Slashdot Mirror

← Back to Stories (view on slashdot.org)

Interviews: Ask Andrew "bunnie" Huang About Hardware and Hacking

Posted by samzenpus on from the go-ahead-and-ask dept.

samzenpus (5) writes Andrew "bunnie" Huang holds a Ph.D in electrical engineering from MIT and is one of the most famous hardware and software hackers in the world. He is a contributing writer for MAKE magazine, and has worked on a number of projects ranging from autonomous robotic submarines to peel-and-stick electronics. We recently covered one of his latest projects, an open source hardware laptop called Novena which features entirely NDA-free components. Bunnie has agreed to take a break from his work and hack away at any questions you may have. As usual, ask as many as you'd like, but please, one question per post.

58 comments

  1. Why "bunnie"? by Anonymous Coward · · Score: 1

    Seriously, that's the first question I have whenever I see his name. I just can't get past it. What's the story behind that nickname? Please tell me so I can focus on his good works instead.

    1. Re:Why "bunnie"? by azav · · Score: 1

      Seriously. I can't get past that nickname. Whenever I hear it, I immediately think the guy is a joke.

      A better nickname would be good for him.

      --
      - Zav - Imagine a Beowulf cluster of insensitive clods...
    2. Re:Why "bunnie"? by LoRdTAW · · Score: 2

      What's in a name?

      Seriously, why would the name turn you off to his work? I know bunnie is a cutesy-wootsy name but it has no bearing on who he is or what he does. Maybe he likes rabbits. Maybe its what his mother calls him. Maybe it was a nickname he earned on the mean streets of Boston during his time at MIT. Either way, who really cares?

    3. Re:Why "bunnie"? by just_another_sean · · Score: 1

      Maybe he likes Reggae?

      --
      Creationist Textbook Stickers Declared Unconstitutional by CowboyNeal
    4. Re:Why "bunnie"? by stox · · Score: 1

      Because the only thing that can stop him is the Holy Hand Grenade of Antioch.

      --
      "To those who are overly cautious, everything is impossible. "
    5. Re:Why "bunnie"? by azav · · Score: 1

      Let me introduce you to the president of our Fortune 100 company, Mr. Davis "Fluffy Bunny Poopie Uppums Dumpling Pants" Stonebaum.

      Bunnie is a pet name for someone's girlfriend. It's not even bunny spelled right. That's not a guy's name. That's not a nickname any guy would like to have. That's not professional.

              Let me introduce you to the president of our Fortune 100 company, Mr. Davis "Fatass" Stonebaum.

              Let me introduce you to the president of our Fortune 100 company, Mr. Davis "Kitty Dumpling" Stonebaum.

      It's foolish, and uncomfortably strange.

      It makes you wonder what is wrong with the guy that he chooses to go by something that odd.

      It's not good. It doesn't make him look good. It shows odd judgement. These are flags to stay away from someone.

      --
      - Zav - Imagine a Beowulf cluster of insensitive clods...
    6. Re:Why "bunnie"? by azav · · Score: 1

      Three!

      --
      - Zav - Imagine a Beowulf cluster of insensitive clods...
    7. Re:Why "bunnie"? by TangoMargarine · · Score: 1

      Or it shows that he takes things a hell of a lot less seriously than you do.

      I think we could use taking stuff less seriously as a society.

      --
      Unity? Screw that: XFCE. Slashdot Beta? Screw that: SoylentNews. Australis? Screw that: Pale Moon. UX developers DIAF
    8. Re:Why "bunnie"? by xvan · · Score: 1

      What makes you think that he chose it himself?

    9. Re:Why "bunnie"? by serviscope_minor · · Score: 1

      That's not a guy's name.

      oe noes. He doesn't 100% conform to the standard middle of the road ideal of gender norms. Clearly someone like that can't be trusted to design a laptop. Because that's for men with a wife, 2 kids, 2 cars and a big lawn in suburbia, who would never ever *EVER* do something their work collegues or friday night ar buddies might deem not 100% masciline.

      It shows odd judgement.

      And the fact that he built a laptpo for hmself doesn't? (note: odd, not bad).

      These are flags to stay away from someone.

      Being a massive square dullard is a huge flage to me to stay away from someone.

