Deep Dive Articles

The Best Way to Learn a New Programming Language from Scratch - How I Approach and Learn Any Programming Language Efficiently

Preface: The following article is based on my experiences and opinions on learning programming languages. I have been learning about computers in-depth and find learning languages with specific purposes useful. For example, Python was for beginning, C is for memory management and Rust is for learning to write memory-safe code in my case. This time, I started learning Golang which is known for its simple syntax and powerful performance, and widely known for its awesome concurrency.

Why More is Not Always Good in Terms of Software - Words on Cross Platform Utilities, Bash-ism, and POSIX Compliance.

Preface: This article is about my views on software compliance and cross-platform support, and reflects my opinions and experience with the subject. Your experience and opinions may vary, which I respect. What I am Specifically Talking About? I am going to talk about the issues caused by non-compliant software and why more features are not always good, especially in the case of the upgrade of tools on a single platform.

Why I Shifted From Arch Linux to Debian Linux?

Preface: The following article is based on my personal experience with Arch Linux and Debian Linux. While I appreciate both distributions for their unique strengths and different use cases, the information provided reflects my own opinions and experiences. Your experiences may vary. What was I going for Initially? Bit of my Story as a Beginner Linux User When I started using Linux, I was going through security stuff and learning computer security when I was in my High School.

Tmux is the Ultimate Choice for Power Users - An Awesome Terminal Multiplexer for Managing Persistent Sessions

What is Tmux? Tmux is a Terminal Multiplexer Application for Linux and MacOS for managing terminal sessions and Windows. It is to be mentioned that Tmux is not a terminal emulator, instead, it’s a terminal application, a binary that allows you to stay productive over your terminal. It doesn’t matter which terminal emulator you are using (although I recommend the Suckless Terminal). The functionality of managing Windows and the session doesn’t happen on the desktop GUI side but on the terminal session, you are working with.

The Concept of RSS Feed - A Reliable Way for Publishers and Subscribers Model

Preface: I have been looking for simple solutions in nearly everything related to computing. A lot of software designed these days is not designed per your requirements but as per companies’ profit. Hence, most of these solutions end up sucking your time and energy and need to be replaced by more optimised solutions that would boost your productivity in the right way. RSS Feed is something that I found after searching for solutions related to subscribing to websites or creators without sucking much resources and design that is reliable to the user itself.

Breaking RSA Encryption on Hardware Devices with Side Channel Power Analysis — Leaking the Private Key by Exploiting Square-Multiply Algorithm

Preface: This article is about leaking the private key from hardware devices that implement RSA encryption which is part of hardware hacking. The author is not responsible for any damage caused by the given information. It is recommended to be careful while performing these attacks as they can damage the hardware or even destroy it. All the information provided here is for educational purposes. There are no such prerequisites for understanding the theory, although knowledge about modular arithmetic, basics of encryption mathematics, basic electronics, etc.

Serious Reconnaissance with Unmanned Aerial Vehicles — Mapping Out Devices in an Area with Drones

Introduction: The following content is for educational purposes and for hackers living in basements knowing enough ethics. The author is not responsible for any damage caused by the knowledge provided here and does not support anything like that. It’s essential to check out the rules in the area of reconnaissance about the tactics provided here and the use of materials (unless and until there is any apocalypse and a solid recon is required).

The Fundamentals of Hardware Hacking — Breaking and Reverse Engineering Smart IoT Devices

Disclaimer — This is an introductory article about Hardware Hacking and Security of IoT Devices. None of the mentioned information or techniques are intended for any illegal purposes and the author is not responsible for any damage. It’s advisable to experiment on devices that you own or have explicit permission to do so. Rest of all, hardware hacking is fun! The Beauty of Electronic Devices In the ever-growing world of smart devices and the connectivity of things to the internet, life has become more convenient than ever.

Setting Up a Remote Git Server — A Simple and Concise Step-by-Step Guide to Host a Private Git Server

Preface: This is a concise and simple guide to hosting a remote git server. I have been researching this topic for a while and came up with the idea of writing an article with a step-by-step guide for hosting a private git server. Covering all the aspects of git is not possible in a single article, so it’s assumed that the reader has prior knowledge of git and version control.

