«
Expand/Collapse
27 items tagged "chip"
Related tags:
Hardware [+],
security [+],
classic [+],
authors [+],
talk [+],
smartcard [+],
mandriva linux [+],
mandriva [+],
linux [+],
integer overflow [+],
christopher tarnovsky [+],
buffer overflow [+],
black hat [+],
usb [+],
pin [+],
nes [+],
microcontrollers [+],
logic chip [+],
logic [+],
computer [+],
avr [+],
wooden case [+],
wanna [+],
video digitizer [+],
video [+],
usb stack [+],
usa [+],
tool [+],
thanksgiving holiday [+],
system [+],
synthesis [+],
steven j. murdoch tags [+],
source [+],
smart card payments [+],
slides [+],
skill set [+],
sjaak [+],
simple [+],
sidekick [+],
servo motor [+],
serial converter [+],
screen [+],
ruby [+],
roland [+],
robots [+],
retrospect [+],
real time clock [+],
rapid prototyping [+],
radio [+],
psone screen [+],
prototyping tool [+],
programmer [+],
power analysis [+],
potentiometer [+],
plcc [+],
pin system [+],
parker [+],
other security threats [+],
open source system [+],
noac [+],
nintendo [+],
msp [+],
milkymist [+],
mike field [+],
microcontroller programmer [+],
mcp [+],
mac [+],
lua [+],
local shop [+],
leds [+],
larson scanner [+],
knees [+],
j. peterson [+],
internet community [+],
implants [+],
ihsan kehribar [+],
ibm [+],
hot glue [+],
hot air gun [+],
ghetto [+],
gerry [+],
gameboy [+],
game boy cartridge [+],
ftdi [+],
fpgas [+],
fm radio [+],
fm chip [+],
flash chip [+],
europe [+],
emv [+],
ds1307 [+],
dram chip [+],
dip package [+],
desoldering [+],
design [+],
cyborg [+],
crypto [+],
cracked [+],
copies [+],
computer chip [+],
composite video output [+],
compatibility issues [+],
code memory [+],
clock chip [+],
clock [+],
clever combination [+],
classic nes [+],
chip usb [+],
chip computer [+],
chaser [+],
chaos communication congress [+],
chaos communication camp [+],
cartridge [+],
card [+],
captain cyborg [+],
captain [+],
canada [+],
brain [+],
beautiful [+],
bbc report [+],
awesome tutorial [+],
avr microcontroller [+],
avr chip [+],
automated [+],
attiny [+],
assembly skills [+],
arduino [+],
andrea [+],
Wireless [+],
HackIt [+],
hacks [+]
-
-
![Permalink for '[Slides] Latest developments around the Milkymist System-on-Chip'](/themes/lilina/web//media/mark_off.gif)
21:34
»
SecDocs
Authors:
Sébastien Bourdeauducq Tags:
embedded microcontroller Event:
Chaos Communication Camp 2011 Abstract: Milkymist develops a comprehensive solution for the live synthesis of interactive visual effects. It features one of the first open source system-on-chip designs. This talk gives a roundup of what has happened during the last 1.5 year in this project. The Milkymist project is an informal organization of people and companies who develop, manufacture and sell a comprehensive open source hardware and software solution for the live synthesis of interactive visual effects for VJs. The project goes great lengths to apply the open source principles at every level possible, and is best known for the Milkymist system-on-chip (SoC) which is among the first commercialized system-on-chip designs with free HDL source code. As a result, several Milkymist components have been reused in applications unrelated to video synthesis. For example, NASA's Communication Navigation and Networking Reconfigurable Testbed (CoNNeCT) experiment uses the memory controller that was originally developed for the Milkymist system-on-chip and published under the GNU GPL. A lot has happened since the introduction to the project at the 26C3. We have designed and are now producing and selling our own hardware called Milkymist One. The system-on-chip design has reached a very usable state, with improved graphics acceleration capabilities, support for all the interfaces on the Milkymist One (e.g. video digitizer, USB, Ethernet, MIDI, DMX, ...) and a GDB-compatible in-system debugger. On the software side, we have ported the RTEMS real time operating system and up-leveled the Linux port. We also have developed our own end-user video synthesis application which runs on RTEMS and uses the MTK embedded GUI toolkit (based on Genode FX). Several third-party applications and many libraries were successfully run on the Milkymist SoC, such as the MuPDF document viewer and the Lua and Ruby programming languagues. The SoC software can also be run and debugged in the latest versions of the QEMU emulator. This talk presents all this, and more. Demonstrations included.
-
-
17:01
»
Hack a Day
[Parker] emailed us today to show off his latest NES portable build. This time he’s using the standard “top loader” NES instead of the typically used NES on a chip. This is pretty cool since the NES on a chip has compatibility issues with some games. For the screen, he uses a common PSone screen [...]
-
-
8:10
»
Hack a Day
After building a few portable gaming systems, [Parker] wanted to try something a little different than the usual sleek plastic builds. He decided to go with a nice wooden classic NES. He started by gutting a NOAC or Nintendo On A Chip. The NOAC has already done most of the miniaturization for him, so he [...]
