Funny how two people can hack two separate home phones to run DOOM without realizing it until after the fact. For perspective, I posted a blog article about modifying a CaptionCall phone to run DOOM at the same time [1] as this was posted! What a unique coincidence!
Amusingly I see this happen all the time in the information security domain. Two researchers coming out with the same results at basically the same time and they were isolated and doing the work independently. It happens in science and other areas so often. It’s an interesting phenomenon for sure. Maybe someone has named it and thought more about it. I just imagine we are all primed with roughly the same information and resources and these lovely little coincidences pop up from time to time, relatively often.
I found it amusing that this time, both the article submitter and the second person to do a similar hack are named Josh. Perhaps that's slightly less common.
Serendipity perhaps? As an aside, it's one of my favorite words. In my opinion it's a beautiful configuration of letters that's sounds lovely when saying it, and the meaning of it is equally wonderful. As a word, it makes me happy.
I mean, Newton and Leibniz figured out calculus at the same time in slightly different ways. It is common enough, but still a nice coincidence when it happens.
Around 10 years ago i worked in a company that had lots of software and physical VOIP phones. One of the models of phone had a pretty nice colour screen on it. I forget the brand .. it might have been polycom.
At that time I was very much into nmap'ing everything and noticed that these devices had all sorts of interesting ports open including telnet and ftp. FTP was read only for anonymous but it was trivial to download and crack the passwd file and discover that the admin password was something like 1234. My colleagues and I only got as far as showing images on the screen to surprise people but my imagination was running wild with the surveillance possibilities (let alone doom!).
This was one of my first glimpses as how bad security on commercial embedded devices can be.
Interesting. Do you think these phones were made that way by design? I am having a real hard time believing people with capability to produce these products are unable to secure them in any meaningful way.
IME, it is sort of by design.
I have worked for a number of companies developing forms of embedded products. It often felt like nobody really felt like the product was 'complete' until we were 8 or so major releases into things. So you wind up with things like SSH, FTP, etc. either directly enabled, or easily enabled via a not-very-well-hidden method to allow the dev or support teams to get into devices that were not behaving properly in the field so that they could diagnose/fix issues.
It's only been about the last 4 years or so that companies have started to realize the risks in operating this way, and I feel that a lot of that has been brought on by the end-user/buyer organization starting to require cyber security audits and asking more questions about cyber security during the buying cycle.
Indeed. The biggest immediate risk to a newly developed product is that it won't even have any users, much less a sufficiently interested attacker. So why add initial obstacles for yourself, right? So yeah, if effort to increase security is not valued by the buyer it ain't gonna happen.
> John Lennon wearing a Space Invaders t-shirt on Thanksgiving 1979 in Long Island. A massive hit for Taito in Japan, Midway only started distributing the game in the U.S. a year before in October 1978.
If you want to know what the state of computing was when you were born, visit the computer history museum timeline. For 1968, it was the year of the Apollo guidance computer, Kubrick’s 2001, Dijkstra’s “goto considered harmful” and “the mother of all demo’s”. Not bad.
I've been looking at nostalgic videos of Amstrad CPC and Amiga 500 stuff from when I was a kid. Indeed. "Wasn't even born"... generally stuff after 1985 is what I remember. TMI for my old(ish) soul :)
The Commodore/Amiga meetings at my local mall every Sunday afternoon in the 80s are the most entertaining and instructive time I can remember from my youth. Quite literally changed my life looking back on them!
I enjoyed this writeup. I always love seeing the lengths dedicated hackers will go to in order to accomplish something most other people wouldn't even consider doing.
The little tricks it takes to get something working in ways nobody really considered or accounted for.
I dunno, this kind of stuff seems like wizardry to me, yet when I read things like this, it makes it seem so easy and inspires me to try tinkering with things.
Yes, I appreciate the level of detail and the explanation of the thought process as he tried to break into the system. It really gives me a feel for what it's like and makes me think, "Hey I could learn how to do that."
I'd love recommendations for similar stories, if anyone has anything to share. I can't find it now, but I read a few blog posts by a guy who was starting to get into electronics (and helped out with the Burning Man Rainbow Bridge) and those posts have me the same sense of "oh, so that's how it works."
Reading this was a ton of fun. It captured the joy and sense of discovery that comes with figuring out how to do something you really weren't meant to do.
This is true hacking. Reminds me of 2600 or other 'zine writeups from back in the day: good-natured, logical, adventurous, investigative, and ultimately so very fun! ;p ;) xX
> The first and second half of the framebuffer are identical, so we can cut it in half to get our screen contents. I don't know why this happens, but we can easily make our display driver duplicate pixels to both halves of the framebuffer.
Reading the comment about lack of audio at the end, I'd be quite amused to see a phreaking exploit where you could dial into an office phone and have it boot up Doom, playing the audio through the headset.
They're all networked too, so you could potentially support multiplayer.
Looking at the page source doesn't reveal the content either, so count me as another possible viewer the author has managed to attract, but then promptly lost.
The author seems like the kind of genuinely curious hacky people we need more of. Abstractly, this is not a ground breaking accomplishment, sure, but it was a pretty nice writeup with some good notes on the methods he used to find and exploit vulnerabilities and make this work.
1: https://joshumax.github.io/general/2021/08/11/running-doom-o...