      --
      SJW n. One who posts facts.
  2. Chinese industry by Esteanil · · Score: 1

    What is the most important thing you wish you had learned earlier about manufacturing in China?

    --
    I'm a dreamer, the world is my playpen. But hey, I'm a serious person, I can't dream all the time.
    1. Re:Chinese industry by tchdab1 · · Score: 1

      And speaking of learning, where have you learned things that you could not easily or ever have figured out on your own? Which environment or learning experience do you look back on with gratitude?

  3. Which do you fear more? by Anonymous Coward · · Score: 0

    Unintended technological consequences for society or societal-norm consequences for technology?

  4. Why so expensive? by nctritech · · Score: 1

    The Novena costs way too much. It has a noble goal but is not accessible to anyone but those who either have a niche purpose for it or have money to burn. Why so expensive? Is it the lack of mass manufacturing?

    1. Re:Why so expensive? by fuzzyfuzzyfungus · · Score: 1

      I assume that economies of scale aren't helping; but some of the parts aren't inexpensive: that FPGA is ~$50, even in quantity, and the application processor isn't far behind.

    2. Re:Why so expensive? by Anonymous Coward · · Score: 0

      Of course it is the lack of mass manufacturing. They are only making a few thousand items designed for a very niche purpose instead of millions of generic devices.

      But these are actually very cheap, for what they are. Laptops are now reaching where PCs were in the 90s, where you as a person could spec out a truly custom machine from the case upwards and have it built for not much more than a mass manufactured device.

      If this continues, soon it might even be cheaper to build a laptop that uniquely suits you instead of buying a generic one that doesn't.

  5. I've never heard of you by larry+bagina · · Score: 3, Insightful

    No disrespect intended, but let's say we stop some random people on the street and ask them to name a famous hardware hacker. I bet that question isn't showing up on Family Feud anytime soon!

    What can we do to increase the public awareness (and create more hardware hackers)? I was thinking perhaps high schools could have shop classes for nerds -- instead of working on engines, wood working, etc, it would be hardware and software.

    --
    Do you even lift?

    These aren't the 'roids you're looking for.

    1. Re:I've never heard of you by Wootery · · Score: 1

      No disrespect intended, but let's say we stop some random people on the street and ask them to name a famous hardware hacker. I bet that question isn't showing up on Family Feud anytime soon!

      A random person on the street might be able to name the person who first developed Linux.... but probably not. That doesn't mean Linus isn't well-known in tech circles.

      I'd heard of bunnie for his work cracking the original Xbox. Here is his Wikipedia page.

    2. Re:I've never heard of you by Change · · Score: 1

      His book, Hacking the Xbox, is now available for free: http://www.nostarch.com/xboxfr... The chapter on the methods he used to actually bypass the system's boot security was fascinating.

    3. Re:I've never heard of you by flappinbooger · · Score: 2

      A random person in the street can name you multiple Kardashians but won't be able to name you the vice president.

      So no, a random person on the street won't know who Linus Torvalds is.

      --
      Flappinbooger isn't my real name
    4. Re:I've never heard of you by westlake · · Score: 1

      I was thinking perhaps high schools could have shop classes for nerds -- instead of working on engines, wood working, etc, it would be hardware and software.

      There is something to be said for mastering traditional tools and materials. Stone, Wood, Metal and Glass. Paving a walk. Building a fence, a deck, a table.

  6. How do you become a professional hardware hacker by werepants · · Score: 5, Interesting

    This sounds like multiple questions but it is really just clarification on one:

    What advice would you give to a person who wanted to make a living in the "Maker" tradition - being able to spend your days designing, engineering, and building on technically interesting and creative maker projects? I'm most interested in the career aspect, assuming that you've already obtained a preliminary education: would you look for a job with a similarly minded engineering firm, launch a kickstarter, start a hackerspace, hack together some things and try to sell them through a webstore, work as a freelance engineer, or something else entirely?

  7. The UnCase by Anonymous Coward · · Score: 0

    Any plans to produce a version of Novena whose case isn't made of hand-whittled sitka spruce, yet can still handle having a Double Dew spilled on it?

  8. When will you get the Wii U hacked? by Anonymous Coward · · Score: 0

    If you're any good, you'd have it hacked very soon. You must be a scrub hacker.

