Reverse Engineering A BLE Service To Control A Light Bulb

So, you buy an Internet of Things light bulb, it’s a fun toy that allows you to bathe your environment in pretty colours at the touch of an app, but eventually you want more. You start to wonder how you might do more with it, and begin to investigate its inner workings. Then to your horror you discover that far from having bought a device with a convenient API for you to use, it has an impenetrable closed protocol that defies easy access.

This was the problem facing [Ayan Pahwa] when he bought a Syska Smartlight Rainbow LED bulb, and discovered that its Bluetooth Low Energy  interface used a closed protocol. But instead of giving up, he proceeded to reverse engineer the communication between bulb and app, and his write-up makes for an interesting read that provides a basic primer on some of BLE’s workings for the uninitiated.

BLE allows a device manufacturer to define their own device service specific to their functionality alongside standard ones for common device types. Using a handy Android app from Nordic Semiconductor he was able to identify the services defined for the light bulb, but sadly they lacked any human-readable information to help him as to their purpose. He thus had to sniff BLE packets directly, and lacking dedicated hardware for this task he relied on a developer feature built into Android versions since KitKat, allowing packets to be captured and logged. By analysing the resulting packet files he was able to identify the Texas Instruments chip inside the bulb, and to deduce the sequences required to control its colours. Then he was able to use the Bluez utilities to talk directly to it, and as if by magic, his colours appeared! Take a look at the video we’ve placed below the break.

Many of us may never need to reverse engineer a BLE device. But if we are BLE novices, after reading [Ayan]’s piece we will at least have some idea of its inner workings. And that can only be a positive thing.

Continue reading “Reverse Engineering A BLE Service To Control A Light Bulb”

Hackaday Prize Entry: Dongle For A Headless Pi

Mass production means that there’s a lot of great hardware out there for dirt cheap. But it also means that the manufacturer isn’t going to spend years working on the firmware to squeeze every last feature out of it. Nope, that’s up to us.

[deqing] took a Bluetooth Low Energy / USB dongle and re-vamped the firmware to turn it into a remote keyboard and mouse, and then wrote a phone app to control it. The result? Plug the USB dongle in, and the computer thinks it sees a keyboard and mouse. Connect the phone via BLE, and you’re typing — even if you don’t have your trusty Model F by your side.

[Deqing] points out that ergonomics and latency will make you hate using this in the long term, but it’s just meant to work until you’ve got SSH up and running on that headless single-board Linux thing. If you’ve ever worked with the USB or BLE specifications, you can appreciate that there’s a bit of work behind the scenes in making everything plug and play, and the web-based interface is admirably slick.

Kudos, [deqing]!

ESP32 Mini Robot Packs Sensors and 4WD

[Stefan]’s Mini WiFi/BLE 4WD robot platform (seen next to a matchbox above) packs an impressive capability into a tiny rover. It’s based on a SparkFun ESP32 Thing, a very compact way to add wireless control to your project. Compare it to some giant old UNO with a WiFi shield, these boards are small but powerful, as well as an easy adoption for Arduino fans.

[Stefan] beefed up the robot with a BNO055 module to determine orientation, an APDS-9930 proximity sensor, as well as four CNY70 IR proximity sensors on the bottom, used for line-following. A pair of 6 V motors move the robot, with a DC-DC step up converter boosting the LiPo’s 3.7 V. It’s impressive how many components [Stefan] crammed inside the shell; they’re all packed in there snugly.

The concept behind the robot is that it’s a generic platform that could be customized as needed, and [Stefan] has versions with a LEGO dart gun as well as a camera. The robot’s code resides on GitHub and the custom 3D-printed chassis is up on Thingiverse.

If you like ESP32 projects you should be sure to check out the Monster Board and the Hamster Tracker we posted recently.

Smart Child Seat Aims to Prevent Tragedy

For most of us, a memory lapse is as harmless as forgetting to bring the garbage to the curb, or maybe as expensive as leaving a cell phone and cup of coffee on the roof of the car before driving off. But when the toddler sleeping peacefully in the car seat slips your mind in the parking lot, the results can be deadly.

We have no doubt that child detection systems will soon be standard equipment on cars, like backup cameras and trunk-escape levers are now. Not willing to wait, [ayavilevich] came up with his own car occupancy sensor for child seats (Update: We originally linked to the Instructable but [ayavilevich] wrote in and mentioned this is actual Hackaday Prize entry and he’s looking for more people to get involved in the project).

Dubbed Fochica, for “Forgotten Child in Car Alert,” the system is clearly a proof of concept right now, but it has potential. The Arduino Uno senses Junior’s presence in the car seat with a homebrew capacitive sensor under the padding of the seat and a magnetic reed switch in the chest harness buckle. An Android app on a smartphone pairs with a BLE module to get the sensors’ status, and when the phone goes out of Bluetooth range while the seat is occupied, the app sounds an alarm. Simple, but effective.

