Starlink Ground Stations Successfully Hacked

August 14, 2022 by Elliot Williams 18 Comments

Belgian security researcher [Lennert Wouters] has gotten his own code running on the Starlink “Dishy McFlatface” satellite terminals, and you can too! The hack in question is a “modchip” with an RP2040 and a MOSFET that crowbars the power rails, browning out the main CPU exactly when it’s verifying the firmware’s validity and bypassing that protection entirely. [Lennert] had previously figured out how to dump the Starlink firmware straight from the eMMC, and with the ability to upload it back, the circle of pwnership is closed. This was a talk at DEFCON, and you can check out the slides here. (PDF)

The mod chip itself was a sweet piece of work, being tailored to fit into the Starlink’s motherboard just so, and taking good advantage of the RP2040’s PIOs, which are probably the microcontroller’s superpower.

[Lennert] says he submitted his glitch attack to Starlink and they took some precautions to make the glitching harder. In particular, [Lennert] was triggering his timing off of the USART port coming up on the Starlink unit, so Starlink just shut that down. But it’s not like he couldn’t trigger on some other timing-relevant digital signal, so he chose the eMMC’s D0 data line: they’re not going to be able to boot up without it, so this hack is probably final. No shade against Starlink here. It’s almost impossible to shield a device against an attacker who has it on their bench, and [Lennert] concludes that he found no low-hanging fruit and was impressed that he had to work so hard to get root.

What can you do with this? Not much, yet. But in principle, it could be used to explore the security of the rest of the Starlink network. As reported in Wired, Starlink says that they’ve got a defence-in-depth system and that just getting into the network doesn’t really get you very far. We’ll see!

Thanks [jef] for the tip!

How Do You Build A Tradition?

August 13, 2022 by Elliot Williams 6 Comments

I was struck by reading our writeup of the Zenit in Electronics contest – an annual event in the Slovak Republic – that it’s kind of like a decathlon for electronic engineers and/or hardware hackers. It’s a contest, in which students compete presumably initially on a local level, and then up to 32 at the national level. There’s a straight-up knowledge test, a complex problem to solve, and then a practical component where the students must actually fabricate a working device themselves, given a schematic and maybe some help. Reading through the past writeups, you get the feeling that it’s both a showcase for the best of the best, but also an encouragement for those new to the art. It’s full-stack hardware hacking, and it looks like a combination of hard work and a lot of fun.

What’s most amazing is that it’s in its 38th year. Think how much electronics, not to mention geopolitics, has changed in the last 40 years. But yet the Zenit competition still lives on. Since it’s mostly volunteer driven, with strong help from the Slovak electronics industry, it has to be a labor of love. What’s astounding to me is that this love has been kept alive for so long.

I think that part of the secret is that, although it’s a national competition, it’s possible to run it with a small yet dedicated crew. It’s certainly a worthwhile endeavor – I can only imagine how many young students’ lives have been impacted by the exposure to microelectronics hacking through the contest. Indeed, it’s telling that the current chairman of the competition, Daniel Valúch, was a competitor himself back in 1994.

I wonder if the people founding Zenit back in 1984 thought of themselves as creating a perpetual electronic engineering contest, or if they just wanted to try it out and it took on a life of its own? Could you start something like this today?

2022 Hackaday Prize: Congratulations To The Winners Of The Hack It Back Challenge

August 9, 2022 by Elliot Williams 7 Comments

Wow! We knew that the Hack it Back Challenge round of the Hackaday Prize would bring out the clever repairers among you, but we’re still impressed to see the results! This was a tough round for the judges, but they came up with a short list of ten finalists, and we’re pleased to bring them to you here.

The Hack it Back Challenge aimed to keep old gear from being thrown away by performing a heroic repair, giving it a new purpose in life, or otherwise bringing it back to a useful state. Of course, once you’ve got the box open, you start thinking of how to improve whatever the gadget is, and some of our finalists took that in unexpected directions. Continue reading “2022 Hackaday Prize: Congratulations To The Winners Of The Hack It Back Challenge” →

Learning By Playing

August 6, 2022 by Elliot Williams 5 Comments

Summer break has started over here, and my son went off to his first of a few day-camp-like activities last week. It was actually really cool – a workshop held by our local Fablab where they have the kids make a Minecraft building and then get to 3D-print it out. He loves playing and building in Minecraft, so we figured this would be right up his alley.

TinkerCAD model of a Lego Minecraft fox. Kiddo trifecta!

I had naively thought that it would work something like this: the kids build something in Minecraft, and then some software extracts the build and converts it into an STL file. Makes sense, because they already are more-or-less fluent in Minecraft modelling. And as I thought about that, it was a pretty clever idea.

But the truth was even sneakier. They warmed up by making something in Minecraft, then they opened up TinkerCAD, which was new to all of the kids, and built a 3D model there. Then they converted the TinkerCAD models into Minecraft, and played with what they had just built while the 3D printers hummed away.