  9. Lulu for Hardware by Anonymous Coward · · Score: 0

    When will it be possible to design a complete hardware device, including casing, from the comfort of my couch and then just submit the design to a factory who will return the device in 6 months to a year? Where is the Lulu self-publishing company for hardware?

  10. Colon, not comma by bluefoxlucid · · Score: 0

    There should be a colon after "one of his latest projects." The following clause specifies the preceding clause: it explains what "one of his latest projects" is. Because it's a restrictive clause, it's followed by a colon rather than a comma. Notice the preceding clause was non-restrictive: many things may be followed by a colon rather than a comma, so a comma is used to show the relationship between the two clauses. If we omit "because" from the sentence, we have an independent clause; either a semicolon without a conjunction or a comma followed by a conjunction (e.g., and, so) would be correct.

    Slashdot editors.

    --
    Support my political activism on Patreon.
    1. Re:Colon, not comma by Anonymous Coward · · Score: 0

      I was once the victim of a man in the middle attack.

      It was a dark and stormy evening at a dork convention called DEF CON. I was standing in the hall, minding my own business. Suddenly, the lights went out. While I reoriented myself, the awful thing happened. I felt a fetid cock get shoved up my no-no hole! It caught me off guard, but the stimulation on my prostate was making my penis erect.

      Then, a bright light illuminated in front of me. Off in the distance. Like a tunnel of light during a near-death experience. Something from hell began running toward me. This was a four-eyed dork monster that was running backwards toward me like something out of a horror movie. But his head was on backwards! So I could do nothing but stare him in the eyes as he smirked gleefully at me.

      You can imagine what happened next. BAM! My penis was rammed up his fetid anus. "NOOOOO!" I shouted. I remembered an SSL certificate warning when I entered the building. My oh my, how I wish I hadn't ignored it...

      Captcha: decorum. What is left over after butt fucking a demon with a backwards head.

  11. 100% Open Hardware by Anonymous Coward · · Score: 1

    At what point will we be seeing a 100% complete open hardware platforms, replaceable~ for modern OTS offerings? By that, I mean from silicon manufacture to FOSS binary. 100% open design, manufacture, and source code.

    I'd like to think this endeavour isn't more than a thought experiment.

  12. Small Scale Chip Manufacturing? by Cpt_Kirks · · Score: 1

    Where do you see small scale chip manufacturing, up to and including custom multi core CPU's, going in the near future?

  13. How was it growing up? by haneefmubarak · · Score: 2

    How avid of a hacker were you when you were in high school and how supportive do you feel your friends and family were of your hobby?

  14. Restrictions in the future? by plover · · Score: 1

    Do you see manufacturers of the future attempting to put restrictions on hardware hacking, either more technical or legal? Will manufacturers order CPUs without I2C pins, or toy drones with UEFI secure boot operating systems? Have other countries put restrictions on hardware hacking that have affected you?

    --
    John
  15. Lappy toppy by LoRdTAW · · Score: 1

    Do you plan to use an x86 CPU in a future design?

    I love the idea of a laptop that is a portable hardware hacking platform. Its a trifecta of PC + FPGA dev board + open source design in one portable box. I can carry one system and it has everything I need. But the limitation that seems to hamstring it is the ARM CPU which is unable to run the Xilinx tools. This means we have to lug an x86 laptop to run the Xilinx tools if we want to make changes to the HDL code. That or use a remote server/workstation to build and download the bit files which might not be practical if there is no net connection available. If the Novena had an x86 CPU, we could do all of the development on it.

    I would love to see a Novena with a 2GHz quad-core AMD G series SoC. We could then run the Xilinx tools and be able to do all of the development work on the same machine. It has a load of I/O, GPU, supports more RAM (up to 16GB) and features virtualization so we could run Windows in a VM if need be. Power consumption would be higher but no higher than most laptops. The only issue would be connecting an FPGA as I don't believe the G SoC sports a local bus like the i.MX 6. So a more costly Spartan 6 LXT FPGA with gigabit transceivers and PCIe would be needed, not that its a bad thing ;-). If a board like this were available my response would be "Shut up and take my money!"

