mardi 31 décembre 2013

SD Card Hack Shows Flash Storage Is Programmable: Unreliable Memory

Ever wonder why SD cards are dirt cheap? At the 2013 Chaos Computer Congress, a hacker going by the moniker Bunnie recently revealed part of the reason: “In reality, all flash memory is riddled with defects — without exception.” But that tidbit is nothing compared to the point of his presentation, in which he and fellow hacker Xobs revealed that SD cards and other flash storage formats contain programmable computers.


sd card hack by bunnie and xobs 620x345magnify



Bunnie also summarized his presentation in a relatively easy to understand post on his blog. The images I’m sharing here are from the slides (pdf) that he and Xobs used in their 30C3 talk. Here’s the full paragraph where Bunnie claims that flash memory is cheap because they’re unreliable: “Flash memory is really cheap. So cheap, in fact, that it’s too good to be true. In reality, all flash memory is riddled with defects — without exception. The illusion of a contiguous, reliable storage media is crafted through sophisticated error correction and bad block management functions…”


sd card hack by bunnie and xobs 2 620x464magnify



“…This is the result of a constant arms race between the engineers and mother nature; with every fabrication process shrink, memory becomes cheaper but more unreliable. Likewise, with every generation, the engineers come up with more sophisticated and complicated algorithms to compensate for mother nature’s propensity for entropy and randomness at the atomic scale.”


sd card hack by bunnie and xobs 3 620x464magnify



Simply put, Bunnie claims that flash storage is cheap (partly) because all chips made are used, regardless of their quality. But how do flash storage makers deal with faulty hardware? With software.


Apparently flash storage manufacturers use firmware to manage how data is stored as well as to obscure the chip’s shortcomings. For instance, Bunnie claims that some 16GB chips are so damaged upon manufacture that only 2GB worth of data can be stored on them. But instead of being thrashed, they’re turned into 2GB cards instead. In order to obscure things like that – as well as to handle the aforementioned increasingly complex data abstraction – SD cards are loaded with firmware.


sd card hack by bunnie and xobs 4 620x464magnify



And where does that firmware reside? In a microcontroller, i.e. a very tiny computer. The microcontroller is packed inside a memory card along with the actual chips that store the data. Bunnie and Xobs then proved that it’s possible to hack the microcontroller and make it run unofficial programs. Depending on how cynical you are, that finding is either good news or bad news.

sd card hack by bunnie and xobs 5 620x464magnify



For their talk, Bunnie and Xobs hacked into two SD card models from a relatively small company called AppoTech. I wish I could say more about their process, but you can read about it on Bunnie’s blog


sd card hack by bunnie and xobs 6 620x464magnify



…or you can watch their entire presentation in the video below:


Long story short, Bunnie and Xobs found out that the microcontrollers in SD cards can be used to deploy a variety of programs – both good and bad – or at least tweak the card’s original firmware. For instance, while researching in China, Bunnie found SD cards in some electronics shops that had their firmware modified. The vendors “load a firmware that reports the capacity of a card is much larger than the actual available storage.” The fact that those cards were modified supports Bunnie and Xobs’ claim: that other people besides manufacturers can manipulate the firmware in SD cards.


sd card hack by bunnie and xobs 7 620x464magnify



The slide above outlines the other ways a memory card’s microcontroller can be abused. Malware can be inserted into memory cards to discreetly open files, make data impossible to erase (short of destroying the card itself) and even discreetly scan and replace data. On the other hand, Bunnie and Xobs note that this revelation opens up a new platform for tinkerers and developers. If a memory card is both a storage device and a computer, then it may be powerful enough to control another device on its own.

It’s worth noting that this particular investigation had an extremely small sample size. That being said, Bunnie believes that this vulnerability exists in “the whole family of “managed flash” devices, including microSD, SD, MMC as well as the eMMC and iNAND devices typically soldered onto the mainboards of smartphones and used to store the OS and other private user data. We also note that similar classes of vulnerabilities exist in related devices, such as USB flash drives and SSDs.”


Turns out the memories of our computers are as unreliable as ours.