-
-
21:40
»
SecDocs
Authors:
Steven J. Murdoch Tags:
bank smart card Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: EMV is the dominant protocol used for smart card payments worldwide, with over 730 million cards in circulation. Known to bank customers as “Chip and PIN”, it is used in Europe; it is being introduced in Canada; and there is pressure from banks to introduce it in the USA too. EMV secures credit and debit card transactions by authenticating both the card and the customer presenting it through a combination of cryptographic authentication codes, digital signatures, and the entry of a PIN. In this paper we describe and demonstrate a protocol flaw which allows criminals to use a genuine card to make a payment without knowing the card’s PIN, and to remain undetected even when the merchant has an online connection to the banking network. The fraudster performs a man-in-the-middle attack to trick the terminal into believing the PIN verified correctly, while telling the issuing bank that no PIN was entered at all. The paper considers how the flaws arose, why they remained unknown despite EMV’s wide deployment for the best part of a decade, and how they might be fixed. Because we have found and validated a practical attack against the core functionality of EMV, we conclude that the protocol is broken. This failure is significant in the field of protocol design, and also has important public policy implications, in light of growing reports of fraud on stolen EMV cards. Frequently, banks deny such fraud victims a refund, asserting that a card cannot be used without the correct PIN, and concluding that the customer must be grossly negligent or lying. Our attack can explain a number of these cases, and exposes the need for further research to bridge the gap between the theoretical and practical security of bank payment systems. Smart cards have gradually replaced magnetic strip cards for point-of-sale and ATM transactions in many countries. The leading system, EMV (named after Europay, MasterCard, and Visa), has been deployed throughout most of Europe, and is currently being rolled out in Canada. As of early 2008, there were over 730 million EMV compliant smart cards in circulation worldwide. In EMV, customers authorize a credit or debit card transaction by inserting their card and entering a PIN into a point-of-sale terminal; the PIN is typically verified by the smart card chip, which is in turn authenticated to the terminal by a digital certificate. The transaction details are also authenticated by a cryptographic message authentication code (MAC), using a symmetric key shared between the payment card and the bank that issued the card to the customer (the issuer). EMV was heavily promoted under the “Chip and PIN” brand during its national rollout in the UK. The technology was advertised as a solution to increasing card fraud: a chip to prevent card counterfeiting, and a PIN to prevent abuse of stolen cards. Since its introduction in the UK the fraud landscape has changed significantly: lost and stolen card fraud is down, and counterfeit card fraud experienced a two year lull. But no type of fraud has been eliminated, and the overall fraud levels have actually risen (see Figure 1). The likely explanation for this is that EMV has simply moved fraud, not eliminated it. One goal of EMV was to externalise the costs of dispute from the issuing bank, in that if a disputed transaction has been authorised by a manuscript signature, it would be charged to the merchant, while if it had been authorised by a PIN then it would be charged to the customer. The net effect is that the banking industry, which was responsible for the design of the system, carries less liability for the fraud. The industry describes this as a ‘liability shift’. In the past few years, the UK media have reported numerous cases where cardholders’ complaints have been rejected by their bank and by government-approved mediators such as the Financial Ombudsman Service, using stock excuses such as ‘Your card was CHIP read and a PIN was used so you must have been negligent.’ Interestingly, an increasing number of complaints from believable witnesses indicate that their EMV cards were fraudulently used shortly after being stolen, despite there having been no possibility that the thief could have learned the PIN. In this paper, we describe a potential explanation. We have demonstrated how criminals can use stolen “Chip and PIN” (EMV) smart cards without knowing the PIN. Since “verified by PIN” – the essence of the system – does not work, we declare the Chip and PIN system to be broken.
-
-
9:01
»
Hack a Day
Late last week, we saw a rather clever combination lock build that used only a single 74xx logic chip. [J. Peterson] read this post, and in a battle royale of geek one upmanship sent us a write up of the logic chip computer he built nearly 30 years ago at the University of Utah. Around 1982 or [...]
-
-
8:01
»
Hack a Day
[Andrea] built this LED chaser using one logic chip. It illuminates all but one of the six LEDs, with the dim bit moving back and forth along the row in a chase sequence. This is something like an inverse Larson Scanner without the fading tail. But doing it with a logic chip instead of a [...]
-
-
12:11
»
Hack a Day
FPGAs are the bee’s knees. Instead of programming a chip by telling it what to do, FPGAs allow you to tell a chip what to be. Like everything though, a new skill set is needed to fully exploit the power of FPGAs. [Mike Field] decided to give back to the internet community at large and put up a [...]
-
-
12:18
»
Hack a Day
Wouldn’t it be nice if there was an AVR microcontroller with USB device support built in so you would not need a separate programmer or serial link? Well in fact there are quite a few of them, and this awesome tutorial (google translate) is a quick and easy crash course in using the ATMega 16/32U4 [...]
