SKiDL: Script Your Circuits In Python

December 28, 2016 by Elliot Williams 28 Comments

SKiDL is very, very cool. It’s a bit of Python code that outputs a circuit netlist for KiCAD.

Why is this cool? If you design a PCB in KiCAD, you go through three steps: draw the schematic, assign footprints to the symbolic parts, and then place them. The netlist ties all of these phases together: it’s a list of which parts are connected to which, the output of schematic capture and the input for layout. The ability to generate this programmatically should be useful.

For instance, you could write a filter circuit generator that would take the order, cutoff, and type of filter as inputs, and give you a spec’ed netlist as output. Bam! In your next design, when you need a different filter, you just change a couple of variables. Writing your circuits as code would make arranging the little sub-circuits modular and flexible, like functions in code.

At the very least, it’s an interesting alternative to the mouse, click, drag, click paradigm that currently dominates the schematic capture phase. Just as some of you like OpenSCAD for 3D modelling, some of you will like SKiDL for circuit design.

We’ve become so accustomed to the circuit diagram as the means of thinking about circuits that we’re not sure that we can ever give up the visual representation entirely. Maybe designing with SKiDL will be like sketching out block diagrams, where each block is a bit of Python code that generates a circuit module? Who knows? All we know is that it sounds potentially interesting, and that it’ll certainly be mind-expanding to give it a try.

Give it a shot and leave feedback down in the comments!

Ken Shirriff Takes Us Inside The IC, For Fun

December 27, 2016 by Elliot Williams 13 Comments

[Ken Shirriff] has seen the insides of more integrated circuits than most people have seen bellybuttons. (This is an exaggeration.) But the point is, where we see a crazy jumble of circuitry, [Ken] sees a riddle to be solved, and he’s got a method that guides him through the madness.

In his talk at the 2016 Hackaday SuperConference, [Ken] stepped the audience through a number of famous chips, showing how he approaches them and how you could do the same if you wanted to, or needed to. Reading an IC from a photo is not for the faint of heart, but with a little perseverance, it can give you the keys to the kingdom. We’re stoked that [Ken] shared his methods with us, and gave us some deeper insight into a handful of classic silicon, from the Z80 processor to the 555 timer and LM7805 voltage regulator, and beyond.

Continue reading “Ken Shirriff Takes Us Inside The IC, For Fun” →

33C3: Chris Gerlinsky Cracks Pay TV

December 27, 2016 by Elliot Williams 40 Comments

People who have incredible competence in a wide range of fields are rare, and it can appear deceptively simple when they present their work. [Chris Gerlinksy]’s talk on breaking the encryption used on satellite and cable pay TV set-top boxes was like that. (Download the slides, as PDF.) The end result of his work is that he gets to watch anything on pay TV, but getting to watch free wrestling matches is hardly the point of an epic hack like this.

The talk spans hardware reverse engineering of the set-top box itself, chip decapping, visual ROM recovery, software reverse analysis, chip glitching, creation of custom glitching hardware, several levels of crypto, and a lot of very educated guessing. Along the way, you’ll learn everything there is to know about how broadcast streams are encrypted and delivered. Watch this talk now.

Some of the coolest bits:

Reading out the masked ROM from looking at it with a microscope never fails to amaze us.
A custom chip-glitcher rig was built, and is shown in a few iterations, finally ending up in a “fancy” project box. But it’s the kind of thing you could build at home: a microcontroller controlling a switch on a breadboard.
The encoder chip stores its memory in RAM: [Chris] uses a beautiful home-brew method of desoldering the power pins, connecting them up to a battery, and desoldering the chip from the board for further analysis.
The chip runs entirely in RAM, forcing [Chris] to re-glitch the chip and insert his payload code every time it resets. And it resets a lot, because the designers added reset vectors between the bytes of the desired keys. Very sneaky.
All of this was done by sacrificing only one truckload of set-top boxes.

Our jaw dropped repeatedly during this presentation. Go watch it now.

Hacking Together A Temperature Sensor For Boiling Milk

December 27, 2016 by Elliot Williams 13 Comments

Ever have trouble justifying your hacking to anyone from another generation? [Domen] presented his mother with a custom-made device that monitors the milk temperature as it boils on the stove, preventing boil-over. And he made the device robust, simple to use, and foolproof. To his mom, it must look like he’s a wizard — able to conjure up home electronics out of solder smoke and some plywood.