[via Bunnie via BGR]






via Technabob http://technabob.com/blog/2013/12/31/sd-card-programmable-hack/

Tech Deals of the Day: Monday, 12/30/2013

Our friends at TechBargains.com compile a list of daily deals to help you save money. Keep in mind that as with any good deal, products are limited in quantity and can sell out quickly – so don’t hesitate to check them out now.


If you’re looking to buy a product from a specific store, save money with updated and verified coupon codes here.


Computers & Peripherals:



Home Entertainment:



Personal Electronics:







via Technabob http://technabob.com/blog/2013/12/30/tech-deals-of-the-day-monday/

Wonder Woman Ring: Put a Tiara on It

Here’s one of the latest offerings from one of our favorite geeky jewelers, Paul Michael Bierker. It’s a ring that looks just like Wonder Woman’s tiara. It has five custom cut rubies and can be made from sterling silver, gold, palladium or platinum alloy.


wonder woman tiara ring by paul michael design 620x420magnify



But don’t even think about using it as a tiny boomerang. The cheapest version of the ring costs $595 (USD); the most expensive version is a godlike $12,550. Fly your invisible browser to Paul’s Etsy shop to order the ring.


[via Fashionably Geek]






via Technabob http://technabob.com/blog/2013/12/31/wonder-woman-ring/

Doublesix Dice: Rolls So Nice, It’s Numbered One to Six Twice

The six-sided die is one of the most recognizable symbols of gaming and gambling. But as Dr. Matt Fleming states, cubes don’t roll well. You know what does? A dodecahedron. So Matt put the numbers one through six twice on a 12-sided die. Hence the name Doublesix Dice.


doublesix dice by matt fleming 620x465magnify



Aside from being 12-sided, Doublesix Dice also have the same number of pips printed on opposing sides. Matt says this makes the dice more balanced compared to ordinary six-sided die.



Roll a browser then head to Kickstarter to get Doublesix Dice. A pledge of at least $10 (USD) gets you a pack of 12 dice.






via Technabob http://technabob.com/blog/2013/12/31/doublesix-dice/

lundi 30 décembre 2013

Wii U GamePad Hacked to Stream from PC: Nintendo Shield

At the 2013 Chaos Communication Congress, a group of hackers called Mema Haxx showed off a neat trick: streaming and controlling applications from a PC to a Wii U GamePad. They even played a bit of The Legend of Zelda: The Wind Waker from a Gamecube emulator. Hacker humor folks.


Wii U GamePad PC stream hack by Mema Haxx 620x348magnify



I’m not even going to pretend that I understand what Mema Haxx did to pull this off, especially since you can watch the presentation in its entirety in the video below. Lesser mortals such as I should proceed to around 47:30 in the video to check out the demo.



You can also read Mema Haxx’ presentation on Google Docs. Although the group thinks that the hack is very promising, it’s still in alpha and won’t be of any use to anyone except coders. For now you’d be better off commissioning a Cross Plane. But keep that Wii U GamePad healthy.


[via Engadget]






via Technabob http://technabob.com/blog/2013/12/30/wii-u-gamepad-pc-streaming-hack/

Hayabusa Watch Concept: How Master Chief Tells Time

The latest TokyoFlash concept watch from UK designer Peter Fletcher is one of his coolest yet. The Hayabusa LED watch features a case inspired by the Spartan armor of the same name from Halo.


hayabusa watch concept 1 620x465magnify



The helmet-shaped case has an EL-backlit LCD that looks like the helmet’s visor, while watch is covered in a finish that looks like armor. Though I have to say it looks more like Mjolnir armor to be as it’s not pointy like the Hayabusa armor in the game. Still, it’s totally cool.


hayabusa watch concept 2 620x465magnify



What I really love about the design of this watch is that the display is surprisingly easy to read. Twevle dots in the middle indicate hours, while the shapes that flank each side are just distorted digits for the minutes.


hayabusa watch concept 3 620x410magnify



While those not in the know will have no clue as to what time it is, you’ll be able to tell time at a glance – hopefully before some Elite tags you with a sticky grenade.


hayabusa watch concept 5 620x465magnify



Halo fans, If you like what you see, head on over to the TokyoFlash design blog and show your support for the Hayabusa watch. With enough votes, TokyoFlash could very well put the design into production.


