Broadcast Engineer at BellMedia, Computer history buff, compulsive deprecated, disparate hardware hoarder, R/C, robots, arduino, RF, and everything in between.
4677 stories
·
5 followers

Red Dead Redemption 2 is depressing as all get out

1 Share

I've played enough of Rockstar Games' Red Dead Redemption 2.

I didn't remember much of the first Red Dead Redemption. RDR was a massive "open world" western game. You could wander all over the map and do whatever you wanted.

I found Red Dead Redemption kinda boring.

I know I played it! The game was a big deal at the time. Friends in my small community of life-long video game aficionados were super excited to see this new installment: a modern massive "open world" western game.

Red Dead Redemption 2 depresses me in the range of 2000's dreary movie Requiem for a Dream. Everything in the old west goes to shit for everyone. Nothing is working out well for you, or any NPC you meet.

Life super sucks in the old west.

You start the game as a grizzled and worn Old West bandit. Apparently your character is the #2 in a gang of broken down heist pullers who are on the run. Your leader, Dutch, really screwed up your last job, got some people killed or captured, and lost the loot. You are destitute and hunted by the law.

Things don't get a lot better. The nature of western gunslingers is that death can come at any moment, so in RDR2 you are surrounded by it. Most encounters, even if you are working incredibly hard to be a nice guy and move through your world without too much violence, turn into murder.

Roaming around the open world resulted in some dark adventures:

I went to help a young journalist collect some research and ended up killing most of the people he needed me to interview. I also helped one of his subjects knock off a dozen bounty hunters.

I tried to aid someone struggling with their horse, it kicked them in the head. I looted the body. When I succeeded in calming another riled horse for an NPC, I was branded a horse thief.

One sad NPC needed me to suck the snake venom out of his leg. That was exciting.

Aside from encountering people who need to die, or will anyways, RDR2 involved a lot of riding your horse. You can put the horse into autopilot, and watch beautiful scenery pass by, or you can steer said horse on your own. As soon as you take the reins, however, expect an NPC to pop up, ask for help and likely need to be killed.

The actual game story is nothing but depressing. Everything is going wrong for your gang, your leader is a mostly unlikeable douche, and your compatriots most complain you aren't doing enough to help out. I have not really felt compelled to keep playing through.

In an attempt to reengage with the game I tried to capture the best horse in the game. This resulted in 90 minutes riding across the map on auto-pilot, quietly stalking a horse, and then scaring it away. It did not help me want to play more.

I have found the in-game combat systems to be a little confusing as well. The "dead-eye" bullet time mode, wherein you slow time and can aim better doesn't seem to offer me much advantage. Aiming is very hard for this inverted-stick FPS enthusiast. I also find the menus used to figure out what missions you can run, in game progress, etc to all be fairly useless and lacking information that helps me.

Red Dead Redemption 2 is hard for me want to play, but I feel like I should as there is so much there. I have yet to try the in-game fishing, or gambling, but the short hunting adventures and train robbery were fun. Regardless how enjoyable the in-game games may be, I find the amount of time it takes to find engaging activities discouraging. I don't want to ride my horse for 20 minutes only to find I can't go fishing because I forgot to buy worms.

Red Dead Redemption II is worth checking out, but I wouldn't count on playing all the way through.

Read the whole story
tekvax
5 days ago
reply
Burlington, Ontario
Share this story
Delete

Add Nest Functionality to your Thermostat for $5

1 Share

The Nest Thermostat revolutionized the way that people control the climate in their homes. It has features more features than even the best programmable thermostats. But, all of the premium features also come at a premium price. On the other hand, for only $5, a little coding, and the realization that thermostats are glorified switches, you can easily have your own thermostat that can do everything a Nest can do.

[Mat’s] solution uses a Sonoff WiFi switch that he ties directly into the thermostat’s control wiring. That’s really the easy part, since most thermostats have a ground or common wire, a signal wire, and a power wire. The real interesting work for this build is in setting up the WiFi interface and doing the backend programming. [Mat’s] thermostat is controlled by software written in Node-RED. It can even interface with Alexa. Thanks to the open source software, it’s easy to add any features you might want.

