Blog – Dmitry Brant

Brain dump, September 2024

Custom IDE adapter for CP-4021 drive

As part of a special data recovery project, I needed to read the contents of the hard drive from an ancient Compaq LTE 8086 laptop. This hard disk, which is a Conner CP-4021, is quite an oddball. It has an unusual form factor: it’s a 3.5″ drive, but it’s slimmer and shorter than a regular drive, as if it was specifically made to fit into the LTE laptop.

Perhaps most annoyingly, the IDE connector on the drive is a very nonstandard half-pitch connector, where the pins have a horizontal pitch of 1.27mm, and a vertical pitch of 2.54mm. Inside the LTE laptop, this connects to a twin ribbon cable that goes directly to the motherboard, which basically means I have no way of connecting this drive to a “standard” modern IDE controller. (And it’s definitely an IDE drive, since the connector has 44 pins, just like any other laptop hard drive, and it has the same missing “key” pin as a standard IDE connector.)

Time to build a custom connector! After a whole lot of searching, I found a blank 50-pin header on AliExpress that should match the pitch of the drive’s connector. The 50-pin header will overshoot the 44-pin connector by a few pins, but it should still fit without issues. In an ultimate test of my fine motor skills, I soldered a spare 44-pin ribbon cable onto this 50-pin header, checking painstakingly that each pin on the female end matches the corresponding pin on the male end. To secure the delicate soldering onto the header, I covered it with clear epoxy, and let it harden overnight. And just like that, I have an adapter for connecting this ancient drive to a modern PC:

I then connected the drive to my workstation PC, and was encouraged when the drive spun up, and the PC detected the drive successfully! However, the PC didn’t seem to be able to read any actual data from the drive. After a good bit of head-scratching, and double-checking the continuity of all the pins of my adapter, and trying to connect the drive to a few other PCs, I had a last-ditch idea to rule out stuck heads or a locked spindle, which were rather common problems with older drives. I removed the top cover of the drive, exposing the heads and platter, and as the drive was spinning up, I gently turned the spindle manually away from its resting position. And wouldn’t you know it — this caused the spindle to come alive, and the drive became fully functional!

I was able to acquire an image of the drive in Linux with minimal effort (not a single bad sector!), and I’ll be keeping my fancy custom adapter in case I come across another drive like this in the future. I did a few more random Frankenstein experiments with the drive, including booting another vintage laptop from it:

…and connecting that laptop to another laptop via INTERLNK.EXE, which allows the C: drive on the “server” laptop to map as the D: drive on the “client” laptop, with the goal of transferring files from one to the other, or even dumping the entire partition, which I did with the SAVEPART tool.

The connection between the two laptops is a serial cable that I cobbled together from whatever I had on hand, which turned out to be an annoyingly short cable and, thankfully, a null-modem adapter, necessary for communication between the two serial ports. This resulted in a rather slow connection between the laptops; a parallel connection would be significantly faster, but I don’t have the appropriate cable. The INTERLNK tool (bundled with MS-DOS) worked just fine, and automatically detected the connection over the COM port.

T48 chip programmer, finally

I splurged on a proper chip programmer, the T48 by XGecu. Even though there is already a newer model of their programmer (the T56), the extra cost didn’t justify the few additional chips and features it supports, at least for me.

Along with the T48, I purchased a batch of random EEPROM chips for some initial testing and verifying of the T48 itself, and possibly for actual use in future projects. These are Winbond W27C512 chips, which have a rather unusual erase voltage of 14V and programming voltage of 12V, which will be a good exercise for the chip programmer.

