PCB Design Review: Tinysparrow, A Module For CAN Hacking Needs

April 3, 2024 by Arya Voronova 22 Comments

I enjoy seeing modules that can make designing other devices easier, and when I did a call for design reviews, [enp6s0] has submitted one such board to us. It’s a module called TinySparrow (GitHub), that helps you build your own vehicle ECUs and any other CAN-enabled things. With a microcontroller, plenty of GPIOs, a linear regulator and a CAN transceiver already onboard, this board has more than enough kick for anyone in hobbyist-range automotive space – and it’s surprisingly tiny!

You could build a lot of things around this module – a CAN bus analyzer or sniffer, a custom peripheral for car dashes, or even a full-blown ECU. You can even design any hardware for a robot or a piece of industrial technology that uses CAN for its backbone – we’ve all seen a few of those! It’s a great board, but it uses six layers. We’ll see if we can do something about that here.

Modules like TinySparrow will make your PCBs cheaper while ordering, too! Thanks to the carefully routed microcontroller and the CAN transmitter, whatever board you design around this chip definitely wouldn’t need six layers like this one does – and, unlike designing your own board, you can use someone’s well-tested and tailored libraries and reference circuits!

With TinySparrow, you save a lot of time, effort and money whenever you want to design a car or industrial accessory. After looking at the board files, my proposal for helping today’s board is – like last time – to make its production cheaper, so that more people can get this board into their hands if the creator ever does try and manufacture it. I also have some tips to make future improvements on this design easier, and make it more friendly for its userbase.

Continue reading “PCB Design Review: Tinysparrow, A Module For CAN Hacking Needs” →

Screenshot of eBay listings with Gigaset IoT devices being sold, now basically useless

A Giga-Sunset For Gigaset IoT Devices

April 3, 2024 by Arya Voronova 76 Comments

In today’s “predictable things that happened before and definitely will happen again”, we have another company in the “smart device” business that has just shuttered their servers, leaving devices completely inert. This time, it’s Gigaset. The servers were shuttered on the 29th of March, and the official announcement (German, Google Translate) states that there’s no easy way out.

It appears that the devices were locked into Gigaset Cloud to perform their function, with no local-only option. This leaves all open source integrations in the dust, whatever documentation there was, is now taken down. As the announcement states, Gigaset Communications Gmbh has gotten acquired due to insolvency, and the buyer was not remotely interested in the Smart Home portion of the business. As the corporate traditions follow, we can’t expect open sourcing of the code or protocol specification or anything of the sort — the devices are bricks until someone takes care of them.

If you’re looking for smart devices on the cheap, you might want to add “Gigaset” to your monitored search term list — we’ll be waiting for your hack submissions as usual. After all, we’ve seen some success stories when it comes to abandoned smart home devices – like the recent Insteon story, where a group of device owners bought out and restarted the service after the company got abruptly shut down.

We thank [Louis] for sharing this with us!

Three ZigBee radios in ESD bags, marked "Zigbee Sniffer", "Router" and "Coordinator".

Crash IoT Devices Through Protocol Fuzzing

April 2, 2024 by Arya Voronova 1 Comment

IoT protocols are a relatively unexplored field compared to most PC-exposed protocols – it’s bothersome to need a whole radio setup before you can tinker on something, and often, for low-level experiments, just any radio won’t do. This means there’s quite a bit of security ground to cover. Now, the U-Fuzz toolkit from [asset-group] helps us make up for it.

Unlike fuzzers you might imagine, U-Fuzz doesn’t go in blindly. This toolkit has provisions to parse protocols and fuzz fields meaningfully, which helps because many of devices will discard packets they deem too malformed. With U-Fuzz, you feed it a couple packet captures, help it make some conclusions about packet and protocol structure, and get suggestions on how to crash your devices in ways not yet foreseen.

This allows for basically arbitrary protocol fuzzing, and to demonstrate, we get examples on 5G, CoAP and ZigBee probing alike, with a list of found CVEs to wrap the README up. As Wikipedia often states, this list is incomplete, and you can help by expanding it. Fuzzing is an underestimated tool – it will help you hack ubiquitous wireless protocols, proprietary standards, and smart home hubs alike.

On the left, the main board of the dual board computer, with the CPU and a bunch of connectors visible. On the right, the addon board is shown, with all the extra connectors as described in the article

A Nifty F1C100S Dual-Board Computer

April 2, 2024 by Arya Voronova 15 Comments

The F1C100S (and the F1C200S) is a super simple CPU to use – it’s QFN, it has RAM built-in, and it can run Linux. It just makes sense that we bring it up to you once again, this time, on this dual-board computer by [minilogic]. The boards look super accessible to build for a Linux computer, and it’s alright if you assemble only one of them, too – the second board just makes this computer all that much nicer to use!

One the main board, you get the CPU itself, a couple USB ports, headphone and mic jacks, a microphone, a microSD socket, power management, SPI flash chip, plus some buttons, headers and USB-UART for debug. Add the second board, however, and you get a HDMI video output socket, a RGBTTL LCD header, LiIon battery support, RTC, and even FM radio with TV input.

