Almost Secure

Vulnerabilities are like good ideas - you’re rarely the first one dealing with it. Some vulnerabilities are almost classic, so I’ll proudly present: 7 old but surprisingly useful bugs that might also affect YOUR device.

Anatomy of an Optical Medium Authentication (Part 1)



In this series of articles, I will talk about the design, implementation and fall of an optical media authentication used on a popular, but past, gaming console. I will show that it’s possible to reverse engineer such stuff without access to expensive equipment or insider information.While I will not talk about practical implementation of attacks against the discussed scheme, I will show that this has been done, and I will analyze how this has been done. More after the break.

Fear, triangles!

I’m proud to present:


Triangles on the 360, MANY OF THEM - about 40 million per second, or even more if you write clever code. (But this is not a depth of field, just a blurry screenshot ;)

I finally polished my GPU stuff far enough so I can risk a release. You need to compile your shaders, so you need Tser’s shader compiler (which uses part of the windows XNA libraries).

So, without further words: gpu-0.0.3.tar.gz and romextract-0.0.1.tar.gz (to extract the required ucodes from flash). Have fun!

xvcd - The Xilinx Virtual Cable Daemon

xvcd in action

I recently discovered an almost undocumented function in Xilinx ISE: the Xilinx virtual cable driver. It’s basically “a platform cable without a platform cable” (as marcan said so nicely) - it allows you use Impact (and Chipscope, and all other tools) over TCP/IP.