Taking my hacking to a new level: the serial level

I void warranties. Showing off my custom-built CarolinaCon badge last year.

I spent some time over the long President’s Day weekend hacking some of my home devices with the goal of putting new firmware on them. Up until now this has consisted mostly of flashing custom firmware through the existing upgrade channels of whatever device I was working with. Other times I would flash the devices by having them download new firmware from a fileserver.

Sometimes, though, there is no other way to bend a device to your will than to tap into the device’s serial console. This is often done by using a special adapter to convert the low-level signals into the kind that a modem would use. Then you simply use any suitable terminal program to interact with the device. Even though most embedded devices do not come with real computer screens, one can use the serial console to read messages and type commands.

My new serial cable arrives this week which should allow me to unlock nearly any device in my home. I’m looking forward to voiding some more warranties!

Radiation Will Tear Elon Musk’s Rocket Car to Bits in a Year

Plastics expert Dr. William Carroll of Indiana University says Elon Musk’s Starman Tesla is no match for the rough-and-tumble environment of space.

The real forces that will tear the car apart over hundreds of millions of years in space, Carroll said, are solid objects and — most importantly — radiation.

Even if the car avoids any major collisions, over very long time horizons, it’s unlikely the vehicle could avoid the kind of collisions with micrometeorites that leave other space junk riddled with craters over time, Carroll said.

But assuming those collisions don’t completely tear the car apart, the radiation will.

Down on Earth, a powerful magnetic field and the atmosphere largely protect human beings (and Tesla Roadsters) from the harsh radiation of the sun and cosmic rays. But spacefaring objects have no such protections.

Source: Radiation Will Tear Elon Musk’s Rocket Car to Bits in a Year

I now remember why I left DOS behind

This is harder to emulate than you think.

Because I apparently haven’t had enough technical challenges to solve, this weekend I decided to return to my little side project of getting my old DOS-based PCBoard BBS running in a virtual machine. For this project I’m using oVirt as the VM host and booting FreeDOS 1.2.

Needless to say, I’m running into some challenges. My first thought is: oh my God what a kludgy mess DOS is! It’s a half-assed solution on top of a half-assed solution on top of a half-assed solution. Device drivers up the wazoo. More than 640K memory? Gotta load EMM drivers. Want to use a CD? Load an ATAPI driver. Want USB? Hah, not available! Want networking? Find a packet driver for your specific network card and ensure you use the right interrupts. Oh, and you’ll still need to load a separate TCP/IP stack! With so many parts to the puzzle it’s a miracle anything ever worked at all!

It took me a little while but I finally did get my DOS VM networked via TCP/IP. Then when I loaded PCBoard it initially seemed to be looking for a (non-existent) modem. Subsequent runs had it complaining about “Cannot run as a child of BASIC” before exiting. I am assuming this is a problem with the way PCBoard was compiled using QuickBASIC and QuickBASIC (QB) might not be playing nicely with FreeDOS. I’ve seen others say QB works fine with FreeDOS but I don’t know if that applies to the compiled programs or not.

So, now I’m on to installing a DOS VM using MS-DOS 6.22. I can’t imagine QuickBASIC not liking MS-DOS.

The project continues. It may or may not be worth the trouble but at the very least it is a reminder of just how far we’ve come with operating systems!

Sound bite: Despite Pono’s promise, experts pan HD audio – CNET

This isn’t a new story but it’s one that I found very enlightening on the topic of digital audio formats.

Pono Music’s roaring success on Kickstarter, raising $4.3 million so far, shows that thousands of people believe better audio quality is worth paying for.

The company — backed by star musician Neil Young and selling a $400 digital audio player along with accompanying music — promises people will hear a difference between Pono Music and ordinary music that’s “surprising and dramatic.” The company’s promise is based in part on music files that can contain more data than not only conventional MP3 files, but also compact discs.

There’s no doubt that highly compressed music files, played over tinny laptop speakers or cheap earbuds, leave a lot of room for improvement. But outdoing CD quality? That’s a harder sell.

Source: Sound bite: Despite Pono’s promise, experts pan HD audio – CNET

USAF Is Jamming GPS In The Western U.S. For Largest Ever Red Flag Air War Exercise – The Drive

Interesting. Glad to see the military conducting exercises without GPS, now that Russia has shown its willingness to jam it. In war we must be prepared to go without this incredibly-useful resource.

The year’s first iteration of the USAF’s premier set of aerial war games, known commonly as Red Flag, is kicking off today at Nellis Air Force Base just outside of Las Vegas, but this exercise will be different than any in the past. Not only is it the largest of its kind in the exercise’s 42 year history, but the USAF is going to blackout GPS over the sprawling Nevada Test and Training Range to challenge aircrews and their weaponry under realistic fighting conditions. The tactic will spill over throughout the region, with warnings being posted stating inconsistent GPS service could be experienced by aircrews flying throughout the western United States.

Source: USAF Is Jamming GPS In The Western U.S. For Largest Ever Red Flag Air War Exercise – The Drive

Bonus: Read more of the Navy’s rationale for blocking GPS.

Candid camera: Dutch hacked Russians hacking DNC, including security cameras | Ars Technica

Hackers hacking hackers. Reason #47,672 why I love the Dutch!

