[HN Gopher] Investigating an "evil" RJ45 dongle
___________________________________________________________________
Investigating an "evil" RJ45 dongle
Author : zdw
Score : 470 points
Date : 2025-01-17 20:41 UTC (1 days ago)
(HTM) web link (lcamtuf.substack.com)
(TXT) w3m dump (lcamtuf.substack.com)
| ChrisArchitect wrote:
| Related:
|
| _Cheap rj45 ethernet to USB adapter contains malware_
|
| https://news.ycombinator.com/item?id=42679498
| TiredOfLife wrote:
| Don't give clicks to grifters.
| gus_massa wrote:
| In cases like this I prefer more context , like
|
| > _Discussion in HN of the article debunked here:_
|
| > _httpwhatever_
| baq wrote:
| RJ45 nazi here: these should be called 8P8C
|
| I'll show myself out
| leptons wrote:
| TIL. After maybe 25 years of using this connector, I've never
| heard it called 8P8C. I knew Ethernet has used other physical
| layers including coax, which I used to run between Amigas way
| back in the day. But, today I finally learned about 8P8C.
| SAI_Peregrinus wrote:
| RJ45 isn't even actually the same connector, at least not in
| the original FCC naming. That was an 8P8C _keyed_ modular
| connector. RJ45 connectors had only two of the positions
| connected to wires (one phone line) an internal resistor
| between two of the other positions, _and a keying bar that
| stuck out of the plug_ so they wouldn 't even go into the
| unkeyed 8P8C jacks we use for Ethernet.
|
| So I'll still call them RJ45 connectors. Because nobody has
| time to say "8P8C unkeyed modular connector" every time!
| necovek wrote:
| Weren't phone lines something like RJ11 or RJ12?
|
| FWIW, TIL about 8P8C.
| SAI_Peregrinus wrote:
| Yes, and RJ45. It used to be defined by the US FCC[1] in
| 47 CFR Part 68 Subpart F. Along with others, like RJ31X,
| RJ38, etc. The "RJxxy" numbers were the Universal Service
| Order Codes (USOCs), the `y` value described the use
| (e.g. W for wall-mounted jacks). Pages 143 & 144 of the
| PDF (403 & 404 of the print version) have the electrical
| connection diagram and the USOCs, pages 125-129 (385 -389
| print) have the mechanical drawings. The unkeyed 8p8c
| connector we use today is also in there (pdf pgs
| 103-113), but the RJ45 series used the keyed connector!
| It's RJ31X & RJ38X that used the unkeyed 8-position
| series jack & 8-position plug we call RJ45 today (pdf
| pages 137-138).
|
| [1] https://web.archive.org/web/20170705131407/http://www
| .tscm.c...
| necovek wrote:
| Thanks, it's funny how these things happen with language!
| Brian_K_White wrote:
| Similarly, it's DE9 not DB9
| SAI_Peregrinus wrote:
| Yep, and these days ribbon cables are rare, instead we
| have Flexible Flat Cables or Flexible Printed Circuits.
| Ribbon cables are the old cables like IDE hard drives
| used, with insulation displacement connectors, while FFCs
| and FPCs are much thinner and use integral connection
| schemes (tinned pads on the cable itself get clamped by
| some sort of connector on a PCB).
| formerly_proven wrote:
| Though the pinout was influenced by the phone standards,
| that's why the first two pairs are nested into each other
| in the center, which you obviously wouldn't do for a high-
| speed digital interface.
| geerlingguy wrote:
| Heh I think anyone who studies for the Network+ ends up
| debating every time RJ45 is mentioned whether to make this
| comment or not haha
| polpo wrote:
| I don't mind calling the connector an RJ45, but calling this
| thing an "RJ45 dongle" makes my eye twitch. It's an Ethernet
| dongle - RJ45 can be used for a lot of other things. For
| example I've seen "RJ45 dongles" that convert USB to RS232
| serial for the console ports on a lot of networking equipment.
| dtgriscom wrote:
| https://studiohub.com/
| sgerenser wrote:
| At least they didn't call it a wired WiFi dongle.
| Brian_K_White wrote:
| I now have Forest Whitaker Eye.
| RyJones wrote:
| I did wired WiFi for CES one year. Made having our iot
| devices on WiFi on the floor much better than other
| vendors. It's a long boring story but it was a fun hack.
| _shantaram wrote:
| Spill!
| upvota wrote:
| I'm actually really interested: I have a piece of stage
| lighting, that has a 2.4 GHz Wi-Fi controller. I'd love
| to convert this to wired Wi-Fi. Can you share what is
| necessary to achieve this hack? Can I "just" run antenna
| cable between router and controller? Or what kind of
| radio physics needs to be understood?
| adrian_b wrote:
| Truly wired WiFi is easy with the devices that have
| threaded SMA connectors for antennas, e.g. the
| motherboards or the mini-PCs that allow the use of
| external antennas.
|
| With those you just need coaxial cables of appropriate
| lengths, also with SMA connectors, for making point-to-
| point connections.
|
| If you want a network where each device can talk with any
| other devices, you also need a splitter, also with SMA
| connectors.
|
| Many WiFi M.2 2230 cards have MMCX coaxial connectors on
| them, which allow the connection of internal antennas
| attached somewhere on the case of the laptop or mini-PC.
|
| For these, there are MMCX to SMA adapters, which you can
| use together with SMA cables.
|
| Some M.2 cards have even smaller U.FL coaxial connectors.
| For these there are U.FL to SMA adapters.
|
| For devices that do not have any standard antenna
| connectors, one may need to modify them, to solder some
| RF connectors, which is hard to do without greatly
| lowering the quality of the WiFi links, due to additional
| attenuation and reflections.
| gus_massa wrote:
| If you build this and expand this to a blog post with
| some photos and some demo, you can post it here and I
| guess it will get a lot of upvotes.
| adrian_b wrote:
| Unfortunately, I no longer have the opportunity to do
| this.
|
| Some years ago, I have been working in designing certain
| kinds of WiFi devices.
|
| For their testing in a laboratory, a wired setup was
| used, exactly as described, i.e. with SMA coaxial cables
| replacing the antennas in the units under test, together
| with splitters and/or directional couplers to implement
| multi-point networks, and together with attenuators to
| simulate a greater distance between the units under test.
|
| The majority of the tests concerning hardware and
| software were done using the wired setup, which allowed
| the simultaneous testing of a great number of units in a
| small space, without interference between their different
| tests. Only a much smaller number of tests was done with
| antennas, on the units that had already passed all
| hardware and software tests, so only the behavior of the
| antennas remained to be checked.
