Passive WiFi On Microwatts

A lot of you use WiFi for your Internet of Things devices, but that pretty much rules out a battery-powered deployment because WiFi devices use a lot of juice. Until now. Researchers at the University of Washington have developed a passive WiFi implementation that uses only microwatts per device.

Working essentially like backscatter RFID tags do, each node has a WiFi antenna that can be switched to either reflect or absorb 2.4 GHz radiation. Your cell phone, or any other WiFi device, responds to this backscattered signal. All that’s missing is a nice steady signal to reflect.

passive_wifi-shot0008A single, plugged-in unit provides this carrier wave for multiple WiFi sensor nodes. And here’s the very clever part of the research: to keep the carrier from overwhelming the tiny modulated signal that’s coming from the devices, the plugged-in unit transmits off the desired frequency and the battery-powered units modulate that at just the right difference frequency so that the resulting (mixed) frequency is in the desired WiFi band.

If you’re a radio freak, you’ll recognize the WiFi node’s action being just like a frequency mixer. That’s what the researchers (slightly mysteriously) refer to as the splitting of the analog transmission stage from the digital. The plugged-in unit transmits the carrier, and the low-power nodes do the mixing. It’s like a traditional radio transmitter, but distributed. Very cool.

There’s a bunch more details to making this system work with consumer WiFi, as you’d imagine. The powered stations are responsible for insuring that there’s no collision, for instance. All of these details are very nicely explained in this paper (PDF). If you’re interested in doing something similar, you absolutely need to give it a read. This idea will surely work at lower frequencies, and we’re trying to think of a reason to use this distributed transmitter idea for our own purposes.

And in case you think that all of this RFID stuff is “not a hack”, we’ll remind you that (near-field) RFID tags have been made with just an ATtiny or with discrete logic chips. The remotely-powered backscatter idea expands the universe of applications.

Thanks [Ivan] for the tip!

Continue reading “Passive WiFi On Microwatts”

Giving WiFi To An Apple Newton

The Apple Newton gets a bad rap, partly because of the bad handwriting recognition of the first version of the firmware, and mostly because Steve Jobs hated it. Those who know of the Newton love the Newton; it has an exceptionally well-designed interface, the handwriting recognition is great with updated firmware.

[Jake] has the king of the Newtons – a MessagePad 2100. There’s a hidden port in this machine for a modem card, but Apple never made one. While other Newton aficionados trudge along with old PCMCIA WiFi cards that only support 802.11a without WPA2, [Jake] thought it would be possible to build a modern WiFi card for the Newton. He succeeded, opening the door to modern networking apps on the finest tablet Apple will ever make.

Oddly, this isn’t [Jake]’s first attempt at expanding the capabilities of his Newton. There’s an internal serial port inside the MessagePad 2×00, and a few years ago [Jake] tried to build an internal Bluetooth card. The RF design didn’t work, but with a few more years of experience, [Jake] figured he had the skills for the job.

The critical piece of hardware for this build isn’t an ESP8266 or other common WiFi module. Instead, a WiReach module from ConnectOne was used for the built-in PPP server. This allows legacy hardware to use standard AT modem commands to access a WiFi network. It’s a very interesting module; there is a lot of hardware out there that speaks PPP natively, and a module like this could be a drop-in replacement for a modem.

That said, thanks to unintelligible and ‘Apple Classified’ documentation, getting this card working wasn’t easy. The APIs to access the internal serial slot were never documented, and it took a bit of time with a disassembler to figure out how to address the port correctly.

[Jake] has pushed all the files for his project up to Github. This includes the design files for the PCB, the Newton software that enables WiFi, and a nifty 3D printed port cover that shows off the new wireless capabilities of Apple’s greatest tablet.

BBQ Thermometers Get Serious

You can write with a fifty cent disposable pen. Or you can write with a $350 Montblanc. The words are the same, but many people will tell you there is something different about the Montblanc. Maybe that’s how [armin] feels about meat thermometers. His version uses a Raspberry Pi and has a lengthy feature list:

  • 8 Channel data logging
  • Plotting
  • Webcam (USB or Raspicam)
  • Alarms via a local beeper, Web, WhatsApp, or e-mail
  • Temperature and fan control using a PID
  • LCD display

You can even use a Pi Zero for a light version. There’s plenty of information on, although the full details are only in German for the moment. As you can see in the video below, this isn’t your dollar store meat thermometer.

Even though a disposable pen does the same job as a Montblanc, most of us would rather have a Montblanc (although Hackday would have to hand out some pretty steep raises before we start using the Meisterstück Solitaire Blue Hour Skeleton 149).

We might have done more with an ESP8266 and then done more work on the client, but we have to admit, this is one feature-packed thermometer. We’ve seen simpler ones that use Bluetooth before, along with some hacks of commercial units.

Continue reading “BBQ Thermometers Get Serious”

Cheap WiFi Outlets Reflashed; Found to Use ESP8266

There’s a bunch of simple WiFi-enabled outlets on the market today, and all of these blister-pack goodies seem to have something in common – crappy software. At least from the hacker’s point of view; there always seems to be something that you want to do that the app just doesn’t support. Stuck in this position, [scootermcgoober] did the smart thing and reflashed his cheap IoT outlets.

