By Gavin L. Rebeiro

Contents

Cover

Copyright

1 Acknowledgements

2 Introduction

2.1 Prerequisite Knowledge 2.2 Apparatus

3 Fundamentals

3.1 Communication 3.2 Kernel Ring Buffer 3.3 Drivers 3.4 Operating Systems 3.5 Special Files

4 Doing The Task

4.1 Preparing The Boot Media 4.2 Connecting Physical Components 4.3 Using Picocom 4.4 OS Installation

5 YOU ARE HERE ☞ Thanks

6 OpenPGP Key

A Malicious Hardware

B Linux Kernel Source Tree Analysis

C Digital Multimeter Tests

Summary: The final part of a series on liberating the Raspberry Spy from an untrustworthy OS that secretly adds Microsoft keys and proprietary software repositories of Microsoft (see Part I, Part II, Part III, and Part IV)

THIS part is mostly addenda.

Chapter 5: Thanks

We’d like to take the opportunity to thank you, the reader. We believe everyone deserves a computing education; however, the topics of computing freedom and how computing affects our basic human rights are neglected in computing education today; at E2EOPS PRESS we strive to change this. Our goal is to inform, educate, and inspire. Computing is also a lot of fun! We want everyone to experience the joys of computing. We hope you enjoyed this issue of our periodical as much as we enjoyed bringing it to you!

Our work requires research, equipment, and infrastructure to deliver. We strive for the best quality in all we do. If you would like to support us, there are several ways you can do so. Any support we get from you enables us to bring you the best we possibly can.

We distribute all our periodicals via peer-to-peer technology. There are things we publish that some people don’t want out in the open. Thus, if you can contribute to the peer-to-peer sharing, you would be helping us out immensely!

If you would like to support us by making a cash donation, we have a Paypal account that you can send donations to:

● https://www.paypal.com/donate?hosted_button_id=B5VPZJBKLL2S6

For those that like to use QR codes, you can use the following QR code to donate to our Paypal.

If you’d like to donate in some other way, you can send an email to donations@e2eops.io and have a chat with us about it.

For encrypted communications, you can use the OpenPGP Key provided in chapter 6.

And, as always, happy hacking!

Chapter 6: OpenPGP Key

At E2EOPS PRESS, we take your privacy seriously. If you want to send us an encrypted message, you can do so with the following OpenPGP key:

