Hardware Debugging for Reverse Engineers (wrongbaud.github.io)

A series of excellent blog posts by wrongbaud; this is must-read content for any beginner at hardware reverse engineering.

gregorni, 11 months ago to opensource

Not including proprietary drivers and firmware in your installation ISO is a user-unfriendly and anti-consumer move.

#linuxdistros #installation #iso #firmware #drivers #foss

mcfly, 11 months ago to linux German

https://www.cyberciti.biz/faq/upgrade-update-samsung-ssd-firmware/

I had not understood how easy it is nowerdays to update your #firmware on your #Linux computer.

Driven by the new Samsung 980 PRO SSD in my laptop i tried to understand how to update the firmware of the SSD. The article linked above showed me a nice tool and how to use it.

If you use Linux and have never thought about firmwares on your device its probably worth to read that article.

How do I enroll in the Airpods Pro II beta firmware?

Just an end-user wanting to test out the new features.

olimex, 11 months ago to opensource

OpenBLT Bootloader allow OLIMEXINO-STM32F3 to update the firmware via UART, USB, CAN and SD-card https://olimex.wordpress.com/2023/06/16/openblt-bootloader-allow-olimexino-stm32f3-to-update-the-firmware-via-uart-usb-can-and-sd-card/ #opensource #stm32f3 #firmware #can #usb

REUnziP: Re-Exploiting Huawei Recovery With FaultyUSB (labs.taszk.io)

Obtaining privileged execution on Huawei devices with a ToC-ToU vulnerability in the firmware recovery mechanism ZIP archive parser

0xor0ne, 1 year ago to random

A list of a few tools that can be useful for firmware unpacking, repacking and analysis

binwalk: https://github.com/ReFirmLabs/binwalk
EMBA: https://github.com/e-m-b-a/emba
unblob: https://github.com/onekey-sec/unblob
ofrak: https://github.com/redballoonsecurity/ofrak
avatar2: https://github.com/avatartwo/avatar2
renode: https://github.com/renode/renode
panda: https://github.com/panda-re/panda

#firmware

image/jpeg
image/jpeg
image/jpeg

profoundlynerdy, 1 year ago to random

Besides #retrocompiting and the occasional #firmware update for a #networking or #iot device, where do you see old school #ftp still being used? Not TFTP, #FTPS, or SCP but true FTP?

itsecbot, 1 year ago to random

Researchers claim Windows “backdoor” affects hundreds of Gigabyte motherboards - It's a backdoor, Jim, but not as we know it... here's a sober look at this issue. https://nakedsecurity.sophos.com/2023/06/02/researchers-claim-windows-backdoor-affects-hundreds-of-gigabyte-motherboards/ #vulnerability #firmware #gigabyte #wpbt

itnewsbot, 1 year ago to tech

Millions of PC motherboards were sold with a firmware backdoor - Enlarge (credit: BeeBright/Getty Images)

Hiding malicious prog... - https://arstechnica.com/?p=1943487 #motherboards #security #firmware #gigabyte #rootkits #biz⁢ #tech

YvanDaSilva, 1 year ago to opensource

We need #opensource #firmware everywhere, and this is why:

"Millions of PC Motherboards Were Sold With a Firmware Backdoor"

https://www.wired.com/story/gigabyte-motherboard-firmware-backdoor/

https://eclypsium.com/blog/supply-chain-risk-from-gigabyte-app-center-backdoor/

#Gigabyte really failed hard this time.

majorlinux, 1 year ago to infosec

Excuse me?!

Tons of Gigabyte motherboards come with a hidden firmware backdoor https://www.pcworld.com/article/1937046/gigabyte-shipped-hundreds-of-motherboard-models-with-a-firmware-backdoor.html

#Gigabyte #Motherboards #Hardware #PC #Firmware #Backdoor #Security #InfoSec #TechNews

itnewsbot, 1 year ago to random

Hackaday Links: May 28, 2023 - The Great Automotive AM Radio War of 2023 rages on, with the news this week that F... - https://hackaday.com/2023/05/28/hackaday-links-may-28-2023/ #hackadaycolumns #hackadaylinks #calculator #shipwreck #firmware #amradio #bricked #titanic #slider #3dscan #borked #hp-15c #inkjet #ford #rpn #ev #hp

IAmDannyBoling, 1 year ago to random

DO NOT BUY HP PRINTERS!

I don't believe I've ever seen a more #dastardly #plan from a #hardware #manufacturer.

If you buy an #HP #printer and sign up for the optional HP Plus #service, you'll get a #firmware #update that will FORCE you to #purchase only new HP #ink cartridges — for the life of your printer. And once that firmware update happens, there is no way to undo it.

