This Week In Security: Drama At The C-Level, Escape Injection, And Audits

There was something of a mystery this week, with the c.root-servers.net root DNS server falling out of sync with it’s 12 siblings. That’s odd in itself, as these are the 13 servers that keep DNS working for the whole Internet. And yes, that’s a bit of a simplification, it’s not a single server for any of the 13 entities — the C “server” is actually 12 different machines. The intent is for all those hundreds of servers around the world to serve the same DNS information, but over several days this week, the “C” servers just stopped pulling updates.

The most amusing/worrying part of this story is how long it took for the problem to be discovered and addressed. One researcher cracked a ha-ha-only-serious sort of joke, that he had reported the problem to Cogent, the owners of the “C” servers, but they didn’t “seem to understand that they manage a root server”. The problem first started on Saturday, and wasn’t noticed til Tuesday, when the servers were behind by three days. Updates started trickling late Tuesday or early Wednesday, and by the end of Wednesday, the servers were back in sync.

Cogent gave a statement that an “unrelated routing policy change” both affected the zone updates, and the system that should have alerted them to the problem. It seems there might room for an independent organization, monitoring some of this critical Internet Infrastructure.

Continue reading “This Week In Security: Drama At The C-Level, Escape Injection, And Audits”

Hackaday Links Column Banner

Hackaday Links: August 20, 2023

In some ways, we’ve become a little jaded when it comes to news from Mars, which almost always has to do with the Ingenuity helicopter completing yet another successful flight. And so it was with the report of flight number 54 — almost. It turns out that the previous flight, which was conducted on July 22, suffered a glitch that cut the flight short by forcing an immediate landing. We had either completely missed that in the news, or NASA wasn’t forthcoming with the news, perhaps until they knew more. But the details of the error are interesting and appear related to a glitch that happened 46 flights before, way back in May of 2021, that involves dropped frames from the video coming from the helicopter’s down-facing navigational camera. When this first cropped up back on flight six, it was only a couple of missed frames that nearly crashed the craft, thanks to confusion between the video stream and the inertial data. Flight engineers updated the aircraft’s software to allow for a little more flexibility with dropped frames, which worked perfectly up until the aborted flight 53.

Continue reading “Hackaday Links: August 20, 2023”

This Arduino Terminal Does All The Characters

The job of a dumb terminal was originally to be a continuation of that performed by a paper teletype, to send text from its keyboard and display any it receives on its screen. But as the demands of computer systems extended beyond what mere ASCII could offer, their capabilities were extended with extra characters and graphical extensions whose descendants we see in today’s Unicode character sets and thus even in all those emojis on your mobile phone. Thus a fully-featured terminal has a host of semigraphics characters from which surprisingly non-textual output can be created. It’s something [Michael Rule] has done some work on, with his ILI9341TTY, a USB serial terminal monitor using an Arduino Uno and an ILI9341 LCD module that supports as many of the extended characters as possible.

A graph, entirely in Unicode characters.
A graph, entirely in Unicode characters.

It’s fair to say that most of us who regularly use a terminal don’t go far beyond the ASCII, as it’s likely that a modern terminal will sit in a window over a desktop GUI. So even if you have little use for a hardware terminal monitor there’s still plenty of interest to be found in those rarely-seen character sets. Our favourite is probably the Symbols for Legacy Computing, an array of semigraphics characters that may be familiar to readers who have used an 8-bit home computer or two. He includes a graph example using these characters coloured with ANSI escape codes, and it’s certainly not what you expect from a terminal.

If microcontroller terminals capture your interest, this isn’t the first we’ve brought you.

AsciiCam: Make ASCII Art With Your Phone

We admit it, we have a nostalgic soft spot for ASCII Art. Pictures made form characters, printed on an old-fashioned line printer. They’ve been a hacker standby since the 1960’s. Times have moved on though. These days we’re all carrying supercomputers in our pockets.  Why not use them to create more great ASCII art? That’s exactly what [Brian Nenninger] did with AsciiCam. AsciiCam lets you use your Android phone’s camera to create ASCII images.