The software for the T48 is for Windows only (there is an open-source alternative that supports an earlier model of this programmer (the TL866II), but it still has very limited support for the T48). And because the software is for Windows only, and especially because it requires a special driver which can only be installed with elevated privileges, I prefer to run it in a virtual machine, for reasons that I hope are obvious. Fortunately this is done very easily in VirtualBox, which supports USB passthrough effortlessly. Here it is, running in a Windows 7 (32-bit) VM, and communicating with the T48:

Since my batch of Winbond chips was suspiciously cheap, I assumed they were not “new”, but rather pulled from existing boards. And I was not mistaken: reading the chips, which worked absolutely fine, revealed that they already had contents in them:

And then, erasing and reprogramming the chips also turned out to be a breeze, which gives the T48 programmer a thumbs-up from me. As a special bonus, I removed the firmware chip from the Conner CP-4021 drive (mentioned above!) and was able to read the firmware, using one of the myriad adapters that were included with the T48 programmer.

The above chip is a Microchip 27C256 (32KB), in a PLCC-32 socket. Again, the T48 was able to read this 35-year-old chip without any issues, which makes me look forward to reading and programming many vintage and newer chips in the future.

Brain dump, August 2024

Compaq LTE Lite 4/25

Restored another vintage laptop: a Compaq LTE Lite 4/25! I got it practically for free from Craigslist, since it was in rather rough shape: the screen hinges were completely loose and no longer attached to the body. The laptop has clearly been dropped on one of the corners in the past, but miraculously the display ribbon cable was still intact.

Annoyingly, the LTE series of laptops doesn’t have a built-in BIOS setup utility, and requires a bootable “diagnostics disk” to set up the BIOS parameters. This took a bit of searching on the web, but I finally found the appropriate floppy disk image, and wrote it to a disk using my trusty Greaseweazle attached to an old floppy drive.

Now that I’m able to set up the BIOS, I can configure it to use a CompactFlash adapter as the hard drive, which is preloaded with all kinds of retro apps and games! But there’s a slight problem: the diagnostics program doesn’t allow us to set up a “custom” hard drive, and instead requires us to select one of the predefined hard drive types defined by Compaq. Bizarrely, the “custom” drive types appear in the list, but are not allowed to be selected! Fortunately there is a standard drive type #61 that is “close enough” to the size of my CF card (512MB), and uses the correct number of heads and sectors.

Selecting this drive type allowed the laptop to boot into the CF card and access its contents:

QIC tapes from TC2000 supercomputer

I got a request to recover the data from several QIC cartridges that came from a 1980s-era supercomputer: the TC2000, from a company called BBN.

This computer used a scalable RISC architecture that could be expanded to 128 CPUs. The “base model” of this computer had a sticker price of $350,000, which buys you things like a 25 MHz CPU, 16 KB of L1 cache, and 16 MB of RAM. It still boggles the mind that, today, a $1 SOC can blow these specs out of the water.

The QIC tapes are DC 600A cartridges (60 MB), which were read without any issues using my trusty Tandberg TDC-3660 drive. The tapes include the installation of the operating system for this computer (called “nX”, based on Unix 4.3 BSD), as well as some other programs and tools like Fortran and Lisp. Even though the tapes were exceptionally well preserved, they still needed the usual reconditioning steps of replacing the tension belt, and cleaning the debris left behind by the previous belt.

Unfortunately it looks like these tapes contain mostly binary files, intended to run on the architecture of the TC2000, so it’s highly unlikely they’d be runnable on any other system or emulator that I’m aware of. Still, an interesting bit of archaeology worth preserving.

Homeowner’s log, July 2024

I installed a soft-start unit in our air conditioning condenser. There have been a couple of annoyances with our AC system that I was hoping a soft-starter would solve:

The condenser makes a loud noise when starting up. This is due to the high inrush current that is supposed to kickstart the compressor. In reality, the compressor doesn’t necessarily need that much current to start, which is why a soft-start unit does the job of “ramping up” the current until it detects that the compressor has started.
When the condenser starts, the lights in the house flicker momentarily. This is also due to the high inrush current, but the root of this problem extends beyond our house. I believe this is caused by the power transformer that serves our entire street of houses; the transformer is improperly sized, and its capacity is too low to handle these spikes of current. This is also evidenced by the fact that our lights flicker just a bit when our neighbors’ AC unit starts.

