Alarm Panel Hack Defeats Encryption By Ignoring It

As frustrating as it may be for a company to lock you into its ecosystem by encrypting their protocols, you have to admit that it presents an enticing challenge. Cracking encryption can be more trouble than it’s worth, though, especially when a device gives you all the tools you need to do an end-run around their encryption.

We’ll explain. For [Valdez], the encrypted communication protocols between a DSC alarm panel and the control pads on the system were serious impediments to integration into Home Assistant. While there are integrations available for these alarm panels, they rely on third-party clouds, which means that not only is your security system potentially telling another computer all your juicy details, but there’s also the very real possibility that the cloud system can either break or be shut down; remember the Chamberlain MyQ fiasco?

With these facts in mind, [Valdez] came up with a clever workaround to DSC encryption by focusing on physically interfacing with the keypad. The device has a common 16×2 LCD and a 25-key keypad, and a little poking around with a multimeter and a $20 logic analyzer eventually showed that the LCD had an HD44780 controller, and revealed all the lines needed to decode the display with an ESP32. Next up was interfacing with the keypad, which also involved a little multimeter work to determine that the keys were hooked up in a 5×5 matrix. Ten GPIOs on the ESP32 made it possible to virtually push any key; however, the ten relays [Valdez] originally used to do the switching proved unwieldy. That led to an optocoupler design, sadly not as clicky but certainly more compact and streamlined, and enabling complete control over the alarm system from Home Assistant.

We love this solution because, as [Valdez] aptly points out, the weakest point in any system is the place where it can’t be encrypted. Information has to flow between the user and the control panel, and by providing the electronic equivalents to eyes and fingers, the underlying encryption is moot. Hats off to [Valdez] for an excellent hack, and for sharing the wealth with the HA community.

Lessons Learned From A High-Voltage Power Supply

When you set out to build a 60,000-volt power supply and find out that it “only” delivers a measly 50,000 volts, you naturally have to dive in and see where things can be improved. And boy, did [Advanced Tinkering] find some things to improve.

First things first: if you haven’t seen [Advanced]’s first pass at a high-voltage supply, you should go check that out. We really liked the design of that one, and were particularly impressed with the attention to detail, all of which seemed to be wisely geared to the safe operation of the supply. But as it turns out, the margin of safety in the original design wasn’t as good as it could be. Of most concern was the need to physically touch the supply to control it, an obvious problem should something go wrong anywhere along the HV path, which includes a ZVS-driven flyback and an epoxy-potted Crockcroft-Walton voltage multiplier.

To make things a little more hands-off, [AT] added a pneumatically actuated switch to the supply, along with some indicator lights to help prevent him from leaving the supply powered up. He also reworked the low-voltage DC supply section, replacing a fixed-voltage supply and a DC-DC converter with a variable DC supply. This had the side benefit of providing a little bit more voltage to the ZVS driver, which goosed up the HV output a bit. The biggest change, though, was to the potted part of the HV section, which showed signs of arcing to the chassis. It turns out that even at 100% infill, 3D printed PLA isn’t a great choice for HV projects; more epoxy was the answer to that problem. Along with rewinding the primary on the flyback transformer, the power supply not only hit the 60-kV spec, but even went a little past that — and all without any of that pesky arcing.

We thought [Advanced Tinkering]’s first pass on this build was pretty slick, but we’re glad to see that it’s even better now. And we’re still keen to see how this supply will be put to use; honestly, the brief teaser at the end of the video wasn’t much help in guessing what it could be.

Continue reading “Lessons Learned From A High-Voltage Power Supply”

Sun On The Run: Diving Into Solar With A Mobile PV System

For obvious reasons, there has been a lot of interest in small-scale residential solar power systems lately. Even in my neck of the woods, where the sun doesn’t shine much from October to April, solar arrays are sprouting up on rooftops in a lot of local neighborhoods. And it’s not just here in suburbia; drive a little way out into the country or spend some time looking around in Google maps and it won’t take long to spy a sizable array of PV panels sitting in a field next to someone’s ranch house or barn.

Solar has gotten to the point where the expense of an installation is no longer a serious barrier to entry, at least if you’re willing to put in a little sweat equity and not farm the project out to a contractor. Doing it yourself requires some specialized tools and knowledge, though, over and above your standard suite of DIY skills. So, in the spirit of sharing hard-won knowledge, I decided to take the somewhat unusual step of writing up one of my personal projects, which has been in progress for a couple of years now and resulted in a solar power system that isn’t on a rooftop or a ground-mounted array at all, but rather is completely mobile: my solar trailer.

Continue reading “Sun On The Run: Diving Into Solar With A Mobile PV System”

Neutrino Hunters Hack Chat

Join us on Wednesday, January 17 at noon Pacific for the Neutrino Hunters Hack Chat with Patrick Allison!

It’s a paradox of science that the biggest of equipment is needed to study the smallest of phenomena. The bestiary of subatomic particles often requires the power and dimension of massive accelerators to produce, and caverns crammed with racks full of instruments to monitor their brief but energetic lives. Neutrinos, though, are different. These tiny, nearly massless, neutral particles are abundant in the extreme, zipping through space from sources both natural and artificial and passing through normal matter like it isn’t even there.