|
| Such tests in wired setups were done both for the
| production units, for quality control, and for
| prototypes, where new versions of hardware and/or
| software were developed, and it made no sense to waste
| time with wireless testing until the new hardware and/or
| software was proven to be completely functional in the
| wired setup.
|
| In a testing laboratory, there would be a huge amount of
| coaxial cables and adapters, attenuators, splitters and
| directional couplers, and of WiFi interfaces, so
| demonstrating a complex setup would be easy. Otherwise,
| collecting enough devices and accessories to make an
| impressive demonstration would be costly when you do not
| actually have a need for those devices.
|
| In a home where you have an Internet router/gateway that
| has external WiFi antennas and you have a desktop using
| one of the many motherboards that include a WiFi
| interface with connectors for external antennas, you
| could use an SMA coaxial cable between your desktop and
| the router/gateway, instead of using an Ethernet cable.
|
| This would be the simplest example of wired WiFi. There
| are cases when this would be a good idea, e.g. when the
| router/gateway has only few Ethernet ports for local
| devices and those are already occupied by other
| computers. In this case buying an SMA cable may be
| preferable to buying an additional Ethernet switch and
| also preferable to a wireless connection, if your home
| has many neighbors who also use WiFi, creating a
| congestion that slows down the wireless communication.
| zinekeller wrote:
| I would imagine that the stage lightning microcontroller
| is running a variant of ESP8266 or something similar
| where the "antenna" are actually thick traces on a
| circuit board (https://www.electronicwings.com/storage/Pl
| atformSection/Topi...). This is obviously good enough for
| regular WiFi, but I would imagine this would complicate
| an attempt for wired WiFi tenfold.
| daneel_w wrote:
| Don't show yourself out. Stay and remind people. It's
| important, since these two aren't interchangeable in both
| directions.
| SAI_Peregrinus wrote:
| Or RJ31X or RJ38X, both of which _did_ use the 8P8C modular
| connector in its unkeyed configuration.
| immibis wrote:
| Please don't call yourself an "RJ45 nazi" as it devalues the
| problem of actual nazis
| poisonborz wrote:
| TLDR: it is not "evil"
| walrus01 wrote:
| On the general topic of USB to 1000BASE-T (and now 2.5 GBaseT)
| dongles, for people who care about performance, it's good to know
| about the distinction between those that are USB devices and
| those that are PCI-Express devices.
|
| Basically, what do you get if you hotplug it into a laptop
| running a current linux kernel and do "sudo lsusb -v" vs "sudo
| lspci -v"?
|
| The ones that are native PCIE devices offer much better
| performance, up to 2.5 GBASET line rate, and will communicate
| with the host over the implementation of thunderbolt over USB.
|
| The ones that are USB only might work okay, but there's a reason
| they're cheap.
|
| Of course a cheaper laptop also won't have any implementation of
| thunderbolt on it, so that's something to consider as well.
| Tijdreiziger wrote:
| Could you elaborate on why the USB ones are worse?
|
| Per Wikipedia, USB 3.0 (from 2008) can reach 5 Gbit/s, so
| (naively?) one would expect them to reach 2.5 GbE line rate
| easily, right?
| ComputerGuru wrote:
| USB doesn't provide any DMA (until USB 4) and requires more
| host cpu resources to meet the same bandwidth. It also has
| less consistent performance by virtue of the USB protocol
| itself.
| mianos wrote:
| I am confused by this, I worked on a Linux USB driver that
| used DMA in 2003.
| ComputerGuru wrote:
| DMA from device to host directly rather than from host
| USB controller to host memory.
| mianos wrote:
| When I worked on it, the USB controller was just a pci
| bus device that once set up, the incoming data, from a
| USB ADC, streamed the data in blocks directly to memory.
| Maybe they took all that back out.
| rasz wrote:
| They didnt remove anything. Did the USB Controller DMA
| Master support DMA chaining or command lists?
|
| Ethernet controller being a dma master means it can
| continually plop packets where it wants without CPU
| intervention. Infamously Realtek RTL8139 10/100M chip was
| the first Realtek with DMA mastering support, but it was
| brain dead implementation
| https://people.freebsd.org/~wpaul/RealTek/3.0/if_rl.c:
|
| >"The RealTek 8139 PCI NIC redefines the meaning of 'low
| end.' This is probably the worst PCI ethernet controller
| ever made, with the possible exception of the FEAST chip
| made by SMC. The 8139 supports bus-master DMA, but it has
| a terrible interface that nullifies any performance gains
| that bus-master DMA usually offers.
|
| For transmission, the chip offers a series of four TX
| descriptor registers. Each transmit frame must be in a
| contiguous buffer, aligned on a longword (32-bit)
| boundary. This means we almost always have to do mbuf
| copies in order to transmit a frame, except in the
| unlikely case where a) the packet fits into a single
| mbuf, and b) the packet is 32-bit aligned within the
| mbuf's data area. The presence of only four descriptor
| registers means that we can never have more than four
| packets queued for transmission at any one time.
|
| Reception is not much better. The driver has to allocate
| a single large buffer area (up to 64K in size) into which
| the chip will DMA received frames. Because we don't know
| where within this region received packets will begin or
| end, we have no choice but to copy data from the buffer
| area into mbufs in order to pass the packets up to the
| higher protocol levels.
|
| It's impossible given this rotten design to really
| achieve decent performance at 100Mbps, unless you happen
| to have a 400Mhz PII or some equally overmuscled CPU to
| drive it."
|
| Afaik 10 years later 1Gbit RTL8111B required alignment on
| 256 byte boundaries so not much better.
| black3r wrote:
| at least for Gigabit speeds, the CPU usage is negligible if
| the device and the driver are communicating through CDC-NCM
| protocol, but yeah it's a significant hit if you're using
| CDC-ECM...,
| d_k_f wrote:
| I've only got superficial knowledge in this regard, so please
| take it with a grain of salt, but: the way I understand it is
| that PCIE has full direct memory access, so devices connected
| through it can use zero copy and similar techniques to access
| and process data much faster, especially with lower latencies
| than over regular USB. Using USB might/will require copying
| the data to transfer/read from and to different buffers,
| between user/kernel space, etc.
| trelane wrote:
| Also, PCI can have peer to peer connections, skipping the
| CPU entirely. See e.g.
