This Week In Security: Loop DOS, Flipper Responds, And More!

Here’s a fun thought experiment. UDP packets can be sent with an arbitrary source IP and port, so you can send a packet to one server, and could aim the response at another server. What happens if that response triggers another response? What if you could craft a packet that continues that cycle endlessly? That is essentially the idea behind Loop DoS (Denial of Service).

This unique avalanche of packets has been managed using specific implementations of several different network services, like TFTP, DNS, and NTP. There are several CVEs being used to track the issue, but CVE-2024-2169 is particularly odd, with the description that “Implementations of UDP application protocol are vulnerable to network loops.” This seems to be a blanket CVE for UDP, which is particularly inappropriate given that the first DoS of this sort was first reported in 2009 at the latest.

More details are available in a Google Doc. There some interesting tidbits there, like the existence of cross-protocol loops, and several legacy protocols that are vulnerable by design. The important thing to remember here is you have to have an accessible UDP port for this sort of attack to take place, so if you’re not using it, firewall it.

Flipper Flips Back

We’ve covered the saga of the Flipper Zero vs the Canadian government, in the context of car theft. The short version is that Canada has seen an uptick of car thefts from organized crime. Rather than meaningfully dealing with this problem, the Canadian government went looking for scapegoats, and found the Flipper Zero.

Well now, Flipper has responded, and put simply, the message is “stop the madness”. There has never been a confirmed case of using a flipper to steal a car, and it’s very unlikely it’s ever happened. On a modern car with proper rolling-code security, it’s not meaningfully possible to use the Flipper Zero for the theft. The two primary ways criminals actually steal cars are with dedicated keyfob repeaters and CAN bus hackers.

There is a petition to sign, and for Canadians, Flipper suggests contacting your local member of parliament. Continue reading “This Week In Security: Loop DOS, Flipper Responds, And More!”

Your 1983 Video Phone Is Finally Ready

If you read Byte magazine in 1983, you might have expected that, by now, you’d be able to buy the red phone with the video screen built-in. You know, like the one that appears on the cover of the magazine. Of course, you can’t. But that didn’t stop former Hackaday luminary [Cameron] from duplicating the mythical device, if not precisely, then in spirit. Check it out in the video, below.

The Byte Magazine Cover in Question!

While the original Byte article was about VideoTex, [Cameron] built a device with even more capability you couldn’t have dreamed of in 1983. What’s more, the build was simple. He started with an old analog phone and a tiny Android phone. A 3D-printed faceplate lets the fake phone serve as a sort of dock for the cellular device.

That’s not all, though. Using the guts of a Bluetooth headset enables the fake phone’s handset. Now you can access the web — sort of a super Videotex system. You can even make video calls.

There isn’t a lot of detail about the build, but you probably don’t need it. This is more of an art project, and your analog phone, cell phone, and Bluetooth gizmo will probably be different anyway.

Everyone always wanted a video phone, and while we sort of have them now, it doesn’t quite seem the same as we imagined them. We wish [Cameron] would put an app on the phone to simulate a rotary dial and maybe even act as an answering machine.

Continue reading “Your 1983 Video Phone Is Finally Ready”

Flat Earth Theatre presents "R.U.R." by Karel Capek. January 23 - 31, 2009. Featuring Michael Wayne Smith, Karen Hart, Valerie Daum, Jeff Tidwell, Kevin Kordis, James Rossi, Bill Conley, Justus Perry, and Amy Lehrmitt. Directed by Jake Scaltreto. Arsenal Center for the Arts, Watertown.

Robot: You Keep Using That Word But It Doesn’t Mean What You Think It Means

The flute player automaton by Innocenzo Manzetti (1840)
The flute player automaton by Innocenzo Manzetti (1840)

With many words which are commonly used in everyday vocabulary, we are certain that we have a solid grasp of what they do and do not mean, but is this really true? Take the word ‘robot’ for example, which is more commonly used wrongly rather than correctly when going by the definition of the person who coined it: [Karel Čapek]. It was the year 1920 when his play Rossumovi Univerzální Roboti was introduced to the world, which soon saw itself translated and performed around the world, with the English-speaking world knowing it as R.U.R.: Rossum’s Universal Robots.

Up till then, the concept of a relatively self-operating machine was known as an automaton, as introduced by the Ancient Greeks, with the term ‘android’ being introduced as early as the 18th century to mean automatons that have a human-like appearance, but are still mechanical contraptions. When [Čapek] wrote his play, he did not intend to have non-human characters that were like these androids, but rather pure artificial life: biochemical systems much like humans, using similar biochemical principles as proteins, enzymes, hormones and vitamins, assembled from organic matter like humans. These non-human characters he called ‘roboti’, from Old Czech ‘robot’ (robota: “drudgery, servitude”), who looked human, but lacked a ‘soul’.

Despite this intent, the run-away success of R.U.R. led to anything android- and automaton-like being referred to as a ‘robot’, which he lamented in a 1935 column in Lidové Noviny. Rather than whirring and clunking pieces of machinery being called ‘automatons’ and ‘androids’ as they had been for hundreds of years, now his vision of artificial life had effectively been wiped out. Despite this, to this day we can still see the traces of the proper terms, for example when we talk about ‘automation’, which is where automatons (‘industrial robots’) come into play, like the industrial looms and kin that heralded the Industrial Revolution.

