Most of us are familiar with virtual machines (VMs) as a way to test out various operating systems, reliably deploy servers and other software, or protect against potentially malicious software. But virtual machines aren’t limited to running full server or desktop operating systems. This tiny VM is capable of deploying software on less powerful systems like the Raspberry Pi or AVR microcontrollers, and it is exceptionally fast as well.
The virtual machine is built from scratch, including the RISC processor with only 61 opcodes, a 64 bit core, and runs code written in his own programming language called “Brackets” or in assembly. It’s designed to be modular, so only those things needed for a given application are loaded into the VM. With these design criteria it turns out to be up to seven times as fast as comparably small VMs like NanoVM. The project’s creator, [koder77], has even used its direct mouse readout and joystick functionality to control a Raspberry Pi 3D camera robot.
For anyone looking to add an efficient VM to a small computing environment, [koder77] has made the project open-source on his GitHub page. This also includes all of the modules he has created so far which greatly expand the project’s capabilities. For some further reading on exceedingly tiny virtual machines, we featured this project way back in 2012 which allows users to run Java on similar hardware.
In it, the user is challenged in their knowledge of how to use the ubiquitous
curl in a variety of different ways. Perhaps this doesn’t sound terribly daunting, especially if your knowledge of curl is limited to knowing it is a command-line tool to fetch something from a web server. But curl has a staggering number of features. The man page is over 4500 lines in length. The software’s main site offers a (free) 250+ page guide on how to use curl and libcurl. Reflecting on this is exactly what led [Ben] to create his challenge.
It’s a wonderful piece of work, but things get really interesting once [Ben] starts talking about the infrastructure behind it all. At its core the game works by giving the user a problem and a virtual machine, and catching outgoing HTTP calls to see whether they look correct. If the outgoing HTTP call is the right solution for the problem, terminate the current VM and start up the next one with the next problem. He’s put a lot of work into getting suitable VMs up and running quickly, securely, and properly isolated. The code can be found on the project’s GitHub repository for those who want a closer look.
But that’s not all. [Ben] says that in the past he’s had a bad habit of presenting interactive features in his blog posts that can’t keep up with sudden demand. So to address that, the system auto-scales as needed with a small Linux cluster; small brick-sized PCs are started and shut down automatically to meet demand. Hey, the only thing cooler than a functioning cluster is a cluster doing an actual job, like this one that detects NSFW images.
A surprising number of projects here are in some way influenced by the webcomic xkcd, but usually not as directly as this. Comic 350, “Network” is the tale of a very odd stickman who keeps multiple VMs running an unprotected, old version of Windows. Between the VMs, they have virtually every virus and are, effectively, a computer virus aquarium.
Now it’s a real thing, and best of all, it’s open to the Internet for normal humans to view, complete with screencaps of all seven nodes updated every 30 seconds, the ability to view all processes on each node, and anyone on the Internet can upload any file to a node. All the files uploaded to the nodes are executed, so you get to see in real-time what the effects of “1TB_of_porn_this_took_a_while_to_upload.exe” are on node 3.
The idea of a virus aquarium is cool, but this actually gets much, much more interesting when the project metas itself. Every 24 hours, a virus scanner runs on each node. As of right now, all the nodes are clean making this not a virus aquarium, but a script kiddie aquarium. On at least one node, TeamViewer is running but your guess is as good as mine as to how anyone will get that working.
Continue reading “Xkcd’s Virus Aquarium Made Real”
[Cyber Explorer] recently ditched his collection of physical computers acting as servers by virtualizing the lot of them. But with every change there’s a drawback. Although it wasn’t too hard for him to set up the virtual machines, he did end up spending quite a bit of time trying to improve the bandwidth. Luckily he posted an article chronicling all of the VM tweaks he used to improve the system.
The experience involves both a Windows 8 machine, as well as a some Linux boxes meaning there’s something here for everybody. At each step in the process he performs some throughput tests to see how the boxes are performing. Tweaks are numerous, but include trying out different Ethernet drivers, making sure all modules are up to date, squashing at least one bug, and giving jumbo-frames a try.
[Clifford Wolf] wrote in to let us know about a project he recently completed called EmbedVM. It’s a virtual machine for AVR microcontrollers. The package has a relatively small overhead, taking up about 3kB of program memory. The VM can execute 74,000 instructions per second, and runs asynchronously from the microcontroller. As [Clifford] demonstrates in the videos after the break, this can be handy for preloading commands to prevent slowdown during heavy VM processor loads.
The snippet in the image above is an example program written in the C-like VM code which will play some [Rick Astley] on a speaker. This code can be run from RAM, EEPROM, or even external storage like an SD card. Recently there was a supplemental compiler project that even takes Python code and compiles it into VM byte-code. What a nice abstraction tool for making inexpensive microcontroller-based designs easily programmable for those that have a bit of Python experience.
If you don’t recognize the name, [Clifford Wolf] is also the author of OpenSCAD, a tool that is quite popular with 3D printing.
Continue reading “Virtual Machine For Microcontrollers Lets You Run Python On AVR Chips”
Capture the Flag (CTF) is a long running tradition at hacker conventions. It pits teams of security researchers against each other on the same network. Every team gets an identical virtual machine image. The VM has a set of custom written services that are known to be vulnerable. The teams work to secure their image while simultaneously exploiting services on the machines of other teams. A scoring server monitors the match as it progresses and awards points to teams for keeping their services up and also for stealing data from their competitors.
The Chaos Communication Congress in Berlin December 27-30, 2008 will host a CTF competition. Most CTF matches are done head to head in the same room. While 25C3 will have local teams, it will also be wide open for international teams to compete remotely. Remote teams will host their own images on a VPN with the other competitors. Now is a good time to register and familiarize yourself with the scoring system. It will certainly be interesting to see how this competition plays out now that teams that can’t make the trip can still compete.