[Mat] goes through a lot of detail on the project site on how his implementation works, as far as interfacing all of the devices and the timing and some of the coding problems he solved. If you’ve been thinking about a Nest but are turned off by the price, this is a great way to get something similar — provided you’re willing to put in a little extra work. This might also be the perfect point to fall down the home automation rabbit hole, so be careful!





Read the whole story
tekvax
6 days ago
reply
Burlington, Ontario
Share this story
Delete

Quick and Dirty MIDI Interface with USBASP

1 Share

[Robson Couto] recently found himself in need of MIDI interface for a project he was working on, but didn’t want to buy one just to use it once; we’ve all been there. Being the creative fellow that he is, he decided to come up with something that not only used the parts he had on-hand but could be completed in one afternoon. Truly a hacker after our own hearts.

Searching around online, he found documentation for using an ATtiny microcontroller as a MIDI interface using V-USB. He figured it shouldn’t be too difficult to adapt that project to run on one of the many USBASP programmers he had laying around, and got to work updating the code.

Originally written for the ATtiny2313, [Robson] first had to change around the pin configuration so it would work on the ATmega8 in the USBASP, and also updated the USB-V implementation to the latest version. With the code updated, he programmed one of the USBASP adapters with a second one by connecting them together and putting a jumper on the J2 header.

He had the software sorted, but there was still a bit of hardware work to do. To provide isolation for the MIDI device, he put together a small circuit utilizing a 6N137 optoisolator and a couple of passive components on a piece of perf board. It’s not pretty, but it does fit right into the programming connector on the USBASP. He could have fired up his PCB CNC but thought it was a bit overkill for such a simple board.

[Robson] notes that he hasn’t implemented MIDI output with his adapter, but that the code and the chip are perfectly capable of it if you need it for your project. Finding the schematic to hook up to the programmer’s TX pin is left as an exercise for the reader.

If you don’t have a USBASP in the parts bin, we’ve seen a very similar trick done with an Arduino clone in the past.





Read the whole story
tekvax
7 days ago
reply
Burlington, Ontario
Share this story
Delete

A detailed technical rebuttal of Bloomberg's "backdoored servers" article

1 Share

Earlier this month, Bloomberg published a terrifying, detailed story claiming that Chinese spies had, for years, been sneaking hardware backdoors into servers used in data-centers run by companies like Apple and Amazon, as well as Congress, the Senate, the White House, Navy battleships and more.

The story drew rare, detailed denials from the companies involved and prompted lots of skeptical rebuttals. Bloomberg, meanwhile, stood by its story.

Now, Patrick Kennedy has written the most detailed technical rebuttal to the story to date, pointing out plausible reasons why the Bloomberg story couldn't be true.

For me the greatest mystery here is how Bloomberg could be so sure of its facts and how the companies it has accused of being hacked could be so thorough and public in their denials. Bloomberg says it's spoken to sources in the companies involved with direct knowledge, implying that either Bloomberg has been very sloppy in its work, or that there's a huge, elaborate conspiracy among current and former employees in several companies and branches of the US government to hoax Bloomberg -- or that all these companies and agencies have all conspired in their denials, despite the eventual crisis of trust that will break out when the truth is finally known.

Baseboard management controllers or BMCs are active on crashed or turned off servers. They allow one to, for example, power cycle servers remotely. If you read our piece Explaining the Baseboard Management Controller or BMC in Servers BMCs are superchips. They replace a physical administrator working on a server in a data center for most tasks other than physical service (e.g. changing failed hard drives.)

At the same time, the sensitive data on a system is in the main server complex, not the BMC. When the BMC is powered on, hard drives, solid state drives, the server’s CPU (for decrypting data) and memory are not turned on. If you read our embedded systems reviews, such as the Supermicro A2SDi-16C-HLN4F 16-core Intel Atom C3955 mITX Motherboard Review, we actually publish power figures for when a system is on versus when the BMC only is active. In that review, the BMC powered on utilizes 4.9W of power. SSDs each have idle power consumption generally above 1W and hard drives use considerably more even at idle. The point here is that when the server’s BMC is turned on, and the server is powered off, it is trivially easy to measure that the attached storage is not powered on and accessible.