-----BEGIN PGP PUBLIC KEY BLOCK-----
mQGNBF7JMNYBDACeCfa+NpFSOUOyIKqdZdtIjEZCaLzBKQmnqLJo/5BZZiCrGK8+
MYUfBz6iiEqEJf7N0R6Kg/esyIEy35uYdiLr66fg/sEXHk5eW/9Hanex/Igk9nmg
1+eGo1sk/MQh7lUNydqOHVokhjcPHleUGiJE/F0MjDvs/xTN1HYf1uhmJOZbpL/D
oTcTssL1BB2b95QfuUViX7I/+Xoe4VSaxdVlVGGCSI8jAPqb+0PYX6N2yHllFaRI
8D4cQkKpP5z2Y9m65ALWsR0M6GBUIeYe4QzfBVwuPg7TAiSpZWDC3vPIWFsC1zbL
NT4y6bxjv9gE0S3GVXZC/bTHuVL3FNrStnMFX0z8E4c19vyo9TyTxXLKC7Qy/dWJ
Nf+3tbgNQ7yR8MBwciyQho9MltrIFTz+JXZj7xCM0QiYgTo4rBl9eczaGLZwlOJn
sybs3Ia0ZTfm5yQAQ3eJ4yKKkiCjADF6fq6AVgV0D36wgBiZnVa+zbSteamUM7L8
JN4rzqfm587d+/0AEQEAAbQgR2F2aW4gTC4gUmViZWlybyA8Z2xyQGUyZW9wcy5p
bz6JAdEEEwEKADsCGwMCHgECF4AFCwkIBwIGFQoJCAsCBBYCAwEWIQTHhRt/mdsE
uRCTt6QUP5lU/9Mq/wUCXyPcLAIZAQAKCRAUP5lU/9Mq/xtpC/9nEcxWrB5e3W1o
Xl8W9uumnwG5o2ZUYfHtQ+QVpkowdQgEFPLTBicWRPnb61eaT/60hkhH68Gb1oVZ
BHHN3YNF9qqQHqOT1iAuP0nidkHXUaz4Bbl0wR8brvY2aJO4l03sOWztQHkAoo+u
wNohHM1lwqKYN+HRWm+JyTRxw/YHkYI1Rz1aN9hUNTax1HqAm5fSq+R/VKyUZ9tI
2D93p2PK+c1SEJS1goBnlJu4HW2T7NA7oUboKG0J4h2yBV6WtSgskFEWqYEBzvxw
ZaWzooOnJRPc+CibhRuH9VJvegRCkwZcNuZfHBKkh+d30LaJJlpifnu9ADs0PkXx
HUsHlgMjUbzjztFEBmAjS8PvKOG2nJxcv362749/M6vI7KP7ktf4i+3wZLe8BC5y
hSAAQtLUBC/IratA+4NSI8lxDlNB+rrFTXzYTVGscJWlACCK4l0xaXNC0OBcRosH
oFMgSogrXrQ2SsSu8oeVOjx/HOd8tThrCKd2nd40iG5Z3fftzP+5AY0EXskw1gEM
ANpbLPGSE9gjT8aAkcK0gIhNwTwR/X9T1YCKViiOYALCzPfGYMQqATSe/J7o/ysO
+lAB0B3NExdIbwh3knhoEsXdx9zNz18q827aCdLJVuq9kizXoCkWchJ0QjgacvNe
0jGZ+o3ULIMmnWztGzNixZaAiwzalWghFuiX4pG0su8TYAN1T6DGvdb+F1rx0xo8
tb3T8RaO0VZyji3zBBNXD1ECU6dmi0AJ0zD0S5iRIXIn+QfRR2oJu9ZSR6En7PS1
b4bhJ2OnBE4ZQ3mS4aHPaeIWbeCeq8EuaVQNyv5jT3wD18DIRigOxl9XJFy1IDO+
A45hz9FwxULH1QH5bZXRmkYfcxkLMqoMci0+8XxobpmILjkSHeAo4PR8KTHpNUXf
I7rJLpufYRTHf5votrJmgbea5bfnAlSoOXMlN2XZ9oJimOTfyzItCSwb0pkghnW0
Hyo3kd5RbDcZrd6RSSVWo/41gr8SXatlkpbnEYjktFGe2Nxls6qZAgA/lqKrS9ti
7wARAQABiQG8BBgBCgAmFiEEx4Ubf5nbBLkQk7ekFD+ZVP/TKv8FAl7JMNYCGwwF
