Author: Arya Voronova

490 Articles

A CaptionCall Phone Succumbs To Doom, Again

March 2, 2025 by 11 Comments

Pour one out for yet another device conquered. This one’s a desk phone for conferences and whatnot, a colour display, a numpad, and a bog standard handset with a speaker and mic. Naturally, also running Linux. You know what to expect – [Parker Reed] has brought Doom to it, and you’d be surprised how playable it looks!

This is the second time a CaptionCall device has graced our pages running Doom — CaptionCall patched out the previous route, but with some firmware dumping and hashcat, root has been acquired once again. [Parker] has upgraded this impromptu gaming setup, too – now, all the buttons are mapped into Doom-compatible keyboard events coming from a single input device, thanks to a C program and an Xorg config snippet. Feel free to yoink for your own Doom adventures or just general CaptionCall hacking!

If you’re interested in the hacking journey, get into the exploitee.rs Discord server and follow the hack timeline from password recovery, start to finish, to Doom, to the state of affairs shown in the video. Now, as the CPU speeds have risen, should the hackerdom switch away from Doom as the go-to? Our community remains divided.

Continue reading “A CaptionCall Phone Succumbs To Doom, Again”

This Gesture Sensor Is Precise, Cheap, Well-Hidden

March 1, 2025 by 22 Comments

In today’s “futuristic tech you can get for $5”, [RealCorebb] shows us a gesture sensor, one of the sci-fi kind. He was doing a desktop clock build, and wanted to add gesture control to it – without any holes that a typical optical sensor needs. After some searching, he’s found Microchip’s MGC3130, a gesture sensing chip that works with “E-fields”, more precise than the usual ones, almost as cheap, and with a lovely twist.

The coolest part about this chip is that it needs no case openings. The 3130 can work even behind obstructions like a 3D-printed case. You do need a PCB the size of a laptop touchpad, however — unlike the optical sensors easy to find from the usual online marketplaces. Still, if you have a spot, this is a perfect gesture-sensing solution. [RealCorebb] shows it off to us in the demo video.

This PCB design is available as gerbers+bom+schematic PDF. You can still order one from the files in the repo.  Also, you need to use Microchip’s tools to program your preferred gestures into the chip. Still, it pays off, thanks to the chip’s reasonably low price and on-chip gesture processing. And, [RealCorebb] provides all the explanations you could need, has Arduino examples for us, links all the software, and even provides some Python scripts! Touch-sensitive technology has been getting more and more steam in hacker circles – for instance, check out this open-source 3D-printed trackpad.

Continue reading “This Gesture Sensor Is Precise, Cheap, Well-Hidden”

The Bus Pirate 5 Sure Can Glitch

March 1, 2025 by 2 Comments

Own a Bus Pirate 5? Now, it can do power glitching, thanks to [Matt Brugman’s] demo and contributions to the stock code. This is also a great demo of Bus Pirate’s capabilities and programmability! All you need is the Bus Pirate and a generic Arduino – load a glitch-vulnerable code example into the Arduino, get yourself a generic FET-based glitching setup, and you too can play.

The Arduino board outputs data over UART, and that’s used as a trigger for the Bus Pirate’s new glitch feature – now mainline, thanks to [Matt]’s pull request. It’s pretty feature-complete, too — all parameters are configurable, it can vary the glitching interval, as one would want, and the code checks for success conditions so that it can retry glitching automatically.

In this demo, it only took six consecutive attempts to successfully glitch the ATMega328P – wouldn’t you know it, the code that got glitched was pulled almost wholesale from an IoT device. Glitching remains an underappreciated vector for reverse-engineering, and there’s really no shortage of hacks it allows you to do – get yourself a FET, a Bus Pirate, or maybe just an ESP8266, and join the glitching-aware hackers club!

Want to know more about the Bus Pirate 5? Check out our hands-on review of the hacker multi-tool from last year.

A PCR machine with its side cover taken off exposing its guts, and the tray extended out

Making A PCR Machine Crypto Sign Its Results

March 1, 2025 by 20 Comments

Money, status, or even survival – there’s no shortage of incentives for faking results in the scientific community. What can we do to prevent it, or at least make it noticeable? One possible solution is cryptographic signing of measurement results.

Here’s a proof-of-concept from [Clement Heyd] and [Arbion Halili]. They took a ThermoFisher Scientific 7500 Fast PCR (Polymerase Chain Reaction) machine, isolated its daughter-software, and confined it into a pipeline that automatically signs each result with help of a HSM (Hardware Security Module).

A many machines do, this one has to be paired to a PC, running bespoke software. This one’s running Windows XP, at least! The software got shoved into a heavily isolated virtual machine running XP, protected by TEE (Trusted Execution Environment). The software’s output is now piped into a data diode virtual serial port out of the VM, immediately signed with the HSM, and signed data is accessible through a read-only interface. Want to verify the results’ authenticity? Check them against the system’s public key, and you’re golden – in theory.