When a server is powered off it is not possible to access a server’s “most sensitive code.” OS boot devices are powered off. Local storage is powered off for the main server. Further encrypted sensitive code pushed from network storage is not accessible, and a BMC would not authenticate.

Investigating Implausible Bloomberg Supermicro Stories [Patrick Kennedy/Serve The Home]

Detailed And Thorough Debunking Of Bloomberg's Sketchy Story About Supply Chain Hack [Mike Masnick/Techdirt]

Read the whole story
tekvax
15 days ago
reply
Burlington, Ontario
Share this story
Delete

DMCA Review: Big Win for Right to Repair, Zero for Right to Tinker

1 Share

This year’s Digital Millennium Copyright Act (DMCA) triennial review (PDF, legalese) contained some great news. Particularly, breaking encryption in a product in order to repair it has been deemed legal, and a previous exemption for reverse engineering 3D printer firmware to use the filament of your choice has been broadened. The infosec community got some clarification on penetration testing, and video game librarians and archivists came away with a big win on server software for online games.

Moreover, the process to renew a previous exemption has been streamlined — one used to be required to reapply from scratch every three years and now an exemption will stand unless circumstances have changed significantly. These changes, along with recent rulings by the Supreme Court are signs that some of the worst excesses of the DMCA’s anti-circumvention clause are being walked back, twenty years after being enacted. We have to applaud these developments.

However, the new right to repair clause seems to be restricted to restoring the device in question to its original specifications; if you’d like to hack a new feature into something that you own, you’re still out of luck. And while this review was generally favorable of opening up technology to enable fair use, they didn’t approve Bunnie Huang’s petition to allow decryption of the encryption method used over HDMI cables, so building your own HDMI devices that display encrypted streams is still out. And the changes to the 3D printer filament exemption is a reminder of the patchwork nature of this whole affair: it still only applies to 3D printer filament and not other devices that attempt to enforce the use of proprietary feedstock. Wait, what?

Finally, the Library of Congress only has authority to decide which acts of reverse engineering constitute defeating anti-circumvention measures. This review does not address the tools and information necessary to do so. “Manufacture and provision of — or trafficking in — products and services designed for the purposes of circumvention…” are covered elsewhere in the code. So while you are now allowed decrypt your John Deere software to fix your tractor, it’s not yet clear that designing and selling an ECU-unlocking tool, or even e-mailing someone the decryption key, is legal.

Could we hope for more? Sure! But making laws in a country as large as the US is a balancing act among many different interests, and the Library of Congress’s ruling is laudably clear about how they reached their decisions. The ruling itself is worth a read if you want to dive in, but be prepared to be overwhelmed in apparent minutiae. Or save yourself a little time and read on — we’ve got the highlights from a hacker’s perspective.

Right to Repair, But Not to Tinker

Support of the right to repair is the big win coming out of this week’s ruling, and strangely enough the legality of hacking on the firmware of children’s toys stems from the original work of farmers to fix their tractors. All land vehicles got an exemption in 2015 (PDF) that included decrypting the ECU and engine diagnostics, “undertaken by the authorized owner” and excluding the entertainment and telematics subsystems. It was argued that the exemption for the entertainment system was intended to prevent people from turning their cars into mobile copyright violation machines.

But based on strong lobbying by repair-industry groups and by farmers who wanted to fix the air conditioning in their tractors, these restrictions were lifted this year. Not only can you work on any system necessary, but you can authorize others to do so on your behalf. And the class of use cases, “Class 7: Computer Programs — Repair”, has been expanded to include “other types of software-enabled devices, including appliances, computers, toys, and other Internet of Things devices”. This is a big deal for anyone who wants to fix anything with firmware.