The Nature of Linux Kernel Development — Difference Between Rules of Kernel Level and User-Space Application Level

Preface: This article is intended to explain a clear distinction between the core principles of Linux Kernel Development and User-Application Level Development. The provided information is based on my research on Kernel Development through various sources and I have tried to make it as accurate as possible. Efforts have been made to explain it as simply and concisely as possible. Introduction to the Nature of Linux Kernel Linux Kernel is the abstraction layer between the Operating System and the Hardware in the system.

Linux Process Scheduling — The Reason your Linux System Processes so Efficiently (Kernel Perspective)

Preface: I was going through the book “Linux Kernel Development” by Robert Love, one of the best books I have referred to for low-level stuff and understanding the workings of Linux. I study this book with intensity, simplify the concepts and write it down here so that the readers can get a straightforward description and all they need to know about the topic. Covering the whole Linux Process Scheduling is not possible and is not the goal of this article.

Linux Processes — A Kernel’s Perspective Explained with Clarity and Simplicity

Preface: I have been going through the book “Linux Kernel Development” by Robert Love which I highly recommend for understanding the Linux Kernel in depth. I decided to write this article to explain “Linux Processes” simply and concisely. The topic itself is broad and is not explained into the deepest of it, but essential for Linux Administrators, Developers and even Linux users to appreciate the beauty of the Kernel they make use of every day.

NGINX for Deploying Next.js Application on AWS EC2 with AWS ELB — Control and Stability of Deployments

I was looking for an article like this a few days ago, which I didn’t find at that time, so I did the deployment on my own and came up with this article to prevent other developers from saving those efforts and focusing on development. I am not explaining every single step and have provided links for references. I prefer manual deployment of applications over automated (and even serverless) methods. Although they are convenient and require less effort by the developers, they are bound to the providers and offer less control over the underlying system.

Configuring and Building the Linux Kernel — Absolute Guide to Compiling Your Kernel

Linux Kernel is an Open-Source Software and the user is free to modify and customise it as per the requirements. The modification of the Kernel requires a deep understanding of the working of the Kernel, although patches are available to make the Kernel optimised for specific hardware. Linux Kernel Source Code has various options to configure the drivers, modules, preferences on hardware options, etc. This part can be studied by the user and is pretty much easy to work with.

The Elegance of the Linux Kernel — A Concise History of Unix and the Creation of the Linux Kernel

Introduction and Context I was going through the book “Linux Kernel Development” by Robert Love, an absolute guide to getting started with Linux Kernel Development and a highly recommended book for understanding the core of the Linux Kernel. Linux Kernel has been one of the most important software ever written and is even considered one of the biggest projects ever undertaken by a single person. The idea of the Linux Kernel was initiated by Linus Torvalds, a student from the University of Helsinki and is maintained by him to date (while writing this article).

Linux Shell Scripting — A Suckless and Concise Guide to the Command-line of Linux

Prior Statements: This is a concise guide on the Linux Shell Scripting while consolidating all the facts about the Linux Shell for quick developer’s reference while using Linux. I am referencing the Bash (Bourne-Again Shell) which is the default shell for Linux-based systems. I will also be providing references and external links to dive into depth and not fill the article with too much explanation about a single topic which is not universally required by all the readers.

Suckless Utilities for Arch Linux — The Most Minimal Way Run a Computer

Suckless utilities have been my favourite at this time and kind of essentials for my use of the computer. I have been using Arch Linux for a fair amount of time now and I started using it with XFCE for few weeks. I would appreciate the XFCE desktop environment for it’s smoothness and light-weight nature with works really fine when newly shifting on Arch Linux. But then I learnt the suckless ecosystem and eventually shifted to it as my full-time environment.

Installing Pacman in Arch Linux — When You Blow it Up

Let me suckless and divide the article into two parts: My story how I blew up Pacman Package Manager How to reinstall the Pacman Package Manager If you only care about the second part, skip the first one. The Scenario — Blow it Up I was trying to install the pacman game from the Internet to get it running on my Arch Linux Terminal (I use Suckless Terminal BTW). When I got it installed and played it, it was super awesome.

