Andrew Huang (hacker)

Last updated

Andrew Huang
Bunnie portrait cropped screenres.jpg
Born1975 (age 4849)
Nationality American
Other namesbunnie
Alma mater Massachusetts Institute of Technology
Occupation(s)Hacker, author, researcher
Known for Chumby, Hacking the Xbox, Novena
Website https://www.bunniestudios.com/

Andrew "bunnie" Huang (born 1975) is an American researcher and hacker, [1] who holds a Ph.D in electrical engineering from MIT and is the author of the freely available 2003 book Hacking the Xbox: An Introduction to Reverse Engineering. As of 2012 he resides in Singapore. [2] Huang is a member of the Zeta Beta Tau fraternity, and a resident advisor and mentor to hardware startups at HAX, an early stage hardware accelerator and venture capital firm. [3]

Contents

Early life and education

Huang was born in Kalamazoo, Michigan, United States to mainland Chinese parents who fled to Taiwan at a young age during the Chinese communist revolution. Huang's father was born in Central China. Huang's mother was born in Beijing to a Han Chinese father and a Mongol mother. Huang has two sisters and is the middle child of his family. [4]

Huang attended the Massachusetts Institute of Technology in 1992, earning a Ph.D in electrical engineering in 2002. [5] He stated that he had "flipped a coin" to determine whether to pursue biology or electronics. [6]

The nickname "bunnie" is short for "vorpalbunnie", a reference to the creature in both Monty Python and the Holy Grail and Moria, that he used as a BBS screen name. [7]

Projects

Huang was the hardware lead at Chumby; his responsibilities included the design and production of Chumby devices, as well as the strategic planning and ecosystem development of the broader Chumby hardware platform.

As a leader at the Ministry of Mobile Affairs, Andrew Huang oversaw the ambitious MoMA Eve handheld game console. [8] [9]

He has completed several major projects, ranging from hacking the Xbox, to designing the world's first fully integrated photonic-silicon chips running at 10 Gbit/s with Luxtera, Inc., to building some of the first prototype hardware for silicon nanowire device research with Caltech. Huang has also participated in the design of wireless transceivers for use in 802.11b and Bluetooth networks with Mobilian, graphics chips at Silicon Graphics, digital cinema codecs at Qualcomm, and autonomous robotic submarines during the 1999 competition held by the AUVSI that the MIT team won. He is also responsible for the "un-design" of many security systems, with an appetite for the challenge of digesting silicon-based hardware security. [5]

Huang was scheduled to appear as an expert witness in the trial United States v. Crippen to determine whether or not modding an Xbox violates sections of the DMCA. [10] The case was dropped suddenly on the third day of trial before the jury sat by the US federal authorities who had initiated the action. [11] The case was dismissed before Huang was called to give testimony.

He also created the open hardware Safecast Geiger Counter Reference Design, as a volunteer effort in response to the 2011 Tōhoku earthquake, tsunami, and ensuing meltdown of Fukushima Daiichi. [12] [13] A project in collaboration with Jie Qi of the MIT Media Lab is Circuit Stickers, a peel-and-stick circuit system for crafting electronics. [14] Huang was interviewed on Dave Jones' The Amp Hour in episode #84, where he talked about his electronics work in China and reverse engineering. [15]

Huang is a member of the advisory board for Crowd Supply, the crowdfunding platform that he used for Novena and The Essential Guide to Electronics in Shenzhen. [16]

Reverse engineering

Xbox

Huang has a long and noted history with the reverse engineering and hacking of consumer products. His 2003 publication Hacking the Xbox: An Introduction to Reverse Engineering was one of the first published works regarding the reverse engineering of a high end consumer product. He faced significant legal pressure from Microsoft to not reveal the details of his exploits, and the book itself reveals that he had received a letter from MIT, where he was at the time a student, informing him of their disavowal of any association with his project. Additionally, his publisher John Wiley & Sons had rescinded their intent to publish the book. [17]

In part because of this response by MIT to his work, when the Institute was again put at the forefront of controversy in their handling of the criminal prosecution brought against Aaron Swartz, and his subsequent suicide, Huang released the book for free through No Starch Press, remarking that "Without the right to tinker and explore, we risk becoming enslaved by technology; and the more we exercise the right to hack, the harder it will be to take that right away". [18] [19]