This design is just a part of the puzzle, given a typical chain of custody for samples in medical research, but it’s a solid start – and it happens to help make the Windows XP setup more resilient, too.

Wondering what PCR testing is good for? Tons of things all over the medical field, for instance, we’ve talked about PCR in a fair bit of detail in this article about COVID-19 testing. We’ve also covered a number of hacker-built PCR and PCR-enabling machines, from deceivingly simple to reasonably complex!

The rust language logo being branded onto a microcontroller housing

Esp-hal, A Stable-API ESP32 HAL Gift For Your Rust Code

February 27, 2025 by 14 Comments

Looking to write Rust on the ESP32? You’re in luck, a new challenger has entered the scene, looking to help you write code that lasts – [Scott Mabin] and the team from Espressif have brought us the esp-hal 1.0.0-beta. From a personal project to an Espressif-sponsored one to an effort under Espressif’s wing, [Scott] tells us about the arduous journey of bringing first-class Rust support to ESP32 chips, Xtensa and RISC-V alike.

In particular, esp-hal, with the hal part standing for Hardware Abstraction Layer, focuses on providing you with a stable API to access hardware, making sure your code can remain stable for years to come. For now, you get drivers for GPIO, UART, SPI and I2C, as well as a number of auxiliary features like time and SoC reset, more than enough for a large amount of projects we hackers build with a generic MCU in mind.

Next stop? WiFi and BLE support, of course, an ESP32 just doesn’t feel the same without these two. Rust is a fun and seriously promising language, and it’s a joy to use! So, if you have a wireless-less project in mind and you’re looking for a HAL, try out the esp-hal, it might just be exactly what you need.

If you’re looking for examples, here’s an STM32 touchpad project with Rust firmware, a PIC32 Rust blinky demo, and we’ve even featured larger projects like this ESP32 open-source (reverse-engineered) WiFi MAC stack being written in Rust. In case you missed it, we’ve introduced Rust to you a couple of times, even as far as 2015!

Demonstration of the multichannel design feature, being able to put identical blocks into your design, only route one of them, and have all the other blocks' routing be duplicated

KiCad 9 Moves Up In The Pro League

February 22, 2025 by 28 Comments

Do you do PCB design for a living? Has KiCad been just a tiny bit insufficient for your lightning-fast board routing demands? We’ve just been graced with the KiCad 9 release (blog post, there’s a FOSDEM talk too), and it brings features of the rank you expect from a professional-level monthly-subscription PCB design suite.

Of course, KiCad 9 has delivered a ton of polish and features for all sorts of PCB design, so everyone will have some fun new additions to work with – but if you live and breathe PCB track routing, this release is especially for you.

Continue reading “KiCad 9 Moves Up In The Pro League”

Hack On Self: One Minute Blitz

February 18, 2025 by 6 Comments

Have you yet stumbled upon the principle of “consistently applied small amounts of work can guarantee completion of large projects”? I have, and it’s worked out well for me – on days when I could pay attention to them, that is.

A couple times, I’ve successfully completed long-term projects by making sure to do only a little bit of it, but I do it every day. It helps a lot with the feeling you get when you approach a large project – say, cleaning up your desk after a few days of heavy-duty hacking. If you’re multi-discipline, and especially if you happen to use multiple desks like me, a desk can stay occupied for a while.

Can you do one minute of desk cleaning today? Sure doesn’t feel like much time, or much effort. In a week’s time, however, you might just have a clean desk. Cleaning discrete messes is where this concept applies pretty well – you couldn’t wash floors like this, but you could wipe off the dust from a few surfaces for sure.

Now, I want to make this a habit – use it on like, seven different things a day. I wrote a script to make it possible – here’s how it works for me right now.

Building Upon The Seen-Before

I relied on a few previously-discussed things for this one. Main one is the Headphone Friend project – a pocketable Linux device, streaming audio from my laptop as I walk around my room. As a reminder, the headphones also have a button that emits HID events when pressed/released, and I have a small piece of software that can map actions to combinations of short-medium-long presses of that button.

Another necessity was a bit of software – dodging my questing system “away from laptop = system breaks” mistake, I wanted to put everything into my headphones, even the task names, trying to reach a “flow” through a series of 1-minute tasks. Of course, I reused the old sound library, but I also needed TTS generation on the fly! I went for PicoTTS with a simple wrapper – it’s not the best TTS system, but it’s damn fast, and perfectly suited for a prototype.

For the button-to-action mapping script, I had to expose some sort of API, to avoid merging the button scanning code and the task switching code. After a little deliberation, I picked websockets – they work decently well, and they’re quite portable, so I could run the button monitoring itself on the Headphone Friend device, and the main software on my laptop, for prototyping purposes.

Now, the more interesting question – how do I build the algorithm?

Continue reading “Hack On Self: One Minute Blitz”