But it is not a victory for hackers, tinkerers, or anyone who wants to do something original with a device that they own. In particular, the phrase “lawful modification” was included in a proposed draft of the ruling, along with a clause to allow “the acquisition, use, and dissemination of circumvention tools in furtherance of diagnosis, repair, and modification”. As mentioned above, circumvention tools are outside of the Library’s jurisdiction, so no ruling on tooling. And while the “lawful modification” clause was retained in the particular section covering vehicles, it was struck from the devices and IoT section with the rationale that it was “not defined with sufficient precision to conclude as a general category it is likely to be noninfringing”. You are still not allowed to break encryption to modify or add functionality to a device that you own. That hits us right in the Hackaday. Boo!

Unlocking and Jailbreaking

If you lawfully buy a cell phone, tablet, fitness tracker, or similar, you may now unlock the software in order to change service providers. This expands on the previous ruling that was limited to cell phones, and removes the previous requirement that the phones be used — a provision put in to prevent people from reselling loss-leader phones by untethering them from their carriers without ever registering them.

It was recently ruled that cellphones could be jailbroken in order to install whatever software the owner wanted. The EFF wanted this exemption extended to voice assistant devices (Echo, Siri, Home, etc.) and also to enable or disable hardware or software features of the device, and they got their wish. That you’re now free to jailbreak and install software on these additional platforms is a huge win.

Reverse Engineering and Security

A big question going into this round was whether the infosec community would get its exemption renewed, and there were some questions about who had to own the system in question that were relevant for penetration testing. The infosec community came through with a number of suggestions, and it paid off in spades! The exemption is relatively straightforward: “good-faith security research” on a “lawfully acquired” device or “with the authorization of the owner or operator” is exempt if it doesn’t violate any applicable law.

Software and Video Game Archives

In the last decade, the Library of Congress began taking video games seriously. As part of this push, they’ve passed exemptions to the DCMA for non-profit libraries and archives of video games. That’s good news. This time around, the big question was what to do with online games when the server ceases to exist. Would you be allowed to copy or reverse engineer the server? The answer is a limited “yes” — only for the purposes of preservation and when performed physically on the premises of the library, which is great news for archivists. But no so good if you just want to play the game. Bummer.

3D Printer Filament

The 2015 exemptions allowed reverse engineering 3D printer firmware to defeat chipped filament spools, allowing you to print with whatever you want. Almost. Under pressure from Stratasys, which claimed that people could create unspecified public health (not copyright!) issues by using unlicensed filament, a clause was added to the otherwise reasonable exemption: “that the exemption shall not extend to any computer program on a 3D printer that produces goods or materials for use in commerce”. This would prevent you from hacking the filament reel’s chipping if you intended to sell the parts, and was stripped from this year’s version of the exemption. Good riddance!

HDMI, HDCP

Hackaday friend Bunnie Huang likes to hack on HDMI encryption. Imagine that you had a CCTV stream pushed out over HDMI, and that you simply wanted to overlay the date and time in the upper left hand corner. Or maybe you’re a video artist who’d like to play around with the video coming out of a modern set-top box. You can’t, because the stream is encrypted with High-bandwidth Digital Content Protection (HDCP). The master key for HDCP was released in 2010, and its circulation remains a DMCA violation, but it’s an open secret at this point.

Bunnie petitioned to get an exemption for breaking HDCP for fair-use applications, and was denied. We love Bunnie and we love video hacking, but we can also see how the number of potential copyright violators outnumber the hardware hackers and are thus “likely to be infringing” and there just weren’t many fair-use uses. Hackers, if you want to see an exemption for this in three years, start building fair use HDCP applications — the master key is out there and the Library needs a compelling justification to break HDCP.

The DMCA: An Over-broad Law, Made Slightly Better by Exemptions

So much for this round’s exemptions. But how did we even get here? The DMCA, enacted in 1998, did two things. First, it brought US copyright practice in line with international norms and shielded online content providers from liability if users uploaded infringing content — the “safe harbor” provision. This may have saved the Internet as we know it: nobody would be willing to host submitted content if they could be sued into oblivion for something they didn’t upload or control.

