Inside Intel’s first product: the 3101 RAM chip held just 64 bits

chip-labeled

Ken Shirriff writes:

Intel’s first product was not a processor, but a memory chip: the 31011 RAM chip, released in April 1969. This chip held just 64 bits of data (equivalent to 8 letters or 16 digits) and had the steep price tag of $99.50.2 The chip’s capacity was way too small to replace core memory, the dominant storage technology at the time, which stored bits in tiny magnetized ferrite cores. However, the 3101 performed at high speed due to its special Schottky transistors, making it useful in minicomputers where CPU registers required fast storage. The overthrow of core memory would require a different technology—MOS DRAM chips—and the 3101 remained in use in the 1980s.3
This article looks inside the 3101 chip and explains how it works. I received two 3101 chips from Evan Wasserman and used a microscope to take photos of the tiny silicon die inside.4 Around the outside of the die, sixteen black bond wires connect pads on the die to the chip’s external pins. The die itself consists of silicon circuitry connected by a metal layer on top, which appears golden in the photo. The thick metal lines through the middle of the chip power the chip.

See the full post and more details at Ken Shirriff’s blog.

An Intel 8085 Microprocessor Trainer

The Intel 8085 microprocessor was introduced 40 years back, and along with its contemporaries — the Z80 and the 6502 — is pretty much a dinosaur in terms of microprocessor history. But that doesn’t stop it from still being included in the syllabus for computer engineering students in many parts of the world. The reason why a 40 year old microprocessor is still covered in computer architecture text books instead of computer history is a bit convoluted. But there’s a whole industry that thrives on the requirements of college laboratories and students requiring “8085 Microprocessor Training Kits”. [TisteAndii] just finished college in Nigeria, where these kits are not locally built and need to be imported, usually costing well over a 100 dollars.

Which is why his final year project was a low cost Intel 8085 Microprocessor Trainer. It’s a minimalist design with some basic read/write memory, program execution and register inspection, with no provision for single stepping or interrupts yet. The monitor program isn’t loaded in an EEPROM. Instead, a PIC18 is used and connected to the 8085 address, data and control pins. This makes it easier to write a monitor program in C instead of assembly. And allows use of a 1.8″ LCD with SPI interface instead of the more usual 7-segment displays used for these kind of kits. [TisteAndii] built a 6×4 keyboard for input, but couldn’t solve debounce issues and finally settled on a 5×4 membrane keypad.

Being a rookie, he ended up with a major flaw in his board layout — he missed connecting the SRAM and the PPI devices to the data bus. A bunch of jumper links seemed to solve the issue, but it wasn’t perfect. This, and a few other problems gave him a lot of grief, but towards the end, it all worked, almost. Most importantly, his BoM cost of about $35 makes it significantly cheaper compared to the commercial units available in Nigeria.

While some hackers may consider this a trivial project, it solves a local problem and we hope the next iteration of the design improves the kit and makes it more accessible.


Filed under: computer hacks

Harrowing Story of Installing Libreboot on ThinkPad

As an Apple user, I’ve become somewhat disillusioned over the past few years. Maybe it’s the spirit of Steve Jobs slowly vanishing from the company, or that Apple seems to care more about keeping up with expensive trends lately rather than setting them, or the nagging notion Apple doesn’t have my best interests as a user in mind.

Whatever it is, I was passively on the hunt for a new laptop with the pipe dream that one day I could junk my Apple for something even better. One that could run a *nix operating system of some sort, be made with quality hardware, and not concern me over privacy issues. I didn’t think that those qualities existed in a laptop at all, and that my 2012 MacBook Pro was the “lesser of evils” that I might as well keep using. But then, we published a ThinkPad think piece that had two words in it that led me on a weeks-long journey to the brand-new, eight-year-old laptop I’m currently working from. Those two words: “install libreboot”.

Libreboot is a piece of free software that replaces proprietary BIOS firmware on some modern computers. This has, surprisingly, become increasingly difficult to do as Intel ramps up deployment of the Intel Management Engine. In a nutshell, the IME is a separate processor that can monitor or even take over everything happening in a computer and send that information out over the network to anyone (or any company) that has control of it. It does so without any knowledge of the user and is (obviously) a huge security vulnerability. Since Intel’s competitors do similar things, there’s almost no escape unless you can replace the IME with something like libreboot or coreboot.

Not as Easy as You’d Think

quote-what-is-librebootWhen I started researching libreboot, I assumed that it would be a simple process: download it and run some installer on my computer that would re-flash the BIOS. It couldn’t take any more than a half hour! Especially since the original article simply said “install libreboot” as if it was something that a child could do in between naps. The reality of what I was about to dive into, however, was much different.

