https://marcan.st/ Recent content on marcan.st Hugo -- gohugo.io en-us Tue, 05 Dec 2017 01:20:00 +0900 https://marcan.st/2017/12/debugging-an-evil-go-runtime-bug/ Tue, 05 Dec 2017 01:20:00 +0900 https://marcan.st/2017/12/debugging-an-evil-go-runtime-bug/ Preface I’m a big fan of Prometheus and Grafana. As a former SRE at Google I’ve learned to appreciate good monitoring, and this combination has been a winner for me over the past year. I’m using them for monitoring my personal servers (both black-box and white-box monitoring), for the Euskal Encounter external and internal event infra, for work I do professionally for clients, and more. Prometheus makes it very easy to write custom exporters to monitor your own data, and there’s a good chance you’ll find an exporter that already works for you out of the box. https://marcan.st/about/ Sun, 05 Nov 2017 00:00:00 +0900 https://marcan.st/about/ Hello! I’m Hector Martin and like to go by the nickname “marcan”. I currently live in Tokyo, Japan as an IT/security consultant by day and a hacker by night. For some definition of day and night, anyway. If you need to contact me, your best bet is to e-mail me at marcan@marcan.st. If you’re an IRC user, I tend to idle as “marcan” on the OFTC and Libera.Chat networks. I also have a Mastodon account. https://marcan.st/2016/06/hacking-and-upgrading-the-korg-kronos/ Wed, 01 Jun 2016 06:40:00 +0900 https://marcan.st/2016/06/hacking-and-upgrading-the-korg-kronos/ The Korg Kronos is an interesting beast. Korg’s flagship synth, it’s marketed as a music workstation, but under the hood it’s actually built on a commodity x86 motherboard and some custom I/O hardware. And it runs Linux. That’s just asking to be hacked, isn’t it? :-) I’ve owned one of these for a few years, and at one point did some investigation into the software, but got bored and never really did anything interesting with it (to be fair, it’s already complicated enough with the stock software! https://marcan.st/2016/05/crossflashing-the-fujitsu-d2607/ Sat, 07 May 2016 01:15:00 +0900 https://marcan.st/2016/05/crossflashing-the-fujitsu-d2607/ Update: I wrote a new tool that lets you do most of this process from Linux, without rebooting and without needing any UEFI or DOS tools, which should work for any LSI SAS2008 card regardless of vendor and let you crossflash to any firmware. I own a Fujitsu Primergy server (hosted at a secret location ;-) ) that I use for offsite backups and a few misc things (and for which it’s, incidentally, grossly overpowered). https://marcan.st/2016/03/untangling-ios-pin-code-security/ Wed, 16 Mar 2016 19:00:00 +0900 https://marcan.st/2016/03/untangling-ios-pin-code-security/ A lot has been written about the Apple vs. FBI saga. However, the truth about exactly what it all means from a technical standpoint is scattered among many sources, amidst quite a bit of misinformation. This post is my attempt to provide, in a question and answer format, what I consider to be the current knowledge of the state of affairs, from the perspective of a security researcher. Very little of this is my own research. https://marcan.st/2015/10/rescuing-a-broken-ntfs-filesystem/ Sun, 25 Oct 2015 18:00:00 +0900 https://marcan.st/2015/10/rescuing-a-broken-ntfs-filesystem/ Yesterday, early morning, I was working on a friend’s Windows PC. The plan was simple: migrate the Windows install from an HDD partition to a smaller SSD by freeing up space, running ntfsresize to shrink the partition down to something that fits on the SSD, and then dd-ing it over. I figured ntfsresize would be pretty safe and well-tested, since it’s used by pretty much every Linux distro installer to resize Windows partitions. https://marcan.st/2015/05/site-reboot/ Tue, 26 May 2015 01:35:00 +0900 https://marcan.st/2015/05/site-reboot/ To say that my blog was gathering dust would be a bit of an understatement; the post before this one was written over 2 years ago. Part of the reason for the lack of updates has undoubtedly been laziness, but part of it was also that I’m not a huge fan of WordPress. Over the past few years I have been using static site generators like Hyde on other sites, and in particular I much prefer to write anything longer than a tweet in a text editor rather than web UI, and commit it to git instead of a database. https://marcan.st/events/euskal/ Mon, 25 May 2015 04:24:00 +0900 https://marcan.st/events/euskal/ Euskal Encounter is Spain’s largest and oldest demoparty and LAN party. I have been an attendee since 2005, and part of the official volunteer event staff since 2011. The same organizing team also hosts two other smaller events: Gipuzkoa Encounter and Araba Encounter. At all three events I am the coordinator of the Free Software area and the chief BOFH of the local server infrastructure. Hack It / Solve It competition The Hack It is a hacking challenge where teams compete to solve a series of challenges on security, reverse engineering, digital forensics, cryptography, exploiting, and related fields. https://marcan.st/old-stuff/ Mon, 25 May 2015 00:33:44 +0900 https://marcan.st/old-stuff/ These are projects that I once started or significantly contributed to, but which these days are maintained by others. You may have been redirected from an obsolete page to here. usbmuxd I wrote the first Linux version of usbmuxd, a daemon that handles communications with iOS devices and which these days is installed on most desktop Ubuntu systems by default. These days, usbmuxd is maintained by the libimobiledevice team. https://marcan.st/projects/blitzloop/ Mon, 21 Jan 2013 00:00:00 +0100 https://marcan.st/projects/blitzloop/ BlitzLoop is an open source karaoke system inspired by Japanese karaoke machines. It uses a custom song format and supports multiple lyrics display styles, background videos, real-time audio stretching and pitch shifting, and also handles microphone echo. It is written in Python and Cython and uses OpenGL graphics on the host box, while the UI is remotely accessed through a web browser (e.g. running on a tablet). There is very little documentation at the moment, but feel free to drop me a line if you’re interested or have any questions. https://marcan.st/2012/11/lasershark-and-openlase-on-github/ Fri, 16 Nov 2012 04:45:00 +0100 https://marcan.st/2012/11/lasershark-and-openlase-on-github/ Check out the main OpenLase page here. Jeffrey Nelson just let me know about an awesome project that he put together: LaserShark! Instead of using OpenLase with the hacky sound card output, he put together a proper open DAC board based around an LPC1343 Cortex-M3 microcontroller. I haven’t had a chance to see it in action yet, but considering that the systems I’ve seen so far either use proprietary DACs (that tend to suck) or sound card DACs (with all their problems), I think this is easily the best DAC solution for using OpenLase today. https://marcan.st/2011/01/openlase-hardware-and-simulator/ Mon, 31 Jan 2011 20:48:00 +0100 https://marcan.st/2011/01/openlase-hardware-and-simulator/ Check out the main OpenLase page here. I apologize for taking this long to post this! I’ve been busy non-stop since 27c3 and never got a chance to get around to it. Finally, though, here it is: the description of the Mark 1 laser projector that I use with OpenLase. But wait, there’s more! If you don’t have the hardware and don’t want to build it, or you want to try out OpenLase, or you want to be able to mess around with it on the go, you can now do that. https://marcan.st/projects/openlase/ Fri, 21 Jan 2011 00:00:00 +0100 https://marcan.st/projects/openlase/ OpenLase is an open source library and toolkit for controlling laser scanners. It has an emphasis on real-time operation and integration with audio, and it uses the JACK Audio Connection Kit as a backend. Features include: Classic OpenGL-like API Support for ILDA format sprites SVG to ILDA converter Built-in vector font Realtime bitmap tracer (edge detection) Python bindings Video player (using the bitmap tracer) Output processor GUI with perspective correction (projecting from an angle) and level controls. https://marcan.st/projects/openlase/hardware-mark1/ Fri, 21 Jan 2011 00:00:00 +0100 https://marcan.st/projects/openlase/hardware-mark1/ OpenLase is designed to work with typical DIY laser scanners that use sound cards as DACs. This is the first laser projector that I built to go along with it. It is by no means perfect, and indeed, quite a few things could be improved. It’s relatively simple though, and it should be straightforward to duplicate. Overall view Overall view There are four main parts to the scanner: the digital-to-analog converter (DAC) (and associated control circuitry), the emitter subsystem, the scanning subsystem, and the power supply. https://marcan.st/2011/01/safe-hacking/ Wed, 19 Jan 2011 02:56:00 +0100 https://marcan.st/2011/01/safe-hacking/ Ah, the world of computers. Thanks to the wonderful world of bits and bytes, we can experiment with any application, file, driver, or even the core operating system. Rip them apart, change things, put them together, and if it doesn’t work, just try again. At worst, you’ll have to wipe your hard drive and start over. If you somehow manage to destroy a computer purely through bad software, that’s considered a design problem and a true feat to pull off. https://marcan.st/2011/01/syncing-music-in-new-idevices-with-linux/ Mon, 17 Jan 2011 07:34:00 +0100 https://marcan.st/2011/01/syncing-music-in-new-idevices-with-linux/ As you probably already know, libgpod has included support for Apple’s iOS 2.x hash for a while now. With their new devices, Apple changed the hash again, but for some reason the change only applies to new devices – old devices running iOS 4.x still work. However, if you have a new device (iPad, iPhone 4, or iPod touch 4G), music sync does not work. If your device is not jailbroken, you’ll have to wait until the new hash is reverse engineered. https://marcan.st/2010/11/openlase-open-realtime-laser-graphics/ Wed, 24 Nov 2010 03:25:00 +0100 https://marcan.st/2010/11/openlase-open-realtime-laser-graphics/ Check out the main OpenLase page here. First of all, as I’m sure everyone knows by now, I’ve been working on hacking the Kinect and writing open drivers for it. There’s a website for the community and a Git repo with the code, and it’s working fairly nicely by now. With that out of the way, here’s a project that I’ve been working on on-and-off for the past year or so. https://marcan.st/2010/10/asbestos-running-linux-as-gameos/ Wed, 20 Oct 2010 00:31:00 +0100 https://marcan.st/2010/10/asbestos-running-linux-as-gameos/ As most of you will probably already know, I’ve been working on a project recently which aims to run Linux on the PS3 (including the PS3 Slim) using the PSJailbreak exploit, effectively replacing GameOS on the fly. I think it’s gotten to the point where it’s useful enough for other people to be interested, so here’s something resembling an official announcement. Obligatory demo video: AsbestOS (a mineral, and meaning “inextinguishable” in Greek) is a bootloader to run PS3 Linux without OtherOS. https://marcan.st/2009/12/making-firefox-play-nicely-with-laptop-mode/ Fri, 18 Dec 2009 05:58:00 +0100 https://marcan.st/2009/12/making-firefox-play-nicely-with-laptop-mode/ These days, if you want to do something like this, you should check out libeatmydata. Linux has a tweakable knob called laptop_mode which is meant as an energy saving tool for laptop users on battery: it basically says “try not to touch the disk for X minutes at a time, unless you really need to, and once you do, do everything that you’ve been piling up all at once”. It’s great for laptop users, and doubly so for things like my huge laptop with two 7200RPM HDDs. https://marcan.st/2009/10/iphone-syncing-on-linux-part-2/ Sat, 31 Oct 2009 07:16:00 +0100 https://marcan.st/2009/10/iphone-syncing-on-linux-part-2/ I no longer use an iPhone nor am I an active developer of usbmuxd. If you’re interested in the current state of affairs, check out the libimobiledevice repositories, where development continues. Last post was more along the lines of an announcement, so here’s a more concrete guide. There have been new releases of most parts of the software stack in the past few days, so now is the time to grab them if you’re interested. https://marcan.st/2009/10/iphone-syncing-on-linux/ Tue, 27 Oct 2009 19:46:00 +0100 https://marcan.st/2009/10/iphone-syncing-on-linux/ I no longer use an iPhone nor am I an active developer of usbmuxd. If you’re interested in the current state of affairs, check out the libimobiledevice repositories, where development continues. Those who watch my git repos may have noticed that I’ve been working on this for a while now. iPhones and iPod Touches have never been properly supported under Linux (especially non-jailbroken devices) because they are just so different from all the previous iPod models. https://marcan.st/2009/06/enabling-intel-vt-on-the-aspire-8930g/ Sun, 28 Jun 2009 17:30:00 +0100 https://marcan.st/2009/06/enabling-intel-vt-on-the-aspire-8930g/ When I first wrote this blog post in 2009, I never expected that it would get so popular. As