Saving an Alarm System Remote and $100

[Simon] has been using his home alarm system for over six years now. The system originally came with a small RF remote control, but after years of use and abuse it was finally falling apart. After searching for replacement parts online, he found that his alarm system is the “old” model and remotes are no longer available for purchase. The new system had similar RF remotes, but supposedly they were not compatible. He decided to dig in and fix his remote himself.

He cracked open the remote’s case and found an 8-pin chip labeled HCS300. This chip handles all of the remote’s functions, including reading the buttons, flashing the LED, and providing encoded output to the 433MHz transmitter. The HCS300 also uses KeeLoq technology to protect the data transmission with a rolling code. [Simon] did some research online and found the thew new alarm system’s remotes also use the same KeeLoq technology. On a hunch, he went ahead and ordered two of the newer model remotes.

He tried pairing them up with his receiver but of course it couldn’t be that simple. After opening up the new remote he found that it also used the HCS300 chip. That was a good sign. The manufacturer states that each remote is programmed with a secret 64-bit manufacturer’s code. This acts as the encryption key, so [Simon] would have to somehow crack the key on his original chip and re-program the new chip with the old key. Or he could take the simpler path and swap chips.

A hot air gun made short work of the de-soldering and soon enough the chips were in place. Unfortunately, the chips have different pinouts, so [Simon] had to cut a few traces and fix them with jumper wire. With the case back together and the buttons in place, he gave it a test. It worked. Who needs to upgrade their entire alarm system when you can just hack the remote?

Wireless Weather Station

High schooler [Vlad] spent about a year building up his battery-operated, wireless weather station. Along the way, not only has he learnt a lot and picked up useful skills, but also managed to blog his progress.

The station measures temperature, humidity, pressure and battery voltage, and he plans to add sensors for wind speed, wind direction and rainfall soon. It is powered via a solar panel and can run on a charged battery for a full month. The sensor module transmits data to a remote receiver connected to a computer from where it is published to the internet. Barometric pressure is measured using the BMP180 and the DHT22 provides temperature and humidity values. The link between the transmit and receive sections uses a 433MHz Superhetrodyne RF Kit which gives [Vlad] a range of 50m. There’s an ATMega328 on the transmitter and receiver side. He’s taking measurements once every 12 minutes, and putting the micro controller in low power mode using the Rocket Scream Low Power Library. A 5W, 12V solar panel charges the 6V Lead Acid battery via a LM317 based charge circuit. This ensures the battery gets charged even when the solar panel is not receiving optimal radiation. One hour of sunlight provides enough charge to keep it going for 2 days. And a fully charged battery will keep it running for a full month even when there’s no sunlight.

The server software consists of two parts. The first pushes serial data to a mySQL database. This is written in Visual Studio C# using help from Oracle mySQL connector. The second part publishes the entries in the mySQL database to the web server. This is written in php, and uses  Libchart for graphing. He’s got the code, schematics, parts list and a lot of other information available for download on his blog. There’s a couple of items pending on his to-do list, so if you have any tips to offer post your comments below.

Hacking A Wireless AC Power Outlet

It’s always nice to see hackers pick up stuff headed for the landfill and put it back in action with a quick repair and upgrade. [Septillion] found a wireless remote controlled AC outlet in the junk bin and decided to do just that. A nice spin-off of such hacks is that we end up learning a lot about how things work.

His initial tests showed that the AC outlet and its remote could be revived, so he set about exploring its guts. These remote AC outlets consist of an encoder chip on the remote and a corresponding decoder chip on the outlet, working at 433MHz.  Since the various brands in use have a slightly different logic, it needed some rework to make them compatible. The transmit remote was a quick fix – changing the DIP switch selected address bits from being pulled low to high and swapping the On and Off buttons to make it compatible with the other outlets.

Working on the AC outlet requires far more care and safety. The 230V AC is dropped down using a series capacitor, so the circuit is “hot” to touch. Working on it when it is powered up requires extreme caution. A quick fix would have been to make the changes to the address bits and the On/Off buttons to reflect the changes already made in the remote transmitter. Instead, he breadboarded a small circuit around the PIC12F629 microcontroller to take care of the data and address control. Besides, he wanted to be able to manually switch the AC outlet. The relay control from the decoder was routed via the microcontroller. This allowed either the decoder or the local manual switch from controlling the relay. Adding the PIC also allowed him to program in a few additional modes of operation, including one which doubled the number of outlets he could switch with one remote.

Whiteboard Clock Draws the Time

[Maurice] recently built a clock that draws the time (Google Doc) on a white board. We’ve seen plenty of clock hacks in the past, and even a very similar one. It’s always fun to see the different creative solutions people can come up with to solve the same problem.

