• ## How to crack a self-service terminal and why 80% of them are under threat

• Translation
Author of the original post in Russian: frsamara

I always loved playing with things and testing them under all sorts of wacky conditions as a kid and even considered getting a job as a tester, but I never did. Nevertheless, I still like taking things made by someone else and poking them for vulnerabilities.

I remember, when first self-service payment terminals started popping around town, I saw one of them put up a browser window while updating, and the game was on — I broke it almost immediately. There’s been a lot of discussion about it since then and developers have started to pay a lot more attention towards security in these machines.

Recently, fast-food joints have started installing these terminals. Obviously, it’s quite convenient: just tap a couple of virtual buttons, place an order, pay with a bank card and wait for your number to show on the screen.

Also, nearly every big mall has these interactive boards with floor plans and information on various sales and discounts.

How secure are they?
• ## Modes are vim’s killer feature? Seriously?

• Translation
Author of the original post in Russian: varanio

You may have read a recent article suggesting that vim is great unlike IDEs, because of their allegedly low typing speed.

Let’s recall that the main message of that article was that vim’s killer feature consists in its modes that sort of outshine everything else. That said, the author acknowledged that IntelliJ IDEA and other IDEs provide hotkeys and other user experience which can be easily used. However, since they lack modes, vim is supposed to be everyone’s first choice.

The author then suggests that instead of pressing ctrl+arrows to move between words, it is easier to press Esc, e and then go back to the i editing mode. Understandably, all this trouble because the author finds it inconvenient to hold ctrl.

I know that articles that criticize vim get many negative votes, but I just have to speak out.
• ## The hard-to-catch bug in LittleBigPlanet

• Translation

Author of the original post in Russian: HotWaterMusic

The history of the world's gamedev knows quite a few curious bugs that had to be tackled by developers. In fact, judging from the story that Media Molecule's CTO Alex Evans shared on his Twitter page this past weekend, many legends are still waiting to be heard. Evans is famous for his part in a demoscene performance of late 1990s and his work on the LittleBigPlanet game series and on Rag Doll Kung Fu.

The case I am referring to in this article took place ten years ago, in 2008. While working on the first part of LittleBigPlanet — an original puzzle platform video game that was to be released exclusively for PlayStation 3 — the company's developers came across a really hard-to-catch bug.

Normally, for a game to get the green light to be released for consoles, it needs to pass a certification process, i.e. meet a set of requirements predefined by the platform owner. The certification may also include more specific requirements, such as the game running smoothly without crashing for 24 hours.

The development of LittleBigPlanet was at its last stage, with just two weeks to final deployment and distribution. Suddenly a tester from the company's QA in Japan reported that the game was consistently crashing when left overnight. Now the release was evidently out of question unless the bug was fixed.

## Abstract

Linear feedback shift registers are an excellent tool for implementing a pseudo random bit generator in hardware; they inhibit a simple and efficient electronic structure. Further, they are capable of producing output sequences with large periods and good statistical properties. However, standard LFSRs are not cryptographically secure, since the output sequence can be uniquely predicted given a small number of key stream bits using Berlekamp-Massey algorithm. Several methods have been proposed to destroy the linearity inherent in LFSR design. These methods include nonlinear combination generators, nonlinear filter generators, and clock controlled generators. Nevertheless, they remain vulnerable to many attacks such as side channel attacks and algebraic attacks. In 2015, a new clocked controlled generator, called the switching generator, was proposed. This new generator has been proven to be resistant to algebraic attacks and side channel attacks, while preserving efficiency and security requirements. In this project, we present a design of the switching generator using Verilog HDL.

## Introduction

Our project implements a real-time edge detection system based on capturing image frames from an OV7670 camera and streaming them to a VGA monitor after applying a grayscale filter and Sobel operator. Our design is built on a Cyclone IV FPGA board which enables us to optimize the performance using the powerful features of the low-level hardware and parallel computations which is important to meet the requirements of the real-time system.

We used ZEOWAA FPGA development board which is based on Cyclone IV (EP4CE6E22C8N). Also, we used Quartus Prime Lite Edition as a development environment and Verilog HDL as a programming language. In addition, we used the built-in VGA interface to drive the VGA monitor, and GPIO (General Pins for Input and Output) to connect the external hardware with our board.

## Introduction

As first-year students of Innopolis University, we had an opportunity to make our own project in computer architecture. University suggested us several projects and we have chosen to make a stack-based calculator with reverse polish notation. One of the requirements for the project is to use FPGA board provided by the university.

As our board, we have chosen Cyclon IV. Therefore, we had to write code on hardware description language. In the course we have studied Verilog, so we have chosen it. Also, the university has additional modules for FPGA, such as numpad, thus we decided to use it in our project.

In this article, we want to share our knowledge about FPGA and Verilog, also provide you with a tutorial to repeat our project.