May « 2007 « bunnie's blog

Archive for May, 2007

Important Clarifications

Wednesday, May 16th, 2007

There are some important misconceptions that need to be corrected.

1. I did no technical work on the Xbox 360 hack. Felix Domke (tmbinc) is the true technical genius behind the hack — please give him proper credit for his hard work. My role in this is entirely diplomatic; I was consulted because my previous work on the Xbox meant I was already familiar with the legal risks and the best contact methods. And, as with any hack, there were many other unsung heros involved who are forced to choose anonymity due to risks and circumstances out of their control.

2. No money was involved. The hack was reported to Microsoft per legal requirements, and per security industry standard operating practice. It is no coincidence that this is the exact same path that was taken on the first Xbox hacks (Hypertransport, 007 and Dashboard). The difference is that this time, Microsoft took the time to listen, and eventually invited us to their house to give a talk.

3. Finally, this was the opportunity to tell Microsoft that locking out low-level code development (and consequently Linux) will never work. It’s neither sound technically nor good for business development in the long term. We believe they have listened. Although this approach has never been tried before, based on their reactions, future Microsoft devices may not lock out homebrew; at least, we have planted the seeds of a feasible technical and business path to such a future in key minds at Microsoft.

In closing, I don’t think Microsoft is right in locking down hardware to outside developers; I also don’t think that the pirates are right, either. As a result, I must walk a fine gray line, and I am continuously faced with many a difficult and ambiguous decision.

And, to quote Felix, who posted in the comment round on a previous blog entry:

“The reason to stay anonymous so long was…about not getting sued. But after Bluehat, it become clear that this was no issue anymore.

And my strict demand for working on a project like free60 is that i can publish stuff in public, under my real name, without hiding anything, and still be able to sleep well at night. This would not have been possible if we hadn’t worked together with Microsoft.”

Posted in Hacking | 22 Comments »

The X-ray Eye — Now in Full Motion

Monday, May 14th, 2007

I love looking at PCBs using x-rays. Great for failure analysis. One of the coolest things, I thought, was seeing a PCB tilt in real-time; you get a good sense of the actual spacial relationship between all the layers on a PCB. I took a series of stills today and strung them together into this animation so I could share the experience with you (you’ll need an embedded Flashplayer plug-in to view this movie):

Thanks to concisys (a San Diego-based contract manufacturer) for letting me use their tool to take these images!

Posted in Hacking | 13 Comments »

Bluehat07 @ Microsoft

Friday, May 11th, 2007

SEND HELP I”M AT MICROSOFT AND HELD HOSTAGE BY BLUESNIPER!!!!

Okay, so the picture is for real but the caption isn’t. (RSnake has a much better version of the photo here). I am at Microsoft, but the guy on the left isn’t a Microsoft lawyer. He’s John Hering, a founder of Flexilis, inventor of the BlueSniper device for long-range Bluetooth hacking attacks, and all around brilliant guy. John was also a presenter at this years’ Bluehat and he was told to look menacing for a photo…but he just looks so friendly it wasn’t believable. So, I figured I’d add myself to the photo in the executionee pose to give it a little extra flavor.

The picture is actually somewhat apropos because I’ve always believed that Bluetooth will be the death of me (and incidentally, one of the less flattering phonetic translations for chumby in Chinese literally means “execution by gun through the back of the head”. We didn’t use that one.). I’ve been through one frustrating startup designing Bluetooth/802.11b coexistence solutions and now I have this nasty allergic reaction to all things Bluetooth. I have an eye-rolling rant about how there is an eight-inch thick spec and million-transistor radio solutions whose primary application — point to point two-way wireless audio — was solved back in the 60’s with the three-transistor walkie-talkie (OK fine it’s just simplex but you get the idea). With a few thousand very nice CMOS transistors today you could build an extremely low power, low cost single-chip solution that would be so low power it would run for months and so cheap it would be disposable. Talk about a business–disposable fashion headsets that “just worked”–no association headaches, robust performance, etc. Anyways, I could go on for a while about my frustrations with this IrDA of the 00’s but I’ll save you the rant (unless you really want to hear it…)

I was at Bluehat giving a presentation with Felix Domke on various hardware hacking exploits, including silicon hacks, dbox-2, Gamecube, and of course, the Xbox360 (Felix is a genius and a gentleman). Below is a photo of Dinart Morais (whose initials ironically are “drm”), the designer of the Xbox360 security, and Michael Steil, Felix Domke, and me.

