Java Is Now On The Nintendo 64!

Whether it’s your favorite programming language, or your favorite beverage, there’s no denying Java is everywhere. Now, it’s even on the Nintendo 64, thanks to the valiant efforts of [Mike Kohn]. Even better, he’s coded a demo to show off its capabilities!

The project took plenty of work. [Mike] went all the way down to the assembly level to get Java code running on the N64. The project builds on the work that he did previously to get Java running on the PlayStation 2. Notably, both the Sony and Nintendo consoles do have some similarities — both are based on MIPS CPUs.

The demo itself is a work of art. It features the typical “3 billion devices run Java” screen, followed by some truly chunky bass and wailing guitar sounds. It’s followed by all the dancing shapes, sinusoidal text, and bright colors you could shake a stick at.

For those interested in the nitty gritty, [Mike] delves deep into the details of what it took to get everything running. That includes both using the code in an emulator, as well as how to get it going on real Nintendo hardware, something we’ve looked at before.

Continue reading “Java Is Now On The Nintendo 64!”

This Week In Security: OpenSSL Fizzle, Java XML, And Nothing As It Seems

The security world held our collective breaths early this week for the big OpenSSL vulnerability announcement. Turns out it’s two separate issues, both related to punycode handling, and they’ve been downgraded to high severity instead of critical. Punycode, by the way, is the system for using non-ASCII Unicode characters in domain names. The first vulnerability, CVE-2022-3602, is a buffer overflow that writes four arbitrary bytes to the stack. Notably, the vulnerable code is only run after a certificate’s chain is verified. A malicious certificate would need to be either properly signed by a Certificate Authority, or manually trusted without a valid signature.

A couple sources have worked out the details of this vulnerability. It’s an off-by-one error in a loop, where the buffer length is checked earlier in the loop than the length variable is incremented. Because of the logic slip, the loop can potentially run one too many times. That loop processes the Unicode characters, encoded at the end of the punycode string, and injects them in the proper place, sliding the rest of the string over a byte in memory as a result. If the total output length is 513 characters, that’s a single character overflow. A Unicode character takes up four bytes, so there’s your four-byte overflow. Continue reading “This Week In Security: OpenSSL Fizzle, Java XML, And Nothing As It Seems”

Finding Digital Solace In An Old Nokia Phone

We don’t have to tell you that the current mobile phone market is a bit bleak for folks who value things like privacy, security, and open source. While there have been a few notable attempts to change things up, from phone-optimized versions of popular Linux distributions to the promise of modular handsets — we still find ourselves left with largely identical slabs released by a handful of companies which often seem to treat the customer as a product.

Instead of waiting for technological relief that may never come, [vrhelmutt] has decided to take matters into their own hands by looking to the past. Specifically, by embracing the relatively uncommon Nokia Asha 210. Released in 2013, this so-called “feature phone” offers a full QWERTY keyboard, Nokia’s Series 40 operating system, WiFi, Bluetooth, and a removable BL-4U battery. Unfortunately, with 2G cellular networks quickly being shut down, it’s not likely to get a signal for much longer (if at all, depending on where you live).

So why would you want to use some weird old Nokia phone in 2022? [vrhelmutt] argues that there’s a whole world of S40 software out there that can still be put to use, ranging from games to SSH clients. It’s also relatively easy to develop your own S40 applications in Java, with the original software development kit still freely available online. Combined with the solid (if considerably dated) hardware, this makes the Nokia Asha 210 a surprisingly compelling choice for a pocket hacking platform.

Whether you’re looking for a cheap device that will let you chat on IRC from your couch, or want to write your own custom software for controlling your home automation or robotics projects, you might want to check the second-hand market for a Nokia Asha 210. Or if you’re eager to get experimenting immediately, [vrhelmutt] is actually selling these phones pre-loaded with a wide array of games and programs. Don’t consider this to be an official endorsement; frankly we’re not feeling too confident about the legality of redistributing all this software, but at least it’s an option for those looking to get off the modern smartphone thrill-ride.

If you’re looking for something even farther removed from today’s mobile supercomputers, perhaps we could interest you in the Rotary Un-Smartphone.

Continue reading “Finding Digital Solace In An Old Nokia Phone”

Porting DOOM But In The Opposite Direction

DOOM was first released for MS-DOS, and is one of the pillar titles of the broader first-person-shooter genre. It’s also become a bit of a meme for being ported to any and every weird platform under the sun. Now, a group of developers in Costa Rica have found a way to flip that joke around – by porting an old mobile DOOM game back to the PC.