| https://developer.nvidia.com/gpudirect
| toast0 wrote:
| I'm guessing if I accidentally got a pci-e one, it wouldn't
| work in any of the USB ports I would connect it to (as, to my
| knowledge, I only have USB ports), or do they generally fall
| back to working as a USB device?
| kiririn wrote:
| Realtek RTL8156 (USB 2.5G ethernet) is fast and rock solid,
| even for server use cases. I'd take it over an i225 any day
| comex wrote:
| Not only 2.5GBaseT. I have a 10GBase-T Thunderbolt dongle (from
| [1]). Okay, it's a little bigger than a normal dongle, and it
| has a USB-C female port instead of a builtin cable, and it gets
| warm. But it's basically a dongle, and I can get 9.4Gbit/s
| through it with iperf3 on my Mac.
|
| Unsurprisingly, it shows up as a PCIe device.
|
| [1] https://www.amazon.com/gp/product/B0DHSWSSBY
| black3r wrote:
| there is no PCI-e through USB though, other than
| Thunderbolt/USB4 or is there?
|
| so if you only have USB ports and care about performance the
| bigger distinction would be if the USB ethernet device
| implements CDC-NCM or just CDC-ECM, with the distinction being
| that CDC-ECM sends the frames to the driver one-by-one and the
| driver has to acknowledge and process them one-by-one which
| generates ton of CPU work, while the newer CDC-NCM protocol
| sends frames in batches...,
|
| on my laptop I can still get full gigabit speeds with a 1Gbit
| ECM dongle but when I do it uses 100% of one CPU core, while a
| 1Gbit NCM dongle has negligible CPU usage...
| throeurir wrote:
| So many wtf here. If anything this proves it is backdoored
| network card
|
| 1) downloading Windows exe files from Chinese forums
|
| 2) the USB storage provided by network card can still contain
| malware,
|
| 3) or can be accidentally booted from
|
| 4) it has universal USB controller, so can become any HID device:
| keyboard, mouse...
| avidiax wrote:
| It proves it might be possible to backdoor it. Maybe.
|
| I don't know of any modern systems that will execute anything
| on a newly inserted drive, nor boot from an external drive in
| the default configuration.
|
| So we are missing a couple of things. First, a vulnerability in
| the OS/system. Second, an implementation of that vulnerability
| in a device like this.
|
| Should this design be phased out? Perhaps. There is relatively
| little difference between not populating the flash memory part
| of the board and a proper network-only implementation.
| gruez wrote:
| >2) the USB storage provided by network card can still contain
| malware,
|
| That seems unlikely given that "malware" is signed by Microsoft
| Windows Hardware Compatibility Publisher.
|
| https://news.ycombinator.com/item?id=42680282
| nothacking_ wrote:
| > 1) downloading Windows exe files from Chinese forums
|
| VMs exist. I highly doubt the author daily drives windows XP.
|
| > 2) the USB storage provided by network card can still contain
| malware
|
| Well yes, but so can any other drivers. Downloading from the
| manufactures website isn't any more secure. Even signed drivers
| have been caught doing nasty stuff.
|
| > 3) or can be accidentally booted from
|
| True, but again this is quite a convoluted, noticeable, and
| unreliable way to compromize a system. Just injecting a handful
| of keystrokes will do it, and once the dead is done, the device
| can hide all evidence of malicious intent.
|
| > 4) it has universal USB controller, so can become any HID
| device: keyboard, mouse...
|
| This isn't wtf: a lot of devices nowadays are just
| microcontrollers hooked up to a USB connector. Quite a few
| normal USB drives can be reprogrammed to act as keyboards, and
| be used to get up to all sorts of shenanigans, including ones
| made outside of China.
| SpecialistK wrote:
| 1) China is a country, and in that country people use Windows
| and make /stuff/ that runs on Windows. A flash tool, which was
| only intended to be distributed to OEMs, only being found on
| obscure forums is in line with what I've experienced with
| similar NAND or BIOS flashers.
|
| 2) Any USB storage can contain malware. The driver that this
| one stores is digitally signed by Microsoft as mentioned in the
| article.
|
| 3) If there was a MBR boot block or EFI file, sure. But there
| isn't. See 2. And that would still require the user to have
| Secure Boot disabled and USB as the first boot option.
|
| 4) So any device with a universal USB controller is "prove[d]
| backdoored"?
| klik99 wrote:
| "If you want to try it, be aware that it requires Intel Pentium
| 166MHz or above."
|
| Made me laugh. Fun article, also really love the genre of "bored
| smart person goes too deep on something that the end result is
| obvious by common sense but proving it requires surprising amount
| of ingenuity and scrappiness"
| er4hn wrote:
| Don't forget `I was ready to head over to the Dark Web
| (amazon.com) and purchase one of the dongles just to dump the
| contents of the memory chip.`
| fishstock25 wrote:
| Totally agree.
|
| And a great example that truth is complicated, expensive and
| uncomfortable. It's much _easier_ to postulate an evil nation-
| state entity with a bad plan (without evidence) than to dig
| through the thicket of this article. It 's much _cheaper_ as
| well, certainly in terms of time and knowhow. And it 's also
| much more _comfortable_ to claim you 're the victim and have
| uncovered a conspiracy, rather than realize this was just the
| result of the patchwork typical of engineering.
|
| Kudos to the author.
| klik99 wrote:
| Yeah, the insane takes spread faster but it takes more time
| and resources to look into it than just come to conclusions
| early.
|
| The worst thing is this creates an environment where most
| people are either completely credulous and buy into
| everything or completely incredulous and think everything is
| unfounded. It's just exhausting to have a healthy level of
| skepticism these days, and maybe 1 out of 1000 times (number
| source: from thin air) something that sounds insane actually
| has some truth to it.
| fishstock25 wrote:
| Yeah, for a substantial fraction of people, this case will
| stick to their minds as "oh the chinese .. again" It's both
| sad and scary. It was even submitted to HN. Flagged by now,
| but still. Many people won't have read this follow-up,
| especially since it doesn't come as a 1-sentence TL;DR..
| dgfitz wrote:
| Hmm, why is it sad and scary?
| prerok wrote:
| Not the OP, but I think I get the "sad and scary" part.
| It seems as though there is some vilification going on
| and that's happened before with very sad outcome.
| fishstock25 wrote:
| It's sad because the HN crowd is technically maximally
| (?) literate and should be one of the last communities to
| even remotely buy the debunked story.
|
| It's scary because if even those in the know are not
| resistant to such BS, who else is going to shield the
| general public from populism-fueled pushes to anarchy or
| worse? Detoriation of trust in media is one of the
| building blocks of that, and if even the experts of
| subject areas are fooled and/or don't care enough, all
| hope may be lost.
