Apple Forces The Signing Of Applications In MacOS Sequoia 15.1

November 1, 2024 by Maya Posch 134 Comments

The dialogue that greets you when you try to open an unsigned application in MacOS Sequoia 15.1.

Many MacOS users are probably used by now to the annoyance that comes with unsigned applications, as they require a few extra steps to launch them. This feature is called Gatekeeper and checks for an Apple Developer ID certificate. Starting with MacOS Sequoia 15, the easy bypassing of this feature with e.g. holding Control when clicking the application icon is now no longer an option, with version 15.1 disabling ways to bypass this completely. Not unsurprisingly, this change has caught especially users of open source software like OpenSCAD by surprise, as evidenced by a range of forum posts and GitHub tickets.

The issue of having to sign applications you run on MacOS has been a longstanding point of contention, with HomeBrew applications affected and the looming threat for applications sourced from elsewhere, with OpenSCAD issue ticket #880 from 2014 covering the saga for one OSS project. Now it would seem that to distribute MacOS software you need to have an Apple Developer Program membership, costing $99/year.

So far it appears that this forcing is deliberate on Apple’s side, with the FOSS community still sorting through possible workarounds and the full impact.

Thanks to [Robert Piston] for the tip.

2View: The Self-Erasing VHS Tape With Paperclip Hack

October 6, 2024 by Maya Posch 17 Comments

The back of the 2View VHS box. The instructions are all in Dutch, as its (sole) launch market. (Credit: Techmoan, YouTube)

Over the decades the video and music industries have tried a wide range of ways to get consumers to buy ‘cheaper’ versions of albums and music, but then limit the playback in some way. Perhaps one of the most fascinating ones is the 2View, as recently featured by [Matt] over at Techmoan on Youtube. This is a VHS tape which works in standard VHS players and offers you all the goodness that VHS offers, like up to 512 lines of PAL video and hard-coded ads and subtitles, but also is restricted to just playing twice. After this second playback and rewinding, the tape self-erases and is blank, leaving you with just an empty VHS tape you can use for your own recordings.

As a form of analog restrictions management (ARM) it’s pretty simple in how it works, with [Matt] taking the now thankfully erased Coyote Ugly tape apart for a demonstration of the inside mechanism. This consists out of effectively just two parts: one plastic, spring-loaded shape that moves against one of the tape spools and follows the amount of tape, meaning minutes watched, and a second arm featuring a permanent magnet that is retained by an inner track inside the first shape until after rewinding twice it is released and ends up against the second spool, erasing the tape until rewound, after which it catches in a neutral position. This then left an erased tape that could be safely recorded on again.

Although cheaper than a comparable VHS tape without this limit, 2View was released in 2001, when in the Netherlands and elsewhere DVDs were demolishing the VHS market. This, combined with the fact that a simple bent paperclip could be stuck inside to retain the erase arm in place to make it a regular VHS tape, meant that it was really a desperate attempt that quickly vanished off the market

Continue reading “2View: The Self-Erasing VHS Tape With Paperclip Hack” →

Man-in-the-Middle PCB Unlocks HP Ink Cartridges

September 28, 2024 by Maya Posch 149 Comments

It’s a well-known secret that inkjet ink is being kept at artificially high prices, which is why many opt to forego ‘genuine’ manufacturer cartridges and get third-party ones instead. Many of these third-party ones are so-called re-manufactured ones, where a third-party refills an empty OEM cartridge. This is increasingly being done due to digital rights management (DRM) reasons, with tracking chips added to each cartridge. These chip prohibit e.g. the manual refilling of empty cartridges with a syringe, but with the right tweak or attack can be bypassed, with [Jay Summet] showing off an interesting HP cartridge DRM bypass using a physical man-in-the-middle-attack.

This bypass takes the form of a flex PCB with contacts on both sides which align with those on the cartridge and those of the printer. What looks like a single IC in a QFN package is located on the cartridge side, with space for it created inside an apparently milled indentation in the cartridge’s plastic. This allows is to fit flush between the cartridge and HP inkjet printer, intercepting traffic and presumably telling the printer some sweet lies so that you can go on with that print job rather than dash out to the store to get some more overpriced Genuine HP-approved cartridges.

Not that HP isn’t aware or not ticked off about this, mind. Recently they threatened to brick HP printers that use third-party cartridges if detected, amidst vague handwaving about ‘hackers’ and ‘viruses’ and ‘protecting the users’ with their Dynamic Security DRM system. As the many lawsuits regarding this DRM system trickle their way through the legal system, it might be worth it to keep a monochrome laser printer standing by just in case the (HP) inkjet throws another vague error when all you want is to just print a text document.

Continue reading “Man-in-the-Middle PCB Unlocks HP Ink Cartridges” →

Hacking A Xiaomi Air Purifier’s Filter DRM To Extend Its Lifespan

January 26, 2024 by Maya Posch 10 Comments

When [Unethical Info] was looking at air purifiers a while back, their eye fell on a Xiaomi 4 Pro, with a purchase quickly made. Fast-forward a while and suddenly the LCD on top of the device was showing a threatening ‘0% filter life remaining’ error message. This was traced back to an NFC (NTAG213) tag stuck to the filter inside the air purifier that had been keeping track of usage and was now apparently the reason why a still rather clean filter was forcibly being rejected. Rather than give into this demand, instead the NFC tag and its contents were explored for a way to convince it otherwise, inkjet cartridge DRM-style.

