Dale Nunns


Dale Nunns is a Senior Software Developer by day.
Hardware hacker, maker of things, serial skills collector by night.
On a never ending mission to learn how everything works.

Talk: PEEK’ing and POKE’ing hardware – Hacking a ZX Spectrum

Wiring a Rapsberry Pi to the expansion port of an unmodified ZX Spectrum so that I have complete control of the entire memory address space, ROM, RAM and peripherals of the ZX Spectrum from the Raspberry Pi. Hopefully allowing me to manipulate the RAM from the Pi, emulate peripherals such as joysticks and emulate my own ROM chip (and disable the on board one) so that I can boot my own code.

Discuss the ZX Spectrum hardware, how it works and its similarities to modern computers.

Discuss how the Raspberry Pi is wired into the ZX Spectrum, what my software does and the process I followed to build this.

Short demo of the hardware & software (Assuming I can get this attack to work, somethings like emulating the ROM requires precise timing which is hard with a Raspberry Pi and a non-real-time OS like Linux.)

Finish off by explaining how this attack is a simplified version of modern DMA style attacks on modern buses like FireWire, CardBus, ExpressCard, Thunderbolt, PCI, PCI Express and how having a deeper understanding of how computers work and access to things like memory allow you to do cool and dangerous things.

Why have this talk at BSides?

It’s got retro 8bit computers, raspberry pi’s, lots of wires, reverse engineering, probably some machine-code and disassembly, python & c code and it’s a simplified “modern” attack being aimed at a computer from the 80’s.