After much research, I decided to go with the MicroAir Easy Start Flex. It’s a little pricey, but it’s intended to handle most types of condensers, regardless of its “tonnage”, referring to its BTU output (our condenser is a 5-ton unit, which translates to 60,000 BTUs.

Installing it was an absolute breeze, and took less than one hour. Afterwards, there was an enormous improvement in the startup noise, and the lights no longer flicker at all. I also made a video of the installation, with before- and after recordings of the startup noise:

If you’re considering installing one of these units in your AC system (which you should), make sure you’re completely comfortable working with household electrical wiring, completely familiar with the wiring of your AC unit, and take all the necessary safety precautions. If you are unsure about anything, please contact an HVAC professional.

Programming a chip programmer with another chip programmer

Recently I had a need to program a few Atmel ATtiny chips for a project, which I haven’t done in years. I rummaged through my drawers and found the necessary programming device, which is a USBasp device:

When I tried using it to program an ATtiny chip using the standard programming software (avrdude), it showed an error suggesting that I need to update the firmware on the programmer device.

$ avrdude -cusbasp -pt45
avrdude error: cannot set sck period; please check for usbasp firmware update
avrdude error: program enable: target does not answer (0x01)
avrdude error: initialization failed, rc=-1
        - double check the connections and try again
        - use -B to set lower the bit clock frequency, e.g. -B 125kHz
        - use -F to override this check

But the programmer device itself uses an Atmel chip (ATmega8a) that is only programmable using another chip programmer. What to do? Rummaging further in my drawers, I discover this contraption:

It’s an extremely cheap CH341A programmer (~$2 on AliExpress) that I’ve used in the past to dump the contents of BIOS chips on motherboards and video cards. However, perhaps it can be useful here? Looking on the back of it, we can see that it can definitely do SPI (it has MOSI and MISO pins, although the latter is misspelled “MIOS”!). Could it be that this other programmer is also supported by avrdude?

$ avrdude -c\?
Valid programmers are:
...
  c2n232i            = serial port banging, reset=dtr sck=!rts sdo=!txd sdi=!cts
  ch341a             = ch341a programmer (AVR must have minimum F_CPU of 6.8 MHz)
  dasa               = serial port banging, reset=rts sck=dtr sdo=txd sdi=cts
...

How fortunate! So, what if we just connect all the relevant pins from this programmer to our target programmer that is receiving the update:

I connected the GND, +5V, MISO, MOSI, CLK (which goes to SCK), and CS (which goes to RESET) pins from the programmer to the target, remembering also to put a jumper on JP2 to enable self-programming. I also obtained the latest firmware to be loaded onto the chip. And here we go:

$ avrdude -cch341a -pm8 -b19200 -U flash:w:usbasp.atmega8.2011-05-28.hex
avrdude error: initialization failed, rc=-2
        the programmer ISP clock is too fast for the target
        - use -B to set lower the bit clock frequency, e.g. -B 125kHz
        - use -F to override this check

Hmm, something about the ISP clock being too fast… but it suggests that we can use -F to override this check. OK, let’s try that:

$ avrdude -cch341a -pm8 -F -U flash:w:usbasp.atmega8.2011-05-28.hex
avrdude: AVR device initialized and ready to accept instructions
avrdude: device signature = 0x1e9307 (probably m8)
avrdude: Note: flash memory has been specified, an erase cycle will be performed.
         To disable this feature, specify the -D option.
avrdude: erasing chip
avrdude: processing -U flash:w:usbasp.atmega8.2011-05-28.hex:i
avrdude: reading input file usbasp.atmega8.2011-05-28.hex for flash
         with 4700 bytes in 1 section within [0, 0x125b]
         using 74 pages and 36 pad bytes
avrdude: writing 4700 bytes flash ...
Writing | ################################################## | 100% 1.25 s 
avrdude: 4700 bytes of flash written
avrdude: verifying flash memory against usbasp.atmega8.2011-05-28.hex
Reading | ################################################## | 100% 0.79 s 
avrdude: 4700 bytes of flash verified
avrdude done.  Thank you.