Using the software is simple. Just launch it and you’re greeted with an ASCII preview of the camera image. Users can select from a 16 color palette and full 24 bit color. Monochrome modes are also available. You can also choose from black text on a white background or white text on black.

The great thing about AsciiCam is the fact that it is open source. You can download the full source code from Github. If you just want to run the software, it’s available through the Google Play Store. This is a labor of love. The first Github commits were six years ago, and [Bran] is still working — the most recent commits were made only a few days back. AsciiCam is also a good example for neophyte Android programmers.

Want to know more about ASCII art? Check out Al’s history of ASCII art, or this talk about both ASCII and ANSI creations.

World Standard Organizations To Release Entirely Reworked Standards

After months of cross-disciplinary meetings, some of the largest professional associations just announced their plans to submit an entire standard set for engineers with egos too fragile to accept design criticism. The Special Snowflake Standard or S2 (in compliance with Godwin’s law) ensures compromised mechanical and electrical integrity by ignoring proper design methodologies for more fluid definitions of success. The Special Snowflake Standard allows the modern engineer greater flexibility in avoiding self-improvement in their field while maintaining an advanced level of apparent competency.

The Standard follows an ingenious randomly generated naming scheme to hinder cross-checking and look-up. The honesty being the only change from the current system. It took us a while to navigate the websites built to serve the standards, as they themselves were built to the W3C.S2.01.d.f4r.7 Special Snowflake Standard For Geriatric Exclusion From The Study of Modern Web Development and therefore were only accessible through the Gopher protocol running specifically on SPARC workstations.

Nonetheless, after working through multiple W3C.S2.u.r.f4.u17 Probably PEBKAC Self Exclusion Of Responsibility Standard errors, we found a few standards we’re really excited about. Let’s take a look at a the highlights:

Continue reading “World Standard Organizations To Release Entirely Reworked Standards”

Wolfenstein In 600 Lines Of Code

What’s more impressive, the fact that this Wolfenstein-like game is 600 lines of code, or that it’s written in AWK?

AWK is a language primarily used for text processing. But if you can write code the world bows to your wishes. [Fedor Kalugin] leverages the ability of a Linux terminal’s color options to draw his game. The 3D aspect is produced through ray-casting which generates a 2D image from 3D coordinates.

Trying out the game is extremely simple, install gawk, clone the repo, and play:

Continue reading “Wolfenstein In 600 Lines Of Code”

Retrotechtacular: The History Of ANSI And ASCII Art

These slides may not be the style of character art you remember from the days of 2400 baud modems; they’re more advanced than what was out there in the beginning. It turns out there is still some life left in this art subculture. For this week’s installment of Retrotechtacular we look in on [Doug Moore’s] talk on the history and survival of ANSI and ASCII art given at this year’s BSides conference.

ASCII is still a common character encoding so chances are you’re already familiar with it. ANSI on the other hand is a rather confusing term as it’s been lost in obscurity when referring to character sets. In this case it refers to a set of extended characters which is better described as Windows Code Pages.

Most of what we know about the ANSI art scene is from watching BBS: The Documentary (which is on our ten best hacking videos list). We certainly remember seeing the vertically scrolling art after connecting to a dial-up BBS back in the day. But understanding the factions that formed around the creation, bundling, and distribution of this is art is fascinating. [Doug] does a great job of covering this history, sharing side-by-side examples of the shunned practice of “ripping” another artists work. This image is actually not a rip. Later in his talk he discusses the continued existence of the subculture, showing what a modern take on the same subject looks like.

If you’re merely into the technical the first half of the video below is worth watching. But we bet it’ll be hard not to continue to the end for a side-trip into art history.

Retrotechtacular is a weekly column featuring hacks, technology, and kitsch from ages of yore. Help keep it fresh by sending in your ideas for future installments.

Continue reading “Retrotechtacular: The History Of ANSI And ASCII Art”