Boot Process of Computers — A Learner’s Perspective Of Exploring the Depth of Computers

Prior Clarifications: Here, I will be providing a philosophical explanation about the bootloaders and understanding them in a simple and as minimal way as possible. This is not supposed to be a manual for bootloader or provide any advice for experimenting over your live system. It’s my journey to understand computers (one of the most complex creations of mankind) and I will be stating my thoughts. Take it with a pinch of salt.

Networking Fundamentals for Linux Administrators — A Suckless and Concise Explanation

Statistics are clear on the fact that 96.3% (while writing this article) of the servers use Linux as their Operating System which is no doubt what every other Linux user on this Earth expects. I believe that the Linux Administrator has to take the shot about the configuration of Networking in Linux Based Server. Some of the underlying concepts remain the same for any other distros but it is mainly intended for Linux.

Operating Systems and Low-Level Access to the Hardware — Why should you learn it?

Today, I completed the whole read of the book “Linux Kernel in a Nutshell” by Greg Kroah-Hartman and I highly recommend that you go through it if you want to understand how to build your custom configuration of Linux Kernel and all you need to know about all the nuts and bolts. It’s always great to have such handbooks around the desk. This blog is about why it’s so awesome to look into the operating system you are using with your hardware and why have a grasp on the Low-Level aspects of a computer.

Arch Linux Custom Builds — Freedom of the Operating System

While writing this blog, I was reading the book “Linux Kernel in a Nutshell” by Greg Kroab-Hartman and as far as the pages of the book are concerned, it seems to be a two-day read (this is a handbook so reading it once and having around the desk is super useful). By the way, the author has the book left open for download http://www.kroah.com/lkn/ so check that out if you want to follow up.

Bypassing the Linux Login to access the files (with Physical Access), even the root!

Imagine being away from the computer for a couple of minutes and getting to know that the system has been compromised and a backdoor has been installed into the system. “The system was locked?” doesn’t matter, without the bios security implementation (which most probably would not be implemented), all the files can be recovered without any login made to the Login Screen. This goes with the story of me trying to get my Wi-Fi troubleshooting in Arch Linux where I was trying to upgrade the Kernel of my System to get the Wi-Fi working properly (as mentioned in the previous blog.

The Fundamentals of Hardware Hacking — Breaking and Reverse Engineering Smart IoT Devices

Planted March 15, 2024

Disclaimer — This is an introductory article about Hardware Hacking and Security of IoT Devices. None of the mentioned information or techniques are intended for any illegal purposes and the author is not responsible for any damage. It’s advisable to experiment on devices that you own or have explicit permission to do so. Rest of all, hardware hacking is fun!

The Beauty of Electronic Devices

In the ever-growing world of smart devices and the connectivity of things to the internet, life has become more convenient than ever. Advancements in electronics and microprocessors unlocked infinite potential for developing devices that have become basic needs to survive the economy. Homes and cars became smart enough to make decisions as well as make suggestions to the user. Things that were supposed to be in fantasy books are now absolute essentials of every day. Anything less than that is considered to be outdated or underdeveloped.

Behind these devices possessing these functionalities are circuit boards that house all of the components that work together to make each functionality happen. With the entry point of the power supply where electrons are introduced, millions of active and passive components manipulate the flow of electrons to make the pipeline of wires behave in a certain way.

This flow of electrons which affect the physical behaviors in a certain way to make a functionality happen is nothing less than a miracle of the human brain.

But to make mistakes is called being a human being. Since these devices are just implementations of human minds, they end up containing some sort of mistakes, that hackers like us hunt for.

It’s human to make mistakes and some of us are more human than others. — Ashleigh Brilliant

Hardware Hacking — Deviating that one Electron

Electronic devices are circuits that create rules about how electrons must flow to cause a certain logic to execute and interact with the physical world in the way it is intended to do. Since these electrons do follow these rules to flow, in the case when the rules are manipulated, they can do much more than they were designed to do by the manufacturer.

To hack a system requires getting to know its rules better than the people who created it or are running it. — Permanent Record (Book by Edward Snowden)

Manipulating the flow of current, or logic in an electronic circuit, at any level of abstraction, rather be the kernel or physical component is called hardware hacking.

Understanding the rules of electronics is absolutely essential before trying to exploit them.

