echo dot

10 Articles

Root, On An Amazon Echo Dot

July 22, 2023 by 39 Comments

The Amazon Echo has become an indispensable device for many people unconcerned by its privacy implications. It’s easy to forget that it’s not quite a new product anymore, with the oldest examples now long in the tooth enough to no longer receive security updates. A surprise is that far from being mere clients to Amazon cloud services, they in fact run a version of Android. This makes old dots interesting to experimenters, but first is it possible to gain root access? [Daniel B] has managed it, on a second-generation Echo Dot.

In a sense, this is nothing new, as root has previously been achieved on an Echo Dot through means of a patched kernel. Echo devices use a chain of trust boot process in which each successive step must verify the Amazon signing of the previous one. The kernel patch method breaks the ability to reboot the device with root access. [Daniel’s] method bypasses that chain of trust by using a custom pre-loader injected over USB through an exploit.

As an example, [Daniel] created a web server on his Dot, which can serve audio captured by the device. Don’t panic just yet — an analysis of the other security features suggests that this is not the dangerous exploit it might seem. It does however open up these powerful but now pretty cheap devices as potentially usable for other purposes, which can only be a good thing.

We’ve previously brought you [Daniel]’s work freeing the WiFi details from a Dot.

Photo of the Echo Dot PCB, highlighting the capacitor that needs to be shorted out for the exploit to work

Squeezing Secrets Out Of An Amazon Echo Dot

April 1, 2023 by 44 Comments

As we have seen time and time again, not every device stores our sensitive data in a respectful manner. Some of them send our personal data out to third parties, even! Today’s case is not a mythical one, however — it’s a jellybean Amazon Echo Dot, and [Daniel B] shows how to make it spill your WiFi secrets with a bit of a hardware nudge.

There’s been exploits for Amazon devices with the same CPU, so to save time, [Daniel] started by porting an old Amazon Fire exploit to the Echo Dot. This exploit requires tactically applying a piece of tin foil to a capacitor on the flash chip power rail, and it forces the Echo to surrender the contents of its entire filesystem, ripe for analysis. Immediately, [Daniel] found out that the Echo keeps your WiFi passwords in plain text, as well as API keys to some of the Amazon-tied services.

Found an old Echo Dot at a garage sale or on eBay? There might just be a WiFi password and a few API keys ripe for the taking, and who knows what other kinds of data it might hold. From Amazon service authentication keys to voice recognition models and maybe even voice recordings, it sounds like getting an Echo to spill your secrets isn’t all that hard.

We’ve seen an Echo hijacked into an always-on microphone before, also through physical access in the same vein, so perhaps we all should take care to keep our Echoes in a secure spot. Luckily, adding a hardware mute switch to Amazon’s popular surveillance device isn’t all that hard. Though that won’t keep your burned out smart bulbs from leaking your WiFi credentials.

A 2nd gen Amazon Echo Dot inside a 1980s answering machine.

An Echo Dot For The 1980s

October 23, 2021 by 14 Comments

There’s so much obsolete technology out there with great design. It’s really sad to see it end up in the landfill, because even though the insides may be outdated, good design is forever. Take this 1980s Panasonic answering machine, for instance. The smoky plastic of the cassette lid is the perfect screen for Dot, because it lets the light through while hiding the modernity of the thing in the process. Check it out in action after the break.

What [ehans_makes] has written is really more of an overall guide to repurposing old electronics and fighting e-waste in the process. First, they non-destructively figure out what needs to be done to both the old thing and the newer thing to get them to play nicely together — what 3D printed parts need to be added, what can be salvaged and reused from the old thing, and what parts of the old enclosure can be Dremeled away. In this case, [ehans_makes] ended up printing an adapter to be able to re-use the original speaker’s mounting points inside the answering machine, and printed a mount for the Dot as well. The STLs are available if you happen to find the same answering machine at your local thrift store or neighbor’s estate sale.

While we’ve always managed to hold on to the screws when we disassemble something, [ehans_makes] has an even better idea: draw a diagram of where they go, and tape the actual screws to the diagram as you remove them.

Some of the best designs never really existed, at least not on a commercial scale. If you can’t find a cool old enclosure, you can always build one yourself.

Continue reading “An Echo Dot For The 1980s”

Hackaday Podcast 032: Meteorite Snow Globes, Radioactive Ramjet Rockets, Autonomous Water Boxes, And Ball Reversers

August 23, 2019 by No comments

Hackaday Editors Mike Szczys and Elliot Williams recorded this week’s podcast live from Chaos Communication Camp, discussing the most interesting hacks on offer over the past week. I novel locomotion news, there’s a quadcopter built around the coanda effect and an autonomous boat built into a plastic storage bin. The radiation spikes in Russia point to a nuclear-powered ramjet but the idea is far from new. Stardust (well… space rock dust) is falling from the sky and it’s surprisingly easy to collect. And 3D-printed gear boxes and hobby brushless DC motors have reached the critical threshold necessary to mangle 20/20 aluminum extrusion.

Take a look at the links below if you want to follow along, and as always tell us what you think about this episode in the comments!

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (60 MB or so.)

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 032: Meteorite Snow Globes, Radioactive Ramjet Rockets, Autonomous Water Boxes, And Ball Reversers”

Uncovering The Echo Dot’s Hidden USB Port

August 15, 2019 by 62 Comments

If you upgraded to Amazon’s latest Echo Dot, you might have been surprised to find that the diminutive voice assistant had shed its USB port. Earlier models of the Dot used a garden variety micro USB port for power, which hackers eventually figured out also provided a helpful way to snoop around inside the device’s firmware. The fact that the USB port was deleted on the latest Echo Dot in favor of a simple barrel connector for power was seen by some as a sign that Amazon was trying to keep curious owners out of their hardware.