First of all, libreboot only works on a handful of older ThinkPads. Newer models have fallen victim to a new strategy by Intel of checking the firmware loaded on the BIOS chip and disabling the computer if an unapproved firmware is discovered. Apparently Intel thinks that fixing security flaws or modifying something that you own is ridiculous and unacceptable. Anyway, I picked up an eight-year-old X200 on eBay for $65 shipped. I’m a simple guy who enjoys simple but reliable things even if they’re getting along in years, so the age of the computer wasn’t too much of a concern for me. Thinking I was doing pretty well for myself, I took a look at the installation instructions for the new firmware.

Some Disassembly Required

This is a step I probably should have taken before ordering the computer. Not that it would have stopped me from doing this, but it probably would have given me a better expectation of what I should expect from this process. First of all, I found out that to flash the chip, disassembly and soldering would be required. The firmware has to be programmed directly. Anytime something like this is done, bricking the device is a real possibility. At least I would only be out $65.

The tiny chip to the left of the Intel-branded processor is the source of the problem.

Then, I learned that the BeagleBone Black is the preferred device to use to flash the new firmware to the ThinkPad. I have three Raspberry Pis lying around, but I went ahead and suspiciously ordered a BeagleBone for $40. Couldn’t hurt, I told myself, and I’ll have a new tool to use for other stuff in the future. But it did seem weird that there wasn’t an option to use a Raspberry Pi.

The next hurdle was figuring out exactly what type of firmware chip I had in my laptop, because there are different SOIC clips for different types of chips, and the only way to find out which sized chip I had was to get the laptop and take it apart. This set me back a few days (and another $10) waiting on the correct clip to arrive. During this process I also learned that there is no free software that will run on Intel’s proprietary WiFi card in these computers, so I also ordered an Atheros card to install ($15) since I had the laptop taken apart already.

img_1044
New Atheros WiFi card installed.

Moving along, the BeagleBone had to be configured in a very particular way. I had never interacted with one of these before, and it’s not quite as straightforward as a Raspberry Pi. This process took me a few hours over the course of two days. I also learned through a third-party tutorial that Libreboot actually can be flashed with a Raspberry Pi, but this is one (among many) situations where the libreboot folks will go to great lengths to use free and open source software when they can. The BeagleBone fits their requirements, the Pi does not, and they do not mention this. I could easily have saved myself the $40 and used a Pi, but in the spirit of libreboot (and the fact that I was too far along to switch) I pressed on.

Navigating Libreboot’s Install Process

Most of the problem I had setting up the BeagleBone is with libreboot’s files and instructions. For example, at one point I had to patch the libreboot ROM file with a MAC address descriptor specific to the Ethernet card in my laptop. It wasn’t immediately clear which script out of the many provided would do this. Even then, the different ROMs that are available were all in a single folder, and unless you realize this immediately you’ll fill the memory of the BeagleBone when you unzip the archive. In general, it felt like I needed multiple degrees in computer science to make sense of their instructions on the first try. This can be a common plague of free software: alienating people through documentation that doesn’t relate to those with less knowledge and experience. And I’m not exactly an amateur, either. I have a degree in electrical engineering and passable knowledge of what’s going on, but even then I felt like I was blindly charging through a dark jungle of jargon.

Anyway, the BeagleBone Black I received didn’t have a display output (that I could find; I’ve never used one before and might have been missing something) and I had some difficulty getting it to work over the USB link to my Mac. That meant getting it on the network via Ethernet, and since my router is in the kitchen I set up shop there. After soldering some wires to the SOC clip, I was finally ready to start flashing some firmware. At this point, I’ve had the X200 for almost three weeks, all spent waiting on parts I couldn’t have known I needed and programming the BeagleBone to act as a programmer.

img_1042
My libreboot flashing station in the kitchen. Complete with janky power supply.

The actual flashing only took me about an hour and a half, though. Once I figured out which ROM to use and hooked up my 3.3V power supply (luckily I had one of these cobbled together already) it was a fairly simple process to back up the factory ROM, verify it, and start flashing libreboot. There was one major hiccup at this point, though. I attempted this process four times, and each time the new firmware couldn’t be verified. Error messages appeared everywhere, which is not something you’d want to see at this point in the process. The BeagleBone wrote the firmware successfully but afterwards, for some reason, couldn’t verify it. After getting a little anxious that I might have failed after all of this work, I decided to stick the battery in the laptop to see if it would boot up. I saw the picture of Tux and Gnu hanging out on my BIOS screen, and made the executive decision that libreboot was successfully installed. I went ahead and installed Ubuntu to make sure everything would work correctly since I already had an Ubuntu live-USB stick lying around. Even the new WiFi card seems to work well (except it doesn’t have a 5 MHz antenna like the Intel card did, but that’s not too big of a deal).