|
| The silver lining though is that the HN submission got
| pushback in terms of comments and an eventual flagging.
| Cthulhu_ wrote:
| To add, there's a huge politically motivated anti-China
| movement going on right now, to the point where anything
| Chinese sounds scary or suspicious. This has been going
| on for years now, but only came to my awareness with the
| Huawei scare (as of today, no evidence was found that
| they did come loaded with backdoors and the like - but do
| correct me if I'm wrong, this is based on what I
| remember, not researched facts).
|
| I mean I don't trust the Chinese, but neither do I trust
| the Americans so it's choose your flavour of evil.
|
| Anyway that said, I'm sure it's politically and
| economically motivated, as for decades China has played
| catch-up in the global economy and they are rapidly
| overtaking, with financial interests worldwide. The US is
| trying to slow them down by trying to keep e.g. chip
| technology out of their hands, but other than that all
| they can do is to stop Chinese companies from earning
| money in the US.
| klik99 wrote:
| Honestly there are so many claims about Huawei but I
| think the loudest ones were about the 5G network which
| were BS but there were some that were legit, and this is
| exactly my point - it's exhausting to check this stuff,
| so the vast majority of people either believe it all or
| none. For example it seems like the Supermicro spy chip
| thing has truth to it (it feels the thing OP was
| rebutting was inspired by this story), though it's
| unclear, it's very much based on statements from 3 letter
| agencies, so I just have to guess, yes probably China got
| their manufacturers to install hardware spyware on some
| devices.
|
| These days, all countries are doing insane digital spying
| on other countries. I believe we're in a modern Cold War.
| China is a unique threat not because there's something
| uniquely evil about them but they own so much
| manufacturing and have an explicit tight relationship
| between companies and government. This is the main reason
| for moving manufacturing to US, nobody really cares about
| the workers, it's a security threat.
|
| All that can be true, and still also be true that most of
| the shit you hear about China is BS and xenophobic. It
| leads to actual violence and racism. That's why it's
| important to push back against, for the regular people
| just living their life. I'm never going to defend any
| country, these are battles the very richest people are
| fighting it's not my war, I push back so don't people
| don't act as foot soldiers in their war or become
| collateral damage for something they have no part of.
| matheusmoreira wrote:
| In the absence of further information, I would totally
| choose to believe the story.
|
| Corporations cannot be trusted. Proprietary software is
| bad enough but proprietary drivers is on a whole new
| level. You really have no idea what those things are
| doing unless you reverse engineer them.
|
| Here are example of corporations essentially pwning your
| computer with their "justified and trustworthy" software:
|
| https://www.vice.com/en/article/fs-labs-flight-simulator-
| pas...
|
| Shipped a browser stealer to users and exfiltrated on an
| unencrypted channel the usernames and passwords of users
| they deemed to be "pirates".
|
| https://old.reddit.com/r/Asmongold/comments/1cibw9r/valor
| ant...
|
| https://www.unknowncheats.me/forum/anti-cheat-
| bypass/634974-...
|
| Screenshots your computer screen and exfiltrates the
| picture to their servers.
|
| https://www.theregister.com/2016/09/23/capcom_street_figh
| ter...
|
| https://twitter.com/TheWack0lian/status/77939784076224512
| 4
|
| https://fuzzysecurity.com/tutorials/28.html
|
| https://github.com/FuzzySecurity/Capcom-Rootkit
|
| The driver literally provided privilege escalation as a
| service for any user space executable.
|
| As far as I'm concerned anyone who trusts these
| corporations with kernel level access to their computers
| is out of their minds. I don't trust firmware but at
| least it's contained in some isolated device.
| fishstock25 wrote:
| Sorry but you are blurring the lines between an actual
| malicious attack and a badly designed driver.
|
| The first is what the original claim was, screaming
| "Russians!" and "Chinese!" at the same time with poor
| technical understa ding.
|
| The second is what actually happened. It's no worse than
| inserting a CD-ROM and installing a driver. As bad as
| that is, and to be criticised in its own right, it's
| qualitatively different from the first.
|
| Let's not muddy the waters by conflating the two and make
| the (IMO legitimate) criticism of one of them wade into a
| conspiracy theory about the other.
| dgfitz wrote:
| Didn't china make the news recently because they hacked a
| handful of huge American telcos and cell providers?
|
| Or the balloon that was hanging out for a while, that was
| a thing.
| tacet wrote:
| >It's sad because the HN crowd is technically maximally
| (?) literate
|
| I laughed. While there certainly are very smart people
| here, HN crowd is pretty diverse and large parts of crowd
| are startup/business/framework of the week/ai bros folks.
| Not someone who would know what spi is from the top of
| their head.
| fishstock25 wrote:
| I meant relative to a random dude on the street.
| mschuster91 wrote:
| The problem is that good journalism doesn't have funding.
| Otherwise this shit would never have made it into a
| newspaper, maybe outside of a really shitty yellow rag.
| DaiPlusPlus wrote:
| > The problem is that good journalism doesn't have
| funding.
|
| The BBC and Reuters can be posited as counterexamples to
| your assertion. They're good journalists and well-funded
| (and not primarily by advertising either).
| prerok wrote:
| Hmm... but do you think that they would produce such an
| article, funding the research into it?
|
| From what I can tell, they would report accurately once
| these findings were published but would not find a
| researcher to dig into the claims before publishing that
| someone (named) said that these chips are at fault.
| mschuster91 wrote:
| BBC is under constant threat of getting defunded, it's
| almost a meme at this point, and on top of that is
| generally under constant attack. Reuters doesn't do much
| local or regional stuff.
| immibis wrote:
| Which firm's journalist was it that just got arrested at
| a press conference for asking questions about Israel?
| pwagland wrote:
| Sadly, this is just another example of "A lie can travel
| halfway around the world before the truth puts on its
| shoes."
|
| That doesn't mean that every sensational thing is a lie,
| but verifying the truth definitely takes time!
| DSMan195276 wrote:
| I would also add, it's not _unreasonable_ to be wary of
| something when a tool like a virus scan pops up a warning.
| The jargon used to explain what the executable is doing is
| gibberish to any 'normal' user, there's no way for them to
| know it's listing stuff you'd more or less expect it to be
| doing.
|
| Of course, there's a bit of a jump from that to making bold
| claims about what it's doing, but the initial concern was
| understandable.