The Layers inside Electronic Devices An electronic circuit comprises various abstraction layers, developed by humans to better understand the logical structures of the design. Developing the whole functionality of hardware devices just by connecting components is not feasible and certainly not the best way to do the job. The tasks of developing a device are distributed in various sections. The software layer and Hardware layer are the highest levels of classifications.

The lowest element in the stack is the hardware layer. This comprises physical components that are responsible for manipulating the flow of electrons in the circuit. This includes active and passive components like resistors, capacitors, inductors, microprocessors, transistors, MOSFETs, storage devices like EEPROMs, etc. These are all the physical elements in an electronic circuit.

To make sense of millions of components in the circuit, various protocols and standards are defined. An EEPROM can read and write data into it on specific instructions. These instructions are just fluctuations in the current to a certain pin that is defined by some protocol which would be considered as a valid input to the device. Being a valid input, the rest of the process happens inside the packaging of the EEPROM. Which is again a set of logic that would be triggered on a valid input.

These logics are combined into certain rules and standards that further become the software layer of that device. This layer is all about the implications of abstract logic to make certain things happen. These certain things, designed carefully constitute functionalities that the users of that device expect.

The sole purpose of developing circuits in this way is to make them more understandable and universal. Standards and Protocols are being developed that are used to develop them that make them more understandable and become cross-platform.

Approach to Hardware Hacking and Electronic Devices Security

Approaching and Hardware Device for hunting security issues works in two ways (or often simultaneously).

One is to hunt on the hardware level. Another is to go with the software level. Combine them in necessary situations and you get to understand the relation between the hardware component or certain flow of current in a wire with the software logic defined.

At the hardware level, analyzing for logic in the current flow and values of various parameters is a good start. Certainly, it’s not always about understanding the whole circuit diagram (although it helps in complicated cases. It settles down to knowledge and past experiences of which component is most likely to cause an issue.

At this point in the hardware level, it’s mostly about measurements of parameters in various conditions and states of functionalities.

At the software level, it usually goes with firmware analysis. It goes somewhere close to software security, where the flow of programs is manipulated to cause certain behaviors.

The major difference between application security and hardware security is the dependence on the underlying hardware layer and the code execution. In application security, the hardware underlying the software is not a major influencer. Certainly not the electronic components underlying it. Processor architecture indeed matters in software development, but architecture design is just a set of logic and values of current and voltage that do not have much effect on code execution, at least for software developers.

Hardware Attacks like fault injection require hardware-level glitching (voltage dropping across certain components) to jump instructions at the software level. In this attack, the voltage level is dropped by a certain value at the precise time when an instruction is to be executed, causing the execution to not happen, and giving the attacker a way to bypass certain instructions constituting logic like authentication.

Side Channel Power Analysis is a good example of the relationship between software and hardware devices. Certain CPU instructions take more power than others and vice versa. The input power is measured at points to analyze which instruction is fetched and executed. This is particularly helpful for cryptographic operations analysis and extracting keys from the hardware.

What does it take to be a Hardware Hacker?

Understanding electronic devices as well as software development is essential for hardware hacking.

Certainly, search engines are one of the best ways to make things happen! The internet is full of resources regarding hardware security.

As a starter, basic electronics and software development skills (embedded ones are more helpful) provide a good kickstart.

Remember, hardware hacking requires a lot of patience. Hacking physical devices incorporates imperfections from physical nature. Unlike application security where rules are perfect, the hardware side has errors and tolerance to them. Hence, it’s more about judgment and experience.

Additional Tip: Wireless Routers are one of the best ways to learn hardware hacking. Modern routers are a combination of wireless technology, web servers, authentication, networking, embedded development, storage mediums, etc. This provides a whole playground for experimenting with various attacks and learning along the way.

Summing Up Everything

To hack into a system requires an understanding of the rules better than the designer. Hardware has a lot of it to adhere to. It’s awesome to think how many of these devices surround us and developing exploits on them can make a person with an understanding of them the one in control.

More of it: Since Blockchain Technology is on its way to making things smarter and financially capable, the space of hardware hacking is just getting pushed way more than ever before. When these smart devices get integrated with smart contracts, there is a lot more to do than just bypassing password authentication. It would go towards cryptography and finances. So more fun in the future!