We like to think that we can do almost anything. Give me a broken piece of consumer electronics, and I’ll open it up and kick the capacitors. Give me an embedded Linux machine, and I’ll poke around for a serial port and see if it’s running uboot. But my confidence suddenly pales when you hand me a smartphone.
Now that’s not to say that I’ve never replaced a broken screen or a camera module with OEM parts. The modern smartphone is actually a miracle of modularity, with most sub-assemblies being swappable, at least in principle, and depending on your taste for applying heat to loosen up whatever glue holds the damn things together.
But actually doing hardware hacking on smartphones is still outside of my comfort zone, and that’s a shame. So I was pretty pleased to see [Marcin Plaza] attempt gutting a smartphone, repackaging it into a new form factor, and even adding a new keyboard to it. The best moment in that video for me comes around eight minutes in, when he has completely disassembled all of the modules and is laying them out on his desk to see how little he needs to make the thing work. And the answer is batteries, motherboard, USB-C, power button, and a screen. That starts to seem like a computer build, and that’s familiar turf.
That reminded me of [Scotty Allen]’s forays into cell-phone hackery that culminated in his building one completely from parts, and telling us all about it at Supercon ages ago. He told me that the turning point for him was realizing that if you have access to the tools to put it together and can get some of the impossibly small parts manufactured and/or assembled for you, that it’s just like putting a computer together.
So now I’ve seen two examples. [Scotty] put his together from parts, and [Marcin] actually got a new daughterboard made that interfaces with the USB to add a keyboard. Hardware hacking on a cellphone doesn’t sound entirely impossible. You’d probably want a cheap old used one, but the barrier to entry there isn’t that bad. You’ll probably have to buy some obscure connectors – they are tiny inside smartphones – and get some breakout boards made. But maybe it’s possible?
Anyone have more encouragement?
“are you planning to buy that broken microwave or are you just kicking the capacitors?”
Yup, feels gooooood…
Hey Elliot, check out what this guy can do! https://www.youtube.com/@ycs-yang/shorts
Ohh… thank you.
I’m working regularly with embedded systems to test the security of the products. Sometimes the target is a single chip, other times it’s a complex system of dozens of circuit boards. While the skills apply to very much any electronic device, there are always blind spots. Recently, I thought about how a laptop is just an embedded device, or how a dedicated firewall or VPN box is. Smartphones are a similar blind spot, but I have worked at those at the hardware level. The only difference is that security is often tested from the user land, and not so much from the traces on the board.
I think it’s a general rule that no system is secure if you have physical access to the hardware. The cost of such attack are high though, and the software running in user land has many low hanging fruit.
One thing that have been in my mind for a while now is that, maybe we can spin a meshtastic device from an old smartphone with some poking… But I get lazy just thinking about it.
I mean, I do it professionally and a beautiful paycheck is mandatory to excite me enough into modding industrial equipments, I don’t know if I have enough juice for try something else at home anymore.
For me the barrier is the myriad of whatever special blend of foo is required to just get a decent OS¹ installed on smartphone hardware. Before that is solved I will keep hacking everything else.
¹) Android is not
Buy the hardware that PostmarketOS (or whatever) runs on. It’s only gonna set you back $20-$30, and it’ll do what you want. Win, win.
If it was designed & built by humans, you stand a good chance of being able to do something with it too. After that it’s just a cost/benefit calculation.