Judge Spotlight: Sprite_TM

Sprite_TM

His friends call him [Jeroen], but everyone else on the Internet knows this god of hacks and mods as [Sprite_TM]. He’s done everything from hacking hard drive controllers to making the best computer ever made even better. As one of the preeminent hardware hackers around, we’re proud to have [Sprite] as a judge in The Hackaday Prize, and happy to interview him on his thoughts on connected devices, the cloud-based Internet of Things, and his process of opening up black box devices for some sometimes subtle modifications.


judge-spotlight-q5You’re well known for your highly technical electronic hacks on your
blog SpritesMods. What about the professional side of your life, what kind
of projects keep you busy there?

judge-spotlight-a5I’m a software developer for a big broadcasting equipment manufacturer. Every now and then a hardware project comes along and I try to grab those too.

[Read more...]

[Sprite_TM] OHM2013 Talk: Hacking hard drive controller chips

hacking-hard-drive-controllers

Even if he hadn’t done any firmware hacking on this hard drive [Sprite_TM's] digital exploration of the controller is fascinating. He gave a talk at this year’s Observe, Hack, Make (OHM2013) — a non-commercial community run event in the Netherlands and we can’t wait for the video. But all the information on how he hacked into the three-core controller chip is included in his write up.

[Sprite_TM] mentions that you’re not going to find datasheets for the controllers on these drives. He got his foot in the door after finding a JTAG pinout mentioned on a forum post. The image above shows his JTAG hardware which he’s controlling with OpenOCD. This led him to discover that there are three cores inside the controller, each used for a different purpose. The difference between [Sprite_TM's] work and that of mere mortals is that he has a knack for drawing surprisingly accurate conclusions from meager clues. To see what we mean check out the memory map for the second core which he posted on page 3 or his article.

Using JTAG he was able to inject a jump into the code (along with a filler word to keep the checksum valid) and run his own code. To begin the firmware hacking portion of the project he pulled the flash ROM off of the board and installed it on that little board sticking out on the left. This made it easy for him to backup and reflash the chip. Eventually this let him pull off the same proof of concept as a firmware-only hack (no JTAG necessary). He goes onto detail how an attacker who has root access could flash hacked firmware which compromises data without any indication to they system admin or user. But we also like his suggestion that you should try this out on your broken hard drives to see if you can reuse the controllers for embedded projects. That idea is a ton a fun!

When we were poking around the OHM2013 website (linked above) we noticed that the tickets are sold out; good for them! But if you were still able to buy them they take Bitcoin as one payment option. Are there any other conferences that allow Bitcoin for registration?

[Sprite_tm] connects an LCD to a tiny Linux board

One of [Sprite_tm]‘s colleagues recently challenged him to connect a small LCD touch screen to a Raspberry Pi. Sadly, [Sprite_tm] has yet to take delivery of a Raspberry Pi, but he did manage to connect an LCD to a Linux board without video capabilities.

Because [Sprite_tm]‘s display has a 16-bit parallel interface, and 16 GPIO pins are hard to come by on the Carambola Linux board, a few shift registers had to be brought into the build to make the LCD work. These shift registers are connected to the Carambola board via an SPI interface; a very simple way to connect all the LCD pins to the Linux board.

Of course, there’s no way for Linux to speak to the LCD without a kernel driver; [Sprite_tm] wrote a framebuffer driver so the LCD can be used as a console, an X session, or used by any other program that can write to a framebuffer device.

Like all good driver authors, [Sprite_tm] is giving away the patch to enable SPI-ified LCD panels on the Carambola along with the shift register schematic. With any luck we’ll also see the Raspi drivers when [Sprite_tm] takes delivery of his Raspberry Pi.

[Sprite_tm]‘s three-component FM transmitter

When the Regency TR-1 transistor radio came out onto the market in the 1950s, it was hailed as a modern marvel of microelectronics. With only four transistors and a handful of other components, the TR-1 was a wonder of modern engineering. [Sprite_tm] may have those old-timers beat, though. He built an FM transmitter with the lowest parts count of any transmitter ever.

Like most of [Sprite_tm]‘s builds, it’s an unimaginably clever piece of work. [Sprite] overclocked the internal RC oscillator of an ATtiny45 to 24 MHz. After realizing the PLL running at four times the frequency of the oscillator was right in the middle of the FM band, he set about designing a tiny FM transmitter.

[Sprite_tm] remembered his work on MONOTONE and made a short song for hit ATtiny. The firmware for the build takes the notes from his song and varies the 96 MHz PLL frequency a tiny bit, thereby serving as a tiny FM transmitter.