According to a report in the Dutch newspaper de Volkskrant, the General Intelligence and Security Service of the Netherlands (AIVD)—the Netherlands’ domestic intelligence service—had hacked into the network of a building at a Russian university in Moscow some time in the summer of 2014. The building housed a group running a hacking campaign now known as “Cozy Bear,” one of the “threat groups” that would later target the Democratic National Committee.

Russia’s hack of State Department was “hand-to-hand” combatAIVD’s intrusion into the network gave them access to computers used by the group behind Cozy Bear and to the closed-circuit television cameras that watched over them, allowing them to literally witness everything that took place in the building near Red Square, according to the report. Access to the video cameras in a hallway outside the space where the Russian hacking team worked allowed the AIVD to get images of every person who entered the room and match them against known Russian intelligence agents and officials.

Based on the images, analysts at AIVD later determined that the group working in the room was operated by Russia’s Foreign Intelligence Service (SVR). An information and technology sharing arrangement with the National Security Agency and other US intelligence agencies resulted in the determination that Cozy Bear’s efforts were at least in part being driven by the Russian Federation’s leadership—including Russian President Vladimir Putin.

Source: Candid camera: Dutch hacked Russians hacking DNC, including security cameras | Ars Technica

Google (GOOG) can still use Bluetooth to track your Android phone when Bluetooth is turned off — Quartz

This seems to cross the “don’t be evil” line, Google. Tracking people after the fact? Really?

When it comes to tracking the precise location of an Android user’s phone, Google appears to use every means available—including Bluetooth-based location information transmitted to the company when the user might think they have Bluetooth turned off entirely.

A Quartz investigation found that a user can turn Bluetooth off on their smartphone running Google’s Android software, and the phone will continue to use Bluetooth to collect location-related data and transmit that data to Google. It does this by sending Google, among other things, the unique identifier codes of Bluetooth broadcasting devices it encounters. Such devices, known as beacons, are often used in stores, museums, and other public places to help phones ascertain their locations within buildings. Alphabet-owned Google does the tracking in part so advertisers can target “more useful” digital ads to users, but Quartz discovered that the company taps into an array of signals that can yield an individual’s whereabouts even when the user thinks they’ve disabled such tracking.

Source: Google (GOOG) can still use Bluetooth to track your Android phone when Bluetooth is turned off — Quartz

Russian agents pollute social media

A few weeks ago, I shared my long-held skepticism about the effectiveness of influenza vaccines and was pleased to see a friend chime in in agreement. My skepticism of flu shots is based on science – that the effectiveness of the mass-produced vaccine is abysmal and has been for years. My friend’s skepticism is based on something less reliable, it seems, because she shared a post from the dubious news site, YourNewsWire.com. It quotes an unnamed CDC doctor:

A CDC doctor has warned this year’s “disastrous” flu shot may be responsible for the deadly flu epidemic sweeping the country.

“Some of the patients I’ve administered the flu shot to this year have died,” the doctor said, adding “I don’t care who you are, this scares the crap out of me.”

“We have seen people dying across the country of the flu, and one thing nearly all of them have in common is they got the flu shot.”

Scientists were worried this year’s flu season was going to be rough and their fears have been proven well founded. The flu season is off to a record-breaking start, with the CDC reporting widespread flu activity from coast to coast. Many health officials believe that 2018 will ultimately be the worst flu outbreak that we have experienced since 1918.

The CDC doctor’s experience of patients dying of the flu after receiving the flu shot is sadly not uncommon. Eight Santa Barbara County residents have died from the flu in the last fortnight. Seven of them had the flu shot.

This seemed like a pretty radical claim, so I searched the Internet for it and … nothing. The unnamed doctor obviously does not exist. YourNewsWire is the place Russian trolls work to perfect their craft.
Continue reading →

I feel the need … the need for speed

Optimizing MarkTurner.Net

A few days ago I was playing with Pingdom’s Website speed test and shocked to find how long it was taking MT.Net to load for my legions of website visitors. There were several things slowing it down, earning my site a grade of a gentleman’s “C.”

After digging through some of Pingdom’s suggestions and carefully pruning my WordPress plugins and settings, I’ve managed to whittle down the load time from an average of over 3 seconds to just a hair over one second.

While there’s probably a little bit more performance I could squeeze out this is far better than it was. Enjoy!

Amazon won’t say if it hands your Echo data to the government | ZDNet

Amazon has a transparency problem.Three years ago, the retail giant became the last major tech company to reveal how many subpoenas, search warrants, and court orders it received for customer data in a half-year period. While every other tech giant had regularly published its government request figures for years, spurred on by accusations of participation in government surveillance, Amazon had been largely forgotten.

Eventually, people noticed and Amazon acquiesced. Since then, Amazon’s business has expanded. By its quarterly revenue, it’s no longer a retail company — it’s a cloud giant and a device maker. The company’s flagship Echo, an “always listening” speaker, collects vast amounts of customer data that’s openly up for grabs by the government.

But Amazon’s bi-annual transparency figures don’t want you to know that.

Source: Amazon won’t say if it hands your Echo data to the government | ZDNet

S	M	T	W	T	F	S
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30