Wait, what? It worked! This is much easier than I thought it would be. Thanks, avrdude and cheapo CH341A programmer! I can now program ATtiny chips quickly and easily.

More huge updates to DiskDigger and FileSystemAnalyzer

I’ve finished some major updates to DiskDigger, as well as its companion tool FileSystemAnalyzer, to support a few more filesystems, some more obscure than others!

ReFS support

One of these filesystems represents a serious and substantial update: DiskDigger now has expanded support for ReFS, the Resilient File System introduced in recent versions of Windows Server and Windows Enterprise editions. ReFS remains totally proprietary and undocumented, so it required quite a bit of reverse-engineering to nail down the structures that it uses. I’m happy to report that DiskDigger now supports versions of ReFS starting from 3.0 (introduced in Windows Server 2016) through the very latest version 3.12 (in the latest insider build of Windows 11 Enterprise).

To be clear, DiskDigger had already been able to recover data from ReFS partitions by performing a heuristic (carving) search, which is independent of the actual filesystem on the disk. But now that it understands the data structures of ReFS, it can employ additional specific techniques to recover files more accurately from such partitions.

And on a lighter, more whimsical note, DiskDigger and FileSystemAnalyzer now support two other filesystem types that you’ll likely never encounter in everyday life:

RedSea filesystem

The RedSea filesystem was created by the late Terry Davis as part of his TempleOS operating system. If you’re not familiar with TempleOS, it’s an interesting rabbit hole to delve into. Literally an entire operating system built by a single person over the course of many years, TempleOS is intended to be “god’s third temple” in the form of an operating system, due to the guiding principles behind the operating system that Davis believed he was receiving from god. These principles are largely based around simplicity and purity, which is something that even the most hardened atheist like myself can appreciate. There is an expansive volume of videos in which Davis provides tutorials and explains the various features and design choices of TempleOS.

Terry was a troubled soul: he was living with uncontrolled schizophrenia which led to his eventual demise, and his videos occasionally contain some bizarre and horribly racist commentary, all of which make him more pitiable than admirable as a person. However, he was an undeniable savant at building an operating system, and I will defend the idea that we can learn something from his kernel, his compiler, and his insistence on simplicity. As a tribute to his work, I’m including support for the RedSea filesystem in DiskDigger and FileSystemAnalyzer.

The RedSea filesystem is, in many ways, the simplest filesystem possible:

All files are contiguous! There’s no concept of fragmentation.
There are no B-trees, no journaling, no symbolic links, no encryption, etc.
There’s no concept of clusters; block sizes are the same as sector sizes, i.e. 512 bytes.
Directory blocks are just a sequential list of directory entries.
For determining where to write new files, there is simply an allocation bitmap, where each bit represents whether the corresponding block is allocated.

One other interesting feature of the RedSea filesystem is that it performs a sort of semi-automatic compression of files, using a form of LZW compression. If you give a file a name that ends with a “.Z” extension, it will be compressed when it’s written to the disk, and then uncompressed the next time it’s read from the disk (transparently to the user). This compression is also supported in DiskDigger, i.e. files recovered from a RedSea partition will be automatically uncompressed.

Commodore 64 disk images

As another fun diversion, I also added support for Commodore 64 disk images (D64 files)! The file system on these disks is thoroughly documented, and is also very simple: files are represented as a linked list of blocks (a primitive “block chain”, as it were). If you have these disk images lying around, you can now peruse their contents!

As with all filesystems supported by FileSystemAnalyzer and DiskDigger, these additions are read-only, since these are intended to be tools for forensic analysis, and not intended for two-way interoperability.