Printer steganography

In 2005, Huang worked with a team from the Electronic Frontier Foundation to develop code that interprets printer steganography markings. [20]

Digital Content Protection

Huang created the NeTV in 2011, which was the first known public use of the High-bandwidth Digital Content Protection (HDCP) "master key". The device uses the master key to implement a video overlay on existing HDCP-protected links, in a fashion which purportedly does not violate the DMCA. [21] Both the hardware and firmware for the NeTV are openly available under the CC BY-SA license. [22]

MicroSD card vulnerabilities
microSD cards: genuine & questionable Decapsulated microSD memory card lineup-genuine, questionable, and fake-counterfeit.jpg
microSD cards: genuine & questionable

He has also used reverse engineering techniques to reveal why certain MicroSD cards are poor in quality. [23] [24] In 2013, he presented results in collaboration with fellow Singapore developer Sean "xobs" Cross revealing methods to load arbitrary code into microSD cards via backdoors built into the embedded controller. [25] [26]

Cell phone privacy

On 21 July 2016, Huang and Edward Snowden, in a talk at MIT Media Lab's Forbidden Research event, [27] [28] published research for an outboard computer embedded in a smartphone case, the so-called "Introspection Engine", that would monitor electrical signals received and sent by that phone, to provide an alert to the user, if their phone is transmitting or receiving information when it shouldn't be (for example, when it's turned off or in airplane mode), a feature described by Snowden to be useful for journalists or activists operating under hostile governments that would want to track their activities through their phones. [29] [30] [31] [32] [33]

Novena

The open-source hardware laptop motherboard, Novena. Novena laptop motherboard.jpg
The open-source hardware laptop motherboard, Novena.

In 2013, Huang announced that he, again in collaboration with Cross, was at work developing a laptop called the Novena. The laptop is the first of its kind, in that the hardware and software are entirely open and only include components where the manufacturing companies do not require non-disclosure agreements to obtain the documentation necessary for design. [34] In addition to the normal laptop components, the Novena motherboard also includes an FPGA, dual Ethernet ports, a three-axis accelerometer, and easily augmentable hardware. [35] On May 7, 2014 the Novena's crowdfunding campaign reached its goal of $250,000 and went on to raise a total of $722,880 without taking subsequent pre-orders into account.

Writing

Huang is a contributing writer for MAKE magazine, as well as being a member of their technical advisory board. He has also written for Gizmodo and IEEE Spectrum.

He has also written extensively about manufacturing in China. [36] [37] In March 2016, Huang successfully completed the crowdfunding campaign for his book The Essential Guide to Electronics in Shenzhen, a manual written to enable the English-speaking electronics community to be able to navigate China's Huaqiangbei marketplace in Shenzhen, [38] widely regarded as one of the world's premier electronics marketplaces and production hubs. [39] He also appeared in Wired's 2016 documentary Inside Shenzhen: The Silicon Valley of hardware. [40]

DMCA lawsuit

In July 2016, Huang became a plaintiff in a lawsuit filed by the Electronic Frontier Foundation (EFF) that challenges the Digital Millennium Copyright Act (DMCA). In the complaint, the EFF argue on behalf of Huang (and his company AlphaMax LLC.) that the "anti-circumvention" and "anti-trafficking" provisions of Section 1201 of the Digital Millennium Copyright Act threaten free speech. [41] [1] The lawsuit, Green v. Department of Justice, is shared with plaintiff Matthew D. Green, a cryptography researcher whose work has a similar obstacle within Section 1201. [42]

Huang and AlphaMax were seeking to develop the NeTV2, a digital video processing device that allows a user to record and modify video data from various sources, including streaming services and video games. The extant version of the device does not allow for the modification of encrypted video streams, but Huang and AlphaMax intended to add this as a feature by reverse engineering Intel's High-Bandwidth Digital Content Protection copy protection system. Their concern, however, was that this would qualify as a breach of Section 1201 of the DMCA. In this capacity, the EFF's lawsuit is a preliminary injunction against that portion of the DMCA. [43] [44]

