Finding a Cheaper USB to Serial Chips

FTDI-gate wasn’t great for anybody, and now with hardware hobbyists and technological tinkerers moving away from the most popular USB to serial adapter, some other chip has to fill the void. The cheapest USB to serial chip on the market appears to be the CH340G, available for 20-40 cents apiece from the usual retailers. There is, however, almost no English documentation, and the datasheet for the CH340 family doesn’t include this chip. [Ian]’s here to help you out. He got his mitts on a few of these chips and managed to figure out the pinout and a few reference schematics. He even made an Eagle part for you. Isn’t that nice?

The CH340 series of chips do exactly what you would expect them to do: a full-speed USB device that emulates a standard serial interface, with speeds from 50bps to 2Mpbs. The chip supports 5V and 3.3V, and all the weird modem lines are supported. This chip even has an IrDA mode, because wireless communication in the 90s was exactly as rad as you remember.

With [Ian]’s help, we now have a cheap source of USB to serial chips. If you need the datasheet, here you go. The driver is a bit more difficult to find, but what you’re looking for is the CH341 family of chips. That can be found with a little bit of Google fu.

$15 Car Stereo Bluetooth Upgrade

We’ve seen all sorts of ways to implement Bluetooth connectivity on your car stereo, but [Tony’s] hack may be the cheapest and easiest way yet. The above-featured Bluetooth receiver is a measly $15 over at Amazon (actually $7.50 today—it’s Cyber Monday after all) and couldn’t be any more hacker-friendly. It features a headphone jack for plugging into your car’s AUX port and is powered via USB.

[Tony] didn’t want the receiver clunking around in the console, though, so he cracked it open and went about integrating it directly by soldering the appropriate USB pins to 5V and GND on the stereo. There was just one catch: the stereo had no AUX input. [Tony] needed to rig his own, so he hijacked the CD player’s left and right audio channels (read about it in his other post), which he then soldered to the audio output of the Bluetooth device. After shoving all the bits back into the dashboard, [Tony] just needed to fool his stereo into thinking a CD was playing, so he burned a disc with 10 hours of silence to spin while the tunes play wirelessly. Nice!

Turn Cordless Tool Batteries into USB Chargers

It is the unspoken law of cordless tools – eventually you will have extra batteries lying around from dead tools that are incompatible with your new ones. Some people let them sit in lonesome corners of the garage or basement; others recycle them. [Eggmont] was facing this dilemma with a Makita battery from a broken angle grinder and decided to make a USB charger out of it.

[Eggmont] took the simplistic approach, using an old cigarette lighter-to-USB adapter. First, [Eggmont] removed the battery connector from the bottom of the broken angle grinder. Next, the casing surrounding the cigarette lighter plug was removed so that the adapter’s wires could be soldered to the contacts on the battery connector.  The USB ports were then glued onto the top of the connector. The adapter was rated 9-24V input, so it was fine to use it with the 18V tool battery. Since the battery connector is still removable, the battery can be recharged.

Tool manufacturers are tapping into the market of repurposing old batteries for charging mobile devices. Both DeWalt and Milwaukee Tool have now created their own USB adapters that connect to their batteries. Or, you can purchase the Kickstarter-funded PoweriSite adapter for DeWalt batteries instead. Compared to their cost, [Eggmont’s] project is very economical if you already have the battery at hand – you can find the USB adapter for less than $10 on Amazon.

Discovering the Protocol in a USB VoIP Phone

[Daniel] picked up a cheap USB handset to use with his VoIP provider, and included in the box was a CD with all the software that would make this handset work with Windows. [Daniel] is running Linux on his main battlestation, rendering the included CD worthless. Using the handset under Linux would be a problem; although the speaker and mic worked, the buttons and screen did not. No problem, then: [Daniel] just played around with the command line until he figured it out.

The handset presented itself to the Linux box as a soundcard and HID device. The soundcard was obviously the speaker and mic, leaving the buttons and display as the HID device. [Daniel] checked this out by running a hexdump on the HID device and pressed a few buttons. His suspicions were confirmed, and he could easily read the button with a little bit of Python.

