A Hackaday.io page screenshot, showing all the numerous CH552 projects from [Stefan].

All The USB You Can Do With A CH552

March 3, 2023 by Arya Voronova 12 Comments

Recently, you might have noticed a flurry of CH552 projects on Hackaday.io – all of them with professionally taken photos of neatly assembled PCBs, typically with a USB connector or two. You might also have noticed that they’re all built by one person, [Stefan “wagiminator” Wagner], who is a prolific hacker – his Hackaday.io page lists over a hundred projects, most of them proudly marked “Completed”. Today, with all these CH552 mentions in the Hackaday.io’s “Newest” category, we’ve decided to take a peek.

The CH552 is an 8-bit MCU with a USB peripheral, with a CH554 sibling that supports USB host, and [Stefan] seriously puts this microcontroller to the test. There’s a nRF24L01+ transceiver turned USB dongle, a rotary encoder peripheral with a 3D-printed case and knob, a mouse wiggler, an interface for our beloved I2C OLED displays, a general-purpose CH55x devboard, and a flurry of AVR programmers – regular AVRISP, an ISP+UPDI programmer, and a UPDI programmer with HV support. Plus, if USB host is your interest, there’s a CH554 USB host development board specifically. Every single one of these is open-source, with PCBs designed in EasyEDA, the firmware already written (!) and available on GitHub, and a lovingly crafted documentation page for each.

[Stefan]’s seriously put the CH552 to the test, and given that all of these projects got firmware, having these projects as examples is a serious incentive for more hackers to try these chips out, especially considering that the CH552 and CH554 go for about 50 cents a piece at websites like LCSC, and mostly in friendly packages. We did cover these two chips back in 2018, together with a programming guide, and we’ve seen things like badges built with its help, but having all these devices to follow is a step up in availability – plus, it’s undeniable that all the widgets built are quite useful by themselves!

A cinematic shot of the resulting prosthetic finger attached to the glove

Missing Finger Gets A Simple Yet Fancy Replacement

March 3, 2023 by Arya Voronova 27 Comments

The possibility of a table saw accident is low, but never zero — and [Nerdforge] has lost a finger to this ever-useful but dangerous contraption. For a right-handed person, losing the left hand pinky might not sound like much, but the incident involved some nerve damage as well, making inaccessible a range of everyday motions we take for granted. For instance, holding a smartphone or a pile of small objects without dropping them. As a hacker, [Nerdforge] decided to investigate just how much she could do about it.

On Thingiverse, she’s hit a jackpot: a parametric prosthetic finger project by [Nicholas Brookins], and in no time, printed the first version in resin. The mechanics of the project are impressive in their simplicity — when you close your hand, the finger closes too. Meant to be as simple as possible, this project only requires a wrist mount and some fishing line. From there, what could she improve upon? Aside from some test fits, the new finger could use a better mounting system, it could stand looking better, and of course, it could use some lights.

For a start, [Nerdforge] redesigned the mount so that the finger would instead fasten onto a newly-fingerless glove, with a few plastic parts attached into that. Those plastic parts turned out to be a perfect spot for a CR2032 battery holder and a microswitch, wired up to a piece of LED filament inserted into the tip of the finger. As for the looks, some metal-finish paint was found to work wonders – moving the glove’s exterior from the “printed project” territory into the “futuristic movie prop” area.

The finger turned out to be a resounding success, restoring the ability to hold small objects in ways that the accident made cumbersome. It doesn’t provide much in terms of mechanical strength, but it wasn’t meant to do that. Now, [Nerdforge] has hacked back some of her hand’s features, and we have yet another success story for all the finger-deficient hackers among us. Hacker-built prosthetics have been a staple of Hackaday, with the OpenBionics project in particular being a highlight of 2015 Hackaday Prize — an endearing demonstration of hackers’ resilience.