One problem with this computer – it’s not open-source in the way that we expect and respect, as there’s no board files to be seen. However, at least the schematics are public, so it shouldn’t be hard, and the author provides quite a bit of example code for the F1C100S, which softens the blow. Until the design files are properly published, we can at least learn from the idea and the schematics. If you like what the F1C100S CPU offers, there are other projects you can take things from too, like this low-cost handheld we’re patiently waiting for, or this Linux-powered business card.

The PhotonPower Zero board laying on a desk surface

PhotonPower Zero For Effortless Solar Pi Zero Projects

April 2, 2024 by Arya Voronova 2 Comments

A Pi Zero doesn’t need much to sustain itself, and it’s projects like the PhotonPower Zero that remind us of it its low appetite when we need this reminder most. The PhotonPower Zero board lets you power a Pi Zero board from a solar cell, with a LiIon backup, and a microcontroller for power management. Created by [David Murray], this board’s been a perfect solution for quite a few projects of his, and now he is sharing the design so that we can create outdoor-suited devices as easily as he’s been able to.

Tested for months in Australian summer and winter conditions alike, the design pulls no punches and has everything you might need. Like any self-respecting power addon, it has a management microcontroller for going as low-power as you’d like, communicating the battery data to the Pi Zero, and being able to safely shut it down when needed. If you fancy what this board does, [David Murray] tells you all, both in the video and in the associated posts!

One of the best parts about this board is that it’s fully open-source – schematics, KiCad PCB source files, and even 3D designs are available in the GitHub repo. You could source all the parts right now and build a fleet of solar-powered Zeros, and if you want the hard parts to be done for you, there’s a Kickstarter campaign that lets you get a PhotonPower Zero board without self-assembly. We’ve covered similar boards before – powering a Pi Zero isn’t lost art, and, there’s a lot to learn from this project specifically. Such boards are especially tempting, given that the latest Pi Zero W 2 is the most efficient Pi Zero to date – outdoor-capable 24/7 powered devices with a fair bit of CPU have never been this close!

Continue reading “PhotonPower Zero For Effortless Solar Pi Zero Projects” →

The laptop in question, with the LCD-bearing top half printed in pink, and the bottom half showing off the Thinkpad keyboard.

Pinkpad, A DIY Laptop You Must Print In Pink

April 1, 2024 by Arya Voronova 20 Comments

Looking to build a laptop all on your own? Check out the Pinkpad, a DIY laptop project that as if appeared out of nowhere, gives you a based on an off-the-shelf Dell motherboard. This build projects an aura of unabashed competence – the website brings you to a different universe, the documentation is as curt as it is extensive, and the build evidently works.

With a Thinkpad x61 keyboard, a reasonably modern (Dell Vostro 5481, Ryzen possible) motherboard embeddable inside, and a 10″ 1024×768 screen, this ~11″ laptop packs a certain kind of punch for what’s a build-it-yourself project. Most of the value of this design is in the 3D files – which were done in Google SketchUp, and the laptop is small enough that you could print its shell reasonably quickly. Not that you should follow the parts list religiously – the screen in particular might just warrant reconsideration in your eyes. On the other hand, we wish you all the luck on your SketchUp journey if you want to modify the shell. It also isn’t lost on us that the parts list doesn’t list a battery in it.

This is an impressive project to see open-sourced, and we hope it can inspire some hackers in the custom laptop building cohort. One prominent flaw of consumer-facing technology is that you can’t always get your devices in pink, and printing your laptop’s chassis yourself is a surefire way to combat this. If this laptop’s form-factor is too commonplace for you, we’ve seen no shortage of custom laptops grace our pages, from miniature ones to CRT luggable beasts, and click on the tags below if you’d like to see more!

We thank [Max_UA] for sharing this with us!

$anfractuosity's test setup showing the Pi under test and a few pieces of equipment used to perform the attack$

Cold Boot Attack You Can Do With A Pi

April 1, 2024 by Arya Voronova 2 Comments

A cold boot attack is a way to extract RAM contents from a running system by power cycling it and reading out RAM immediately after loading your own OS. How easy is it for you to perform such an attack? As [anfractuosity] shows, you can perform a cold boot attack with a Raspberry Pi, with a reasonably simple hardware setup and a hefty chunk of bare-metal code.

[anfractuosity]’s setup is simple enough. The Pi 4 under attack is set up to boot from USB drive, and a relay board has it switch between two possible USB drives to boot from: one with a program that fills RAM with , and another with a program that extracts RAM out through UART. The process is controlled by another Pi controlling the relays through GPIOs, that also monitors the target Pi’s UART and uses it as a channel to extract memory.

The outcomes are pretty impressive. After 0.75s of power-down, most of the image could be extracted. That’s without any cooling, so abusing a can of electronics duster is likely to improve these results dramatically. Want to play with cold boot attacks? [anfractuosity]’s code is great for getting your feet wet. Furthermore, the code examples provided serve as a wonderful playground for general memory attack research.

Raspberry Pi not fun enough for you anymore? Well then, you can always start playing with Android phones!