For many of us, the social distancing procedures being used to help control the spread of COVID-19 have been a challenge. We can’t go to our hackerspaces, major events have been postponed or canceled entirely, and even getting parts has become difficult due to the immense pressure currently being placed on retailers and delivery services.…
Join us on Wednesday, March 25 at noon Pacific for the Side-Channel Attacks Hack Chat with Samy Kamkar!
In the world of computer security, the good news is that a lot of vendors are finally taking security seriously now, with the result that direct attacks are harder to pull off. The bad news is that in a lot of cases, they’re still leaving the side-door wide open. Side-channel attacks come in all sorts of flavors, but they all have something in common: they leak information about the state of a system through an unexpected vector. From monitoring the sounds that the keyboard makes as you type to watching the minute vibrations of a potato chip bag in response to a nearby conversation, side-channel attacks take advantage of these leaks to exfiltrate information.
Side-channel exploits can be the bread and butter of black hat hackers, but understanding them can be useful to those of us who are more interested in protecting systems, or perhaps to inform our reverse engineering efforts. Samy Kamkar knows quite a bit more than a thing or two about side-channel attacks, so much so that he gave a great talk at the 2019 Hackaday Superconference on just that topic. He’ll be dropping by the Hack Chat to “extend and enhance” that talk, and to answer your questions about side-channel exploits, and discuss the reverse engineering potential they offer. Join us and learn more about this fascinating world, where the complexity of systems leads to unintended consequences that could come back to bite you, or perhaps even help you.
Our Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, March 25 at 12:00 PM Pacific time. If time zones have got you down, we have a handy time zone converter.
Click that speech bubble to the right, and you’ll be taken directly to the Hack Chat group on Hackaday.io. You don’t have to wait until Wednesday; join whenever you want and you can see what the community is talking about
OSHdata published 2020 report about the State of Open Source Hardware and we [Olimex] are extremely proud to be #1 OSHW contributor at OSHWA certification directory. There is another company from Plovdiv which is #7 – ANAVI Technology, congratulations Leon! You seems to be two positions ahead of Google LLC 🙂
Having found success in different areas, it’s a pleasure to hear from Erika Earl, Paul Beech, and Spencer Owen during a panel discussion at the 2019 Hackaday Superconference. Led by Tindie’s Jasmine Brackett, the panel covers some of the background needed to develop a product and get it into the hands of your customers.
Erika’s origin story begins with an interest in electronics during her teenage years that led to work in recording studios. It seems nobody on staff there was interested in repairing anything. Every company needs a hacker to make sure everything continues to work and she decided to take on the role.
From there Erika found her way into the world of manufacturing and has never looked back. You may remember hearing some of her experiences in her 2016 Hackaday Supercon talk on turning your manufacturing mistakes in a learning experience. During this panel she recounts one particularly painful experience when over-torque on a six-layer PCB damaged traces and led to extensive manual rework; always include a torque-spec!
The idea of InspectAR is to use augmented reality to help work with and debug electronics. It’s a powerful suite of tools that enable the live overlay of graphics on a video feed of a circuit board, enabling the user to quickly and effectively trace signals, identify components, and get an idea of what’s what. Usable with a smartphone or a webcam, the aim is to improve collaboration and communication between engineers by giving everyone a tool that can easily show them what’s going on, without requiring everyone involved to run a fully-fledged and expensive electronics design package.
The Supercon talk served to demonstrate some of the capabilities of InspectAR with an Arduino Uno. With a few clicks, different pins and signals can be highlighted on the board as Mihir twirls it between his fingers. Using ground as an example, Mihir first highlights the entire signal. This looks a little messy, with the large ground plane making it difficult to see exactly what’s going on. Using an example of needing a point to attach to for an oscilloscope probe, [Mihir] instead switches to pad-only mode, clearly revealing places where the user can find the signal on bare pads on the PCB. This kind of attention to detail shows the strong usability ethos behind the development of InspectAR, and we can already imagine finding it invaluable when working with unfamiliar boards. There’s also the possibility to highlight different components and display metadata — which should make finding assembly errors a cinch. It could also be useful for quickly bringing up datasheets on relevant chips where necessary.
Some people like to do things the hard way. Maybe they drive a manual transmission, or they bust out the wire wrap tool instead of a soldering iron, or they code in assembly to stay close to the machine. Doing things the hard way certainly has its merits, and we are not here to argue about that. Scott Shawcroft — project lead for CircuitPython — on the other hand, makes a great case for doing things the easy way in his talk at the 2019 Hackaday Superconference.
In fact, he proved how easy it is right off the bat. There he stood at the podium, presenting in front of a room full of people, poised at an unfamiliar laptop with only the stock text editor. Yet with a single keystroke and a file save operation, Scott was able make the LEDs on his Adafruit Edge Badge — one of the other pieces of hackable hardware in the Supercon swag bag — go from off to battery-draining bright.
Last year’s Hackaday Superconference badge was an electronic tour de force, packing an ECP5 FPGA shoehorned into a Game Boy-like form factor and shipping with a RISC-V core installed that together gave an almost infinite badge hacking potential. It did not however run Linux, and that’s something [Greg Davill] has addressed, as he’s not only running Linux on his badge, but also a framebuffer that allows him to use the badge screen as the Linux terminal screen. Finally you can watch Linux boot on your Superconference badge itself, rather than over its serial port.
He’s achieved this by changing essentially everything: from the new VexRiscv CPU core, to new video drivers and a VGA terminal courtesy of Frank Buss, now part of the LiteVideo project. It’s not quite a fully fledged Linux powerhouse yet, but you can find it in a GitHub repository should you have a mind to try it yourself. Paging back through his Twitter feed reveals the effort he’s put into this work over the last few months, and shows that it’s been no easy task.
For those keeping score at home, this is an open hardware design, running an open CPU core, with community-designed open-source peripherals, compiled by an open-source toolchain, running an open-source operating system. And it’s simply a fantastic demo for the badge, showing off how flexible the entire system is. One of the best parts of writing for Hackaday is that our community is capable of a huge breadth of amazing pieces of work, and this is an exemplar of that energy. We can’t wait to see what Greg and any other readers tempted to try it will come up with.
If you’d like to refresh your memory over the 2019 Supercon badge, here’s our write-up at the time.