Of course, we know better. Inside his gadget is a simple temperature sensor, an ATtiny841, a very nice home-made PCB, a buzzer, an LCD, and some pushbuttons. [Domen] rubbed together a few pre-existing libraries, and had a working prototype inside a nice wooden box on the quick. It’s a simple hack, but imagine how this must look to a muggle. For the detailed incantations, check out [Domen]’s GitHub for the project.

Continue reading “Hacking Together A Temperature Sensor For Boiling Milk” →

Getting IEC Standards For Free

December 26, 2016 by Elliot Williams 28 Comments

The International Electrotechnical Commission (IEC) is an international body that issues standards on a wide range of electronics-related topics. How wide? Their mandate seems to span rules for household product safety to the specification of safety logic assemblies in nuclear power plants. Want to know how to electrically measure sound loudness? Test methods for digital door lock systems? Or maybe you’re interested in safety interlock systems for laser processing machines. There’s an IEC standard for that too.

Unfortunately, this information is kept behind a paywall. OK, it’s a lot more like a pay fortress. They really, really don’t want you accessing their documents without first coughing up. This is a shame.

The IEC doesn’t just make the standards in a vacuum, however. Before the scribes touch their chisels to the stone tablets, there are draft versions of the standards that are open for public comment by those knowledgeable in the field. And by “those knowledgeable”, we mean you, dear hacker. Head on over to the public commenting page, sign up, and you’ve got free access to every document that’s currently up for discussion.

Now, it does look like the IEC doesn’t want you sharing these PDFs around — they watermark them with your username and threaten all sorts of things if you use them for anything other than commenting purposes — so don’t go abusing the system. But on the other hand, if you are a private individual who knows a thing or two about a thing or two, we think you’re entirely right to look over their shoulders. Let us know in the comments if you find any gems.

They’ve even got a weekly update feature (in the registration pages) that’ll keep you up to date. And who knows, maybe your two cents, submitted to your country’s chapter of the IEC, will influence future international standards.

Thanks to [Johann] for the great tip!

Ask Hackaday: Computing Square Roots On FPGA?

December 26, 2016 by Elliot Williams 33 Comments

Hackaday reader [nats.fr] wrote in with some code from a project that resizes a video stream on the fly using an FPGA. Doing this right means undoing whatever gamma correction has been applied to the original stream, resizing, and then re-applying the gamma. Making life simpler, [nats.fr] settled on a gamma of two, which means taking a bunch of square roots, which isn’t fast on an FPGA.

[nats]’s algorithm is pretty neat: it uses a first-stage lookup to figure out in which broad range the value lies, and then one step of Hero’s algorithm to refine from there. (We think this is equivalent to saying he does a piecewise linear interpolation, but we’re not 100% sure.) Anyway, it works decently.

Of course, when you start looking into the abyss that is special function calculation, you risk falling in. Wikipedia lists more methods of calculating square roots than we have fingers. One of them, CORDIC, avoids even using multiplication by resorting to clever bitshifts and a lookup table. Our go-to in these type of situations, Chebyshev polynomial approximation, didn’t even make the cut. (Although we suspect it would be a contender in the gamma=1.8 or gamma=2.2 cases, especially if combined with range-reduction in a first stage like [nats.fr] does.)

So what’s the best/fastest approximation for sqrt(x) for 16-bit integers on an FPGA? [nats.fr] is using a Spartan 6, so you can use a multiplier, but division is probably best avoided. What about arbitrary, possibly fractional, roots?

33C3 Starts Tomorrow: We Won’t Be Sleeping For Four Days

December 26, 2016 by Elliot Williams 10 Comments

Possibly the greatest hacker show on Earth, the 33rd annual Chaos Communication Congress (33C3) begins Tuesday morning in Hamburg, Germany. And Hackaday will be there! Contributing Editor [Elliot Williams] is taking the night train up and will be trying to take it all in for you. The schedule looks tremendous.

If you can’t make it, don’t fret. There will be live streaming, and the talks are usually available in preliminary edit for viewing or download just a few minutes after they finish. It’s even cooler to watch the talks with friends, though. Every hackerspace with a video projector could be playing along, live or after the fact. Pick some cool talks and have a “movie night”.

If you’re going to be in Hamburg, and you want to show us something cool, tell us that something is NOTAHACK!1!! in person, or even just say “Hi”, we’ll be wandering around from talk to talk and session to session just like you, only with a backpack full of Hackaday stickers.

If there’s anything you think we should see, post up in the comments. If there’s enough call for it, we’ll have a Hackaday meetup once we can figure out a good time and location. Bring us a cool hack, and we’ll document it on the spot! Our DECT phone number is 2475.