38C3: Xobs On Hardware Debuggers

If you just want to use a debugger for your microcontroller project, you buy some hardware device, download the relevant driver software, and fire up GDB. But if you want to make a hardware debugger yourself, you need to understand the various target chips’ debugging protocols, and then you’re deep in the weeds. But never fear, Sean [Xobs] Cross has been working on a hardware debugger and is here to share his learnings about the ARM, RISC-V, and JTAG debugging protocols with us.

He starts off with a list of everything you need the debugger hardware to be able to do: peek and poke memory, read and write to the CPU registers, and control the CPU’s execution state. With that simple list of goals, he then goes through how to do it for each of the target chip families. We especially liked [Xobs]’s treatment of the JTAG state machine, which looks pretty complicated on paper, but in the end, you only need to get it in and out of the shift-dr and shift-ir states.

Continue reading “38C3: Xobs On Hardware Debuggers”

Torque Testing 3D Printed Screws

Unless you’ve got a shop with a well-stocked hardware bin, it’s a trip to the hardware store when you need a special screw. But [Sanford Prime] has a different approach: he prints his hardware, at least for non-critical applications. Just how much abuse these plastic screws can withstand was an open question, though, until he did a little torque testing to find out.

To run the experiments, [Sanford]’s first stop was Harbor Freight, where he procured their cheapest digital torque adapter. The test fixture was similarly expedient — just a piece of wood with a hole drilled in it and a wrench holding a nut. The screws were FDM printed in PLA, ten in total, each identical in diameter, length, and thread pitch, but with differing wall thicknesses and gyroid infill percentages. Each was threaded into the captive nut and torqued with a 3/8″ ratchet wrench, with indicated torque at fastener failure recorded.

Perhaps unsurprisingly, overall strength was pretty low, amounting to only 11 inch-pounds (1.24 Nm) at the low end. The thicker the walls and the greater the infill percentage, the stronger the screws tended to be. The failures were almost universally in the threaded part of the fastener, with the exception being at the junction between the head and the shank of one screw. Since the screws were all printed vertically with their heads down on the print bed, all the failures were along the plane of printing. This prompted a separate test with a screw printed horizontally, which survived to a relatively whopping 145 in-lb, which is twice what the best of the other test group could manage.

[Sanford Prime] is careful to note that this is a rough experiment, and the results need to be taken with a large pinch of salt. There are plenty of sources of variability, not least of which is the fact that most of the measured torques were below the specified lower calibrated range for the torque tester used. Still, it’s a useful demonstration of the capabilities of 3D-printed threaded fasteners, and their limitations.

Continue reading “Torque Testing 3D Printed Screws”

Ethernet From First Principles

For someone programming in a high-level language like Python, or even for people who interact primarily with their operating system and the software running on it, it can seem like the computer hardware is largely divorced from the work. Yes, the computer has to be physically present to do something like write a Hackaday article, but most of us will not understand the Assembly language, machine code, or transistor layout well enough to build up to what makes a browser run. [Francis Stokes] is a different breed, though, continually probing these mysterious low-level regions of our computerized world where he was recently able to send an Ethernet packet from scratch.

Continue reading “Ethernet From First Principles”

This Week In Security: Hardware Attacks, IoT Security, And More

This week starts off with examinations of a couple hardware attacks that you might have considered impractical. Take a Ball Grid Array (BGA) NAND removal attack, for instance. The idea is that a NAND chip might contain useful information in the form of firmware or hard-coded secrets.

The question is whether a BGA desolder job puts this sort of approach out of the reach of most attackers. Now, this is Hackaday. We regularly cover how our readers do BGA solder jobs, so it should come as no surprise to us that less than two-hundred Euro worth of tools, and a little know-how and bravery, was all it took to extract this chip. Plop it onto a pogo-pin equipped reader, use some sketchy Windows software, and boom you’ve got firmware.

What exactly to do with that firmware access is a little less straightforward. If the firmware is unencrypted and there’s not a cryptographic signature, then you can just modify the firmware. Many devices include signature checking at boot, so that limits the attack to finding vulnerabilities and searching for embedded secrets. And then worst case, some platforms use entirely encrypted firmware. That means there’s another challenge, of either recovering the key, or finding a weakness in the encryption scheme. Continue reading “This Week In Security: Hardware Attacks, IoT Security, And More”

3D Printed Hardware Sorter Keeps It Simple

If you’re like us, you’ve got at least one bin dedicated to keeping the random hardware you just can’t bear to part with. In our case it’s mostly populated with the nuts and bolts left over after finishing up a car repair, but however it gets filled, it’s a mess. The degree to which you can tolerate this mess will vary, but for [EmGi], even a moderately untidy pile of bolts was enough to spur this entirely 3D-printed mechanical bolt sorter.