Continue reading “Missing Finger Gets A Simple Yet Fancy Replacement” →

Photo of a smartphone with the ATTiny85 inserted into it, with a screen unlock pattern being drawn on the screen

ATtiny85 Automates Your Smartphone

March 2, 2023 by Arya Voronova 14 Comments

It might not seem too impressive these days, but when microcontrollers with hardware USB support were more expensive and rare, the VUSB library was often used to create USB devices with an ATtiny85. It became so popular that the ATtiny85 even got packaged into USB dongle formfactors, like the DigiSpark boards. Well, you might not know this, but your Android smartphones can also work with USB mice and touchscreens in lieu of the built-in touchscreen display. [ErfanSn] combined these two ideas, creating a library to automate smartphone touchscreen events and keyboard input with an ATtiny85 — open for all of us to use, and with examples to spare.

The library is called DigiCombo, and it comes with plenty of examples for any screen touch event emulation that you might want. For instance, check out the README — it has video examples for Instagram page scrolling, unlock screen brute-forcing with random coordinates, playing the Stack rhythm game, and pinch zoom — all the building blocks for your smartphone touch emulation needs are covered pretty well! Of course, all of these have example code corresponding to them, that you can download and base your own ideas on. What’s more, the library is available in current Arduino IDE under the DigiCombo name. So if you need to, say, make a quick autoclicker for your phone, the library is a few steps away!

If your smartphone project was stalled because you needed to emulate touchscreen input, this library is your chance to get it done! We appreciate projects that let us get more from smartphones — there’s a lot of those laying around, they’re pretty functional and self-sufficient devices, so it makes sense that some projects of ours could do with a phone instead of a Raspberry Pi. Some manufacturers let us get a bit more of our phones, but this hasn’t really caught on, which means we have to make do with help of libraries like these. Or, perhaps, you rely on your phone day-to-day, and you’d like to add a touchpad to its back?

Screenshot of the code decompiled after these patches are applied, showing that all the register writes are nicely decompiled and appropriate register names are shown in the code

Making Ghidra Play Nice With RP2040

March 1, 2023 by Arya Voronova 1 Comment

Developing firmware for RP2040 is undeniably fun, what’s with all these PIOs. However, sometimes you will want to switch it around and reverse-engineer some RP2040 firmware instead. If you’ve ever tried using Ghidra for that, your experience might have been seriously lackluster due to the decompiled output not making sense when it comes to addresses – thankfully, [Wejn] has now released patches for Ghidra’s companion, SVD-Loader, that turn it all around, and there’s a blog post to go with these.

SVD-Loader, while an indispensable tool for ARM work, didn’t work at all with the RP2040 due to a bug – fixed foremost. Then, [Wejn] turned to a pecularity of the RP2040 – Atomic Register Access, that changes addressing in a way where the usual decompile flow will result in nonsense addresses. Having brought a ton of memory map data into the equation, [Wejn] rewrote the decoding and got it to a point where peripheral accesses now map to nicely readable register writes in decompiled code – an entirely different picture!

You can already apply the patches yourself if you desire. As usual, there’s still things left in TODO for proper quality of life during your Ghidra dive, but the decompiled code makes way more sense now than it did before. Now, if you ever encounter a RP2040-powered water cooler or an air quality meter, you are ready to take a stab at its flash contents. Not yet familiar with the Ghidra life? Well, our own HackadayU has just the learning course for you!

A closeup of the faulty section of the dial - you can spot the plastic rivets that broke off

The Tale Of Two Broken Flukes

March 1, 2023 by Arya Voronova 11 Comments

Some repairs happen as if by pure luck, and [Sebastian] shows us one such repair on Hackaday.io. He found two Fluke 175 meters being sold on eBay, with one having a mere beeper issue, and another having a “strange error”. Now, theoretically, swapping beepers around would give you one working meter and a kit of spare parts – but this is Fluke we’re talking about, and [Sebastian] wasn’t satisfied leaving it there.