| pammf wrote:
| Truth lies somewhere in between. It's also a generalization
| to think everything related to the "evil-nation" postulation
| is nothing beyond a conspiracy theory. Absence of evidence is
| not evidence of absence.
|
| Edit: quoted evil-nation since it's a debatable term usually
| applied to any country not politically or culturally aligned
| with some intelligence activity presence.
| lazide wrote:
| Fun considering the history too
| [https://www.risidata.com/index.php?/Database/Detail/cia-
| troj...]
| fishstock25 wrote:
| > Absence of evidence is not evidence of absence.
|
| Correct. Not more, not less. Question is what the default
| assumption is. With enough BS thrown around, the public
| seems to tend to tilt to "something is fishy" without any
| (non-debunked) evidence having ever been presented. Doesn't
| mean it never will be, but until then, a lot of debunked
| falsehoods shouldn't create more bias than just silence.
| Sadly, something always sticks.
| ryukoposting wrote:
| It's fun, but I think this kind of thing is important because
| it underscores the xenophobia in the original post. A flash
| chip on a circuit board? Hoo boy, must be Chinese spyware!
|
| That isn't to say Chinese spyware isn't a problem. But, if you
| don't have the baseline technical competence to detect it, it's
| bad to go running around yelling "CHINA CHINA CHINA!" That's
| how our politicians pick up a bogus news story and use it as an
| excuse to enact stupid policies. It's bad for society.
| lazide wrote:
| Well, the CIA did it to Russia in the 80's and blew up a
| pipeline....
| [https://www.risidata.com/index.php?/Database/Detail/cia-
| troj...]
|
| Also Stuxnet [https://en.m.wikipedia.org/wiki/Stuxnet]
| Reason077 wrote:
| All USB-to-Ethernet adapters are pretty evil in my experience.
| Always terrible performance, often slower than WiFi.
| batrat wrote:
| Old custom software, old hardware, vendor wants all the $ for
| an upgrade, we refuse to pay. I took 10 desktop pc's($500 each)
| replaced servers ($20k each), one usb to ethernet dongle in
| every pc b/c we needed 2 network ports and we had this laying
| around, USB3 to GB, slap virtualization with USB passthrough.
| They work for 5+ years, gigabit speed, 24/7 with no problems.
|
| People should have more faith in dongles. Not all are bad.
| formerly_proven wrote:
| RTL8156B does line-rate 2.5 Gbit/s no problem, most USB-C docks
| with network have a RTL8153B in them and that does line rate as
| well. Even mildly dodgy first-generation stuff like AX88179
| generally works.
|
| I.M.H.O. these USB dongles are actually preferable to the much
| more expensive Thunderbolt dongles praised below, because a)
| they work on regular USB ports as well b) they do not require
| Thunderbolt c) they use less power and d) they don't force a
| highly ventilated cooling mode on certain host systems. And,
| fwiw, at least some Thunderbolt docks actually used USB NICs
| connected to the internal USB controller, which was hooked up
| over PCIe.
| radicality wrote:
| I don't remember the exact issues, but I remember seeing
| years ago my old Intel MacBook had noticeably higher cpu
| usage when connected to and using a Pluggable dock which had
| a Realtek Ethernet chipset. Switching to WiFi reduced cpu
| usage. AFAIK had something to do with bad and/or lack of
| hardware processing in the Realtek chipset so it had to do it
| on the cpu.
|
| Now I never trust anything with Realtek in it, and if buying
| anything with an Ethernet port, I try to make sure it's not
| Realtek. Is this still valid concern, or is Realtek better
| now?
| daneel_w wrote:
| I've used tons of Realtek stuff since the early 2000s and
| have had only one single device misbehave - the infamous
| RTL8139 Fast Ethernet which had many bad batches unleashed
| onto the world. I have both bad and good versions of this
| chip. It burned a lot of people back then, many of whom to
| this day stubbornly refuse to grow up from their trauma,
| and keep saying that everything Realtek is bad and can
| never be trusted.
| formerly_proven wrote:
| It's actually kinda funny when people say they'd only use
| Intel NICs (because of their good experience with
| e1000e), but then you look at Intel's NGBASE-T (2.5/5
| Gbit/s) trash fire or the X710 issues and they've just
| not been good for post-gigabit consumer-ish stuff.
| Granted, maybe the 19th stepping of i225 finally fixed
| something, I dunno.
| kalleboo wrote:
| I remember in the Intel days, the Apple Thunderbolt 1 GbE
| adapter would have high CPU usage when you were
| transferring at the full 1 Gbps.
|
| I've had good luck with the Realtek 2.5 GbE adapters, no
| CPU usage issues.
|
| And these days even with a 10 GbE Thunderbolt adapter the
| CPU use is negligible, so things have improved across the
| board I think.
| robocat wrote:
| USB-to-Ethernet adapters are life savers when you need to:
|
| (A) replace your WiFi adapter - download drivers from internet
|
| (B) configure a router or other equipment (hard to configure
| WiFi without WiFi).
|
| (C) stand up your Linux install on your laptop (easiest way to
| futz around until you get WiFi adapter working - but check
| chipset on adapter is compatible which the cheapest usually
| are)
|
| You don't usually care about the performance. Just keep a cheap
| one in your box of shit - I need mine often enough. If you need
| high performance, then buy a high performance adapter.
| Reason077 wrote:
| Not saying they're not useful for specific purposes. But
| anyone buying them hoping to improve performance compared to
| their WiFi, often comes away very disappointed.
|
| In my case A) and B) are irrelevant because I only really own
| or deal with laptops now days, and they invariably have built
| in WiFi, but usually not built-in Ethernet!
| robocat wrote:
| Your point makes no sense to me. A cable is often useful
| when WiFi isn't.
|
| Case (A) is common for laptops. I've had plenty of WiFi
| modules (M.2?) go intermittent connection on friend's
| Windows laptops over time (maybe component drift?). For
| Linux on laptops I usually replace the manufacturers WiFi
| module so I get something better supported (high
| reliability - used to be Intel). Some people upgrade their
| module e.g. to get higher spec WiFi.
|
| For (B), configuring WiFi routers is often easier with an
| Ethernet cable and sometimes necessary (depending on
| circumstances), and you need a cable to configure many
| other devices e.g. point-to-point links or whatever.
|
| The fact you have a WiFi laptop is exactly why an adapter
| is really useful.
| Reason077 wrote:
| In my case, if I want ethernet it's because I want faster
| performance (reliably/continuously high bandwidth, and
| reduced latency and jitter) than my WiFi network can
| provide. But I've only been able to get that with a
| thunderbolt-connected ethernet adapter. Every USB one
| I've tried has been a disappointment.