The elements of this machine bear a strong resemblance to a lot of the sorting mechanisms we’ve seen used on automated manufacturing and assembly lines. The process starts with a hopper full of M3 cap head bolts of varying lengths, which are collated by a pair of elevating platforms. These line up the bolts and lift them onto a slotted feed ramp, which lets them dangle by their heads and pushes them into a fixture that moves them through a 90° arc and presents them to a long sorting ramp. The ramp has a series of increasingly longer slots; bolts roll right over the slots until they find the right slot, where they fall into a bin below. Nuts can also feed through the process and get sorted into their own bin.

What we like about [EmGi]’s design is its simplicity. There are no motors, bearings, springs, or other hardware — except for the hardware you’re sorting, of course. The entire machine is manually powered, so you can just grab a handful of hardware and start sorting. True, it can only sort M3 cap head bolts, but we suspect the design could be modified easily for other sizes and styles of fasteners. Check it out in action in the video below.

Just because it’s simple doesn’t mean we don’t like more complicated hardware sorters, like the ones [Christopher Helmke] builds.

Continue reading “3D Printed Hardware Sorter Keeps It Simple”

A Robust Guide To The Xbox 360 Glitch Hack

The Xbox 360 was a difficult console to jailbreak. Microsoft didn’t want anyone running unsigned code, and darn if they didn’t make it difficult to do so. However, some nifty out of the box thinking and tricky techniques cracked it open like a coconut with a crack in it. For the low down, [15432] has a great in-depth article on how it was achieved. The article is in Russian, so you’ll want to be armed with Google Translate for this one.

The article gets right into the juice of how glitch attacks work—in general, and with regards to the Xbox 360. In the specific case of the console, it was all down to the processor’s RESET line. Flicker it quickly enough, and the processor doesn’t actually reset, but nonetheless its behavior changes. If you time the glitch right, you can get the processor to continue running through the bootloader’s instructions even if a hash check instruction failed. Of course, timing it right was hard, so it helps to temporarily slow down the processor.

From there, the article continues to explore the many and varied ways this hack played out against Microsoft’s copy protection across multiple models and revisions of the Xbox 360. The bit with the BGA ball connections is particularly inspired. [15432] also goes even deeper into a look at how the battle around the Xb0x 360’s DVD-ROM drive got heated.

We seldom talk about the Xbox 360 these days, but they used to grace these pages on the regular. Video after the break.

Continue reading “A Robust Guide To The Xbox 360 Glitch Hack”

Teardowns Show Off Serious Satellite Hardware

As hackers, we’re always pulling stuff apart—sometimes just to see what it’s like inside. Most of us have seen the inside of a computer, television, and phone. These are all common items that we come into contact with every day. Fewer of us have dived inside real spacey satellite hardware, if only for the lack of opportunity. Some good gear has landed on [Don]’s desk over the years though, so he got to pulling it apart and peering inside.

[Don] starts us off with a gorgeous… box… of some sort from Hughes Aircraft. He believes it to be from their Space & Communications group, and it seems to have something to do with satellite communications work. Externally, he gleans that it takes power and data hookups and outputs RF to, something… but he’s not entirely sure. Inside, we get a look at the old 90s electronics — lots of through hole, lots of big chunky components, and plenty of gold plating. [Don] breaks down the circuitry into various chunks and tries to make sense of it, determining that it’s got some high frequency RF generators in the 20 to 40 GHz range.

Scroll through the rest of [Don]’s thread and you’ll find more gems. He pulls apart a microwave transmitter from Space Micro — a much newer unit built somewhere around 2008-2011. Then he dives into a mysterious I/O board from Broad Reach, and a very old Hughes travelling wave tube from the 1970s. The latter even has a loose link to the Ford Motor Company, believe it or not.

Even if you don’t know precisely what you’re looking at, it’s still supremely interesting stuff—and all very satellite-y. We’ve seen some other neat satellite gear pulled apart before, too. Meanwhile, if you’ve been doing your own neat teardowns, don’t hesitate to let us know!