Raspberry Pi Zero as a USB Stick

The Raspberry Pi Zero is small enough that it could almost be mistaken for a USB gadget, rather than a standalone computer. Maybe that was the inspiration that drove [Novaspirit] to completely “donglify” his Zero.

This is a great convenience hack if you’ve got a Zero just kicking around. With minimal soldering, he converted the Zero’s onboard female USB jacks into a male USB plug. From there on out, it’s all software, and the video (embedded below) takes you through all the steps on Windows.

Continue reading “Raspberry Pi Zero as a USB Stick”

This Miniscule IR to HID Keyboard Hides in a Key Cap

Shards of silicon these days, they’re systematically taking what used to be rather complicated and making it dead simple in terms of both hardware and software. Take, for instance, this IR to HID Keyboard module. Plug it into a USB port, point your remote control at it, and you’re sending keyboard commands from across the room.

To do this cheaply and with a small footprint used to be the territory of bit-banging software hacks like V-USB, but recently the low-cost lines of microcontrollers that are anything but low-end have started speaking USB in hardware. It’s a brave new world.

In this case we’re talking about the PIC18F25J50 which is going to ring in at around three bucks in single quantity. The other silicon invited to the party is an IR receiver (which demodulates the 38 kHz carrier signal used by most IR remotes) with a regulator and four passives to round out the circuit. the board is completely single-sided with one jumper (although the IR receiver is through-hole so you don’t quite get out of it without drilling). All of this is squeezed into a space small enough to be covered by a single key cap — a nice touch to finish off the project.

[Suraj] built this as a FLIRC clone — a way to control your home-built HTPC from the sofa. Although we’re still rocking our own HTPC, it hasn’t been used as a front-end for many years. This project caught our attention for a different reason. We want to lay down a challenge for anyone who is attending SuperCon (or not attending and just want to show off their chops).

This is nearly the same chip as you’ll find on the SuperCon badge. That one is a PIC18LF25K50, and the board already has an IR receiver on it. Bring your PIC programmer and port this code from MikroC over to MPLAB X for the sibling that’s on the badge and you’ll get the hacking cred you’ve long deserved.

[via Embedded Lab]

Glitching USB Firmware for Fun

[Micah Elizabeth Scott], aka [scanlime], has been playing around with USB drawing tablets, and got to the point that she wanted with the firmware — to reverse engineer, see what’s going on, and who knows what else. Wacom didn’t design the devices to be user-updateable, so there aren’t copies of the ROMs floating around the web, and the tablet’s microcontroller seems to be locked down to boot.

With the easy avenues turning up dead ends, that means building some custom hardware to get it done and making a very detailed video documenting the project (embedded below). If you’re interested in chip power glitching attacks, and if you don’t suffer from short attention span, watch it, it’s a phenomenal introduction.

Continue reading “Glitching USB Firmware for Fun”

Taking a U2F Hardware Key from Design to Production

Building a circuit from prototyping to printed circuit board assembly is within the reach of pretty much anyone with the will to get the job done. If that turns out to be something that everyone else wants, though, the job gets suddenly much more complex. This is what happened to [Conor], who started with an idea to create two-factor authentication tokens and ended up manufacturing an selling them on Amazon. He documented his trials and tribulations along the way, it’s both an interesting and perhaps cautionary tale.

[Conor]’s tokens themselves are interesting in their simplicity: they use an Atmel ATECC508A specifically designed for P-256 signatures and keys, a the cheapest USB-enabled microcontroller he could find: a Silicon Labs EFM8UB1. His original idea was to solder all of the tokens over the course of one night, which is of course overly optimistic. Instead, he had the tokens fabricated and assembled before being shipped to him for programming.

Normally the programming step would be straightforward, but using identical pieces of software for every token would compromise their security. He wrote a script based on the Atmel chip and creates a unique attestation certificate for each one. He was able to cut a significant amount of time off of the programming step by using the computed values with a programming jig he built to flash three units concurrently. This follows the same testing and programming path that [Bob Baddeley] advocated for in his Tools of the Trade series.

From there [Conor] just needed to get set up with Amazon. This was a process worthy of its own novel, with Amazon requiring an interesting amount of paperwork from [Conor] before he was able to proceed. Then there was an issue of an import tariff, but all-in-all everything seems to have gone pretty smoothly.

Creating a product from scratch like this can be an involved process. In this case it sounds like [Conor] extracted value from having gone through the entire process himself. But he also talks about a best-case-scenario margin of about 43%. That’s a tough bottom line but a good lesson anyone looking at building low-cost electronics.

A Real Turn Off

[Newbrain] had a small problem. He’d turn off the TV, but would leave the sound system turned on. Admittedly, not a big problem, but an annoyance, none the less. He realized the TV had a USB port that went off when it did, so he decided to build something that would sense when the USB port died and fake a button press into the amplifier.

He posted a few ideas online and, honestly, the discussion was at least as interesting as the final project. The common thread was to use an optoisolator to sense the 5 V from the USB port. After that, everyone considered a variety of ICs and discretes and even did some Spice modeling.

In the end, though, [Newbrain] took the easy way out. An ATtiny 84 is probably overkill, but it easy enough to press into service. With only three other components, he built the whole thing into a narrow 24-pin socket and taped it to the back of the audio unit’s wired remote control.

Continue reading “A Real Turn Off”

Custom Gaming Keypad Developed with PSoC and Fusion 360

There was a time when building something yourself probably meant it didn’t look very much like a commercial product. That’s not always a bad thing. We’ve seen many custom builds that are nearly works of art. We’ve also seen plenty of builds that are–ahem–let’s say were “hacker chic”.

[AlexanderBrevig] decided to take on a project using a PSoC development board he picked up. In particular, he wanted to build a custom game keypad. He prototyped a number of switches with the board and got the firmware working so that the device looks like a USB HID keyboard.

Continue reading “Custom Gaming Keypad Developed with PSoC and Fusion 360”

The USB Killer Now Has Commercial Competition

With a proliferation of USB Flash disk drives has come a very straightforward attack vector for a miscreant intent on spreading malware onto an organisation’s computer network. Simply drop a few infected drives in the parking lot, and wait for an unsuspecting staff member to pick one up and plug it into their computer. The drives are so familiar that to a non-tech-savvy user they appear harmless, there is no conscious decision over whether to trust them or not.

A diabolical variant on the exploit was [Dark Purple]’s USB Killer. Outwardly similar to a USB Flash drive, it contains an inverter that generates several hundred volts from the USB’s 5 volts, and repeatedly discharges it into the data lines of whatever it is plugged into. Computers whose designers have not incorporated some form of protection do not last long when subjected to its shocking ministrations.

Now the original has a commercial competitor, in the form of Hong Kong-based usbkill.com. It’s a bit cheaper than the original, but that it has appeared at all suggests that there is an expanding market for this type of device and that you may be more likely to encounter one in the future. They are also selling a test shield, an isolated USB port add-on that allows the device to be powered up without damaging its host.

From the hardware engineer’s point of view these devices present a special challenge. We are used to protecting USB ports from high voltage electrostatic discharges with TVS diode arrays, but those events have an extremely high impedance and the components are not designed to continuously handle low-impedance high voltages. It’s likely that these USB killers will result in greater sales of protection thermistors and more substantially specified Zener diodes in the world of USB interface designers.

We covered the original USB Killer prototype when it appeared, then its second version, and finally its crowdfunding campaign. This will probably not be the last we’ve heard of these devices and they will inevitably become cheaper, so take care what you pick up in that parking lot.

[via Extremetech]