|
| I don't disagree that the uses you describe make them
| helpful in those circumstances, but I can't recall ever
| needing to do any of that myself. I'm happy with the
| built-in Wifi adapter and its drivers, and all modern
| routers can be configured/set up over WiFi, can't they?
| They create a default network when first turned on, or if
| you factory-reset them using the physical reset button.
| II2II wrote:
| I have a 2.5 GB/s USB to ethernet adapter. While I cannot
| say whether the performance matches that of built-in
| ethernet, transfer rates are fairly close to 2.5 GB/s. That
| is certainly faster than WiFi.
|
| Oddly enough, point (A) is likely more relevant in the
| current world of laptops. At least if you use Windows.
| Plugging in a supported network adapter, may that be WiFi
| or Ethernet, may be the only way to get through the
| installation process, without jumping through hurdles, then
| install drivers for the built-in WiFi adapter, without
| jumping through another set of hurdles. (I own such a
| laptop, though I use Linux on said laptop so the WiFi just
| works.)
| trelane wrote:
| Using wired instead of wireless can also help reduce load
| when your network starts to get congested, since it's not
| (as much) of a shared medium as wifi (radio vs switched
| network)
| daneel_w wrote:
| In my experience they always held up the 100 Mbit/sec claim for
| lower-end variants, and an acceptable 350-ish Mbit/sec on
| USB2-backed GbE devices. I have no experience with GbE USB3
| dongles.
| daveoc64 wrote:
| This is not my experience.
|
| I have used many 1000BASE-T dongles and they work exactly as
| advertised - capable of transferring at ~950Mbps.
|
| I have also used 2.5GBASE-T dongles and speeds are in the
| 2Gbps+ range.
|
| WisdPi are even offering dongles with 5GBASE-T support (RTL8157
| chipset):
|
| https://www.wisdpi.com/products/wisdpi-usb-3-2-5g-ethernet-a...
| kalleboo wrote:
| It will depends on your USB ports.
|
| I use 2.5 GbE USB adapters and they work great... as long as
| they're in the right port.
|
| Half of the ports on my Thunderbolt dock are provided by a
| shaky ASMedia USB chipset and it drops or lags after an hour or
| so. The other half of the ports use a more solid Fresco Logic
| chipset and I left an iperf + ping running overnight and it was
| a solid 2.3 Gbit 0.x ms the whole time. The built-in Apple
| ports are also solid.
| FuriouslyAdrift wrote:
| Are there "evil" USB ethernet dongles? Of course there
| are...(just not this one)
|
| https://hak5.org/products/lan-turtle
| gruez wrote:
| The article admits this explicitly:
|
| >Malicious hardware has plenty of precedent: it's been used by
| intelligence agencies and private pentesters alike. Heck, a bit
| over a decade ago, I built an evil plasma globe for work.
| Still, we weren't here to debate whether a malicious RJ45-to-
| USB adapter could be made. The important question was whether
| in this particular instance -- as the poster put it -- "the
| Chinese were at it again".
| nayuki wrote:
| Yeah, I found the link to the evil plasma globe (
| https://lcamtuf.coredump.cx/plasma_globe/ ) to be a more
| interesting read than the article itself.
| speed_spread wrote:
| Not to mention the evil ethernet patch cable:
|
| https://imgur.com/Gpgj7w7
| nayuki wrote:
| Ah, it's the Etherkiller prank from the good old days.
| http://www.fiftythree.org/etherkiller/
| bisrig wrote:
| I'm not sure what the current state of the art is, but for the
| longest time it was pretty common for USB peripheral ICs to have
| small flash devices attached to them in order to be able to store
| VID/PID and other USB config information, so that the device is
| enumerated correctly when it's plugged in and can be associated
| with the correct driver etc. And depending on when the device was
| designed, 512kB might have been the smallest size that was
| readily available via supply chain. It would not have been
| strange to use a device like that to store 10s of bytes!
|
| The ISO thing is a little bit weird, but to be honest it's a
| creative way to try to evade corporate IT security policies
| restricting mass storage USB devices. I think optical drives use
| a different device class that probably evades most restrictions,
| so if you enumerate as a complex device that's a combo optical
| drive/network adapter, you might be able to install your own
| driver even on computers where "USB drives" have been locked out!
| extraduder_ire wrote:
| For a time, windows would more readily run an autorun from a
| disc than from a usb stick. Even if that disc was in an
| emulated usb disk drive.
| myself248 wrote:
| And the "u3" flash drives that did this were a hot commodity
| for a little while!
|
| Then came the iODD and the IsoStick...
| stavros wrote:
| That's because there was malware that spread via autorun,
| which is rather harder to do with read-only media, even if
| it's emulated.
| immibis wrote:
| When the system was designed, the way to get a CD to an end
| user was to spend at least in the range of ten thousand
| dollars to get discs mastered and pressed, and then
| convince physical stores to sell them for you. As well as
| being a lot of effort, there'd be a clear paper trail. You
| couldn't just burn one and leave it in a parking lot.
| stavros wrote:
| Even when you could, viruses didn't tend to spread that
| way.
| trelane wrote:
| Not all malware is viruses, which brings us back to the
| subject of the article.
| bentcorner wrote:
| I actually really appreciate USB devices that masquerade as a
| storage device to provide their own drivers. I suppose in this
| day and age the "right" thing to do is to upload a bunch of stuff
| to microsoft servers so that it downloads whatever is needed upon
| getting plugged in, but I've observed enough stuff needing
| manually installed drivers to know that this isn't as apparently
| easy as it may appear to be. (For example, I very often need to
| download vendor-specific ADB drivers)
|
| Anyways, I think it's clever for peripherals to help you
| bootstrap, and having the drivers baked into the device makes
| things a little easier instead of trying to find a canonical
| download source.
| necovek wrote:
| I appreciate them working out-of-the-box on Linux even more.
| And they mostly do, with Linux being the best PnP (Plug'n'Play
| -- remember that with Windows 95? :) OS today.
|
| But multiple modes of operation really made it harder for to
| configure devices like those 4G/LTE USB dongles: they will
| either present as USB storage, or one type of serial device or
| a CDC-ACM modem device (or something of the sort), requiring a
| combination of the tools + vendor-specific AT commands to
| switch it into the right mode. Ugh, just get me back those
| simple devices that do the right thing OOB.