Discussing his motivations behind the suit, Huang said, "When I was a graduate student, I saw a generation of younger engineers growing up stunted and fearful under [the DMCA's] shadow ... In multiple startups since, I saw numerous, legitimate business opportunities stymied by the statute." [45]

In July 2019, a federal judge ruled that the lawsuit could proceed. [44] [46] In 2021, District of Columbia Court Judge Emmet G. Sullivan denied the preliminary injunction put forth by the EFF, citing that the Department of Justice, who were brought forth to defend against the case in 2016, had sufficiently demonstrated that the DMCA is a necessary amendment to existing copyright law, and that to this end it does not place undue or unwarranted restrictions on free speech. The specific assertion by the EFF and Huang that code qualifies as speech, and thus qualifies for the protections given to free speech, was not explicitly rejected in the decision, though Sullivan did remark that the Department of Justice "makes a compelling argument" against that assessment within the purview of the EFF's proposed injunction. [43]

Awards

In 2007, Huang received the Lewis Winner award for Best paper at ISSCC 2006 (A 10 Gbit/s photonic modulator and WDM MUX/DEMUX integrated with electronics in 0.13 um SOI CMOS, Solid-State Circuits Conference, 2006. ISSCC 2006. Digest of Technical Papers. IEEE International) [47]

In September 2012, Huang received the 2012 EFF Pioneer Award for his work in hardware hacking, open source and activism. [48]

Bibliography

Publications

Books

Related Research Articles

bnetd is a communication app that enables users of the online game StarCraft released on March 31, 1998 to connect and chat together. A bnetd clone was released on April 28, 1998 under the name StarHack and provided near-complete emulation of the original online multiplayer gaming service network. This was accomplished through reverse engineering of the corporate Blizzard Entertainment's Battle.net.

<span class="mw-page-title-main">Jon Lech Johansen</span> Norwegian programmer (born 1983)

Jon Lech Johansen, also known as DVD Jon, is a Norwegian programmer who has worked on reverse engineering data formats. He wrote the DeCSS software, which decodes the Content Scramble System used for DVD licensing enforcement. Johansen is a self-trained software engineer, who quit high school during his first year to spend more time with the DeCSS case. He moved to the United States and worked as a software engineer from October 2005 until November 2006. He then moved to Norway but moved back to the United States in June 2007.

ElcomSoft is a privately owned software company headquartered in Moscow, Russia. Since its establishment in 1990, the company has been working on computer security programs, with the main focus on password and system recovery software.

<span class="mw-page-title-main">Hackers on Planet Earth</span> Conference series

The Hackers on Planet Earth (HOPE) conference series is a hacker convention sponsored by the security hacker magazine 2600: The Hacker Quarterly that until 2020 was typically held at Hotel Pennsylvania, in Manhattan, New York City.

<span class="mw-page-title-main">Chumby</span>

The Chumby was a consumer electronics product formerly made by Chumby Industries, Inc. It is an embedded computer which provides Internet and LAN access via a Wi-Fi connection. Through this connection, the Chumby runs various software widgets. In 2010 Sony introduced a single product based on an offshoot version of Chumby, the Sony Dash.

<span class="mw-page-title-main">George Hotz</span> American software engineer

George Francis Hotz, alias geohot, is an American security hacker, entrepreneur, and software engineer. He is known for developing iOS jailbreaks, reverse engineering the PlayStation 3, and for the subsequent lawsuit brought against him by Sony. From September 2015 onwards, he has been working on his vehicle automation machine learning company comma.ai. Since November 2022, Hotz has been working on tinygrad, a deep learning framework.

<span class="mw-page-title-main">Huaqiangbei</span> Subdistrict in Guangdong, China

Huaqiangbei is a subdistrict of Futian, Shenzhen, Guangdong Province, China, one of Shenzhen's notable retail areas; having one of the largest electronics markets in the world. The area's status as a major electronics manufacturing hub, and sprawling electronics marketplaces have earned it occidental nicknames such as "China's Silicon Valley", and the "Silicon Valley of Hardware". Multiple malls contain various businesses.

