All streams

Hey, Habr! Ivan Glinkin is here again, head of the hardware research group from the Bastion team. 

"A flash drive with a combination lock," "a flash drive with hardware encryption," "an encrypted USB drive," and finally, the proper term — "Cryptographic Module". An encrypted USB flash drive goes by many names, but the core concept remains the same.

The purpose of such a device is to protect sensitive information from unauthorized access at both the software and hardware levels through encryption, anti-tampering mechanisms, and various other safeguards. But are these secure USB drives really as reliable as they're made out to be, or is it all just smoke and mirrors? 

We decided to look past the marketing claims and conduct our own investigation, attempting to crack several of these devices using hardware reverse engineering. We attempted to extract data, identify the encryption algorithms used, physically open the drives, and read their memory chips.

The results were quite interesting. Read on for the details.

There are things in the IT industry whose even existence has become a beautiful myth.

The knowledge described in this article is extremely rare, as it has previously been held by individuals with an academic degree, special training, and, most importantly, access to the necessary equipment.

In the IT crowd, it’s common to mock HR for their weird terminology and attempts to assess a “rich inner world” instead of clean code. But when a senior starts tearing juniors apart in code reviews to the point where they end up crying in the bathroom, nobody’s laughing anymore.

We pit two archetypes against each other: the “toxic genius” and the “human glue”. Which one is dead weight, and which one is the load-bearing structure of the project? You might not like the answer.

This article is not about Puppeteer being a bad tool. Puppeteer is excellent. And competent TLS fingerprinting will bypass most defenses. But there is a class of tasks where even a perfect network stack won't save you — because detection has long since landed at the level of rendering engine behavior. Let's take a look at how Cloudflare and Akamai expose you through WebGL and Canvas, and why “clean” code no longer works.

Hello, fellow developers!

Anyone who designs multilayer printed circuit boards in KiCad has faced the need, during routing, to leave large areas free of copper polygons (whether connected to nets or not) for schematic or other reasons. On outer layers, this isn't a big problem. On inner layers, it's a bit different. While it might be fine from a topology perspective, it's not ideal from a manufacturing point of view.

Today, we want to share a plugin we developed to solve this problem. It's a tool for automatically filling free areas on a PCB with non-current-carrying copper elements, either square or round, of a configurable size.

Why is this needed?

At first glance, an empty area on a board is just bare laminate without copper. But for the manufacturer and the end-user of the device, this has two important consequences.