    1. Re:Lappy toppy by jonwil · · Score: 1

      Is there an x86 part that is 100% open with no NDAs required?

  16. How do you go about discovering hacks? by timrod · · Score: 3, Interesting

    I haven't read your book (I will when I get off work) but I'm curious as to how exactly people discover these hacks. I mean, there's some really weird ones out there that make me question how people even thought to do them, such as hacking a PSP battery into service mode in order to load custom firmware or manually opening a PS2's disc tray to bypass the copy protection that only activated when the button to open or close the DVD drive was pressed. I know with the Xbox, there was a software hack (I don't know if it's the same one you found) with save files from certain games, but only specific versions of those games.

    So my question is, how do you go about looking for exploits?

  17. Pain? by Anonymous Coward · · Score: 0

    How much of a pain has it really been to get NDA-free? And do you expect to see any change for the better in the industry in the near-term?

  18. If any questions about the original Xbox come up.. by Myria · · Score: 1

    ...and Andrew/bunnie doesn't answer them, I can. I'm very briefly mentioned in the book under a different Internet name that I'd rather not say here.

    I was the person who figured out how to dump the second version of the MCPX's secret boot ROM without having to repeat the HyperTransport bus tap craziness that Andrew did in the first place. Namely, the A20M# attack, which was much easier to do. (If Andrew hadn't done his original attack, though, we wouldn't have had the knowledge necessary to pull off my attack. <3 Andrew)

    We kept the A20M# attack secret until the 360 was released, in case another MCPX silicon revision was released. It turned out that Microsoft had, in fact, coded a new MCPX ROM to defeat many of the exploits used to hack Xboxes - they just never released it, probably because it would've cost a fortune for what was then a console in its late stages. We didn't find out about this MCPX ROM update until some people looked into how the Chihiro arcade boards worked in 2014, which showed the new MCPX code in the debug ROMs. The A20M# attack still would have worked on this design - it was an attack on entire secret boot ROM design, not the MCPX ROM's code =)

    Myria

    --
    "Screw Sun, cross-platform will never work. Let's move on and steal the Java language." - Visual J++ Product Manager
  19. Singapore over the US? by Anonymous Coward · · Score: 0

    I find it interesting you chose Singapore over the US. Singapore is not exactly at the top of the personal freedom charts but at least they are honest about it (vs the US). What factors made you choose Singapore?

  20. Current-Gen Consoles: "Unhackable"? by timrod · · Score: 1

    One follow-up question.

    With the current console generation giving the manufacturers the ability to do things like force firmware updates when trying to run games or check for updates constantly (WiiConnect24 or Spotpass on the 3DS), and most importantly the ability to update their firmware to remove exploits, it could be argued that today's consoles are the most secure in terms of prevention from hacks that don't rely on inside information.

    At the same time, none of the current-gen consoles or handhelds has been widely hacked - there's the Gateway flashcart on the 3DS (which has its own share of problems regarding updates and bricking) and a few assorted exploits with PSN downloads on the Vita that were all removed before they went public, but there really hasn't been any news of hacking progress on the mainline consoles.

    Would you say that with all of the security updates and new abilities given to console manufacturers to fix exploits, that the current generation of consoles will never have a "permanent" method of being hacked - hacks that don't rely on things like PSN downloads that are entirely within the manufacturer's control?

  21. Why not OpenSPARC? by Anonymous Coward · · Score: 0

    That would be a libre CPU, right? Why didn't you use that?

  22. date of birth, girlfriend by Anonymous Coward · · Score: 0

    What's your date of birth?
    Do you have a girlfriend?

    My girlfriend wants no know this in order to evaluate if novena has a place in our (crowded) home :-)

  23. Hacking the Xbox by nmb3000 · · Score: 1

    One of my first forays into the realm of hardware hacking was following along as you recorded your exploration of the original Xbox console. I was fascinated by the hardware, but enjoyed your analysis and methods even more. It was you that got me interested in hardware and hacking. (Aside: Thank you very much for releasing your book as a freely-available download and for the open-letter about Aaron and MIT)

    What was the most memorable experience for you of your Xbox expose? Was there a particular part of the hardware that you found especially well-designed (or laughably poor)? A method that yielded unexpected success (or failure)? What kind of fallout from Microsoft did you face? I remember you posting the voicemail of the Microsoft employee asking you to remove the images of the Xbox ROM -- something I got a good laugh out of. And as a follow-up: do you have a feeling for how "secure" hardware has changed in the decade since the original Xbox launch?

