Selling power banks these days isn’t easy, as you can only stretch the reasonable limits of capacity and output wattage so far. Fortunately there is now a new game in town, with ‘smart’ power banks, like the Anker one that [Aaron Christophel] recently purchased for reverse-engineering. It features Bluetooth (BLE), a ‘smart app’ and a rather fancy screen on the front with quite a bit of information. This also means that there’s a lot to hack here beyond basic battery management system (BMS) features.
As detailed on the GitHub project page, after you get past the glue-and-plastic-clip top, you will find inside a PCB with a GD32F303 MCU, a Telink TLSR8253 BLE IC and the 240×240 ST7789 LCD in addition to a few other ICs to handle BMS functions, RTC and such. Before firmware version 1.6.2 you can simply overwrite the firmware, but Anker added a signature check to later firmware updates.
The BLE feature is used to communicate with the Anker app, which the official product page advertises as being good for real-time stats, smart charging and finding the power bank by making a loud noise. [Aaron] already reverse-engineered the protocol and offers his own alternative on the project page. Naturally updating the firmware is usually also done via BLE.
Although the BLE and mobile app feature is decidedly a gimmick, hacking it could allow for some interesting UPS-like and other features. We just hope that battery safety features aren’t defined solely in software, lest these power banks can be compromised with a nefarious or improper firmware update.
Thanks Maya! Sometimes a news is extremely informative what companies to avoid. I’m also pointing at a certain 3d-printer company. Rossmann was right.
I wouldn’t say a signature for a firmware update is a bad thing, I wouldn’t want anyone with a bluetooth device to be able to change the firmware on my large lithium battery pack. That said, I’d want to be able to override that lock out when I’m actually holding the device, or when I’m the device’s registered admin user or something.
If someone somehow figures out a way to easily modify a specific (and dangerous) product like a power bank to release some funny smoke on a flight, that product would be banned from flights worldwide in no time.
That’s the point. If updating the firmware required authentication, specifically your authentication, it wouldn’t need to fail when lacking signature validation.
Yes, having a signature is fine, it’s the fail to apply without a valid signature that’s the problem.
It’s done specifically so that your authentication of what firmware to load is prevented, only the manufacturer can do that in your stead, almost by definition against your wishes.
We know from experience the manufacturer isn’t doing any of this in good faith. That makes it exceptionally difficult to take any devils advocate arguments in good faith either.
A powerbank needs to be a dumb brick with charge indicator. No BLE please.
Yeah, I don’t understand the need for this nonsense at all.
That PC board is way more complicated than I would have expected. A discrete MCU+BLE chip solution with LCD for a power bank of all things! I would have expected a lot smaller board with a no-marking ASIC which handled everything
What utility is the MCU providing? I doubt its handling switching/feedback or anything like that