation implosion to propel the submarine. Similar to a magnetohydrodynamic drive (MHD), there’s no moving parts to make noise. Such a technology has the potential to make China’s submarines far harder to detect.

Looking for more details, we traced the report back to the original paper written by several people at Harbin Engineering University, entitled “Study on nanosecond pulse laser propulsion microspheres based on a tapered optical fiber in water environment“, but it’s still a pre-print. If you can get access to the full paper, feel free to chime in — we’d love to know if this seems like a real prospect or just exaggerated reporting by the local propaganda media.

[Image via Wikimedia Commons]

Flute Now Included On List Of Human Interface Devices

April 24, 2024 by 13 Comments

For decades now, we’ve been able to quickly and reliably interface musical instruments to computers. These tools have generally made making and recording music much easier, but they’ve also opened up a number of other out-of-the-box ideas we might not otherwise see or even think about. For example, [Joren] recently built a human interface device that lets him control a computer’s cursor using a flute instead of the traditional mouse.

Rather than using a MIDI interface, [Joren] is using an RP2040 chip to listen to the flute, process the audio, and interpret that audio before finally sending relevant commands to control the computer’s mouse pointer. The chip is capable of acting as a mouse on its own, but it did have a problem performing floating point calculations to the audio. This was solved by converting these calculations into much faster fixed point calculations instead. With a processing improvement of around five orders of magnitude, this change allows the small microcontroller to perform all of the audio processing.

[Joren] also built a Chrome browser extension that lets a flute player move a virtual cursor of sorts (not the computer’s actual cursor) from within the browser, allowing those without physical hardware to try out their flute-to-mouse skills. If you prefer your human interface device to be larger, louder, and more trombone-shaped we also have a trombone-based HID for those who play the game Trombone Champ.

No Active Components In This Mysterious Audio Oscillator

April 23, 2024 by 35 Comments

What’s the simplest audio frequency oscillator you can imagine? There’s the 555, of course, and we can think of a few designs using just two transistors or even a few with just one. But how about an oscillator with no active components? Now there’s a neat trick.

Replicating [Stelian]’s “simplest audio oscillator on the Internet” might take some doing on your part, since it relies on finding an old telephone. Like, really old — you’ll need one with the carbon granule cartridge in the handset, along with the speaker. Other than that, all you’ll need is a couple of 1.5-volt batteries, wiring everything in one big series loop, and placing the microphone and speaker right on top of each other. Apply power and you’re off to the races. [Stelian]’s specific setup yielded a 2.4-kHz tone that could be altered a bit by repositioning the speaker relative to the mic. On the oscilloscope, the waveform is a pretty heavily distorted sine wave.

It’s a bit of a mystery to [Stelian] as to how this works without something to provide at least a little gain. Perhaps the enclosure of the speaker or the mic has a paraboloid shape that amplifies the sound just enough to kick things off? Bah, who knows? Let the hand-waving begin!

Continue reading “No Active Components In This Mysterious Audio Oscillator”

New JEDEC DDR5 Memory Specification: Up To 8800 MT/s, Anti-Rowhammer Features

April 23, 2024 by 4 Comments
Rapid row activations (yellow rows) may change the values of bits stored in victim row (purple row).
Row hammer” by DsimicOwn work. Licensed under CC BY-SA 4.0 via Wikimedia Commons.

As DDR SDRAM increases in density and speed, so too do new challenges and opportunities appear. In the recent DDR5 update by JEDEC – as reported by Anandtech – we see not only a big speed increase from the previous maximum of 6800 Mbps to 8800 Mbps, but also the deprecation of Partial Array Self Refresh (PASR) due to security concerns, and the introduction of Per-Row Activation Counting (PRAC), which should help with row hammer-related (security) implications.

Increasing transfer speeds is primarily a matter of timings within the limits set by the overall design of DDR5, while the changes to features like PASR and PRAC are more fundamental. PASR is mostly a power-saving feature, but can apparently be abused for nefarious means, which is why it’s now gone. As for PRAC, this directly addresses the issue of row hammer attacks. Back in the 2014-era of DDR3, row hammer was mostly regarded as a way to corrupt data in RAM, but later it was found to be also a way to compromise security and effect exploits like privilege escalation.

The way PRAC seeks to prevent this is by keeping track of how often a row is being accessed, with a certain limit after which neighboring memory cells get a chance to recover from the bleed-over that is at the core of row hammer attacks. All of which means that theoretically new DDR5 RAM and memory controllers should be even faster and more secure, which is good news all around.