(Heading image: Performance of R.U.R. by Flat Earth Theatre, showing the mixing of robot ingredients)

Android-Powered Rigol Scopes Go Wireless

The Rigol DHO800 and DHO900 series use Android underneath, and as you might expect, this makes them easier to hack. A case in point: [VoltLog] demonstrates that you can add WiFi to the scope using a cheap USB WiFi adapter. This might seem like a no-brainer on the surface, but because the software doesn’t know about WiFi, there are a few minor hoops to jump through.

The first issue is that you need a WiFi adapter the built-in OS already knows how to handle. The community has identified at least one RTL chipset that works and it happens to be in the TP-Link TL-WN725N. These are old 2.4 GHz only units, so they are widely available for $10 or less.

But even with the correct hardware, the scope doesn’t have any menus to configure the WiFi interface. To solve that, you need to temporarily use a USB hub and a USB keyboard. Once you have everything plugged in, you can use the Super + N keyboard shortcut to open up the Android notification bar, which is normally hidden. Once you’ve setup the network connection, you won’t need the keyboard anymore.

Or maybe not — it turns out the keyboard does allow you to change a few other things. For example, [VoltLog] used it to increase the screen brightness more than the default maximum setting.

The only other issue appears to be that the scope shows it is disconnected even when connected to WiFi. That doesn’t seem to impact operation, though. Of course, you could use a WiFi to Ethernet bridge or even an old router, but now you have a cable, a box, and another power cord to deal with. This solution is neat and clean. You bet we’ve already ordered a TP-Link adapter!

WiFi scopes are nothing new. We suspect Rigol didn’t want to worry about interference and regulatory acceptance, but who knows? Besides, it is fun to add WiFi to wired devices.

Continue reading “Android-Powered Rigol Scopes Go Wireless”

Android: Coming Soon To A RISC-V Processor Near You

In the roughly decade and a half since the Android mobile operating system appeared on the scene it has been primarily sold on devices with an ARM core at their heart, but along the way it has also appeared for other architectures. If you had a MIPS Android phone you may have been in the minority, but Intel phones enjoyed some popularity, and the up-and-coming new kid in the world of Android is RISC-V. For anyone interested in this last architecture it’s worth looking at the Google Open Source blog, in which they’ve published an overview of the current status of the project.

In short, it’s full steam ahead — as the development environment and emulation is in place for RISC-V Android. It’s certain we’ll start seeing RISC-V phones on the market soon, but perhaps that’s not the part which should interest readers the most. Over the last decade we have seen an explosion of inexpensive ARM single board computers, and though some of them such as the Raspberry Pi owe their heritage to set-top-box SoCs, it’s fair to say that a strong driver for this trend has been the proliferation of powerful mobile chips. A take-up of RISC-V driven by Android would mean a similar explosion of powerful SoCs with those  cores, leading we hope to much more accessible and powerful RISC-V computing. Sadly we expect them to still come with proprietary peripherals leading to plenty of closed source blobs, but we can’t have everything.

If you’d like to read more about the whole blob situation and RISC-V, we’ve got you covered.

This Week In Security: Browser Exploits, Play Protect, And Turn ON Your Firewall!

Google Chrome has done a lot of work on JavaScript performance, pushing the V8 engine to more and more impressive feats. Recently, that optimization has one more piece, the Maglev compiler, which sits between Sparkplug and TurboFan, as a mid-tier optimization step. With a Just In Time (JIT) system, the time saving of code optimization steps has to be carefully weighed against the time costs, and Maglev is another tool in that endless hunt for speed. And with anything this complicated, there’s the occasional flaw found in the system. And of course, because we’re talking about it here, it’s a security vulnerability that results in Remote Code Execution (RCE).

The trick is to use Maglev’s optimization against it. Set up a pair of classes, such that B extends A. Calling new B() results in an attempt to use the constructor from A. Which works, because the compiler checks to make sure that the constructors match before doing so. There’s another way to call a constructor in JS, something like Reflect.construct(B, [], Array);. This calls the B constructor, but indicates that the constructor should return an Array object. You may notice, there’s no array in the A class below. Tricking the compiler into using the parent class constructor in this fashion results in the array being uninitialized, and whatever happens to be in memory will set the length of the array. Continue reading “This Week In Security: Browser Exploits, Play Protect, And Turn ON Your Firewall!”

DOOM On IPhone OS, On Android

So you want to play some games from the early days of 32-bit iPhone OS that no longer run on recent OS versions? [Hikari-no-yume] wrote a sweet high-level emulator, touchHLE, to do so on modern iOS phones. But maybe you don’t have an iPhone? [Ciciplusplus] has your back. He ported the iPhone OS emulator, written in Rust, to Android, and then ported a version of DOOM that runs on iPhone OS to go with it.

[Ciciplusplus] also made a video (embedded below) where he documented the trials and tribulations of porting Rust code to the Android platform – an intensely Java environment. It doesn’t sound like it was at all trivial. Of course, this couldn’t have been accomplished without [Hikari-no-yume]’s original work on touchHLE, which was made essentially to fulfill [Hikari-no-yume]’s long-time obsession with the game Super Monkey Ball.

So for now, touchHLE can boast the ability to run a few old 32-bit games on Android and desktop operating systems. What other games from the first years of gaming on smart phones (and iPods) do you need to see ported? Get involved in the project if you’ve got an itch you need scratched.

Continue reading DOOM On IPhone OS, On Android”