Making a copy of a purchased game used to be as simple as copying a disk. As the game industry grew, so did fear of revenue loss which drove investment in countermeasures. These mainly consisted of preventing the easy duplication of magnetic diskettes, or having users jump through tiresome hoops like entering specific words from the printed manual. These measures rarely posed much of a challenge to the dedicated efforts of crackers, but the copy protection in the classic 80s game Dungeon Master for the Atari ST and Amiga was next-level. It implemented measures that went well beyond its contemporaries, and while it was eventually defeated, it took about a year to happen. In an era where games were cracked within days or even hours of release, that was remarkable.
Dungeon Master was a smash hit at the time, and while the details of its own brand of what we would now call DRM may not be new, this video presentation by [Modern Vintage Gamer] (YouTube link) does a wonderful job of stepping through everything it did, and begins with an informative tour of copy protection efforts of the era for context.
When you think of a software defined radio (SDR) setup, maybe you imagine an IC or two, maybe feeding a computer. You probably don’t think of a vacuum tube. [Mirko Pavleski] built a one-tube shortwave SDR using some instructions from [Burkhard Kainka] which are in German, but Google Translate is good enough if you want to duplicate his feat. You can see a video of [Mirko’s] creation, below.
The build was an experiment to see if a tube receiver could be stable enough to receive digital shortwave radio broadcasts. To avoid AC line hum, the radio is battery operated and while the original uses an EL95 tube, [Mirko] used an EF80.
Modern agricultural equipment has come a long way, embracing all kinds of smart features and electronic controls. While some manufacturers would prefer to be the sole gatekeepers of the access to these advanced features, that hasn’t stopped curious and enterprising folks from working on DIY solutions. One such example is this self-steering tractor demo by [Coffeetrac], which demonstrates having a computer plot and guide a tractor through an optimal coverage pattern.
A few different pieces needed to come together to make this all work. At the heart of it all is [Coffeetrac]’s ESP32-based Autosteer controller, which is the hardware that interfaces to the tractor and allows for steering and reading sensors electronically. AgOpenGPS is the software that reads GPS data, interfaces to the Autosteer controller, and tells equipment what to do; it can be thought of as a mission planner.
[Coffeetrac] put it all together with everything controlled by a tablet mounted in the tractor’s cab. The video is embedded below, complete with a “cockpit view” via webcam right alongside the plotted course and sensor data.
Amazon might not be happy about it, but at least part of the success of their Fire TV Stick was due to the large hacking and modification scene that cropped up around the Android-powered device. A quick search on YouTube for “Fire Stick Hack” will bring up a seemingly endless array of videos, some with millions of views, which will show viewers how to install unofficial software on the little media dongle. Now it looks like their latest media device, the Fire TV Cube, is starting to attract the same kind of attention.
The team at [Exploitee.rs] has recently taken the wraps off their research which shows the new Fire TV Cube can be rooted with nothing more than an Arduino and an HDMI cable you’re willing to cut apart. Of course, it’s a bit more complicated than just that, but between the video they’ve provided and their WiKi, it looks like all the information is out there for anyone who wants to crack open their own Cube. Just don’t be surprised if it puts you on the Amazon Naughty List.
The process starts by putting the device’s Amlogic S905Z into Device Firmware Upgrade (DFU) mode, which is done by sending the string “boot@USB” to the board over the HDMI port’s I2C interface. That’s where the HDMI cable comes in: you can cut into one and wire it right up to your Arduino and run the sketch [Exploitee.rs] has provided to send the appropriate command. Of course, if you want to get fancy, you could use an HDMI breakout board instead.
With the board in DFU mode in you gain read and write access to the device’s eMMC flash, but that doesn’t exactly get you in because there’s still secure boot to contend with. But as these things tend to go, the team was able to identify a second exploit which could be used in conjunction with DFU mode to trick the device into disabling signature verification. Now with the ability to run unsigned code on the Fire TV Cube, [Exploitee.rs] implemented fastboot to make it easier to flash their custom rooted firmware images to the hardware.