But as [Brian Dorey] shows, all they did was put a bump in the road. While they removed the external USB connector, the traces for it are still on the board waiting to be accessed. Even better, it turns out the USB data lines are connected to the test points located on the bottom of the Dot. All you need is a simple breakout that will connect through the existing opening in the device’s case, and you’ve got your USB port back.

So what can you do with USB on the Echo Dot? Well, not much right now. [Brian] found that the Dot shows up as a Mediatek device under Linux using lsusb, and fastboot can see it and even confirms the presence of a locked bootloader. It’s going to take some work from the community to see how deep this particular rabbit hole goes.

Even if you’re not interested in restoring its USB port, [Brian] has uncovered a wealth of fascinating hardware information about the Echo Dot during his deep-dive. He’s mapped out many of the test points located throughout the device’s PCBs, and found a few interesting points that might be worth further investigation. For example, he found that driving one of the pins high would trigger the Dot to mute its microphones; which could be useful for anyone looking to cover Alexa’s ears.

[Brian] first cracked open the Echo Dot last month, after scoring one for cheap during Amazon’s Prime Day sale. It looks like he’s making fairly rapid progress on unraveling the mysteries of this popular gadget, and we’re very interested in seeing where this research takes us.

Taking A Peek Inside Amazon’s Latest Dot

July 29, 2019 by 37 Comments

Like a million or so other people, [Brian Dorey] picked up a third generation Echo Dot during Amazon’s big sale a couple weeks ago. Going for less than half its normal retail price, he figured it was the perfect time to explore Amazon’s voice assistant offerings. But the low price also meant that he didn’t feel so bad tearing into the thing for our viewing pleasure.

By pretty much all accounts, the Echo Dot line has been a pretty solid performer as far as corporate subsidized home espionage devices go. They’re small, fairly cheap, and offer the baseline functionality that most people expect. While there was nothing precisely wrong with the earlier versions of the Dot, Amazon has used this latest revision of the device to give the gadget a more “premium” look and feel. They’ve also tried to squeeze a bit better audio out of the roughly hockey puck sized device. But of course, some undocumented changes managed to sneak in there as well.

For one thing, the latest version of the Dot deletes the USB port. Hackers had used the USB port on earlier versions of the hardware to try and gain access to the Android (or at least, Amazon’s flavor of Android) operating system hiding inside, so that’s an unfortunate development. On the flip side, [Brian] reports there’s some type of debug header on the bottom of the device. A similar feature allowed hackers to gain access to some of Amazon’s other voice assistants, so we’d recommend hopeful optimism until told otherwise.

The Echo Dot is powered by a quad-core Mediatek MT8516BAAA 64-bit ARM Cortex-A35 processor and the OS lives on an 8GB Samsung KMFN60012M-B214 eMMC. A pair of Texas Instruments LV320ADC3101 ADCs are used to process the incoming audio from the four microphones arranged around the edge of the PCB, and [Brian] says there appears to be a Fairchild 74LCX74 flip-flop in place to cut the audio feed when the user wants a bit of privacy.

Of course, the biggest change is on the outside. The new Dot is much larger than the previous versions, which means all the awesome enclosures we’ve seen for its predecessor will need to be reworked if they want to be compatible with Amazon’s latest and greatest.

State Of The Art Big Mouth Alexa Bass

February 7, 2019 by 9 Comments

Hackers seem intent on making sure the world doesn’t forget that, for a brief shining moment, everyone thought Big Mouth Billy Bass was a pretty neat idea. Every so often we see a project that takes this classic piece of home decor and manages to shoehorn in some new features or capabilities, and with the rise of voice controlled home automation products from the likes of Amazon and Google, they’ve found a new ingredient du jour when preparing stuffed bass.

[Ben Eagan] has recently completed his entry into the Pantheon of animatronic fish projects, and while we’ll stop short of saying the world needed another Alexa-enabled fish on the wall, we’ve got to admit that he’s done a slick job of it. Rather than trying to convince Billy’s original electronics to play nice with others, he decided to just rip it all out and start from scratch. The end result is arguably one of the most capable Billy Bass updates we’ve come across, if you’re willing to consider flapping around on the wall an actual capability in the first place.

The build process is well detailed in the write-up, and [Ben] provides many pictures so the reader can easily follow along with the modification. The short version of the story is that he cuts out the original control board and wires the three motors up to an Arduino Motor Driver Shield, and when combined with the appropriate code, this gives him full control over Billy’s mouth and body movements. This saved him the trouble of figuring out how to interface with the original electronics, which is probably for the better since they looked rather crusty anyway.

From there, he just needed to give the fish something to get excited about. [Ben] decided to connect the 3.5 mm audio jack of an second generation Echo Dot to one of the analog pins of the Arduino, and wrote some code that can tell him if Amazon’s illuminated hockey puck is currently yammering on about something or not. He even added a LM386 audio amplifier module in there to help drive Billy’s original speaker, since that will now be the audio output of the Dot.

A decade ago we saw Billy reading out Tweets, and last year we presented a different take on adding an Alexa “brain” to everyone’s favorite battery powered fish. What will Billy be up to in 2029? We’re almost too scared to think about it. Continue reading “State Of The Art Big Mouth Alexa Bass”