The kids didn’t even flinch at having to learn a new 3D modelling tool, and the parallels to what they were already comfortable doing in Minecraft were obvious to them. My son came home and told me how much easier it was to do your 3D modelling in “this other Minecraft” – he meant TinkerCAD – because you don’t need to build everything out of single blocks. He thought he was playing games, but he’d secretly used his first CAD tool. Nice trick!

Then I look back and realize how much I must have learned about computers through playing as a kid. Heck, how much I still learn through playing. And of course I’m not alone – that’s one of the things that shines through in a large number of the projects we feature. Hack on and have fun!

Welcome To Ziptie City

August 5, 2022 by Elliot Williams 36 Comments

Gravity, magnetism, the weak and strong nuclear forces; sure they hold a lot of stuff together. But the other binding force of nature that demands your utmost respect? Zip ties.

Or at least that’s [Alan Reiner]’s take on the combination of cable ties and 3D printing. (Video, embedded below.) So he’s designed a demo model, Zip Tie City, that goes through a number of the possibilities that designing in zip-tie channels offer.

He then designs a multi-output battery box with a ton of zip tie holds that keep wiring in check and hold modules and batteries where they belong. (And releases some magic smoke, but even zip ties can’t keep that stuff inside.)

We love zip ties for those situations where screws are overkill or a simple solution is sufficient. Designing channels for zip ties is a pure win, and makes use of the unique advantage of 3D printing; these would be horrible to try to subtractively machine into a part.

Zip ties aren’t the only game in town, though. If you need a glue, our own [Tom Nardi] went through his local hardware store and tested out the options in this must-read classic piece.

Thanks for the tip to [Keith Olson], who wants you to check out Zip Tie Guy (video) while you’re in the mood.

Continue reading “Welcome To Ziptie City” →

Hackaday Prize 2022: Saving The World, One Brew At A Time

August 5, 2022 by Elliot Williams 10 Comments

OK, so maybe [satanistik] is overreaching with his project title “Save the Coffee, Save the World” but keeping an otherwise working coffee machine out of the landfill by hacking around its broken display is nonetheless a worthy pursuit. The juice must flow!

The busted display used a SSD1303 controller OLED module, for which the SSD1305Z is an almost-compatible module. Almost. The one glitch is that the screen is filled in the opposite direction by default. Digging through the manuals, there is a screen-direction bit to set, and tracing out the communication with a logic analyzer, it’s set the wrong way with every screen refresh. If only he could flip that one bit while it’s in transit. Time to man-in-the-middle!

While we certainly would have put a microcontroller in the game, [satanistik] goes old-school. A two-IC logic solution can do exactly the same thing, trading wires for code. The final iteration of the converter board is correspondingly spartan, but it does its one job.

So if you’ve got a Nivona coffee machine with a bum display, or perhaps an Agilent U1273A multimeter, or any other piece of equipment that needs a hard-to-find SSD1303 controller, now you have a ready-made solution. But if not, and you find yourself looking for a display that you can’t find, let this serve as an example to you – with a little (fun) effort, you can hack it back.

Demonstrate Danger, Safely

July 30, 2022 by Elliot Williams 67 Comments

Dan Maloney and I were talking about the chess robot arm that broke a child’s finger during the podcast, and it turns out that we both have extreme respect for robot arms in particular. Dan had a story of a broken encoder wheel that lead to out-of-control behavior that almost hit him, and I won’t even get within striking distance of the things unless I know they’re powered off after seeing what programming errors in a perfectly functioning machine can do to two-by-fours.

This made me think of all the dangerous things I’ve done, but moreover about all the intensely simple precautions you can to render them non-risky, and I think that’s extremely important to talk about. Tops of my list are the aforementioned industrial robot arm and high powered lasers.

Staying safe with an industrial robot arm is as easy as staying out of reach when it’s powered. Our procedure was to draw a line on the floor that traced the arm’s maximum radius, and you stay always outside that line when the light is on. It’s not foolproof, because you could hand the ’bot a golf club or something, but it’s a good minimum precaution. And when you need to get within the line, which you do, you power the thing down. There’s a good reason that many industrial robots live in cages with interlocks on the doors.

Laser safety is similar. You need to know where the beam is going, make sure it’s adequately terminated, and never take one in the eye. This can be as simple as putting the device in a box: laser stays in box, nobody goes blind. If you need to see inside, a webcam is marvelous. But sometimes you need to focus or align the laser, and then you put on the laser safety glasses and think really hard about where the beam is going. And then you close the box again when you’re done.

None of these safety measures are particularly challenging to implement, or conceptually hard: draw a line on the floor, put it in a box. There were a recent series of videos on making Lichtenberg figures safely, and as a general rule with high voltage projects, a great precaution is a two-button deadman’s switch box. This at least ensures that both of your hands are nowhere near the high voltage when it goes on, at the cost of two switches.

If all of the safety precautions are simple once you’ve heard them, they were nothing I would have come up with myself. I learned them all from other hackers. Same goes with the table saw in my workshop, or driving a car even. But since the more hackery endeavors are less common, the “common-sense” safety precautions in oddball fields are simply less commonly known. It’s our jobs as the folks who do know the secrets of safety to share them with others. When you do something dangerous, show off your safety hacks!