It was quite an honor to meet the man who designed such an excellent security system. We had a lot of questions for him, and he was very friendly. I guess since we have given our talk now, there is no more secret about it, some of the folks in the picture above were part of the team that published the February 2007 Xbox360 Hypervisor Priviledge Escalation Vulnerability. Fortunately, Microsoft was very receptive to working with us to fix the vulnerability before it was published and in the end it was a constructive exercise for all parties involved.

omg wtf I’m at Microsoft talking about Xbox hacking??!?!?

Please see Important Clarifications as well. Felix Domke (tmbinc) is the genius behind the Xbox360 hack. Please credit him properly!

Posted in Hacking, Social | 98 Comments »

Name that Ware April 2007

Saturday, May 5th, 2007

The Ware for April 2007 is shown below. Click on the image for a much larger version.

My apologies for the lateness of this Ware. I’m in in Shenzhen again, bringing up the production line for Chumbys. The fact that this post is so late is an indication that I don’t have a lot of time out here to shop for wares and post them–but I finally got a chance to go to Luo Hu this weekend and find something that I thought was just entertaining to take apart.

Bonus points to anyone who can correctly guess how much I paid for this Ware (and even more points to someone who can tell me what I should have paid for this Ware based on a BOM analysis–you have to haggle for everything in Luo Hu).

I have a lot of stories from out here, but unfortunately most of them I can’t tell until the Chumby hardware is launched (which is imminent). I’m definitely learning more about this country on my extended stay out here, and when people say they have scars to show for bringing up a product in China, trust that they mean it. It’s been no cakewalk, not to mention I miss my friends and my home terribly, but I’ve been trying to make the best of it out here. I’ll share a few quips and anecdotes in the next post of things that I probably can talk about.

Posted in Hacking | 38 Comments »

Shenzhen Diary, April 2007

Saturday, May 5th, 2007

I’d thought I’d write a brief (okay, it ended up much longer than I thought it would…) blog entry about some of my most recent experiences in China.

I’m currently out in Shenzhen working on bringing up the Chumby production line. This means everything from raw material approvals to programming, testing, QA, and certification for not only the Chumby hardware itself but also its accessory line. It’s a lot of work.

I’m very lucky to be working with a fabulous company out here which serves as my liason between vendors and contractors. I’ve been told explicitly by Chumby that I can’t mention the name of this company because it is a “strategic” advantage for Chumby at this point, but I also made it clear that eventually I will talk about this company publicly, after the Chumby hardware is launched and the magnitude of the strategic gain from radio silence is reduced. I’ve got some nice photos of Chumbys in various states on several production lines that I’d also like to share as well someday.

Shenzhen is quite an up and coming city. I’m staying in a serviced apartment on Xinwen road called the Frasier Futian. It’s cheaper than a hotel yet it has similar amenities (such as maid and laundry service and complementary breakfast), although the quality control of the details of the facilities isn’t quite the same as at a name-brand hotel. I’d recommend this as a place for anyone who needs an extended stay in Shenzhen. The location is good–several very nice restaurants in walking distance, a Starbucks and some convenience shops–and it’s about a 5-10 minute walk to the MTR (the subway system in Shenzhen–you can go all the way to Hong Kong on the subway from here). Most importantly, the internet works great here; I have no trouble using Skype and even video conferencing works well.

The most miserable two days of my life were also spent around here. I got food poisoning–I think it was from handling money (which is filthy dirty out here, it literally smells of human waste) and then eating my food, because I’ve been reasonably careful to avoid anything that’s uncooked here in Shenzhen. It was the worst food poisoning I’ve had in my life, it lasted five days until I finally broke down and went to a doctor in Hong Kong and got antibiotics for it (I’m told you never want to go to a doctor in Shenzhen if you can help it). The doctor gave me Ciproflaxin–which I have an allergy for–but the doctor was like, “do you get a rash around your mouth?” and I was like “no, only on my hands and feet”, and she was like, “well, take the Ciproflaxin then. It won’t kill you and you’ll need the strength of Cirpo to get rid of those bugs in your gut.” It worked; I got better. I did get that rash, but I also didn’t die. One really nice thing about the doctors offices in Hong Kong is that they also fill your prescription at the office, so I didn’t have to run around Hong Kong searching for a pharmacy. I was diagnosed and taking my first dose of antibiotics all within 15 minutes (and at a fairly reasonable price–about $125US for a weekend visitation, including the medications).