-
-
11:15
»
Hack a Day
[Giorgos Lazaridis] just finished building a simple clock on a breadboard. It uses a common real time clock chip, the DS1307. This is less expensive that its full-featured older brother, the DS3232. The difference between the two is that the 1307 requires an external 32.768 kHz crystal and it is not temperature compensated. This means [...]
-
-
18:31
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2011-014 - Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negative value to be used in a memcpy operation, which triggers a buffer overflow. NOTE: some sources refer to this issue as an integer overflow. The updated packages have been patched to correct this issue.
-
18:31
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2011-014 - Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negative value to be used in a memcpy operation, which triggers a buffer overflow. NOTE: some sources refer to this issue as an integer overflow. The updated packages have been patched to correct this issue.
-
18:31
»
Packet Storm Security Misc. Files
Mandriva Linux Security Advisory 2011-014 - Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negative value to be used in a memcpy operation, which triggers a buffer overflow. NOTE: some sources refer to this issue as an integer overflow. The updated packages have been patched to correct this issue.
-
-
13:00
»
Hack a Day
Mircrochip has a new USB to Serial converter available called the MCP2200. [Sjaak] suspected that it may have been made from an existing 20-pin PIC and found that reading the device signature with the PICKIT3 shows that the chip is an 18F14K50. Most likely this is running Microchip’s USB stack but it’s hard to tell [...]
-
-
7:00
»
Hack a Day
[NatureTM] used part of the Thanksgiving holiday to get composite video output working with an MSP430 microcontroller. He’s using one of the chips that came with the TI Launchpad, which is a big hardware limitation because of the relatively small code memory and RAM. The chip displays one still image at a resolution of 192×40 [...]
-
-
9:31
»
Hack a Day
We think of the Arduino as a rapid prototyping tool but we never thought of it as an FTDI breakout board before. [Ihsan Kehribar] wrote a quick post to show how it’s done. You’ll find an FTDI chip on Arduino boards that have a USB connector. It’s used to handle the USB communications on one [...]
-
-
11:44
»
Hack a Day
[Alexsoulis] needed to burn the Arduino bootloader to a slew of ATmega328 chips. Instead of sitting there and plugged the chips into a programmer one at a time, he build a robotic microcontroller programmer. It starts with the DIP package microcontrollers in a tube, with a servo motor to dispense them one-by-one. An arm swings [...]
-
-
13:00
»
Hack a Day
[gpsKlaus] built this little FM radio (translated) based on the AR1010 IC. That chip is controlled via I2C by an ATtiny45 microcontroller. His tuning implementation relies on presetting 16 stations in the firmware and selecting them with the white potentiometer. The FM chip came on a breakout board from SparkFun. Not bad at around $15 [...]
-
-
13:00
»
Hack a Day
[Gerry] sent us pictures and a few details on replacing the Game Boy cartridge chip with a flash chip. For the prototype he used a PLCC and a little wire porn to interface a flash chip with the cartridge’s PCB while still having access to it for programming. In retrospect he plans to use a [...]
-
-
21:03
»
SecDocs
Authors:
Christopher Tarnovsky Tags:
microcontroller Event:
Black Hat DC 2010 Abstract: From start to finish, we will walk through how a current generation smartcard was successfully compromised. The talk will discuss everything that was required in the order the events took place. We will cram several months into an hour! PS- The talk will be very technical mixed hardware and software (60% hardware, 40% software).
-
21:03
»
SecDocs
Authors:
Christopher Tarnovsky Tags:
microcontroller Event:
Black Hat DC 2010 Abstract: From start to finish, we will walk through how a current generation smartcard was successfully compromised. The talk will discuss everything that was required in the order the events took place. We will cram several months into an hour! PS- The talk will be very technical mixed hardware and software (60% hardware, 40% software).
-
-
21:02
»
SecDocs
Authors:
Christopher Tarnovsky Tags:
microcontroller Event:
Black Hat DC 2010 Abstract: From start to finish, we will walk through how a current generation smartcard was successfully compromised. The talk will discuss everything that was required in the order the events took place. We will cram several months into an hour! PS- The talk will be very technical mixed hardware and software (60% hardware, 40% software).
-
-
6:59
»
Hack a Day
Yes, that picture you are seeing is serious. [Roland] needed a chip for a damaged piece of electronics. He was lucky enough to find one on an old board at a local shop. The problem was, he didn’t have the hot air gun to remove the chip the correct way. Instead, he simply cooked the [...]
-
-
10:04
»
Hack a Day
[Sprite_tm] dusted off his assembly skills and managed to emulate a Z80 computer using an AVR ATmega88. He’s using an SD card in place of the floppy and a 128 KB DRAM chip to handle the memory for the emulated machine. An FT232 board gives him terminal access which he uses for input and display. [...]
-
-
9:56
»
Hack a Day
Another exploit has been found in the Chip and PIN system. The exploit is a man-in-the middle attack that wouldn’t take too much know-how to pull off. You can watch the BBC report on the issue or check out the paper (PDF) published by the team that found the vulnerability. A stolen card resides in [...]