<span class="mw-page-title-main">Joe Grand</span> American electrical engineer

Joe Grand is an American electrical engineer, inventor and hardware hacker known in the hacker community as Kingpin. He achieved mainstream popularity after his appearance on Prototype This!, a Discovery Channel television show. He specializes in, "finding security flaws in hardware devices and educating engineers on how to increase the security of their designs". Grand has testified before the U.S. Senate Committee on Governmental Affairs regarding government and homeland computer security under his internet handle, Kingpin.

The Electronic Frontier Foundation (EFF) is an international non-profit advocacy and legal organization based in the United States.

<span class="mw-page-title-main">Digital Millennium Copyright Act</span> United States copyright law

The Digital Millennium Copyright Act (DMCA) is a 1998 United States copyright law that implements two 1996 treaties of the World Intellectual Property Organization (WIPO). It criminalizes production and dissemination of technology, devices, or services intended to circumvent measures that control access to copyrighted works. It also criminalizes the act of circumventing an access control, whether or not there is actual infringement of copyright itself. In addition, the DMCA heightens the penalties for copyright infringement on the Internet. Passed on October 12, 1998, by a unanimous vote in the United States Senate and signed into law by President Bill Clinton on October 28, 1998, the DMCA amended Title 17 of the United States Code to extend the reach of copyright, while limiting the liability of the providers of online services for copyright infringement by their users.

<span class="mw-page-title-main">Maker culture</span> Community interested in do-it-yourself technical pursuits

The maker culture is a contemporary subculture representing a technology-based extension of DIY culture that intersects with hardware-oriented parts of hacker culture and revels in the creation of new devices as well as tinkering with existing ones. The maker culture in general supports open-source hardware. Typical interests enjoyed by the maker culture include engineering-oriented pursuits such as electronics, robotics, 3-D printing, and the use of computer numeric control tools, as well as more traditional activities such as metalworking, woodworking, and, mainly, its predecessor, traditional arts and crafts.

<span class="mw-page-title-main">Hacking of consumer electronics</span>

The hacking of consumer electronics is a common practice that users perform to customize and modify their devices beyond what is typically possible. This activity has a long history, dating from the days of early computer, programming, and electronics hobbyists.

<span class="mw-page-title-main">Limor Fried</span> American electrical engineer

Limor Fried is an American electrical engineer and owner of the electronics hobbyist company Adafruit Industries. She is influential in the open-source hardware community, having participated in the first Open Source Hardware Summit and the drafting of the Open Source Hardware definition, and is known by her moniker ladyada, an homage to Lady Ada Lovelace.

<span class="mw-page-title-main">Novena (computing platform)</span>

Novena is an open-source computing hardware project designed by Andrew "bunnie" Huang and Sean "Xobs" Cross. The initial design of Novena started in 2012. It was developed by Sutajio Ko-usagi Pte. Ltd. and funded by a crowdfunding campaign which began on April 15, 2014. The first offering was a 1.2 GHz Freescale Semiconductor i.MX6 quad-core ARM architecture computer closely coupled with a Xilinx FPGA. It was offered in "desktop", "laptop", or "heirloom laptop" form, or as a standalone motherboard.

<span class="mw-page-title-main">Naomi Wu</span> Chinese DIY maker and internet personality

Naomi Wu, also known as Sexy Cyborg, is a Chinese DIY maker and internet personality. As an advocate of women in STEM, transhumanism, open source hardware, and body modification, she attempts to challenge gender and tech stereotypes with a flamboyant public persona, using objectification of her appearance to inspire women.

<span class="mw-page-title-main">Arduboy</span> Handheld video game console

The Arduboy is a handheld game console with open source software, based on the Arduino hardware platform.

<span class="mw-page-title-main">Anantha P. Chandrakasan</span> American engineer

Anantha P. Chandrakasan is the Chief Innovation and Strategy Officer, the dean of the School of Engineering, and Vannevar Bush Professor of Electrical Engineering and Computer Science at Massachusetts Institute of Technology. He is chair of the MIT Climate and Sustainability Consortium and MIT AI Hardware Program, and co-chair the MIT–IBM Watson AI Lab, the MIT–Takeda Program, and the MIT and Accenture Convergence Initiative for Industry and Technology.