CQPCZwAACgkQFD+ZVP/TKv9XAwv9Heor5YuZalOcXXiGCrqYNHuQJLbDvUpTK6wI
t9peV4t6E8oiqb0/0ezLGQSlP8RkBKUkhslVn5M6cDIxdCAlZxUIOjF1tJyHrTua
wEayHO5q84tixa00+x2/mmaDy0ddZXc4gITLgZjN4J3e9GUww4N3TUVJTZDPF+mP
eFd2HlGj3AHLtNEfsEw4HvYNNzexnom66gdDrrCIBxWRgUD2aRQKxQOquFQt2zYS
dgOXVS0eyaN81uqFHVh+tvyBKkrK8D/recaPcCXAFSv9UUcQA6jEFdC9WEjgHD7J
nRrCwOGBTZ7IvYO5+rpyh/w8k6eZYhUm3UdXYuPsxaCsSL+OW46DBP0C5sKrhxZK
thZOhll4ZYrfX1Vv4awBAB6iMZ0i+i39AQPmpvUviFGUfLkHEEsarHgPDchaOv1p
0xa11jUxU5nkqfiQj5A4h4TMP0q9tGdf1puxRZqwp8T0Jc9uQAm6wUMaaaugiXn+
BQfF5XIfOiXZx9DThhqYwO4WztdEuQINBF87rdYBEAC66OFgJa3p9d6Ets5A3NVm
XxXkCBmgIg1HG44bmKz3o2xudRP6o3bbmVI06cmfGAVmKJ0voAVsgHMsTg30iZb3
D/X9iRYTB/1suyYIgP9cRxltLLMTL4LycmrCRCnTJSMThA1V2d5brmmrWcOPmqnT
CdbOjUD5OWzGsfIkP0t+Ef4v94j574WAvpGYd7Wf5o30JKNfdOjdLOVFdp6lV9mM
FxebC1lZ6uRSeL77/XZJC4ZQ8TzhgsdgnE4M1sKvaDO+DTS3pu7+Dh+ORFQ9TQDP
ZuMBpln3UBa1evVR8bF9SgqjGo2Al8K590xGNJEHzj+BGqEKjOVN05uMoplByMdZ
pD2lRMdqgIqVXiNtBSBhv1oGQhu5fxW11Xv4Kh5BzuOMLS/0KT2cdlk06eCgWZqT
/IM5ipKYpJJgtkJ/0sU+hLq+jilAr3ZhmkxCim+9uYOZ93ypy7QiW8ldbsGEDh5S
KcU+qWGNEMHhNwuHY9ChO1hcWi/q5/mZTKXG60/q6RZRI2QxbuKsX3c8GbEea2jU
Q+v4zFp/x7G1aPRTRtqOssvBtIikBiKWBEOBwYwqpEjD6IfmWVh8wlJZx/tcBRGF
0FGpyieGAFINaQIjKURm7bHkn4bQwIZkmbAssA6ZHcl9u6/u60155K4ifuf7ChyK
8H5n6vJq4AUxQkA8kADvnwARAQABiQG8BBgBCgAmFiEEx4Ubf5nbBLkQk7ekFD+Z
VP/TKv8FAl87rdYCGyAFCQHhM4AACgkQFD+ZVP/TKv9Fwgv+P20Qu7USOJfaUVN4
I52GS6R8veww4aKY16ts3XlIUl3mqbH3KoB1T+YKuqoVrNCtGeXVD0AB+BJxxrQS
BFtYq4ZgPnSo7NQST6SWbWhzJmpfuhoInGb9l8v0mwD50DrOPjeZcX7TrQN4jWft
OJQkKviCYFCu36xa84FUYxTyvA5V4TpWAgPTUVBpf8BrI2Ktw3Wc1THHqcwIszec
Mr/mexDfdCa8G78u3rgX4kZPSGFwaGK339eqlb7rMtspkKQPPmm92lYdfV/icbvw
7iaMAirgYq72qzkuIV6GMUKsTa/1wkJ54yACaLXS9A3NXDVizErWHam9TG/ce/Ll
EPUsrXTesrhqZpaHHNxnfiQOXzocrldvvdYOxBeGfMQY7fftX8GgQwMjMi2kracr
hWc1mCSMSCerTWCtRfw0CK4Au6881rAAmXDwvjU586ezv1MdBqVmN7eOeeVVGdM1
/+S5QP//oK6MEkAS8y2ZP8A/3iMlYz+SBOUSD0AJ0RZEhkhr
=JMTx
-----END PGP PUBLIC KEY BLOCK-----

