Extracting Secured Firmware From Freescale Zigbee Radios

May 25, 2011 by Mike Nathan 17 Comments

decapped_MC13224

[Travis Goodspeed] recently tore down the Freescale MC13224 wireless radio chip in an effort to demonstrate how the device’s firmware could be read, even when locked down in “secure” mode. While you might not recognize the Freescale MC13224 radio by name alone, you are certainly familiar with some of its practical applications. Found in the QuahogCon and Ninja Party badges among other consumer goods, the popular Zigbee radio turned out to be a fairly easy conquest.

[Travis] first used acid to decap one of the microcontrollers to see what was going on under the plastic casing. Inside, he discovered a discrete flash memory chip, which he removed and repackaged using a wedge wire bonder. He was easily able to extract the firmware, however decapping and repackaging a flash chip isn’t necessarily the most user-friendly process.

After digging further, he discovered that holding one of the chip’s pins low during boot would allow him to run custom code that recovers the firmware image once the pin is pulled high once again. This far more practical means of firmware recovery can be easily facilitated via a circuit board revision, as [Travis] mentions in his blog.

Hacked Phone Runs Zork, Gets Lamp

May 25, 2011 by Brian Benchoff 14 Comments

A few months ago, [Ulysses] had a project in mind that would run Zork on a TDD. Although it was a bit of a struggle getting the project ready in time for the Bay Area Maker’s Faire, the accompanying build blog tells us it was more than worth the effort.

After hooking up the guts of the phone to an Arduino Pro, A modem was modified so the acoustically coupled TDD could be interfaced. Although the TDD display is only one line, [Ulysses] is transmitting the text at only 45.5 baud, So even the slowest reader could keep up with the story. For running the actual code, initial attempts at using an Arduino Pro, and then Arduino Mega proved unsuccessful because of the limitations of sram in these AVRs. After discarding the idea of running Zork on an Arduino, the project was finished with a single board FitPC computer mounted inside the phone.

The code of the project runs Zork on a port of the Infocom Z-code Interpreter Program, or ZIP. A lot of interactive text adventures were put out in the Z-code format, so we’re guessing it would be trivial to have this project run Leather Goddesses of Phobos, or the amazing Hitchhiker’s Guide to the Galaxy. It’s a very nice project, and we could easily see ourselves sitting down with this project, a two liter bottle of Shasta, and an all-Rush mix tape on a Saturday night.

Hand-cranked Magnet Machine Is Endless Fun

May 25, 2011 by Mike Nathan 41 Comments

magnet_machine

We can’t think of a single person who doesn’t enjoy playing with a handful of rare earth magnets now and again. We know that [Dave Johnson] certainly does. As a gift to his father in law, he constructed a magnificent machine that does little more than manipulate spherical rare earth magnets with hypnotizing grace.

The machine is constructed almost entirely from wood, save for a few fasteners and rods. Even the gears have been carefully cut from wood, with special attention paid to ensure smooth operation. When cranked, the machine slices off a single magnet from one end of a long chain, passing it along to a lift arm. The lift arm deposits the magnet into a metal tube, and with the help of eddy currents, it drifts slowly down before being redeposited at the end of the magnet chain.

Be sure to check out a video demonstration of the machine after the break, it really is fun to watch.

[via LaughingSquid]

Continue reading “Hand-cranked Magnet Machine Is Endless Fun” →

Wireless Rover Has Two Guns…one For Each Of Ya

May 25, 2011 by Mike Nathan 9 Comments

texas_ranger_airsoft_rover

We never really get bored with remote-controlled rovers around here, especially when they involve reusing some old hardware as well as lasers. [Tycoon] wrote in to share his creation, which he has dubbed “Texas Ranger”.

Texas Ranger is built around an old Linksys WRT54GL router, which provides the rover’s WiFi connectivity as well as the serial interface through which everything else is controlled. The rover features a pair of PIC microcontrollers, which handle all of the servo control as well as telemetry calculations.

An onboard camera gives the operator a driver’s seat view of the action, allowing for precise control of the vehicle. Laser triangulation is used to help measure object distance, and a pair of airsoft pellet guns straddle the camera for whenever [Tycoon] feels like making his presence known. One feature we are especially fond of is the pair of Wii nunchucks which the rover uses to monitor its position. Always aware of its operating angle, it auto-adjusts the camera to compensate for uneven surfaces, guaranteeing that [Tycoon] doesn’t have to tilt his head to see straight.

Keep reading to see a quick demo video he shot of Texas Ranger in action.

Continue reading “Wireless Rover Has Two Guns…one For Each Of Ya” →

Building A Brushless Motor Controller

May 24, 2011 by Mike Nathan 12 Comments

brushless_motor_controller

Brushless motors and the way in which they are controlled can be a bit of an enigma to those just starting out in hobby electronics. [Andrew] from spingarage thought it would be helpful to put together a quick tutorial showing how he built a simple brushless motor controller in about a day’s time. He constructs everything on protoboard from components he acquired at RadioShack in order to demonstrate the ease of sourcing parts and building a brushless motor driver.

While he skips most of the theory behind brushless motor control itself, he does touch on the signaling these motors require for movement as well as how motor position is determined. Specifically, he expands on how half-bridges can be used to create the sine wave signaling required by a single motor input, as well as how three of these can be combined to drive a brushless motor.

The post is the first in a series of posts about brushless motors, so we should see some code examples and some practical applications in the near future.

I2C Arduino GPS Shield

May 24, 2011 by Mike Nathan 11 Comments

i2c_gps_shield

[Wayne] wrote in to share an item he just finished working on, an I²C GPS shield for the Arduino. While other GPS solutions have existed for quite some time, his caught our eye due to its feature list.

The shield removes a good bit of the hassle associated with parsing raw NMEA data from traditional GPS addons. While you have the option to communicate with the GPS module over serial in order to obtain the raw data, the use of the I²C interface makes getting the most commonly used GPS data a breeze. The GPS module itself can be set to update at anywhere from 1 to 10 Hz, and [Wayne] says that the I²C bus blows away the oft-used 9600 baud serial interface. While I²C is primarily used for receiving data, it can also be utilized to configure the GPS via its control registers, allowing for on the fly settings tweaks.

While he does sell the units pre-assembled at a competitive price, [Wayne] also provides a full schematic, making this an easy afternoon project once you have sourced the proper components.

Automated Faucet Keeps Your Cat Watered

May 24, 2011 by Jesse Congdon 21 Comments

Like many of us [Chris Dillon]’s cat prefers to drink cold fresh water directly from the tap. However, unlike us, [Chris]’s feline buddy is too preoccupied with cat stuff to bother flipping off the faucet after its use. As it turns out, this was an excellent opportunity not only for [Chris] to flex his project muscles, but also to lay the groundwork for future home automation projects. While most of us may go for a simple solenoid [Chris] had to make the rig completely reversible. The result is an automated faucet control which involves an infrared sensor, Arduino, and tight fitting rail system with a servo to operate the sink handle.

After getting all of the hardware and the sensor sorted [Chris] went on to add a data logging PC to the mix. The faucet setup communicates with a Linux server via Xbee modules, and populates a MongoDB database. The setup even allows [Chris] to flag false positives (human sink use for example) and produce charts of his feline friend’s water usage. We suspect the cat will be none too pleased when it gets its water bill.

Don’t forget to check out [Chris Dillon]’s site for details on the project including code and a list of lessons learned. Also, since this is the internet after all, we have several other cat related projects for your viewing pleasure.