• Debugging an evil Go runtime bug
    Preface I’m a big fan of Prometheus and Grafana. As a former SRE at Google I’ve learned to appreciate good monitoring, and this combination has been a winner for me over the past year. I’m using them for monitoring my personal servers (both black-box and white-box monitoring), for the Euskal Encounter external and internal event infra, for work I do professionally for clients, and more. Prometheus makes it very easy to write custom exporters to monitor your own data, and there’s a good chance you’ll find an exporter that already works for you out of the box.
  • Hacking and upgrading the Korg Kronos
    The Korg Kronos is an interesting beast. Korg’s flagship synth, it’s marketed as a music workstation, but under the hood it’s actually built on a commodity x86 motherboard and some custom I/O hardware. And it runs Linux. That’s just asking to be hacked, isn’t it? :-) I’ve owned one of these for a few years, and at one point did some investigation into the software, but got bored and never really did anything interesting with it (to be fair, it’s already complicated enough with the stock software!
  • Crossflashing the Fujitsu D2607
    Update: I wrote a new tool that lets you do most of this process from Linux, without rebooting and without needing any UEFI or DOS tools, which should work for any LSI SAS2008 card regardless of vendor and let you crossflash to any firmware. I own a Fujitsu Primergy server (hosted at a secret location ;-) ) that I use for offsite backups and a few misc things (and for which it’s, incidentally, grossly overpowered).
  • Untangling iOS PIN code security
    A lot has been written about the Apple vs. FBI saga. However, the truth about exactly what it all means from a technical standpoint is scattered among many sources, amidst quite a bit of misinformation. This post is my attempt to provide, in a question and answer format, what I consider to be the current knowledge of the state of affairs, from the perspective of a security researcher. Very little of this is my own research.
  • Rescuing a broken NTFS filesystem
    Yesterday, early morning, I was working on a friend’s Windows PC. The plan was simple: migrate the Windows install from an HDD partition to a smaller SSD by freeing up space, running ntfsresize to shrink the partition down to something that fits on the SSD, and then dd-ing it over. I figured ntfsresize would be pretty safe and well-tested, since it’s used by pretty much every Linux distro installer to resize Windows partitions.
  • Site Reboot
    To say that my blog was gathering dust would be a bit of an understatement; the post before this one was written over 2 years ago. Part of the reason for the lack of updates has undoubtedly been laziness, but part of it was also that I’m not a huge fan of WordPress. Over the past few years I have been using static site generators like Hyde on other sites, and in particular I much prefer to write anything longer than a tweet in a text editor rather than web UI, and commit it to git instead of a database.
  • LaserShark and OpenLase on GitHub
    Check out the main OpenLase page here. Jeffrey Nelson just let me know about an awesome project that he put together: LaserShark! Instead of using OpenLase with the hacky sound card output, he put together a proper open DAC board based around an LPC1343 Cortex-M3 microcontroller. I haven’t had a chance to see it in action yet, but considering that the systems I’ve seen so far either use proprietary DACs (that tend to suck) or sound card DACs (with all their problems), I think this is easily the best DAC solution for using OpenLase today.
  • OpenLase hardware and simulator
    Check out the main OpenLase page here. I apologize for taking this long to post this! I’ve been busy non-stop since 27c3 and never got a chance to get around to it. Finally, though, here it is: the description of the Mark 1 laser projector that I use with OpenLase. But wait, there’s more! If you don’t have the hardware and don’t want to build it, or you want to try out OpenLase, or you want to be able to mess around with it on the go, you can now do that.
  • Safe Hacking
    Ah, the world of computers. Thanks to the wonderful world of bits and bytes, we can experiment with any application, file, driver, or even the core operating system. Rip them apart, change things, put them together, and if it doesn’t work, just try again. At worst, you’ll have to wipe your hard drive and start over. If you somehow manage to destroy a computer purely through bad software, that’s considered a design problem and a true feat to pull off.
  • Syncing music in new iDevices with Linux
    As you probably already know, libgpod has included support for Apple’s iOS 2.x hash for a while now. With their new devices, Apple changed the hash again, but for some reason the change only applies to new devices – old devices running iOS 4.x still work. However, if you have a new device (iPad, iPhone 4, or iPod touch 4G), music sync does not work. If your device is not jailbroken, you’ll have to wait until the new hash is reverse engineered.
  • OpenLase: open realtime laser graphics
    Check out the main OpenLase page here. First of all, as I’m sure everyone knows by now, I’ve been working on hacking the Kinect and writing open drivers for it. There’s a website for the community and a Git repo with the code, and it’s working fairly nicely by now. With that out of the way, here’s a project that I’ve been working on on-and-off for the past year or so.
