Author Archives: pappp

Hyundai Head Unit Hacking

Source: Hacker News

Article note: Cars, much like TVs, are better when they _interface_ to gadgets but do not _contain_ gadgets. The incentives and competence for [auto|tv] makers mean they're going to be clunky crap abandoned as quickly as possible, and stuffed full of spyware. That said the "I read the symmetric encryption keys out of the updater package and used them to update it" part is hilarious.
Comments
Posted in News | Leave a comment

Stadia Bluetooth Mode

Source: Hacker News

Article note: Done. The update behavior is interesting. The tool is picky (in that "Flashback to ActiveX bullshit" kind of way) about the platform that does the update. Has to be a real computer (won't work from Android). Has to be running Chrome 108+ (My out-of-support Chromebook with 106 or whatever wouldn't work). Can't be a Linux box with Chromium or Chrome (always fails with "Close other tabs using the controller Couldn’t connect to your controller because it’s currently being used by another tab or program."). I eventually passed it through to a Windows 10 VM with google-brand Chrome and got it to work, and that exposed some extra details. Instructions and responses: Hold "..." during plug in press "..." + that other button with three dots right below it + A + Y all at once Re-enumerates as "NXP Semiconductors SP Blank RT family" [Server does something] Re-enumerates as "Freescale Semiconductor USB Composite Device" [Server does something] Re-enumerates as "Google LLC Stadia Controller rev. A" ... it looks like it's temporarily nudging the NXP (formerly Freescale) MIMXRT1061 processor into some kind of DFU-like firmware update mode via the button combos, loading a different bitstream so it can act as a USB composite device to expose the update mechanism of the BCM43458 (radio), flashing that, then rebooting the main CPU back into the USB HID controller mode. You do lose the headphone jack, which is a bit of a shame because having it work as a Bluetooth audio device would make it even more useful - but at least it's a Bluetooth controller.
Comments
Posted in News | Leave a comment

SAIC Galaxy 1100: a pre-CDE VUE of the PA-RISC with a security clearance

Source: Hacker News

Article note: The exotic of the exotic. DoD special-order portable PA-RISC workstations with "known example" counts in the single digits.
Comments
Posted in News | Leave a comment

Google’s Stadia Controller is getting Bluetooth support

Source: The Verge - All Posts

Article note: Wow. That's decent behavior, and the controller is actually pretty nice. ...I half wonder if they're just keeping the RE nerds away from their tech.
The Google Stadia Controller
Image: Google

Google is launching its final Stadia game today and is promising to release a tool next week to enable Bluetooth connections on its Stadia Controller. The last Stadia game to launch on the service is Worm Game, a test game that was technically available on Stadia before Stadia launched publicly in November 2019. Developers at Google have decided to release the game just before the streaming service disappears next week.

“Worm Game is a humble title we used to test many of Stadia’s features, starting well before our 2019 public launch, right through 2022,” says Google in its listing for the newly published title. “It won’t win Game of the Year, but the Stadia team spent a LOT of time playing it, and we thought we’d share it with you....

Continue reading…

Posted in News | Leave a comment

Myths and legends in high-performance computing

Source: Hacker News

Article note: Fun. It's basically just standing in front of the hype cycles going "really?" but it's nice to see them compiled.
Comments
Posted in News | Leave a comment

Surprising Consequences of macOS’s Environment Variable Sanitization

Source: Hacker News

Article note: That is a very un-UNIX-like behavior Apple has imposed.
Comments
Posted in News | Leave a comment

CDC File Transfer

Source: Hacker News

Article note: My brain was looking at it trying to fit "CDC"=Centers for Disease Control? Control Data Corporation? Cult of the Dead Cow? Composite Device Class? But no, this overload is "Content Defined Chunking," which smells sort of like a more sophisticated rsync style rolling hash with variable block size. I think the got project is a more general tool with the same basic model, but this is oddly proven code since it was tooling for the now-expensively-failed Stadia infrastructure. It's a neat direct application of a neat algorithm.
Comments
Posted in News | Leave a comment

Tilck – A Tiny Linux-Compatible Kernel

Source: Hacker News

Article note: Nifty. Comments about other kernel projects are fun too.
Comments
Posted in News | Leave a comment

Shift Happens: a Book About Keyboards

Source: Hacker News

Article note: This sounds _delightful_.
Comments
Posted in News | Leave a comment

4 electrical substations vandalized in Washington, leaving thousands without power

Source: The Week: Most Recent Home Page Posts

Article note: Uh-oh, the genuinely difficult problem we've done basically nothing about in the decade or so since it got undeniable is starting to take off. (now, am I talking about securing substations or the proliferation of right wing domestic terrorists most likely responsible for attacking them? Hint:it's both.)

Four electrical substations were vandalized in Washington state on Sunday, the Pierce County Sheriff's Office said Monday.

Tacoma Public Utilities reported that two of its substations were vandalized on Christmas morning, with outages affecting roughly 7,300 customers southeast of Tacoma. Around noon on Sunday, Puget Sound Energy reported that one of its substations was vandalized at about 2:30 a.m., and nearly 7,700 customers had lost power. The fourth substation was vandalized shortly after 7 p.m., with emergency dispatchers receiving a call about a fire at a Puget Sound Energy substation in Graham.

All of the substations are in South Pierce County. Sheriff's officials said in each case, someone broke into the fenced area around the substations and damaged the equipment in order to cause a power outage.

Over the last month, there have been six attacks on electrical substations in Washington and Oregon. In early December, tens of thousands of customers in Moore County, North Carolina, were without power after someone "opened fire" on two substations, damaging the equipment, Moore County Sheriff Ronnie Fields said. This "wasn't random," he added.

In January, the Department of Homeland Security warned that domestic extremists "have developed credible, specific plans to attack electricity infrastructure since at least 2020." There are more than 6,400 power plants and 450,000 miles of transmission lines in the United States, The Associated Press reports, and a law enforcement official told AP the extremists "feel that disrupting the electrical supply will disrupt the ability of government to operate. And secondly, by conducting attacks against the communications and electrical infrastructure, it will actually accelerate the coming civil war that they anticipate because it will disrupt the lives of so many people that they will lose their faith in government."

Posted in News | Leave a comment