We like how well [ayavilevich] thought this through. Systems like this are best left uncomplicated, so any improvements he makes should probably concentrate on engineering a reliable, fieldable device. Another hack we’ve presented in the kid-safety space is fast stairwell lights for a visually impaired girl, which might provide some ideas.

Continue reading “Smart Child Seat Aims to Prevent Tragedy”

Hacking a Dollar Store Bluetooth Device

Hardware hackers are always looking for devices to tear apart and scavenge from. It’s hardly a secret that purchasing components individually is significantly more expensive than the minuscule cost per unit that goes along with mass manufacturing. Bluetooth devices are no exception. Sure, they’re not exactly a luxury purchase anymore, but they’re still not dirt cheap either.

Luckily for [Troy Denton], it seems dollar stores have started carrying a Bluetooth camera shutter for just a few dollars (it was three bucks, perhaps the dollar store actually means divisible-by). The device is designed to pair with a smart phone, and has two buttons allowing you to control the camera from afar. The fact that it works at all at that price is a small miracle, but the device also has potential for hacking that adds to its appeal. Continue reading “Hacking a Dollar Store Bluetooth Device”

Sniffing Bluetooth Devices With A Raspberry Pi

Hackaday was at HOPE last weekend, and that means we got the goods from what is possibly the best security conference on the east coast. Some of us, however, were trapped in the vendor area being accosted by people wearing an improbable amount of Mr. Robot merch asking, ‘so what is Hackaday?’. We’ve all seen The Merchants Of Cool, but that doesn’t mean everyone was a vapid expression of modern marketing. Some people even brought some of their projects to show off. [Jeff] of reelyActive stopped by the booth and showed off what his team has been working on. It’s a software platform that turns all your wireless mice, Fitbits, and phones into a smart sensor platform using off the shelf hardware and a connection to the Internet.

[Jeff]’s demo unit (shown above) is simply a Raspberry Pi 3 with WiFi and Bluetooth, and an SD card loaded up with reelyActive’s software. Connect the Pi to the Internet, and you have a smart space that listens for local Bluetooth devices and relays the identity and MAC address of all Bluetooth devices in range up to the Internet.

The ability to set up a hub and detect Bluetooth devices solves the problem Bluetooth beacons solves — identifying when people enter a space, leave a space, and with a little bit of logic where people are located in a space — simply by using what they’re already wearing. Judging from what [Jeff] showed with his portable reelyActive hub (a Pi and a battery pack) a lot of people at HOPE are wearing Fitbits, wireless headphones, and leaving the Bluetooth on the phone on all the time. That’s a great way to tell where people are, providing a bridge between the physical world and the digital.

Homemade Smart Glasses shows why Smart Glasses are Hard

[Harris Shallcross] decided to build a pair of smart glasses and recently completed a first prototype of his project ‘Ochi’ – an STM32 based, BLE-connected, OLED eyeglass display. There are of course several homebrew smart glasses projects out there; many are more polished-looking and nearly all of them also display information from a smartphone over Bluetooth. This one is interesting partly because it highlights many of the design challenges that smart glasses and other near-eye displays face. It also demonstrates the iterative development process: begin by getting something working to learn what does and doesn’t cut it at a basic level, and don’t optimize prematurely; let the process bring problems to the surface.

Ochi-1 Smart Glasses BBC feed SquareFor his project, [Harris Shallcross] used a small 0.95″ diagonal 96×64 color OLED as the display. The lens is from a knockoff Google Cardboard headset, and is held in a 3D printed piece that slides along a wire rail to adjust focus. The display uses a custom font and is driven by an STM32 microcontroller on a small custom PCB, with an HM11 BLE module to receive data wirelessly. Power is provided by a rechargeable lithium-ion battery with a boost converter. An Android app handles sending small packets of data over Bluetooth for display. The prototype software handles display of time and date, calendar, BBC news feed, or weather information.

Devices like these have a lot to deal with. Weight and distribution of that weight is a concern, the size and comfort of the optics is important, and displaying data on a small OLED is only part of the battle – choosing what information to display and when are vital to the device being actually useful in any way, otherwise it’s just a tech demo.

This project set out to show whether it was possible to use the parts listed to make a glasses mounted smart display that was at least somewhat functional, and the software to support it. Clearly, [Harris Shallcross] succeeded at that, but what really showcases the development process is his list of improvements – what he decided needs to go into a second version, and why. One of those goals is to improve the optics; perhaps there’s something to learn from The $60 Bluetooth Head Mounted Display project, which used a similar OLED and a prism to locate the display off to the side instead of in front.