  • AsbestOS: Running Linux as GameOS
    As most of you will probably already know, I’ve been working on a project recently which aims to run Linux on the PS3 (including the PS3 Slim) using the PSJailbreak exploit, effectively replacing GameOS on the fly. I think it’s gotten to the point where it’s useful enough for other people to be interested, so here’s something resembling an official announcement. Obligatory demo video: AsbestOS (a mineral, and meaning “inextinguishable” in Greek) is a bootloader to run PS3 Linux without OtherOS.
  • Making Firefox play nicely with Laptop Mode
    These days, if you want to do something like this, you should check out libeatmydata. Linux has a tweakable knob called laptop_mode which is meant as an energy saving tool for laptop users on battery: it basically says “try not to touch the disk for X minutes at a time, unless you really need to, and once you do, do everything that you’ve been piling up all at once”. It’s great for laptop users, and doubly so for things like my huge laptop with two 7200RPM HDDs.
  • iPhone syncing on Linux, part 2
    I no longer use an iPhone nor am I an active developer of usbmuxd. If you’re interested in the current state of affairs, check out the libimobiledevice repositories, where development continues. Last post was more along the lines of an announcement, so here’s a more concrete guide. There have been new releases of most parts of the software stack in the past few days, so now is the time to grab them if you’re interested.
  • iPhone syncing on Linux
    I no longer use an iPhone nor am I an active developer of usbmuxd. If you’re interested in the current state of affairs, check out the libimobiledevice repositories, where development continues. Those who watch my git repos may have noticed that I’ve been working on this for a while now. iPhones and iPod Touches have never been properly supported under Linux (especially non-jailbroken devices) because they are just so different from all the previous iPod models.
  • Enabling Intel VT on the Aspire 8930G
    When I first wrote this blog post in 2009, I never expected that it would get so popular. As it turned out, lots of people were interested in UEFI BIOS hacking and/or were victims of poor BIOS implementations by vendors. I no longer own the laptop that is mentioned in this post, nor do I own any other hardware with an InsydeH2O BIOS. The tools referenced in this post were never meant to be generic UEFI hacking tools, but rather a quick fix for my particular laptop.
  • iPhone OS 3.0 music: totally incompatible
    With the new OS version, Apple totally changed up the database format. Now it’s based on a whole bunch of SQLite files and there are also a few files in a format similar to the old proprietary one. There are more than likely still hashes in the critical files, and there’s also a suspicious pair of files that appear to be entirely encrypted. The SQLite format is open and certainly better than the old one, but someone still needs to interface a media player to it.
  • More SPMP goodness: now with pseudo-3D
    After a few days of reading very, very weird disassembled code and poking registers, the odd 2D hardware finally works (for the most part). It can draw lines, so I threw in a software 3D transform. Here’s the Stanford Bunny in a glorious 448 vertices and 1416 lines of jaggy wireframe awesomeness.  The chip has hardware line styling (stippling), and you can see 4 different settings (solid, “10″ dashed, “100″ dashed, “1000″ dashed) in sequence.
  • Sunplus SPMP305x media player hacking
    I’ve joined a bunch of friends in a quest to reverse engineer and write custom software for Sunplus SPMP305x chips. These chips are inside all sorts of chinese media players, particularly the fairly powerful kind with a camera, video playback, etc. The chip is based around an ARM926EJ-S core, but the peripherals around it are completely custom – check out the marketing blurb. Most current work is on reverse engineering the hardware interface so we can completely replace the default firmware.
  • Acer Aspire 8930G Linux audio support
    I’ll eventually write a longer post about how different bits and pieces of this laptop’s hardware fare under Linux. For now, I’ve managed to strike one of the more annoying issues: proper audio. Scroll down if you’re impatient and want the code; read on if you want the full story. This laptop is peculiar because it has built-in “5.1” audio. Yes, it does really have 6 speakers, though you’d be hard pressed to get much spatial separation out of them (and they aren’t even placed around symmetrically).
  • Quickpasting
    If you’ve ever worked with other people on some piece of code or program, particularly over IRC or IM or some other form of real-time or fast text communication, chances are you’ve used one of the many “paste” sites available (my personal favorite is pastie). These sites offer a convenient way of sending small to medium chunks of text to other people quickly, by simply copyng and pasting the text into a web form.
  • HDCP Authentication Failure
    And I wasn’t even watching protected content. This is (one of the many reasons) why DRM needs to die.
  • Using Amarok and other iTunesDB compatible software with the iPhone 2.x
    With newer iPods and the iPhone 2.x firmware, Apple decided to implement a new hash scheme for iTunesDB to prevent third-party apps from managing the iPod database. Stupid. They decided to make it part of the FairPlay codebase, including its obfuscation. Very Stupid. But just in case that weren’t enough, then they went ahead and tried to take down the iPodHash project which was attempting to reverse engineer the (annoyingly obfuscated) algorithm.
RSS feed