| dylan604 wrote:
| > (Plug'n'Play -- remember that
|
| I remember it as Plug-n-Pray
| teaearlgraycold wrote:
| I only know that phrase thanks to the Computer Man song
| that I've seen on YouTube.
| ChocolateGod wrote:
| > with Linux being the best PnP
|
| as long as it isn't wireless or bluetooth
| ruszki wrote:
| or large high DPI monitor
| necovek wrote:
| What's the issue you have with high DPI monitors? I've
| used 3200x1800 14" screens way back (on Fujitsu U904 when
| that came out: I found a review from 2014 online), 4k 24"
| Dell when it still required two DP cables for 60Hz, and
| more recently 4k 14" screens on X1 Carbon: while you need
| to configure scaling (I prefer 125% or 150% for UI
| elements, and fonts further increased by a factor of
| 1.4x), most programs work well with that (including non-
| native UI peograms like Firefox, LibreOffice or even
| Emacs).
|
| For a long while there was an issue with multiple
| monitors which you want to configure with different
| settings: you couldn't.
|
| I believe that is also fixed today with Wayland but I
| mostly stick to a single monitor anyway.
| adrian_b wrote:
| For more than a decade I have used only 4k displays (in
| most cases with 10 bit color components) on all my
| desktops and laptops, all of which run Linux.
|
| I have never encountered any problem whatsoever. Only in
| Windows I have encountered sometimes scaling problems.
|
| The only programs with which I had sometimes problems in
| Linux with high-DPI monitors have been commercial
| applications written in Java, some of which were very
| expensive. However those problems were not Linux-
| specific, but Java-specific, because those Java programs
| behaved equally bad on Windows.
|
| For some reason, there seems to exist a high percentage
| of Java programmers who are incompetent at writing GUIs
| and the programs written by them neither follow the
| platform DPI settings nor allow the user to select a
| suitable display font, making their programs unusable
| without a magnifying glass when using high-DPI monitors.
| Moreover, I have encountered several expensive Java
| applications that crash and die immediately when used
| with monitors configured for 10-bit color instead of
| 8-bit color, both on Linux and on Windows.
|
| So in more than a decade of using only high-DPI displays,
| I have never had problems with native Linux GUI
| applications, I have seldom encountered problems with
| native Windows applications and I have very frequently
| encountered problems with Java applications, regardless
| of the operating system on which they were run.
| ChocolateGod wrote:
| > For some reason, there seems to exist a high percentage
| of Java programmers who are incompetent at writing GUIs
|
| There's multiple GUI Java toolkits and they all equally
| suck in their own way. Eclipse for example uses SWT which
| translates to the native application toolkit, which
| "should" support HiDPI, but as you're limited to native
| widgets it's not very common.
| formerly_proven wrote:
| Linux has out of the box support for the SBC-XQ hack, which
| is pretty much the highest quality, most widely supported
| (even by Apple hardware) low-latency-ish way to drive BT
| audio. Works exceptionally well. And switching profiles
| works better than under Windows.
|
| fwiw the last time I had wireless issues was with an
| exceedingly cheap 2013 laptop built from tablet hardware.
| That required an out of tree driver for a few years.
| ChocolateGod wrote:
| I had a Lenovo Yoga a little bit ago and it took 3 years
| iirc for the kernel module for the wifi/bt chip to be
| merged.
| trelane wrote:
| Yeah, I hate it when vendors are slow to upstream their
| drivers too.
| qwezxcrty wrote:
| In this specific case it makes a bit more sense, as when you
| need to install a RJ45 dongle is likely when you don't have a
| network connection.
| Cthulhu_ wrote:
| While that's true, you'd also expect USB network devices to
| be standardized and have builtin drivers under all the main
| operating systems.
| adrian_b wrote:
| That would be desirable but it does not happen in practice.
|
| All the USB network devices that I have ever used required
| specific drivers. Sometimes the drivers happened to be
| already bundled with the Linux kernel or with Windows, but
| frequently they were not.
| franga2000 wrote:
| Where do you buy such things? Every USB Ethernet card
| I've used in the last 10 years was either RNDIS or some
| version of USB-CDC. They've worked out of the box on both
| Linux, Windows and some even Android.
| adrian_b wrote:
| If you start the configuration of the Linux kernel and
| you go to "Device Drivers", then to "USB Network
| Adapters", you will notice that there are close to 50
| such device drivers.
|
| That should tell you that there are plenty of different
| USB Ethernet Adapters that you can find when buying one.
|
| Among those that I have encountered more frequently have
| been several kinds of Realtek, and of ASIX, and of
| Aquantia.
|
| Especially among the faster USB Ethernet adapters I doubt
| that there are many without custom drivers.
|
| Some people may not notice this, if they are using only
| fat Linux kernels, with all the possible device drivers
| being enabled and compiled, but if you use a streamlined
| kernel, e.g. for instant booting, you may need to add a
| device driver whenever you buy such an Ethernet adapter.
| Suppafly wrote:
| >I actually really appreciate USB devices that masquerade as a
| storage device to provide their own drivers.
|
| I appreciate the ones that don't need their own drivers in the
| first places. Sure something needs special drivers but things
| like usb sticks and mice should just work using the default
| ones and let you get the updates from the internet if you want
| them.
| danieldk wrote:
| _usb sticks and mice_
|
| And USB Ethernet, USB CDC-ECM/NCM has existed for a while and
| have drivers in common OSes. And yet we are plagued by USB
| Ethernet with custom drivers (some of which are not available
| for macOS on Apple Silicon).
|
| Of course, PCIe over Thunderbolt is even better.
| judge2020 wrote:
| But can we achieve 10gig/2.5gig or even gigabit with that?
| niklasbuschmann wrote:
| @lcamtuf: It's Igor Pavlov, not Ivan Pavlov
| MartijnBraam wrote:
| I came across the tweet about this "Evil" dongle and instantly
| recognized it as the exact same thing I worked on before... It's
| not evil, it's just annoying.
|
| https://blog.brixit.nl/making-a-usb-ethernet-adapter-work-sr...
|
| In my case I disabled the SPI flash module to have it not appear
| as a CD drive, the author of this post actually found some
| documentation about the SPI being optional. Funnily enough this
| post now also gives you all the tooling to make an actual evil
| RJ45 dongle by reflashing one :D
| stavros wrote:
| Hm, why does shorting CS and S0 make it not work?