Green v. Department of Justice is a pending lawsuit at the United States District Court for the District of Columbia filed to test the constitutionality of the anti-circumvention provisions enacted in the 1998 Digital Millennium Copyright Act (DMCA). The lawsuit argues that, as passed, the anti-circumvention provisions of the DMCA prevent legitimate speech under the First Amendment to the United States Constitution.

Hector Martin Cantero, also known as marcan, is a Spanish security hacker known for hacking multiple PlayStation generations, the Wii and other devices. Martin is lead developer on the Asahi Linux project.

References

  1. 1 2 Thomson, Iain; Apple (September 30, 2016). "Crypto guru Matt Green asks courts for DMCA force field so he can safely write a textbook". The Register . Retrieved October 9, 2016.
  2. Lesnet, Ian (August 23, 2012). "Workshop Video #36: Beers in Bunnie's Workshop". Dangerous Prototypes. Retrieved March 16, 2014.
  3. "Bunnie Huang - Advisor & Hardware guru". Hax Team.
  4. "A Brief History of Me". web.mit.edu. Retrieved August 15, 2022.
  5. 1 2 Torrone, Phillip (April 30, 2012). "MAKE's Exclusive Interview with Andrew (bunnie) Huang - The End of Chumby, New Adventures | Make". Make . Retrieved June 9, 2016.
  6. "An interview with Andrew Huang". The Blueprint. Archived from the original on August 19, 2016. Retrieved June 9, 2016.
  7. "Interviews: Andrew "bunnie" Huang Answers Your Questions - Slashdot". Slashdot . August 21, 2014. Retrieved June 9, 2016.
  8. "VIA Technologies, Inc". October 23, 2004. Archived from the original on October 23, 2004. Retrieved November 4, 2020.
  9. Hachman, Mark (May 12, 2004). "New "Mobile Console" Plays PC Games - ExtremeTech". Extremetech. Retrieved November 4, 2020.
  10. Kravets, David (October 21, 2010). "Threat Level Privacy, Crime and Security Online Previous post Next post Prosecutors Seek to Block Xbox Hacking Pioneer From Trial". Wired. Retrieved May 1, 2011.
  11. Kravets, David (December 2, 2010). "Prosecutors Dismiss Xbox-Modding Case Mid-Trial". Wired. Retrieved May 1, 2011.
  12. Doctorow, Cory (March 15, 2012). "Bunnie Huang's open Geiger counter: design notes and reference". Boing Boing.
  13. Sythe, Dan (September 27, 2012). "Inside the Heart and Soul of a new Geiger counter". Geiger Counter Bulletin.
  14. Chibitronics. "Circuit Stickers". Crowd Supply.
  15. "The Amp Hour #84 - An Interview with Bunnie Huang - Bunnie's Bibelot Bonification". The Amp Hour. February 28, 2012. Retrieved December 22, 2013.
  16. "Launch". Crowd Supply. Archived from the original on November 11, 2016. Retrieved August 2, 2016.
  17. Ziccardi, Giovanni (2012). Resistance, Liberation Technology and Human Rights in the Digital Age (PDF). Springer Science+Business Media. p. 110.
  18. "Xbox hacker "bunnie" Huang makes book free in Aaron Swartz tribute". SlashGear. March 11, 2013. Retrieved June 9, 2016.
  19. Huang, Andrew (March 2013). "An open letter from bunnie, author of Hacking the Xbox". No Starch Press . Retrieved June 9, 2016.
  20. "DocuColor Tracking Dot Decoding Guide". Electronic Frontier Foundation. Archived from the original on January 14, 2016. Retrieved December 7, 2015.
  21. Goodin, Dan (September 16, 2011). "How gizmo maker's hack outflanked copyright trolls". The Register . Retrieved September 17, 2011.
  22. Source code links at http://kosagi.com/w/index.php?title=NeTV_Main_Page