Anyways, while I had the food poisoning and before I could see the doctor, I had to go to a factory in Donguang at 8AM and I was up until the next morning at 3 AM debugging the manufacturing problems in the very first run of the Chumby circuit boards coming off the line. The fever, cramps, dehydration and constant trips to the toilet didn’t help progress. I spent the night in the factory dorms (where the workers also stay), which isn’t too bad of a place (actually a bit nicer than many of the dorms at MIT) but I ran out of toilet paper around 5 AM (I was making trips to the bathroom every hour) and I had to ehm–improvise. There is no concierge service in a factory dorm! The next morning I had to get up at 8 AM again and continue debugging. Fortunately, most of the significant problems were resolved and the root cause of all the remaining issues are at least understood and solvable in time for production (or so I hope!). There are more interesting stories around the root cause of some of these issues, but let’s save them for another day.

In the end, all I can say is what doesn’t kill you makes you stronger…and I also carry around a bottle of hand disinfectant now for after when I handle money. Surprisingly, it was about the hardest thing to find in the drugstores out here. It was buried in with the urgent care first aid area, oddly enough, next to the alcohol used for disinfecting wounds. I think the store clerks didn’t understand that this product is for preventative use, and not for urgent care use.

I also had a little adventure finding a fedex out here. Normally, fedexes aren’t hard to find, but there was a three-day vacation called the “5-1” (for May First). It’s a holidy declared by the communist party to celebrate the efforts of the laborers. Fedex was closed for three days and I urgently had to send a package. So, I hopped on a boat to Macau because I knew the casinos would be open on May 2nd and I couldn’t imagine a high-end casino not having a business center with a Fedex. And indeed, the Wynn Macau had a fedex with english speaking staff that happily processed my package on time!

Macau was also a very interesting place. There is a lot of hype about Macau being the next Las Vegas, with casinos bigger and more fantastic than Vegas. Macau casinos were certainly opulent and impressive, with a great many gimmicks and displays, but I think the hype is a little bit too much. I’ve been to Vegas many times, and currently, I think Vegas still trumps Macau. At least, the food in the Vegas casinos is better, and the clientele is more fun. Let me tell you, gamblers in Macau are hard core. In Vegas, you see people at least smiling and having fun at most tables. In Macau, even the simplest of dice games had chain-smoking men staring intently at the table. Nobody drinks alcohol–they all have coffee or tea, to keep their minds sharp. You can feel the intensity–the casinos are eeriely quiet compared to the din of the Vegas casino. I’m not that into gambling, so I guess it wasn’t for me.

I thought the local food in Macau was quite good. The Portuguese egg tart is tasty–it’s a variant of the Chinese dim sum called “dan gau” (simply put, an egg tart). While the Chinese version tastes quite eggy, the Portuguese version uses a type of flan for the interior, so it’s mildly sweet and has a nice texture to it. I also ate some local Portguese food, which was very nice. It’s very similar to a Japanese curry, I thought, although with less curry and a slightly more watery sauce. You can really taste the flavor of the meat through the sauce–I had the oxtail and chicken. I have no idea what it’s called, I just asked the waiter what was popular. Incidentally, I wasn’t as impressed with the high-end casino food.

Speaking of food, I also went to the most fantastic noodle shop in Hong Kong today (I had to run down there to shop for fabric samples for the Chumby–they have a great textiles market in Sham Sui Po). It’s the Crystal Jade–apparently a chain restaurant–I went to the one in the Harbour City Ocean Center. They have hand-pulled noodles there and oh man they were so good. The Harbor City Ocean Center is near the Tim Sha Tsui MTR stop, just stop into any hotel near the MTR station and ask the concierge for directions.

This post has grown much longer than I thought it would be, so I’ll stop the story telling now and leave you with these two pictures of street signs that I thought were just…interesting.