it turned out, lots of people were interested in UEFI BIOS hacking and/or were victims of poor BIOS implementations by vendors. I no longer own the laptop that is mentioned in this post, nor do I own any other hardware with an InsydeH2O BIOS. The tools referenced in this post were never meant to be generic UEFI hacking tools, but rather a quick fix for my particular laptop. https://marcan.st/2009/06/iphone-os-3.0-music-totally-incompatible/ Sun, 21 Jun 2009 00:30:00 +0100 https://marcan.st/2009/06/iphone-os-3.0-music-totally-incompatible/ With the new OS version, Apple totally changed up the database format. Now it’s based on a whole bunch of SQLite files and there are also a few files in a format similar to the old proprietary one. There are more than likely still hashes in the critical files, and there’s also a suspicious pair of files that appear to be entirely encrypted. The SQLite format is open and certainly better than the old one, but someone still needs to interface a media player to it. https://marcan.st/2009/06/more-spmp-goodness-now-with-pseudo-3d/ Sat, 13 Jun 2009 02:06:00 +0100 https://marcan.st/2009/06/more-spmp-goodness-now-with-pseudo-3d/ After a few days of reading very, very weird disassembled code and poking registers, the odd 2D hardware finally works (for the most part). It can draw lines, so I threw in a software 3D transform. Here’s the Stanford Bunny in a glorious 448 vertices and 1416 lines of jaggy wireframe awesomeness.  The chip has hardware line styling (stippling), and you can see 4 different settings (solid, “10″ dashed, “100″ dashed, “1000″ dashed) in sequence. https://marcan.st/2009/06/sunplus-spmp305x-media-player-hacking/ Tue, 09 Jun 2009 04:23:00 +0100 https://marcan.st/2009/06/sunplus-spmp305x-media-player-hacking/ I’ve joined a bunch of friends in a quest to reverse engineer and write custom software for Sunplus SPMP305x chips. These chips are inside all sorts of chinese media players, particularly the fairly powerful kind with a camera, video playback, etc. The chip is based around an ARM926EJ-S core, but the peripherals around it are completely custom – check out the marketing blurb. Most current work is on reverse engineering the hardware interface so we can completely replace the default firmware. https://marcan.st/2009/06/acer-aspire-8930g-linux-audio-support/ Wed, 03 Jun 2009 06:30:00 +0100 https://marcan.st/2009/06/acer-aspire-8930g-linux-audio-support/ I’ll eventually write a longer post about how different bits and pieces of this laptop’s hardware fare under Linux. For now, I’ve managed to strike one of the more annoying issues: proper audio. Scroll down if you’re impatient and want the code; read on if you want the full story. This laptop is peculiar because it has built-in “5.1” audio. Yes, it does really have 6 speakers, though you’d be hard pressed to get much spatial separation out of them (and they aren’t even placed around symmetrically). https://marcan.st/2009/04/quickpasting/ Mon, 27 Apr 2009 16:18:00 +0100 https://marcan.st/2009/04/quickpasting/ If you’ve ever worked with other people on some piece of code or program, particularly over IRC or IM or some other form of real-time or fast text communication, chances are you’ve used one of the many “paste” sites available (my personal favorite is pastie). These sites offer a convenient way of sending small to medium chunks of text to other people quickly, by simply copyng and pasting the text into a web form. https://marcan.st/2009/02/hdcp-authentication-failure/ Thu, 26 Feb 2009 03:44:00 +0100 https://marcan.st/2009/02/hdcp-authentication-failure/ And I wasn’t even watching protected content. This is (one of the many reasons) why DRM needs to die. https://marcan.st/2009/01/using-amarok-and-other-itunesdb-compatible-software-with-the-iphone-2.x/ Fri, 02 Jan 2009 08:52:00 +0100 https://marcan.st/2009/01/using-amarok-and-other-itunesdb-compatible-software-with-the-iphone-2.x/ With newer iPods and the iPhone 2.x firmware, Apple decided to implement a new hash scheme for iTunesDB to prevent third-party apps from managing the iPod database. Stupid. They decided to make it part of the FairPlay codebase, including its obfuscation. Very Stupid. But just in case that weren’t enough, then they went ahead and tried to take down the iPodHash project which was attempting to reverse engineer the (annoyingly obfuscated) algorithm.