| nick__m wrote:
| I have no idea about S0 but CS is usually chip select. It
| should be sufficient to short it to prevent the chip from
| being selected. However CS is frequently inverted and you
| would have to pull it up to prevent the chip selection, so
| maybe S0 is always high and inhibit CS
| stavros wrote:
| That makes sense, thank you.
| cozzyd wrote:
| SO (MISO) should generally be high impedance if not
| selected...
|
| I suspect this causes SO to always output the same value
| and the Ethernet controller must expect some magic
| nick__m wrote:
| Thanks you for refreshing my memory, I learn about that
| in college twenty-something years ago but never used that
| knowledge!
| MartijnBraam wrote:
| Shorting almost any two of the communication lines of the
| flash chip will corrupt the communication enough that the
| ethernet controller thinks there's no flash installed at all.
| LeifCarrotson wrote:
| What happened to U3 at the top left in the image of the flash
| chip?
|
| Looks like they had a footprint for a diode in a 3-pin SOT23
| package and found they didn't have stock of the special part,
| so they installed a SOD323 diode at a 30 degree angle across
| two pins...
| MartijnBraam wrote:
| I'm pretty sure that's exactly what happened
| ta988 wrote:
| Or it was meant to be toggleable.
| Cthulhu_ wrote:
| > Funnily enough this post now also gives you all the tooling
| to make an actual evil RJ45 dongle by reflashing one :D
|
| Ironic! I'm convinced most security problems are caused by
| well-meaning people breaking down hard- and software and
| explaining how to "hack" things. I mean if that's unintentional
| than at best it was security by obscurity to begin with which
| should be exposed so people don't rely on it.
| lazide wrote:
| "I'm convinced most security problems are caused by well-
| meaning people breaking down hard- and software and
| explaining how to "hack" things."
|
| Huh?
| rickdeckard wrote:
| If you think some curious spare-time white-hat hackers are
| the main cause of most security problems, you grossly
| underestimate the size and skillset of the black-hat hacking
| industry, and the unlimited profit-potential available in
| that field...
| jdietrich wrote:
| You can just buy a malicious USB cable, complete with a
| suite of payloads - from a US company, no less.
|
| https://hak5.org/products/omg-cable
| tacet wrote:
| I hope someday some youtuber drops omg cable at my office
| for content. Preferably several.
| tjoff wrote:
| And here I thought the main cause of most security problems
| was stressed developers on rushed projects where noone
| cares about security.
| gus_massa wrote:
| Is it possible to add an autorun.inf to the fake cd?
| dlcarrier wrote:
| A harmful connection to the Ethernet port would be extremely
| difficult. A harmful connection to a USB port is extremely easy.
| Call it what it is: an "Evil" USB dongle that happens to also
| have an Ethernet socket.
| Fokamul wrote:
| Brought to you by Epcyber CEO. All their trainings are OSINT on
| China. Of course this company is full of clickers, using just
| automated tools.
| YaBa wrote:
| Embedded storage was actually very common some decades ago,
| remember seeing it in a lot of devices, mostly 3G USB Modems,
| there was even a AT command to enable/disable it.
|
| Seems that the origin of the "chinese hack" theory can be just
| resumed to: younger people not being used to this kind of old
| stuff.
| JKCalhoun wrote:
| "It is already possible for an assassin to send someone an e-mail
| with an innocent-looking attachment. When the receiver downloads
| the attachment, the electrical current and molecular structure of
| the central processing unit is altered, causing it to blast apart
| like a large hand grenade."
|
| I feel like that might have been what took out a neighbor down
| the street.
|
| Sorry, I got distracted by the newspaper clipping in the article
| and had to laugh.
| Lammy wrote:
| > The English-language product brief implies that "SR" stands for
| "Supereal"; that brand name comes up in the context of
| counterfeit FTDI FT232RL chips that plagued the industry some
| time ago.
|
| This wording is misleading because it implies the fake chips were
| the plague. The fake chips worked fine, and it was FTDI's
| official driver that intentionally ruined peoples' working
| hardware when they detected the fakes and changed their PID to
| 0000 so they would no longer be recognized: http://www.rei-
| labs.net/changing-ftdi-pid/
| technothrasher wrote:
| > The fake chips worked fine
|
| Some of them did. I had some that did weird things with the
| CBUS pins.
| sephamorr wrote:
| What's so odd about this is that they add the flash ($), but skip
| the magnetics! It just has series capacitors and I don't think
| the jack has integrated magnetics since it's small and it
| wouldn't make sense to have a series cap as well.
| wrigby wrote:
| Wow, good eye. You can see the PCB is designed to take either
| magnetics or series caps, but the caps would have to be DNP'ed.
|
| I would actually be really angry to discover a USB Ethernet
| dongle I bought didn't have magnetics built in.
| adrian_b wrote:
| There are cases when a USB Ethernet dongle without
| transformers can be dangerous.
|
| For example, I use a USB Ethernet dongle to connect my router
| to a cable modem provided by the ISP.
|
| The ground of the cable modem is at the potential of the
| shield of the coaxial cable, which comes from far away and
| the voltage difference between the coaxial cable and the
| ground of my apartment is big enough to give you a serious
| shock if you would touch an exposed metal part (normally
| there are no such exposed metal parts).
|
| So it is essential for the USB Ethernet dongle to provide
| insulation between the incoming Ethernet cable and the USB
| port that is connected to the router, which is grounded at
| the home ground.
| immibis wrote:
| Do you have to wear thick rubber gloves to plug in the
| cable?
| adrian_b wrote:
| With well-made Ethernet cables, even when they are
| shielded, it is easy to not touch any conductor (the good
| shielded RJ-45 connectors have plastic sleeves covering
| the metal).
|
| On the other hand, I would have to be careful if I would
| want to disconnect and reconnect the coaxial TV cable
| that comes from the ISP, where the threaded coaxial
| connectors have a metal part. This is how I have learned
| that the potential difference between the coaxial cable
| ground and my ground is big enough to cause a shock :-)
| hn3er1q wrote:
| A difference in potential between grounds in industrial
| settings is also really common. Especially if one plugs two
| different pieces of equipment into two different branches
| of the building's circuit, without knowing it, and then
| connects those devices with something like ethernet. With
| 20m+ cables, it happens. :) You'll be very happy for
| isolation then. 1 to 5V difference is enough to damage
| electronics.
| urbandw311er wrote:
| > If you want to try it, be aware that it requires Intel Pentium
| 166MHz or above.
|
| :-D
| itomato wrote:
| For me the takeaway is that Weekly World News still sways minds.
___________________________________________________________________
(page generated 2025-01-18 23:00 UTC)