First, he deduced that the beeper issue could be fixed by repositioning the piezo disk – and indeed, that brought the meter number one to working order. This left the mysterious error – the meter would only power up in certain rotations of the dial, and would misbehave, at that. Disassembly cleared things up – the dial mechanics failed, in that a half of the metal contacts came detached after all the plastic rivets holding the metal piece in place mysteriously vanished. The mechanics were indeed a bit intricate, and our hacker hoped to buy a replacement, but seeing the replacement switch prices in three-digit range, out came the epoxy tube.

An epoxy fix left overnight netted him two perfectly working Fluke meters, and while we don’t know what the listing price was for these, such a story might make you feel like taking your chances with a broken Fluke, too. The tale does end with a word of caution from [Sebastian], though – apparently, cleaning the meters took longer than the repairs themselves. Nevertheless, this kind of repair is a hobbyist’s dream – sometimes, you have to design a whole new case for your meter if as much as a wire breaks, or painstakingly replace a COB with a TQFP chip.

FOSDEM 2023: An Open-Source Conference, Literally

March 1, 2023 by Arya Voronova 6 Comments

Every year, on the first weekend of February, a certain Brussels university campus livens up. There, you will find enthusiasts of open-source software and hardware alike, arriving from different corners of the world to meet up, talk, and listen. The reason they all meet there is the conference called FOSDEM, a long-standing open-source software conference which has been happening in Belgium since 2000. I’d like to tell you about FOSDEM because, when it comes to conferences, FOSDEM is one of a kind.

FOSDEM is organized in alignment with open-source principles, which is to say, it reminds me of an open-source project itself. The conference is volunteer-driven, with a core of staff responsible for crucial tasks – yet, everyone can and is encouraged to contribute. Just like a large open-source effort, it’s supported by university and company contributions, but there’s no admission fees for participants – for a conference, this means you don’t have to buy a ticket to attend. Last but definitely not least, what makes FOSDEM shine is the community that it creates.

FOSDEM’s focus is open software – yet, for hackers of the hardware world, you will find a strong hardware component to participate in, since a great number of FOSDEM visitors are either interested in hardware, or even develop hardware-related things day-to-day. It’s not just that our hardware can’t live without software, and vice-versa – here, you will meet plenty of pure software, a decent amount of pure hardware, and a lot of places where the two worlds are hard to distinguish. All in all, FOSDEM is no doubt part of hacker culture in Europe, and today, I will tell you about my experience of FOSDEM 2023. Continue reading “FOSDEM 2023: An Open-Source Conference, Literally” →

A picture showing acupuncture needles wedged into the inside of the payment terminal

Aaron Christophel Brings DOOM To Payment Terminal

March 1, 2023 by Arya Voronova 9 Comments

Payment terminals might feel intimidating — they’re generally manufactured with security in mind, with all manner of anti-tamper protections in place to prevent you from poking around in the hardware too much. But [Aaron Christophel] thinks that level of security isn’t aren’t always in practice however, and on his journey towards repurposing devices of all kinds, has stumbled upon just the terminal that will give up its secrets easily. The device in question is Sumup Solo terminal, a small handheld with a battery, LTE connection and a payment card slot – helping you accept card payments even if you’re on the go.

Now, this terminal has security features like the anti-tamper shield over the crucial parts of the device, leading to payment processing-related keys being erased when lifted. However, acupuncture needles, a tool firmly in [Aaron]’s arsenal, helped him reach two UART testpoints that were meant to be located under that shield, and they turned out to be all that a hacker needed to access the Linux system powering this terminal. Not just that, but the UART drops you right into the root shell, which [Aaron] dutifully explored — and after some cross–compilation and Linux tinkering, he got the terminal to, naturally, run Doom.

The video shows you even more, including the responsible disclosure process that he went through with Sumup, resulting in some patches and, we hope, even hardware improvements down the line. Now, the payment processing keys aren’t accessible from the Linux environment — however, [Aaron] notes that this doesn’t exclude attacks like changing the amount of money displayed while the customer is using such a terminal to pay.

If you’d like to take a closer look at some of the hardware tricks used in these secure devices, we did a teardown on one back in 2019 that should prove interesting.

Continue reading “Aaron Christophel Brings DOOM To Payment Terminal” →