  23. Doctorow, Cory (February 16, 2010). "Sleuthing uncovers the mystery of Kingston MicroSD cards' crappy QA". Boing Boing. Retrieved May 1, 2011.
  24. Huang, Andrew. "On MicroSD Problems". bunnie's blog. Archived from the original on August 25, 2014.
  25. bunnie and xobs (December 29, 2013). "The Exploration and Exploitation of an SD Memory Card". 30c3. Archived from the original on July 10, 2014.
  26. Huang, Andrew. "On Hacking MicroSD Cards". bunnie's blog.
  27. Andrew Huang. Edward Snowden. 'Against the Law: Countering Lawful Abuses of Digital Surveillance' on YouTube
  28. "Forbidden Research".
  29. Snowden, Edward; Huang, Andrew (bunnie) (July 21, 2016). "Against the Law: Countering Lawful Abuses of Digital Surveillance". PubPub. doi: 10.21428/12268 . Retrieved August 7, 2016. pdf pdf
  30. Lee, Micah (July 21, 2016). "Edward Snowden's New Research Aims to Keep Smartphones From Betraying Their Owners". The Intercept. Retrieved August 7, 2016.
  31. Greenberg, Andy (July 21, 2016). "Snowden Designs a Device to Warn if Your iPhone's Radios Are Snitching". Wired. Retrieved August 7, 2016.
  32. Mott, Nathaniel (July 21, 2016). "Edward Snowden designs phone case to show when data is being monitored". The Guardian. ISSN   0261-3077 . Retrieved August 7, 2016.
  33. Palazzo, Chiara (July 22, 2016). "Edward Snowden co-designs an iPhone case that alerts user to surveillance activity". The Telegraph. Retrieved August 7, 2016.
  34. Bunnie Huang (January 8, 2014). "Building an Open Source Laptop". Makezine. Archived from the original on March 16, 2014.
  35. bunnie (March 14, 2014). "Novena Main Page".
  36. Doctorow, Cory (July 13, 2007). "Bunnie Huang's blog-series on Chinese manufacturing". Boing Boing. Archived from the original on May 29, 2010. Retrieved May 2, 2011.
  37. Huang, Andrew 'bunnie' (June 12, 2015). "Why It's Often Easier To Innovate In China Than In The United States". Gizmodo. Retrieved June 9, 2016.
  38. "Bunnie Huang's "Essential Guide to Electronics in Shenzhen"". Boing Boing. February 4, 2016. Retrieved June 8, 2016.
  39. Arthur, Charles (June 13, 2014). "Huaqiangbei: the mega market with every smartphone part – in pictures". the Guardian. Retrieved June 9, 2016.
  40. Reynolds, Matthew (June 7, 2016). "Inside Shenzhen: The Silicon Valley of hardware". Wired UK. Retrieved August 26, 2016.
  41. "EFF Lawsuit Takes on DMCA Section 1201: Research and Technology Restrictions Violate the First Amendment". Electronic Frontier Foundation. July 21, 2016. Retrieved July 21, 2016.
  42. "Green v. U.S. Department of Justice". Electronic Frontier Foundation. September 1, 2016. Retrieved November 17, 2021.
  43. 1 2 Gardner, Eriq (July 16, 2021). "A Hacker's Plan to Make Digital TV More Useful Hits Legal Setback". The Hollywood Reporter. Retrieved November 17, 2021.
  44. 1 2 Huang, Andrew (September 18, 2019). "Bugfix and DMCA Lawsuit Progress". Crowd Supply. Retrieved November 17, 2021.
  45. Powers, Melissa (February 17, 2017). "'I've felt my rights chilled': Hacker 'bunnie' Huang is challenging the government". NBC News. Retrieved May 18, 2020.
  46. "Will a Federal Judge Unleash Hackers on the TV Industry?". The Hollywood Reporter. September 20, 2019. Retrieved March 15, 2021.
  47. "ISSCC 2007 / Session 1 / Plenary Awards". IEEE. February 12, 2007. doi:10.1109/ISSCC.2007.373576.{{cite journal}}: Cite journal requires |journal= (help)
  48. "Hardware Hacker, Anti-ACTA Activist, and Groundbreaking Anonymity Group Win EFF Pioneer Awards" (Press release). EFF. September 27, 2012.