Appendix A: Malicious Hardware

While doing research for this issue, I often ran into USB-to-UART bridges of the “FTDI” variety. Upon further digging, an ugly bit of history surfaced. The FTDI modules have a reputation for sabotaging people’s hardware.

Sadly, we live in a world where this sort of thing is the norm. Pay close attention to the products you buy. You need to practice vigilance in order to defend your computing freedom. Remember, you have control over your wallet. Don’t support malicious actors, if you have the choice (in this case you almost certainly do).

Appendix B: Linux Kernel Source Tree Analysis

The directory trees rooted at /sys and /proc are mapping of Linux kernel data structures and interfaces; you can read up on these in the Linux kernel source tree from:

● linux/Documentation/filesystems/sysfs.rst ● linux/Documentation/filesystems/proc.rst

You don’t have a local, up-to-date, copy of the Linux kernel source tree? You really should. Note that some of this documentation is hilariously out-of-date; use the git log on a file to see the last time parts of a file was given an up-date:

 $ git log -p filename

This should give you what you need. Since the Linux kernel is developed with Git, it pays dividends to learn at least the fundamentals of Git.

It’s a frequent occurence that people ask me how to make sense of the Linux kernel. You need the following prerequisites:

● A familiarity with the C programming language. The syntax is easy to pick up for most people because a lot of the popular programming languages in use today are based on C. Most operating systems today are written in C; the same goes for embedded systems. If you don’t have a good grasp of C, you can kiss any hopes on working on this stuff goodbye. C is not as hard as people make it out to be; just look at real code and don’t waste your time on pointless exercises. Start with the smallest real-world programs you can find - like echo(1); once you get the simple stuff, get more ambitious and look at more complicated things. The following resource is also invaluable to the novice C programmer: C reference.

● To make sense of other people’s C code (particularly spaghetti), you need a good source code tagging system. I recommend GNU Global because it works well on most Bourne Shells. Using GNU Global will enable you to look up definitions for things like functions and structs in C code easily.

● You need to learn GNU Autotools to automate the workflow of building makefiles and such. The old “./configure && make && make install” ritual stems from GNU Autotools. Learn it and embrace it. You can build truly portable software once you learn the fundamentals of GNU Autotools. You won’t understand head nor tail of embedded programming with the Linux kernel (and several other things) unless you have a grasp on the rudiments of GNU Autotools.

● Whether you like it or not, Git is an essential part of Linux kernel development. Without a firm grasp of Git fundamentals, you won’t get anywhere. While you’re at it, you should look into the standalone utilities GNU diff and GNU patch; Git is essentially an abstraction on top of these tools.

You should now have enough pointers to begin acquiring knowledge about how to make sense of the Linux kernel (and a whole lot of other things). The aforementioned prerequisites abstract to OS and embedded development and being an effective operator of your computer. These are the tools you really need to know to get anywhere.

All of this stuff applies to several other things. Once you start learning them, you’ll see what I mean. It really isn’t a lot to take in. Knowledge of this stuff will last you a lifetime. Don’t fall for the IDE X or framework Y bullshit; those are moving targets and are deliberately broken to keep people reliant on the dictators for “support”. Educate yourself; it’s the only path to computing freedom. Become an operator; don’t be a mindless consumer.

Appendix C: Digital Multimeter Tests

As always, follow the instructions in the manual of your Digital Multimeter (DMM). RTFM extra carefully, otherwise you end up with magic smoke (why you were recommended spares).

There really are only two simple things you need to test on your UTUB:

● Voltage coming out of the UTUB TX and RX pins.

● Current from the TX and RX pins.

There’s not really much more to be said here. The one bit of general advice is to use a breadboard and some jump wires, if you have access to one; crocodile clip test leads for your DMM also make life easier. Basically, try making sure you don’t short circuit your UTUB by having DMM test leads too close to each other.

Make sure the test leads are plugged into the appropriate terminals of your DMM. Always make sure the fuse of a DMM terminal is sufficient for what you’re measuring.

You can find GPIO voltage specifications of the Raspberry Spy in the official GPIO guide. Make sure you cross-check with the right CPU model’s datasheet.

You may end up needing to buy some resistors to get the right voltage and current. You can find background information useful to the novice hardware hacker from the excellent Sparkfun tutorial on pull-up resistors; follow the appropriate links to fill out gaps in your knowledge. However, most UTUBs are usable out-of-the-box (OOTB) so you shouldn’t really have much issue here. But it doesn’t hurt (unless you zap yourself) to get a bit of electronics background knowledge since you’re playing around with wires and electricity!

Index

[Editor's note: this corresponds to the PDF version of the document]

lsblk -f, 28 sd(4), 34 /dev/ttyUSB0, 23 /proc, 43 /sys, 43 FTDI, 41 apropos(1), 18 cmdline.txt, 29 config.txt, 29 console=fb, 29 cp210x, 23, 24 dmesg(1), 18-20, 22, 25 echo(1), 44 enable_uart=1, 29 grep(1), 20 lsmod(8), 20, 25 lspci -k, 26 lsusb -t, 26 mknod(1), 24 modinfo(8), 19, 20, 23 picocom(1), 17, 24, 32, 33, 35 ttyUSB0, 23, 24 usbcore, 23 usbserial, 23 DMM, 15 EHCI, 20 HCI, 20 idProduct, 25 idVendor, 25 jump wires, 14 kernel ring buffer, 18 KRB, 18 OHCI, 20 PCI, 20 QC, 15 textttmodinfo(8), 25 UART, 17 UTUB, 13, 14 ⬆