DO NOT BUY HP PRINTERS!

https://www.theverge.com/2023/5/25/23736811/hp-plus-printer-ink-drm-firmware-update-cant-cancel
HP has found an exciting new way to #DRM your printer

#IAmDB

screenshot from the article "Here are a few choice quotes from the terms and conditions for HP’s ink service that I think you’ll appreciate (bolding mine): "You expressly allow HP to remotely change, patch, update or otherwise modify Your printer’s software, firmware or programming remotely, without notice to You, in order to provide the Service to You or to comply with applicable laws "Remote monitoring may include provision to HP of one or more of: page counts, types of documents printed (e.g., Word, PowerPoint, pdf, jpeg, etc.), types of devices that initiated print jobs, printer serial number, cartridge information (e.g. HP original cartridge status, and whether the cartridge was new or used at the time of its last insertion into the printer), and other similar types of metrics related to your Service as may be added by HP from time to time "You agree to maintain connectivity of Your Printer to the Internet and to not remove or disable any remote monitoring software or functionality on Your Printer."
screenshot from the article "If Your printer is not connected to the Internet, then the Subscription Cartridges (as defined in section d. below) will be disabled, and You will not be able to use them to print; however, You will continue to be charged for the Service as described in Section 7 (“Paying for Your Service”). In order to reactivate disabled cartridges, You will need to reconnect Your printer to the Internet and keep it connected "When Your Service is cancelled for any reason, HP will remotely disable the Subscription Cartridges and You will no longer be able to print with the Subscription Cartridges. In such a case, you will need to purchase a regular HP cartridge compatible with your printer, in order to continue printing "HP may increase or otherwise change the Service Plan Fee and Overage Fee, and add additional fees, for any Service Plan, or otherwise change or add Service Plans at any time in HP’s sole discretion with prior notice to You."

itnewsbot, 1 year ago to random

Adding Variometer Functionality to a GPS - Flying a glider, or similarly piloting a paraglider or hang glider, can all be pat... - https://hackaday.com/2023/05/25/adding-variometer-functionality-to-gps/ #transportationhacks #barometricpressure #instrumentation #microcontroller #variometer #atmega328 #altitude #firmware #flight #flying #gps

kurtseifried, 1 year ago to random

Have you ever tried to eat a sandwich but then someone asked you if you knew where the insides came from and you didn’t and it scared you so much you threw the sandwich away? Find out why this matters on the #osspodcast with @joshbressers and me in https://opensourcesecurity.io/2023/05/21/episode-376-open-source-summit-who-built-your-open-source-and-ai/ tldr if someone will eat a gas station sandwich, chances are they’ll consume open source software.

Bigou, 1 year ago to opensource

Hello @tuxedocomputers! Since you are here on the Fediverse, let me ask you a quick #question: Are any of your #computers compatible with any #OpenSource #firmware? Like #CoreBoot, #U-boot or any other?

voided, 1 year ago to random

Would it be neat to have a keyboard that’s application aware? That is, get reports from the system about the active program and then change to a suitable layout if configured for it? #keyboard #usb #firmware #electronics

novacustom, 1 year ago to opensource

Hello Mastodon! 👋 Exciting news! 🤩 The NV41, NS51 and NS70 Series now with the option to disable Intel ME thanks to @Dasharo firmware and @coreboot

#opensource #firmware

avoidthehack, 1 year ago to infosec

CISA Adds Three Known #Exploited Vulnerabilities to Catalog

CVE-2023-1389 TP-Link Archer AX-21 Command Injection
CVE-2021-45046 Apache Log4j2 Deserialization of Untrusted Data
CVE-2023-21839 Oracle WebLogic Server Unspecified

Log4j still causing issues, I see.

CVE-2023-1389 directly affects users (it's a router #firmware issue)

Update time!

#cybersecurity #security #infosec #informationsecurity

https://www.cisa.gov/news-events/alerts/2023/05/01/cisa-adds-three-known-exploited-vulnerabilities-catalog

NervesMeetup, 1 year ago to elixir

💻The next Nerves embedded systems meetup is Wednesday, May 31th! Join Eric Oestrich for an overview of what's coming up in NervesHub 2.0, a web service for Nerves firmware updates. RSVP here:

https://www.meetup.com/nerves/events/290189586

#elixir #embedded #firmware #iot #nervesproject

itnewsbot, 1 year ago to random

Getting The Most From Fading ThinkPads - The ThinkPad line of laptops has been widely prized not only by businesses but als... - https://hackaday.com/2023/04/21/getting-the-most-from-fading-thinkpads/ #computerhacks #bootloader #coreboot #firmware #thinkpad #upgrade #laptop

unattributed, 1 year ago to random

#AMD Fixes Botched #Ryzen #Firmware That Accidentally Disabled CPU Cores | Tom's Hardware

https://www.tomshardware.com/news/amd-fixes-botched-ryzen-firmware-that-accidentally-disabled-cpu-cores

I wonder if this affects any of the test results we've seen over the past few days for the Non-X variants of the AMD #CPU's?