One of the great predictions of desktop computing from the mid 1990s was that we would all move to so-called thin clients, stripped-out desktop computers containing only processor, display driver, and peripheral interfaces, that would call up their applications not from a local hard disk but from a remote server. It was one that was never fulfilled in quite the way its proponents envisaged, but a business thin client hardware market did emerge for the likes of Citrix sharing of Windows applications. In a sense we have reached the same point through cloud-based in-browser applications such as Google Apps or Office 365, though even with newer thin client hardware such as the Chromebook these are still largely used on more traditional machines.
Even though thin clients never took the world by storm, it is still not unusual to encounter the hardware once it has outlived its usefulness. A surplus Sun Ray 270 all-in-one thin client came [Evan Allen]’s way, and to make something useful from it he converted it into a Raspberry Pi workstation.
The Sun Ray 270 has a MIPS processor board integrated into a 17 inch monitor. [Evan] was fortunate enough to find a generic HDMI controller board for its LCD panel, so was able to dispense with the MIPS board entirely and couple the controller with an automatic HDMI switch. This allows him to use the device both as a Raspberry Pi and as a monitor.
This may not rank among the most epic hacks ever, but it has delivered [Evan] a useful computer and it’s reminding the rest of us that these thin clients can be repurposed. So if one lands on your bench, look at it with fresh eyes.
Of course, if you have a Pi in a thin client, you could always take it full circle and use it to run a thin client.
It is funny how many times you use your full-blown PC as a terminal to another computer (which is quite often not as capable as the terminal computer). If all you need is a remote display and keyboard, a Raspberry PI would be enough. One of the newer Pi 2 boards would be even better.
You could roll your own set of remote access software, but you don’t have to. [Gibbio] has already created a thin client image called RPiTC and recently released version 1.4. The build supports diverse remote protocols including Microsoft Remote Desktop, Citrix, VMWare, and even X3270.
It supports WiFi and VPN. We were a little disappointed that it didn’t seem to have any serial communication programs (in case we wanted to build one into an old TeleType case). Of course, it is just a Linux system so you can install anything you want or need.
Continue reading “New Version Of Raspberry Pi Thin Client”
[Roberto] recently discovered a clever way to gain root access to an HP t520 thin client computer. These computers run HP’s ThinPro operating system. The OS is based on Linux and is basically just a lightweight system designed to boot into a virtual desktop image loaded from a server. [Roberto’s] discovery works on systems that are running in “kiosk mode”.
The setup for the attack is incredibly simple. The attacker first stops the virtual desktop image from loading. Then, the connection settings are edited. The host field is filled with garbage, which will prevent the connection from actually working properly. The real trick is in the “command line arguments” field. The attacker simply needs to add the argument “&& xterm”. When the connection is launched, it will first fail and then launch the xterm program. This gives the attacker a command shell running under the context of whichever user the original software is running as.
The next step is to escalate privileges to root. [Roberto] discovered a special command that the default user can run as root using sudo. The “”hpobl” command launches the HP Easy Setup Wizard. Once the wizard is opened, the attacker clicks on the “Thank You” link, which will then load up the HP website in a version of Firefox. The final step is to edit Firefox’s default email program association to xterm. Now when the attacker visits an address like “mailto:firstname.lastname@example.org”, Firefox (running as root) launches xterm with full root privileges. These types of attacks are nothing new, but it’s interesting to see that they still persist even in newer software.
While watching his thin client boot up [Nav] noticed that it’s using some type of Linux kernel. He wondered if it were possible to run a full-blow desktop distribution on the device. A little poking around he got a Debian desktop distribution running on a thin client.
The hardware he’s working with is an HP t5325. It’s meant to be a dumb client, connecting to a backend machine like a Windows Terminal Server or via SSH. But it’s got a 1.2 GHz ARM processor and [Nav’s] preliminary investigations revealed the it’s running a version of Debian for ARM. He used CTRL-C during the boot sequence to derail that process and dump him to a shell. The login was easy enough to guess as the username and password are both ‘root’.
Once he’s got that root access it was slash and burn time. He got rid of the HP-specific setup and made way for additional Debian modules like the apt system. This isn’t trivial, but he’s worked out a bunch of sticking points which makes the process easier. With the repository tools loaded you can install Xserver and Gnome for a full-blown desktop on the embedded hardware.
[Bissinblob] has about 70 of these WYSE 3125SE thin clients and is offering them up at $15 a piece plus shipping. That’s quite a steal!
The specs are as follows:
- NS Geode GX1 core (SC2200)266Mhz
- Flash 32MB
- RAM 64MB
- Video 1280×1024(at 8-bit color), 1024×768 (at 16-bit)
- 10/100 network
- 3x usb
- 1x serial
- 1x parallel
- 2x PS/2
Be sure to let us know what you’re doing with them if you happen to get one. If you have something lying around that needs to go, feel free to post it on our classifieds.
[David Cranor], along with [Max Lobovsky’s] help, managed to build a thin client that uses an NTSC television as a monitor for only $6. This is his first foray into the world of ARM architecture and he has vowed to never use an AVR again. The powerful little chip uses timers to manage sync and DMA to transfer the full 480×240 frame buffer to the screen. Overclocked at 80 MHz there’s a lot of potential in this little board and he plans to take on the challenge of a full-color display for his next trick.
[Jim] was the happy recipient of 11 non working Itona VXL thin clients. The units he received were 800Mhz CPUs with 256 MB of Ram and 256MB of storage. None would power up. Upon internal inspection, he found a common theme. Leaky bulging capacitors in the power supplies. Since these came with custom 50W power supplies, he opted to simply replace the caps instead of replacing the supplies themselves. Now he has 11 fully functional units. There are great pictures and lots of info on his site, but what he doesn’t talk about is what he’s going to do with them.
Why don’t you pop on over to our Hacker Q&A and tell us what you would do with them.