    Thanks for taking the time to answer our questions, and also for all the work you've done pushing for a world with both open software and open hardware.

    --
    "What do you despise? By this are you truly known." --Princess Irulan, Manual of Muad'Dib
    /)
    1. Re:Hacking the Xbox by Anonymous Coward · · Score: 1

      You actually have an amazing collection of questions there. I doubt the powers that be would put this forward to bunnie as they are all in one post.

      Would be great if you put them in sepatate posts

    2. Re:Hacking the Xbox by Anonymous Coward · · Score: 0

      As the summary states, only one question per post is allowed.

    3. Re:Hacking the Xbox by nmb3000 · · Score: 1

      I don't agree that multiple question marks necessarily == multiple questions, but I'll take the advice of my anonymous friends and restructure my question:

      During your original Xbox expose, was there a memorable experience you had that stands out -- perhaps a particular part of the hardware that you found especially well-designed (or laughably poor), or maybe a method that yielded unexpected success (or failure)?

      --
      "What do you despise? By this are you truly known." --Princess Irulan, Manual of Muad'Dib
      /)
    4. Re:Hacking the Xbox by nmb3000 · · Score: 1

      And the second half of my question:

      I remember you posting the voicemail of the Microsoft employee asking you to remove the images of the Xbox ROM from your website -- something I got a good laugh out of. What other kind of fallout from Microsoft that you have to deal with?

      --
      "What do you despise? By this are you truly known." --Princess Irulan, Manual of Muad'Dib
      /)
  24. do you use any TEMPEST shielding or fonts? by Anonymous Coward · · Score: 0

    nt

  25. NDA-free? by Anonymous Coward · · Score: 0

    What is the status of secure boot on the platform? Is documentation even freely available for that part?

    Can he also comment on the so called gigabit controller the i.mx6 is providing (performance-wise)? Did he discovered additional silicon bugs while working with the SoC? What does he think about the whole i.mx6 documentation?

  26. Re:NO BETA DOES NOT FUCKING WORK by Anonymous Coward · · Score: 0

    http://ask.slashdot.org/commen...

  27. Why proprietary software? by smashingsn · · Score: 1

    Why do you insist on using proprietary EDA software to build open hardware? Don't you think it defeats the purpose? Can you elaborate on the state of open tools like KiCad and what they are missing to qualify for complex projects like the Novena?

  28. Just an Idea by Anonymous Coward · · Score: 0

    They should have done the keyboard as a wooden keyboard as well, just to match it all up nicely. It sticks out like a sore thumb.

  29. Singapore by Anonymous Coward · · Score: 0

    How do you find living in Singapore so far?

  30. The tower of success by werepants · · Score: 1

    In technical matters, it seems like I'm always having the experience of encountering people that have seemingly incredible technical abilities, and I aspire to learn more and become more capable. Learning robotics, for instance, you just want to make a light blink, then control a servo, then make a chassis drive, then combine sensor input into a fully autonomous vehicle and eventually you aspire to build a reverse-kinematics biped that destroys all humans. As I learn more, I just move on to newer and more complex kinds of challenges that seem almost unattainable, and then the process repeats itself. So I wonder, have you had this experience, and if so, what things are currently on your radar as aspirational challenges?

  31. Getting Started by ChrisBray · · Score: 1

    Hi I'm currently in my bachelor degree for game development and simulation which is basically game programming and I was wonder how can I get started in hacking? I want to learn how to hack to provide better security and it sounds like fun

  32. How did your parents... by canada_dry · · Score: 1

    As a father I'm wondering, how did your parents nurture and support your inquisitiveness as a child?

  33. How to make the best of a visit to Shenzhen/HK? by JavierMontaner · · Score: 1

    I am planning a short trip to Shenzhen/Hong Kong to see all the HW development/manufacturing going on in that area. What are the best places to visit (factories, stores, malls, make/hacker spaces) and how to make the most out of them considering that I speak no Chinese? Thanks!