Although [scooter]’s video is very recent, and he says he got his plugs at Home Depot, we were unable to find them listed for sale at any store near us. Walmart lists the same device for a paltry $15, though, so the price is right for repeating his experiment. The video after the break shows his teardown, which locates all the major components, including a mystery module that was revealed to be an ESP8266 upon decapping. Pins were traced, leads were tacked to his serial-to-USB adapter, and soon new firmware was flashing. [scooter]’s new app is simple, but there’s plenty of room for improvement once you’ve got the keys. All the code is up on GitHub.

WiFi outlets like this and the WeMo have proved to be fertile ground for hacking. Of course, if you’re not into the whole blister-pack thing, you could always roll your own WiFi outlet.

Continue reading “Cheap WiFi Outlets Reflashed; Found to Use ESP8266”

ESP8266 Killer?

We’ve seen rumors floating around the Twittersphere about a new integrated microprocessor and WiFi SOC: the NL6621 from Nufront. Details are still scarce, but that doesn’t seem to be because the chip is vaporware: you could buy modules on and eBay right now for between two-and-a-half and three bucks, and Nufront’s website says they’ve produced a million modules since 2013.

The NL6621 WiFi SOC is powered by a 160 MHz ARM Cortex-M3 with 448 KB of RAM, and everything else is integrated in the SOC. The module has 32 GPIOs, SPI, I2C, I2S digital audio, and most of the peripherals that you’d expect. They say they have a completely open source SDK, but we can’t find a link to it anywhere. An English-language forum has sprung up in anticipation of the next new thing, and they say that they’ve contacted Nufront about the SDK, so that’s probably as good a place as any to lurk around if you’re interested. With an ARM core, it shouldn’t be long before someone gets GCC working on these things anyway.

It’s also worth noting that we’ve announced ESP8266 killers before, and it hasn’t come to pass. The mixture of community and official support that (eventually) came out of Espressif seems to be the main factor determining the ESP8266’s success, and we don’t see that yet with the NL6621. So take the question mark in the title seriously, but if this turns out to be the next big thing, remember where you heard it first, ok?

Thanks [David Hunt] for the tip!

Cheap WiFi Devices are Hardware Hacker Gold

Cheap consumer WiFi devices are great for at least three reasons. First, they almost all run an embedded Linux distribution. Second, they’re cheap. If you’re going to break a couple devices in the process of breaking into the things, it’s nice to be able to do so without financial fears. And third, they’re often produced on such low margins that security is an expense that the manufacturers just can’t stomach — meaning they’re often trivially easy to get into.

Case in point: [q3k] sent in this hack of a tiny WiFi-enabled SD card reader device that he and his compatriots [emeryth] and [informatic] worked out with the help of some early work by [Benjamin Henrion]. The device in question is USB bus-powered, and sports an SD card reader and an AR9331 WiFi SOC inside. It’s intended to supply wireless SD card support to a cell phone that doesn’t have enough on-board storage.

The hack begins with [Benajmin] finding a telnet prompt on port 11880 and simply logging in as root, with the same password that’s used across all Zsun devices: zsun1188. It’s like they want to you get in. (If you speak Chinese, you’ll recognize the numbers as being a sound-alike for “want to get rich”. So we’ve got the company name and a cliché pun. This is basically the Chinese equivalent of “password1234”.) Along the way, [Benjamin] also notes that the device executes arbitrary code typed into its web interface. Configure it to use the ESSID “reboot”, for instance, and the device reboots. Oh my!

zsun_gpio_bootstrap_annotFrom here [q3k] and co. took over and ported OpenWRT to the device and documented where its serial port and GPIOs are broken out on the physical board. But that’s not all. They’ve also documented how and where to attach a wired Ethernet adapter, should you want to put this thing on a non-wireless network, or use it as a bridge, or whatever. In short, it’s a tiny WiFi router and Linux box in a package that’s about the size of a (Euro coin | US quarter) and costs less than a good dinner out. Just add USB power and you’re good to go.

Nice hack!

Hacking a USB Port Onto an Old Router

Sometimes hacks don’t have to be innovative to be satisfying. We thought that [daffy]’s instructions and video (embedded below the break) for turning an old WRT54G router into an Internet radio were worth a look even if he’s following a well-traveled path and one that we’ve reported on way back when.

The hack itself is simple. [daffy] locates unused USB data lines, adds in a 5V voltage regulator to supply USB bus power, and then connects it all to a USB sound card. Hardware side, done! And while he doesn’t cover the software side of things in this first video, we know where he’s headed.

The WRT54G router was the first commodity Linux-based router to be extensively hacked, and have open-source firmware written for it. If you’re using OpenWRT or dd-wrt on any of your devices, you owe a debt to the early rootability of the WRT54G. Anyway, it’s a good bet that [daffy] is going to find software support for his USB sound card, but we remain in suspense to see just exactly how the details pan out.

Our favorite WRT54G hack is still an oldie: turning a WRT54G into the brains for a robot. But that was eight years ago now, so surely there’s something newer and shinier. What’s the coolest device that you’ve seen a WRT router hacked into?

Continue reading “Hacking a USB Port Onto an Old Router”