Not an ideal place to get stuck.
Not an ideal place to get stuck.

Free software aficionados will note that Ubuntu isn’t really the pinnacle of the free software movement. It’s been criticized for including proprietary software, binary blobs, and other issues. That being said, after the initial Ubuntu test installation, I did try to install Trisquel (crashed during the install because it got confused that the X200 doesn’t have an optical drive), a version of Arch called Parabola (wouldn’t boot from a USB stick) and another Debian-based distribution called gNewSense (you have to chuckle at the terrible name), but I found all of them to be difficult to install, unusable, or both.

For now, I’m happy just to have neutralized Intel’s Big Brother and I’ll probably keep using Ubuntu until the libre distributions have improved a little more (or I get really bored one day and decide to try again). Even though the process to install libreboot was tedious, it is possible. I would recommend having a libreboot computer to anyone who cares about privacy, security, or freedom. Even if you don’t want to throw your Apple in the garbage.


Filed under: Featured, laptops hacks, Skills

Running Intel TBB On a Raspberry Pi

The usefulness of Raspberry Pis seems almost limitless, with new applications being introduced daily and with no end in sight. But, as versatile as they are, it’s no secret that Raspberry Pis are still lacking in pure processing power. So, some serious optimization is needed to squeeze as much power out of the Raspberry Pi as possible when you’re working on processor-intensive projects.

This simplest way to accomplish this optimization, of course, is to simply reduce what’s running down to the essentials. For example, there’s no sense in running a GUI if your project doesn’t even use a display. Another strategy, however, is to ensure that you’re actually using all of the available processing power that the Raspberry Pi offers. In [sagiz’s] case, that meant using Intel’s open source Threading Building Blocks to achieve better parallelism in his OpenCV project.

As you’re probably guessing, this wasn’t as easy as just typing “apt-get install tbb” into the terminal. That’s because Intel TBB wasn’t available in Raspbian, due to the difficulty of creating a build to run on ARM. But, [sagiz] was able to create a working build, and has made it available on his project page. Using his new build, he was able to increase OpenCV speed by 30%, which is definitely a non-trivial amount!

If you’re looking to get started with OpenCV on the Raspberry Pi, be sure to check out this guide. which will get you of to a grand start.


Filed under: ARM, Raspberry Pi

Neutralizing Intel’s Management Engine

Five or so years ago, Intel rolled out something horrible. Intel’s Management Engine (ME) is a completely separate computing environment running on Intel chipsets that has access to everything. The ME has network access, access to the host operating system, memory, and cryptography engine. The ME can be used remotely even if the PC is powered off. If that sounds scary, it gets even worse: no one knows what the ME is doing, and we can’t even look at the code. When — not ‘if’ — the ME is finally cracked open, every computer running on a recent Intel chip will have a huge security and privacy issue. Intel’s Management Engine is the single most dangerous piece of computer hardware ever created.

Researchers are continuing work on deciphering the inner workings of the ME, and we sincerely hope this Pandora’s Box remains closed. Until then, there’s now a new way to disable Intel’s Management Engine.

Previously, the first iteration of the ME found in GM45 chipsets could be removed. This technique was due to the fact the ME was located on a chip separate from the northbridge. For Core i3/i5/i7 processors, the ME is integrated to the northbridge. Until now, efforts to disable an ME this closely coupled to the CPU have failed. Completely removing the ME from these systems is impossible, however disabling parts of the ME are not. There is one caveat: if the ME’s boot ROM (stored in an SPI Flash) does not find a valid Intel signature, the PC will shut down after 30 minutes.

A few months ago, [Trammell Hudson] discovered erasing the first page of the ME region did not shut down his Thinkpad after 30 minutes. This led [Nicola Corna] and [Frederico Amedeo Izzo] to write a script that uses this exploit. Effectively, ME still thinks it’s running, but it doesn’t actually do anything.

With a BeagleBone, an SOIC-8 chip clip, and a few breakout wires, this script will run and effectively disable the ME. This exploit has only been confirmed to work on Sandy Bridge and Ivy Bridge processors. It should work on Skylake processors, and Haswell and Broadwell are untested.

Separating or disabling the ME from the CPU has been a major focus of the libreboot and coreboot communities. The inability to do so has, until now, made the future prospects of truly free computing platforms grim. The ME is in everything, and CPUs without an ME are getting old. Even though we don’t have the ability to remove the ME, disabling it is the next best thing.


Filed under: security hacks