hayabusa watch concept 4 620x465magnify







via Technabob http://technabob.com/blog/2013/12/30/halo-hayabusa-watch-concept/

dimanche 29 décembre 2013

3D Printed NSA Spybot: I Always Feel Like Somebody’s Watching Me

One of the most significant controversies of recent years has been the NSA’s mass surveillance of individuals via telecommunications and internet data monitoring. And while the ‘bots which are watching us are not much more than bits of data coursing through CPUs and electronic storage devices, it’s sometimes easier to imagine a physical manifestation of such unseen evils.


nsa spybot t 620x620magnify



What we have here is just that. Technabob friend and artist Metin Seven designed this satirical, physical version of one of the NSA’s all-knowing, all-seeing spybots, rendering it in 3D. And if you really want one, you can have it 3D printed over at Shapeways. A 4-inch-high full color sandstone print will set you back about $25(USD), though it’ll be rough, not shiny like the rendering above. It’s also available in a variety of other materials, including steel and brass.


Just be careful when you order one, you never know who might be monitoring your purchases.






via Technabob http://technabob.com/blog/2013/12/29/3d-printed-nsa-spybot/

TellSpec Scanner Reveals What’s in Your Food: Food Label 2.0

If you’re a health buff or if you have food allergies, you probably have a mental list of edibles to avoid. But how can you be sure that the food that’s in front of you is up to your standards? That’s the idea behind TellSpec. It’s a small scanner that can supposedly tell you what’s in your food.


tellspec food scanner 620x404magnify



TellSpec has two primary parts: a low-power laser and a spectrometer. Simply put, substances in food reflect light from the laser in distinct ways. The spectrometer analyzes and records the reflections, then TellSpec sends this data online using your mobile device. The results are displayed on your device as well via an app. TellSpec can identify the amount of calories and sugar on the scanned item, as well as the presence of preservatives and allergens such as nuts and gluten. It can scan through plastic and glass so you can use it while buying or browsing food.



TellSpec’s app can do more than just identify ingredients. It can also keep track of your calorie intake and even help you self-diagnose if you’re allergic to a particular substance. Here’s a demo of a very early prototype of the TellSpec:



Looks like they’ve got a long to go to get the device down to size. But if you’re willing to take the gamble, you can pre-order TellSpec online for $320 (USD). There are also pre-order bundles for family use and for developers. Because it uses a cloud service, TellSpec will also require a subscription. When you buy the device, you get one year of free service but after that you need to pay either $7 a month or $70 a year for it to keep working. Check out TellSpec’s website or their Indiegogo campaign page for more info.


[via The Red Ferret Journal]






via Technabob http://technabob.com/blog/2013/12/29/tellspec-food-scanner/

Star Trek USS Enterprise Glassware: To Boldly Drink

Are you looking to geek up your drinkware? These Star Trek Enterprise glasses are classy and elegant, whether you are serving Romulan ale, Saurian brandy, scotch, beer or soda. They actually look like set pieces that might have appeared in the original Trek movies.


star trek glasses1magnify



You get a set of four etched 7oz. glasses, each with the Starfleet Command Division Insignia and U.S.S. Enterprise NCC-1701 ship registry on them. These glasses are officially licensed and officially awesome.


star trek glassesmagnify



These will look great in your mess hall. Just keep your ship’s engineer away from them. He may be a miracle worker, but you don’t need him drinking too much scotch and blowing up your ship. These glasses are only $29.99(USD) from ThinkGeek.






via Technabob http://technabob.com/blog/2013/12/29/star-trek-glassware/

samedi 28 décembre 2013

Tech Deals of the Day: Friday, 12/27/13

Our friends at TechBargains.com compile a list of daily deals to help you save money. Keep in mind that as with any good deal, products are limited in quantity and can sell out quickly – so don’t hesitate to check them out now.


If you’re looking to buy a product from a specific store, save money with updated and verified coupon codes here.