Does it work? Well, if you want to compare it to a Mister Microphone, the range is incredibly limited. That being said it works. It’s an FM transmitter built out of a microcontroller and a battery, and that’s very impressive. Check out [Sprite_tm]‘s demo after the break.

[Read more...]

Automated Judging Of Hackaday Prize Entries

cock

We have some of the Internet’s hacking elite judging The Hackaday Prize, and that means they can’t enter any projects into the prize. All the better for everyone else, we suppose. One of the judges, [Sprite_tm], is a resourceful guy and when it comes to judging the entries for The Hackaday Prize, he’s going to do what comes naturally to him: build a machine to automate the task.

[Sprite]‘s plan for the JudgeTron 9001 is to use neural networks embedded in biological specimens to do the judging for him. Honestly, we really appreciate the effort he put in to this; biohacking is really in vogue right now, and we do love the classic throwback to the AI renaissance here. It certainly doesn’t hurt that he’s using a Raspberry Pi and an Arduino for this project, either.

Grabbing a touchscreen LCD and a few other parts out of his junk drawer, [Sprite] quickly whipped up a project that would display entries to The Hackaday Prize to the biologically embedded neural nets. These nets needed a little bit of encouragement to select winning entries, so a ‘feed’ back mechanism was laser cut out of acrylic, mounted to a servo, and filled with positive reinforcement.

The software running on the Pi crawls through the list of entries to The Hackaday Prize, extracting images from each one. The plan was for the biological neural nets to select winning entries and be rewarded via the feedback mechanism. These neural nets proved to be very sensitive to the sound of the servo gears of the feedback mechanism, and [Sprite]‘s attempt at finding a winning entry with his creation has so far proved unsuccessful. Still, there’s a video of it in action, you can check that out below.

[Read more...]

Homebrew NSA Bugs

NSA

Thanks to [Edward Snowden] we have a huge, publicly available catalog of the very, very interesting electronic eavesdropping tools the NSA uses. Everything from incredibly complex ARM/FPGA/Flash modules smaller than a penny to machines that can install backdoors in Windows systems from a distance of eight miles are available to the nation’s spooks, and now, the sufficiently equipped electronic hobbyist can build their own.

[GBPPR2] has been going through the NSA’s ANT catalog in recent months, building some of the simpler radio-based bugs. The bug linked to above goes by the codename LOUDAUTO, and it’s a relatively simple (and cheap) radar retro-reflector that allows anyone with the hardware to illuminate a simple circuit to get audio back.

Also on [GBPPR2]‘s build list is RAGEMASTER, a device that fits inside a VGA cable and allows a single VGA color channel to be viewed remotely.

The basic principle behind both of these bugs is retroreflection, described by the NSA as a PHOTOANGLO device. The basic principle behind these devices is a FET in the bug, with an antenna connected to the drain. The PHOTOANGLO illuminates this antenna and the PWM signal sent to the gate of the FET modulates the returned signal. A bit of software defined radio on the receiving end, and you have your very own personal security administration.

It’s all very cool stuff, but there are some entries in the NSA catalog that don’t deal with radio at all. One device, IRATEMONK, installs a backdoor in hard drive controller chips. Interestingly, Hackaday favorite and current Hackaday Prize judge [Sprite_TM] did something extremely similar, only without, you know, being really sketchy about it.

While we don’t like the idea of anyone actually using these devices, the NSA ANT catalog is still fertile ground for project ideas.

[Read more...]

Micro-Robots Made at Home, Who Needs DARPA Funding?

microbots

We love it when this happens. Sometimes we post about cool technology that companies are developing which might start an outcry of “not a hack” — but then, just sometimes, it still inspires a few readers. [Jeroen Domburg] — who everyone knows as [Sprite_TM] and is a judge for The Hackaday Prize] — saw a recent video about micro robots, a project funded by DARPA, and decided to try making his own.

We shared the original story a few months ago about these replicator like micro-robots, which can quite literally swarm over surfaces, use tools, and manufacture micro-sized parts. The robots themselves are actually just dumb little magnets — the magic is in the surface underneath them.

This sparked an interest in several people, and [Mike] made a very simple version of it, capable of 1-dimensional movement. This inspired [Sprite_TM] to step it up a notch, with his own 2-dimensional version. He’s designed his own PCB that allows him to run current in various directions through the traces of the board — this effectively allows him to control a small neodymium magnet to go whichever way he wants.

[Read more...]

Follow

Get every new post delivered to your Inbox.

Join 91,428 other followers