This device runs on a PIC16F1454 microcontroller. The code for the project is available on GitHub. The micro is also connected to a 433MHz receiver. This allows a PC to keep track of the time, instead of having to include a real-time clock in the circuit. The USB connector is only used for power. All of the mounting pieces were designed in OpenSCAD and printed on a 3D printer. Two servos control the drawing arms. A third servo can raise and lower the marker to the whiteboard. This also has the added benefit of being able to place the marker tip inside of an eraser head. That way the same two servos can also erase the writing.

The communication protocol for this systems is interesting. The transmitter shows up on [Maurice’s] PC as a modem. All he needs to do to update the time is “echo 12:00 > /dev/whiteboard”. In this case, the command is run by a cron job every 5 minutes. This makes it easy to tweak the rate at which the time updates on the whiteboard. All communication is done one-way. The drawing circuit will verify the checksum each time it receives a message. If the check fails, the circuit simply waits for another message. The computer transmits the message multiple times, just in case there is a problem during transmission.

Using MATLAB and SDR to Reverse Engineer 433MHz Messages

Hackers everywhere are having a lot of fun with SDR – as is obvious from the amount of related posts here on Hackaday. And why not, the hardware is cheap and easily available. There are all kinds of software tools you can use to dig in and explore, such as SDR# , Audacity, HDSDR and so on. [illias] has been following SDR projects for a while, which piqued his interest enough for him to start playing with it. He didn’t have any real project in mind so he focused on studying the methodology and the tools available for analyzing 433MHz RF transmission. He describes the process of using MATLAB to recover the transmissions being received by the SDR

He started off by studying the existing tools available to uncover the details of the protocol. The test rig uses an Arduino UNO with the rc-switch library to transmit via a common and inexpensive 433MHz module. SDR# is used to record the transmissions and Audacity allows [illias] to visualize the resulting .wav files. But the really interesting part is where he documents the signal analysis using MATLAB.

He used the RTL-SDR package in conjunction with the Communications System Toolbox to perform spectrum analysis, noise filtering and envelope extraction. MATLAB may not be the easiest to work with, nor the cheapest, but its powerful features and the fact that it can easily read data coming from the SDR makes it an interesting tool. For the full skinny on what this SDR thing is all about, check out Why you should care about Software Defined Radio.

WiFi Controlled Power Outlets with Raspberry Pi

[Tim] was looking for a way to control his power outlets using WiFi. He looked into purchasing a WeMo but he realized that he could build something even better with more bang for his buck. He started out by purchasing a five pack of Etekcity wireless remote control outlet switches. These are kind of like the WeMo, only they aren’t controlled via WiFi. Instead, they come with an RF controller. [Tim] just needed to find a way to bridge the gap between the RF remote and WiFi.

[Tim] decided to use a Raspberry Pi as the brains of the controller. He also purchased a SMAKN 433MHz RF receiver and transmitter for communicating with the wireless outlet switches. The wiring for the modules is pretty simple. There are only four wires. There are power and ground wires for each module. Then the transmitter needs two GPIO pins while the receiver only needs one.

[Tim] began with a fresh installation of Raspbian. He then installed Wiring Pi, which gives you the ability to interface with the GPIO pins in a way that is similar to Arduino. He also installed Apache and PHP to create a web interface for switching the outlets. The last step was to write some custom software. The software included a script that allowed [Tim] to sniff out the controls of his RF remote. The correct codes are entered into the “toggle.php” file, and everything is set. All [Tim] has to do now is browse to his Pi’s web server and click a button. All of the custom code is available via git.

Binary Clock Would Make Doc Brown Proud

[Brett] was looking for a way to improve on an old binary clock project from 1996. His original clock used green LEDs to denote between a one or a zero. If the LED was lit up, that indicated a one. The problem was that the LEDs were too dim to be able to read them accurately from afar. He’s been wanting to improve on his project using seven segment displays, but until recently it has been cost prohibitive.

[Brett] wanted his new project to use 24 seven segment displays. Three rows of eight displays. To build something like this from basic components would require the ability to switch many different LEDs for each of the seven segment displays. [Brett] instead decided to make things easier by using seven segment display modules available from Tindie. These modules each contain eight displays and are controllable via a single serial line.

The clock’s brain is an ATmega328 running Arduino. The controller keeps accurate time using a DCF77 receiver module and a DCF77 Arduino library. The clock comes with three display modes. [Brett] didn’t want and physical buttons on his beautiful new clock, so he opted to use remote control instead. The Arduino is connected to a 433MHz receiver, which came paired with a small remote. Now [Brett] can change display modes using a remote control.

A secondary monochrome LCD display is used to display debugging information. It displays the time and date in a more easily readable format, as well as time sync information, signal quality, and other useful information. The whole thing is housed in a sleek black case, giving it a professional look.