With the speaker, mic, and buttons on the handset figured out, [Daniel] turned his attention to the one bit of electronics on the phone he hadn’t yet conquered: the display. After firing some random data at the phone, the display blinked and showed a messy block of pixels, confirming the display was controlled through the HID driver. Loading up usbsnoop to see what the original software does to update the screed showed [Daniel] the data format the display accepts, allowing him to control everything in this VoIP phone.

Dual-mode Avalanche and RF Random Number Generator

[Paul] designed a new open-hardware RNG (random number generator) that includes two sources of entropy in a small package. The first source of entropy is a typical avalanche diode circuit, which is formed by a pair of transistors. This circuit creates high-speed random pulses which are sampled by the onboard microcontroller.

What makes this design unique is a second entropy source: a CC2531 RF receiver. The RF receiver continuously skips around channels in the 2.5Ghz band and measures the RF signal level. The least-significant bit of the signal level is captured and used as a source of entropy. The firmware can be configured to use either source of entropy individually, or to combine both. The firmware also supports optionally whitening the entropy byte stream, which evens out the number of 1’s and 0’s without reducing entropy.

The OneRNG uses the USB-CDC profile, so it shows up as a virtual serial port in most modern operating systems. With the rngd daemon and a bit of configuration, the OneRNG can feed the system entropy source in Linux. [Paul] also has a good writeup about the theory behind the entropy generator which includes images of his schematic. Firmware, drivers, and hardware design files are open-source and are available for download.

Walkman-esque Human Interface Device

Cheap keyboards never come with extra buttons, and for [Pengu MC] this was simply unacceptable. Rather than go out and buy a nice keyboard, a microcontroller was found in the parts drawer and put to work building this USB multimedia button human interface device that has the added bonus of looking like an old-school Walkman.

The functions that [Pengu MC] wants don’t require their own drivers. All of the buttons on this device are part of the USB standard for keyboards: reverse, forward, play/pause, and volume. This simplifies the software side quite a bit, but [Pengu MC] still wrote his own HID descriptors, tied all of the buttons to the microcontroller, and put it in a custom-printed enclosure.

If you’re looking to build your own similar device, the Arduino Leonardo, Micro, or Due have this functionality built in, since the USB controller is integrated on the chip with everything else. Some of the older Arduinos can be programmed to do the same thing as well! And, with any of these projects, you can emulate any keypress that is available, not just the multimedia buttons.

FTDI Screws Up, Backs Down

A few days ago we learned chip maker FTDI was doing some rather shady things with a new driver released on Windows Update. The new driver worked perfectly for real FTDI chips, but for counterfeit chips – and there are a lot of them – the USB PID was set to 0, rendering them inoperable with any computer. Now, a few days later, we know exactly what happened, and FTDI is backing down; the driver has been removed from Windows Update, and an updated driver will be released next week. A PC won’t be able to communicate with a counterfeit chip with the new driver, but at least it won’t soft-brick the chip.

Microsoft has since released a statement and rolled back two versions of the FTDI driver to prevent counterfeit chips from being bricked. The affected versions of the FTDI driver are 2.11.0 and 2.12.0, released on August 26, 2014. The latest version of the driver that does not have this chip bricking functionality is 2.10.0.0, released on January 27th. If you’re affected by the latest driver, rolling back the driver through the Device Manager to 2.10.0.0 will prevent counterfeit chips from being bricked. You might want to find a copy of the 2.10.0 driver; this will likely be the last version of the FTDI driver to work with counterfeit chips.

Thanks to the efforts of [marcan] over on the EEVblog forums, we know exactly how the earlier FTDI driver worked to brick counterfeit devices:

ftdi_evil

[marcan] disassembled the FTDI driver and found the source of the brick and some clever coding. The coding exploits  differences found in the silicon of counterfeit chips compared to the legit ones. In the small snippet of code decompiled by [marcan], the FTDI driver does nothing for legit chips, but writes 0 and value to make the EEPROM checksum match to counterfeit chips. It’s an extremely clever bit of code, but also clear evidence FTDI is intentionally bricking counterfeit devices.

A new FTDI driver, presumably one that will tell you a chip is fake without bricking it, will be released next week. While not an ideal outcome for everyone, at least the problem of drivers intentionally bricking devices is behind us.