While in the process of reverse-engineering the system and doing some online research, a lucky break was caught in the form of earlier research by [Flamingo Tech] on the Xiaomi Air Purifier 3, who had obtained the password-generating algorithm used with the (password-locked) NFC tag, along with the target area of the filter’s NFC tag to change. Using the UID of the NFC tag, the password to unlock the NFC tag for writing was generated, which requires nothing more than installing e.g. ‘NFC Tools’ on an NFC-capable Android/iOS smartphone to obtain the tag’s UID and reset the usage count on the filter.

A password generating tool is provided with the [Unethical Info] article, and this approach works across a range of Xiaomi air purifiers, making it an easy fix for anyone who owns such a device but isn’t quite ready yet to shell out the big bucks for a fresh DRM-ed filter. This approach also saves one from buying more NFC tags, which was the case with the previous solution.

Polish Train Manufacturer Threatens Hackers Who Unbricked Their Trains

December 14, 2023 by Jenny List 63 Comments

A week ago we covered the story of a Polish train manufacturer who was caught using software to brick their products after they had been repaired by in independent railway workshop. Now 404 Media has a follow-up story with more information, including the news that the hackers responsible for the discovery are now being threatened by the manufacturer.

The more we learn about this story the more interesting it becomes, as the Newag trains in question began failing after service as far back as 2021. In desperation after services were affected by the number of non-functional units, an employee searched online for Polish hackers and found a group called Dragon Sector. The group was able to find the issue, and are now being threatened with legal action by the manufacturer, who are citing possible safety issues.

It’s clear from where we are standing that Newag have been caught red-handed in some extremely dubious practices, and seem to have little sense of how their actions might not be the best in terms of protecting their reputation. We are guessing that the European regulators will become very interested in this case, and that meanwhile the order books of a company which puts DRM in its trains will start to look very empty indeed. You can catch our original coverage as the story broke, here.

Thanks [JohnU] for the tip.

The Deere Disease Spreads To Trains

December 6, 2023 by Jenny List 37 Comments

If the right-to-repair movement has a famous story, it’s the familiar green and yellow John Deere tractor. Farmers and mechanics have done their own repairs as long as there have been tractors, but more recent Deeres have been locked down such that only Deere-authorised agents can fix them. It’s a trend that has hurt the value of a second-had Deere, but despite that it appears to be spreading within the machinery world. Now there’s a parallel on Polish railways, as Polish-made Newag electric passenger trains have been found to give errors when serviced by non-Newag workshops.

At the heart of the problem are the PLCs which control all aspects of a modern rail traction system, which thanks to a trio of Poland and Germany based researchers have been found to play a range of nasty tricks. They’ll return bogus error codes after a set date which would presumably be reset by the official service, if the train has been laid up for a while, or even if they are detected via GPS to have visited a third-party workshop. Their work will be the subject of a talk at 37C3 which should be worth watching out for.

It will be especially interesting to juxtapose the reaction to this revelation with cases such as the Deere tractors, because of course Poland is part of the European Union. We’re not specialist EU competition lawyers, but we know enough to know that the EU takes a dim view of these types of practices and has been strong on the right to repair. Who knows, Polish trains may contribute further to the rights of all Europeans.

2600 Breaks Free From DRM With PDF/EPUB Subscription

July 21, 2023 by Tom Nardi 13 Comments

Hackaday has been online in some form or another since 2004, which for the Internet, makes us pretty damn old. But while that makes us one of the oldest surviving web resources for hacker types, we’ve got nothing on 2600 — they’ve been publishing their quarterly zine since 1984.

While the physical magazine can still be found on store shelves, the iconic publication expanded into digital distribution some time ago, thanks largely to the Kindle’s Newsstand service. Unfortunately, that meant Amazon’s recent decision to shutter Newsstand threatened to deprive 2600 of a sizable chunk of their income. So what would any group of hackers do? They took matters into their own hands and spun-up their own digital distribution system.

As of today you’re able to subscribe to the digital version of 2600 in DRM-free PDF or EPUB formats, directly from the magazine’s official website. Which one you pick largely depends on how you want to read it: those looking for the highest fidelity experience should go with PDF, as it features an identical layout to the physical magazine, while those who are more concerned with how the content looks on their reader of choice would perhaps be better served by the flexibility of EPUB. After signing up you can download the current Summer issue immediately, with future issues hitting your inbox automatically. Load it onto your home-built Open Book, and you can really stick it to the establishment.

While the ending of this story seems to be a happy one, we can’t help but see it as a cautionary tale. How many other magazines would have the means and experience to offer up their own digital subscriptions? Or for that matter, how many could boast readers savvy enough to utilize it? The reality is many publications will be injured by Amazon’s decision, some mortally so. That’s a lot of power to be put into the hands of just one company, no matter how quick the shipping is.