Computers & Peripherals:



Home Entertainment:



Personal Electronics:







via Technabob http://technabob.com/blog/2013/12/27/tech-deals-of-the-day-friday/

Custom Video Game Proposal Is Pixel Perfect

Take some notes guys. This is the best way ever to propose to your girlfriend and potential wife. If this technique does not win her over, then she is a cold cold witch and you are probably better off without her. Luckily for Robert Fink, a 3D artist, it all went off without a hitch.


knight man 620x387magnify



With some help from his friends, Robert created a retro-style platformer called Knight Man for his girlfriend Angel White. You can watch as she plays through the whole game to the end. The end? Not really. That’s where the proposal is revealed and she has to choose either “Yes” or “No” to continue.



Of course, she picked “Yes”. How could she not? This video is sure to give you the feels. Robert should make custom games for guys with gamer girlfriends so that other guys can do this and be all awesome too.


[via Geekosystem]






via Technabob http://technabob.com/blog/2013/12/28/custom-video-game-proposal/

vendredi 27 décembre 2013

FaceRig Turns You into a Digital Avatar in Real Time: Self-e

Here’s a program that could be one of the big hits of 2014. Currently in development by Holotech Studios, FaceRig lets anyone with a webcam project their head movements and facial expressions onto a virtual character, all in real time. It’s Dance Central for your face.


facerig 620x310magnify



According to Holotech Studios, FaceRig is based on “real time image based tracking technology” made by Swedish company Visage Technologies. Aside from tracking and mapping your head and face, voice alteration will also be included in FaceRig. So you can become a voice actor, a motion capture actor and an animator all at once.


So what can you do with the FaceRig? For starters you can stream a show online using your avatar as your visage. You can be the next Hatsune Miku! Or rather, Half-sune Miku. You can make a simple animated film without spending a single second or cent in 3D modeling software. Or you can just make funny faces all day.



Holotech Studios plans to release several versions of FaceRig for different devices and use cases, such as a full featured desktop program for professional use and a mobile app for funny face use. For now a pledge of at least $5 (USD) on Indiegogo will be enough to score you both a beta and a full license to the basic version of FaceRig.


[via Incredible Things]






via Technabob http://technabob.com/blog/2013/12/27/facerig-digital-avatar-face-motion-capture/

OpenEmu OS X Multi-System Emulator: It Just Emulates

When I first saw OpenEmu, it was already able to play games from different previous gen systems, but it had this experimental streak to it. Four years later, it has put its wild days behind. The new OpenEmu is a suave and streamlined application that looks and behaves like a native OS X program.


openemu mac os x video game emulator 620x413zoom in



OpenEmu uses open source emulators for the Game Boy, Game Boy Advance, Game Gear, NeoGeo Pocket, Nintendo DS, NES, SNES, Sega Genesis, Sega 32X, Sega Master System, TurboGrafx-16 and the Virtual Boy. The beauty of it is that you don’t have to switch between emulators to play digital copies of games that you legally own (henceforth known as DCOGTYLO). Simply load DCOGTYLO into OpenEmu and it will figure out what emulator each one runs on, similar to how your computer automatically opens your other files in their respective programs (well, most of the time anyway).


Another great feature of OpenEmu is that it downloads game covers for your DCOGTYLO over the Internet, then presents it in interfaces that OS X users will be familiar with, such as Cover Flow. Those two features combine to give you an elegant way to organize and view your DCOGTYLO collection.


openemu mac os x video game emulator 2 300x250zoom in

openemu mac os x video game emulator 3 300x250zoom in

openemu mac os x video game emulator 4 300x250zoom in

But OpenEmu really shines if you take the time to get to know its more technical features. For starters, it supports a wide variety of gamepads, from generic USB controllers to the DualShock 4. It also has a variety of video filters that can make you fell like you’re back in third grade, looking up at a 15″ CRT TV, when you’re actually playing a DCOGTYLO on your MacBook Air. At work. Here’s a great preview of OpenEmu by Lon Seidman:



You can download OpenEmu for free. The emulator’s developers also bundled a pack of homebrew games for those that don’t have a DCOGTYLO to play.


[via OS X Daily]






via Technabob http://technabob.com/blog/2013/12/27/openemu-os-x-multi-system-emulator/