The game in question is DOOM RPG, made for BREW and Java-compatible phones in 2005. A group named GEC.inc has taken that game and ported it to Windows, outlining their work on the Doomworld forums. As with many such projects, the port is freely available, but doesn’t include the raw game files themselves due to copyright. You’ll have to find the gamedata yourself, and combine it with the files the group published on the forum to get it to work on a modern PC.

For those that have missed the turn-based role playing game based in the DOOM universe (Doomiverse?), today is a good day. No longer must you pine for your ancient, crusty Java smartphone of yesteryear. Now you can play the game on a less awful platform, and listen to the unique and compelling MIDI-esque soundtrack.

Doom ports are hot right now, whether it’s to forgotten Apple OSes or Sega arcade hardware. Video after the break.

Continue reading “Porting DOOM But In The Opposite Direction”

New Release Of FidoCadJ Draws Schematics Everywhere

Do you remember drawing your first schematic? Presumably you used a pen or a pencil and some kind of paper. Schematic capture software, though, makes it so much easier to draw schematics. There are many to choose from, but we spent some time checking out FidoCadJ and found it capable. Of course, there are many other options, but we did like that FidoCadJ runs locally and since it uses Java will run on just about any computer. Since it is open-source, you can modify it and you don’t have to worry about licensing it for your many computers or your team.

The program is a JAR file, and our first attempt to run it ran afoul of our older Java version that was the default Java Runtime Environment. But that was easy to fix, especially since a newer version was there, just not the default.

Continue reading “New Release Of FidoCadJ Draws Schematics Everywhere”

PHONK – A Hacker’s Fun Shortcut To Android Programming

As the common myth goes, the average human utilizes only about 10% of the true potential their smartphone is capable of. Especially when it comes to electronics projects, it seems that we often overlook how we can integrate and take advantage of their functionality here. Maybe that’s not a big surprise though — while it isn’t rocket science, getting into mobile development certainly has its hurdles and requires a bit of commitment. [Victor Diaz] figured there had to be a better way, so he went on and created PHONK, the self-contained creative scripting toolbox for Android.

PHONK is installed like any other app, and allows rapid prototyping on your Android device via JavaScript by abstracting away and simplifying the heavily boilerplated, native Java parts. So instead of setting up an app from scratch with all the resources defining, UI design, activity and application lifecycle management — not to mention the Android development environment itself — PHONK takes care of all that behind the curtain and significantly reduces the amount of code required to achieve the task you’re actually interested in. In case you’re worrying now that you have to actually program on your phone, well, you can, which can definitely come in handy, but you don’t have to.

Once the app is opened, a web server is started, and connecting to it from any modern browser within the same WiFi network presents you the PHONK development environment with everything you need: editor, file browser, console, and API documentation. You can write your code in the browser, and pressing the run button will execute it straight on the device then. As everything is self-contained within the app itself, no additional software is required, and you can start right away by exploring the set of provided examples that showcase everything supported so far: sensor interaction, BLE server and client, communication protocols like MQTT or WebSockets, OpenStreetMap maps, and even integration with Pure Data and Processing. Attach a USB OTG cable and you can program your Arduino, have serial communication, or interface a IOIO board. You can even connect a MIDI controller.

This is really impressive work done by [Victor], and a lot of attention to detail went into the development. If you have an old Android phone collecting dust somewhere, this would be a great opportunity to revive it and build something with it. And as [Victor] writes on the project’s GitHub page, he’s always curious what people will come up with. If you’re thinking about building a mobile sensor lab, or want to learn more about the sensors inside your phone, have a look at the 36C3 talk about phyphox.

Samsung’s Leap Month Bug Teaches Not To Skimp On Testing

Date and time handling is hard, that’s an ugly truth about software development we’ll all learn the hard way one day. Sure, it might seem like some trivial everyday thing that you can easily implement yourself without relying on a third-party library. I mean, it’s basically just adding seconds on top of one another, roll them over to minutes, and from there keep rolling to hours, days, months, up until you hit the years. Throw in the occasional extra day every fourth February, and you’re good to go, right?

Well, obviously not. Assuming you thought about leap years in the first place — which sadly isn’t a given — there are a few exceptions that for instance cause the years 1900 and 2100 to be regular years, while the year 2000 was still a leap year. And then there’s leap seconds, which occur irregularly. But there are still more gotchas lying in wait. Case in point: back in May, a faulty lunar leap month handling in the Chinese calendar turned Samsung phones all over China into bricks. And while you may not plan to ever add support for non-Gregorian calendars to your own project, it’s just one more example of unanticipated peculiarities gone wild. Except, Samsung did everything right here.

So what happened?

Continue reading “Samsung’s Leap Month Bug Teaches Not To Skimp On Testing”