Secondly, as part of the furor around Napster and the digital sharing of music, the DMCA criminalized breaking encryption that’s designed to protect copyrighted works, and prohibited dissemination or sale of tools (or knowledge) designed to break this encryption. This “anti-circumvention” section, intended to protect copyright, opened Pandora’s box.

Suddenly the copyrighted firmware that keeps track of how many pages were printed on an inkjet cartridge was protected by encryption, and cracking that encryption in order to refill and reuse the cartridge became the crime of defeating anti-circumvention measures, until finally ruled OK by the Supreme Court in 2017. John Deere fought hard to maintain that the code in the ECU of their tractors is protected by the DMCA, in an attempt to prevent farmers from working on their tractors under penalty of law. The DMCA made it illegal to jailbreak used cellphones in order to change carriers, because the subscription data was copyrighted and encrypted.

The way out of this insanity is to petition the Library of Congress for an exemption. Indeed, all of the above anti-circumvention restrictions were lifted by exemption in the past. But, as you have surely noticed, these exemptions are piecemeal and hyper-specific, and the state of play can change every three years. For instance, in 2012, jailbreaking phones to switch carriers was legalized, but the same was not true for tablets. Now, they’re both exempted. In 2009, an exemption was granted to decrypt e-books so that blind people could use read-aloud software with them, provided there were no unlocked versions available. In 2012, this was broadened to all e-books, and this exemption is still in force. Only recently could you legally hack on your DRM’ed tractor, and only this year can you hire an independent mechanic to do it.

In my opinion, the anti-circumvention clause of the DMCA is a flawed law. It legislates on a tangentially related topic — encryption — while intending to prevent another crime — copyright infringement — that was already illegal before the DMCA existed. As we’ve often seen from its myriad abuses and exemptions over the last twenty years, it’s not serving its intended purpose as much as providing a legal basis for anti-competitive and anti-innovative business strategies. I’m not sure that I’m hopeful for its removal, however, so I’ll continue to cheer every little exemption that we can get.





Read the whole story
tekvax
18 days ago
reply
Burlington, Ontario
Share this story
Delete

Competitive Surface Mount Soldering Comes to Supercon

1 Share

Who will show the best soldering skills at the Hackaday Superconference next week? We have a little — in fact, a very little — challenge for you: solder surface mount components down to a tiny 0201 package. This is the SMD Soldering Challenge and successfully finishing the board at all shows off the best of hand soldering skills, but during the weekend we’ll also keep a running leader board.

Ballpoint pen for scale

For the event we’re using the SMD Challenge board by MakersBox which utilizes a SOIC8 ATtiny85 to drive LED/resistor pairs in 1206, 0805, 0603, 0402, and 0201 packages. There will be a 5 minute inspection time at the start of the heat to open the kit, get familiar with the board, and confirm that you have all of the components and tools you need. We suggest not sneezing while placing that 0201 part down on the board — there is a spare set of 0201 parts only in the kit so you might get one extra chance with the smallest parts if you need it, but replacements will not be provided for parts lost during the heat.

There will be eight heats of six people participating so make sure you get signed up as soon as you get to Supercon. You can only compete once and you must use our soldering iron and solder. We will also have magnifiers, tweezers, flux, and desoldering braid on hand. You can bring reasonable tools and other support materials; Supercon staff running the challenge are the arbiters of “reasonable” in this case.

Scoring is based on time, completion, functionality (of the circuits you attempted to complete), neatness, and solder joint quality. If the top score is a tie, the fastest time across all the heats will be the winner. The official rules are on the event page so take a moment to look them over.

Don’t think it is going to be easy. Here’s a quote from the SMD Challenge board project page:

Be warned that trying to hand solder a 0201 package, which is just slightly larger than a grain of sand, may be considered evidence of insanity and get you committed to bad places by your loved ones and/or arch nemesis

The real prize is the bragging rights of being the Hackaday soldering virtuoso. Do you have what it takes? Someone reading this right now will be. But the first step is to show up at the Hackaday Superconference. See you there and good luck!





Read the whole story
tekvax
18 days ago
reply
Burlington, Ontario
Share this story
Delete
Next Page of Stories