That poses a problem: how do you study something that doesn’t interact with the stuff you can make detectors out of? There are tricks that neutrino hunters use, and most of them use very, VERY big instruments to do it. Think enormous tanks of ultrapure water or a cubic kilometer of Antarctic ice, filled with photomultiplier tubes to watch for the slightest glimmer of Cherenkov radiation as a neutrino passes by.

join-hack-chatNeutrino hunting is some of the biggest of Big Science, and getting all the parts to work together takes some special engineering. Patrick Allison has been in the neutrino business for decades, both as a physicist and as the designated guru who keeps all the electronics humming. He’ll join us on the Hack Chat to talk about the neutrino hunting trade, and what it takes to keep the data flowing.

Our Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, January 17 at 12:00 PM Pacific time. If time zones have you tied up, we have a handy time zone converter.

Featured image: Daderot, CC0, via Wikimedia Commons

Hackaday Links Column Banner

Hackaday Links: January 14, 2024

How long does it take a team of rocket scientists to remove two screws? When the screws they’re working on are keeping a priceless sample of asteroid safe, it’s about three months. That’s how long NASA has been working on the OSIRIS-REx sample return canister, which came back to Earth from asteroid Bennu back in September. The container was crammed full of asteroid bits, thanks in part to an overly energetic impact between the sample-collecting boom and Bennu. There was so much stuff that planetary scientists were able to recover about 70 grams of material that was covering the outside of the sealed container; this must have been a boon to the engineers, who got to figure out how to open the jammed cover of the container without anyone breathing down their necks for samples to study. The problem was a pair of stuck fasteners out of the 35 holding the lid on the container; the solution was far more complicated than a spritz of WD-40 and a little bit of heating with an oxy-acetylene torch. Engineers had to design two “clamp-like tools” and test them on a mock-up to make sure they wouldn’t contaminate the sample. We’d love to know more about these tools; trust us, we’ll be looking into this closely. If we find anything, a full article will be forthcoming.

Continue reading “Hackaday Links: January 14, 2024”

Reverse Engineering Smart Meters, Now With More Fuming Nitric Acid

If you’re lucky, reverse engineering can be a messy business. Sure, there’s something to be said for attacking and characterizing an unknown system and leaving no trace of having been there, but there’s something viscerally satisfying about destroying something to understand it. Especially when homemade fuming nitric acid is involved.

The recipient of such physical and chemical rough love in the video below is a residential electric smart meter, a topic that seems to be endlessly fascinating to [Hash]; this is far from the first time we’ve seen him take a deep dive into these devices. His efforts are usually a little less destructive, though, and his write-ups tend to concentrate more on snooping into the radio signals these meters are using to talk back to the utility company.

This time around, [Hash] has decided to share some of his methods for getting at these secrets, including decapping the ICs inside. His method for making fuming nitric acid from stump remover and battery acid is pretty interesting; although the laboratory glassware needed to condense the FNA approaches the cost of just buying the stuff outright, it’s always nice to have the knowledge and the tools to make your own. Just make sure to be careful about it — the fumes are incredibly toxic. Also detailed is a 3D-printable micropositioner, used for examining and photographing acid-decapped ICs under the microscope, which we’d bet would be handy for plenty of other microscopy jobs.

In addition to the decapping stuff, and a little gratuitous destruction with nitric acid, [Hash] takes a look at the comparative anatomy of smart meters. The tamper-proofing features are particularly interesting; who knew these meters have what amounts to the same thing as a pinball machine’s tilt switch onboard?

Continue reading “Reverse Engineering Smart Meters, Now With More Fuming Nitric Acid”

Skip The Radio With This Software-Defined Ultrasound Data Link

We know what you’re thinking: with so many wireless modules available for just pennies, trying to create a physical data link using ultrasonic transducers like [Damian Bonicatto] did for a short-range, low-bitrate remote monitoring setup seems like a waste of time. And granted, there are a ton of simple RF protocols you can just throw at a job like this. Something like this could be done and dusted for a couple of bucks, right?

Luckily, [Damian] wanted something a little different for his wireless link to a small off-grid solar array, which is why he started playing with ultrasound in an SDR framework. The design for his “Software-Defined Ultrasonics” system, detailed in Part 1, has a pair of links, each with two ultrasonic transducers, one for receiving and one for transmitting. Both connect to audio amplifiers with bandpass filters; the received signal is digitized by the ADC built into an Arduino Nano, while the transmitted signal is converted to analog by an outboard DAC.

The transducers are affixed to 3D printed parabolic reflectors, which are aimed at each other over a path length of about 150′ (46 m). Part 2 of the series details the firmware needed to make all this work. A lot of the firmware design is dictated by the constraints introduced by using Arduinos and the 40-kHz ultrasonic carrier, meaning that the link can only do about 250 baud. That may sound slow, but it’s more than enough for [Damian]’s application.

Perhaps most importantly, this is one of those times where going slower helps you to go faster; pretty much everything about the firmware on this system applies to SDRs, so if you can grok one, the other should be a breeze. But if you still need a little help minding your Is and Qs, check out [Jenny]’s SDR primer.