This year’s Digital Millennium Copyright Act (DMCA) triennial review (PDF, legalese) contained some great news. Particularly, breaking encryption in a product in order to repair it has been deemed legal, and a previous exemption for reverse engineering 3D printer firmware to use the filament of your choice has been broadened. The infosec community got some clarification on penetration testing, and video game librarians and archivists came away with a big win on server software for online games.
However, the new right to repair clause seems to be restricted to restoring the device in question to its original specifications; if you’d like to hack a new feature into something that you own, you’re still out of luck. And while this review was generally favorable of opening up technology to enable fair use, they didn’t approve Bunnie Huang’s petition to allow decryption of the encryption method used over HDMI cables, so building your own HDMI devices that display encrypted streams is still out. And the changes to the 3D printer filament exemption is a reminder of the patchwork nature of this whole affair: it still only applies to 3D printer filament and not other devices that attempt to enforce the use of proprietary feedstock. Wait, what?
Finally, the Library of Congress only has authority to decide which acts of reverse engineering constitute defeating anti-circumvention measures. This review does not address the tools and information necessary to do so. “Manufacture and provision of — or trafficking in — products and services designed for the purposes of circumvention…” are covered elsewhere in the code. So while you are now allowed decrypt your John Deere software to fix your tractor, it’s not yet clear that designing and selling an ECU-unlocking tool, or even e-mailing someone the decryption key, is legal.
Could we hope for more? Sure! But making laws in a country as large as the US is a balancing act among many different interests, and the Library of Congress’s ruling is laudably clear about how they reached their decisions. The ruling itself is worth a read if you want to dive in, but be prepared to be overwhelmed in apparent minutiae. Or save yourself a little time and read on — we’ve got the highlights from a hacker’s perspective.
The CatGenie is an amazing device to watch in action, basically a self-cleaning litter box for cats that even does away with the need to replace the litter. It’s comparable to what the indoor flush toilet is for humans compared to maintaining a composting toilet. However, there is a problem. It uses costly soap cartridges which have to be replaced because an RFID reader and a usage counter prevent you from simply refilling them yourself.
The RFID reader board communicates with the rest of the CatGenie using I2C and he needed to know what was being transmitted. To do that he learned how to use a cheap logic analyzer to read the signals on the I2C wires, which makes this an interesting story. You can see the logic analyser output on his blog and GitHub repository along with mention of a timing issue he ran into. From what he learned, he wrote up Arduino code which sends the same signals. He and his cat are now sitting pretty.
What he didn’t do is make a video. But the CatGenie really is amazing to watch in action as it goes through its rather complex 30-35 minute process so we found a video of it doing its thing, shown at 3.5x speed, and included that below. If you’re into that sort of thing.
Oh, for the old days when sailing the seas of piracy was as simple as hooking a couple of VCRs together with a dubbing cable. Sure, the video quality degraded with each generation, but it was so bad to start out with that not paying $25 for a copy of “Ghostbusters” was a value proposition. But then came The Man with all his “rules” and “laws” about not stealing, and suddenly tapes weren’t so easy to copy.
If you’ve ever wondered how copy protection worked in pre-digital media, wonder no more. [Technology Connections] has done a nice primer on one of the main copy protection scheme from the VHS days. It was dubbed “Analog Protection System” or “Analog Copy Protection” by Macrovision, the company that developed it. Ironically, Macrovision the company later morphed into the TiVo Corporation.
The idea for Macrovision copy protection was to leverage the difference between what a TV would accept as a valid analog signal and what the VCR could handle. It used the vertical blanking interval (VBI) in the analog signal, the time during which the electron beam returns to the top of the frame. Normally the VBI has signals that the VCR uses to set its recording levels, but Macrovision figured out that sending extra signals in the VBI fooled the VCR’s automatic gain controls into varying the brightness of the recorded scenes. They also messed with the vertical synchronization, and the effect was to make dubbed tapes unwatchable, even by 1985 standards.
Copy protection was pretty effective, and pretty clever given the constraints. With Digital Rights Management, it’s easier to put limits on almost anything — coffee makers, arcade games, and even kitty litter all sport copy protection these days. It almost makes us nostalgic for the 80s.