Author: Elliot Williams

1432 Articles

ESP32’s Freedom Output Lets You Do Anything

April 24, 2017 by 39 Comments

The ESP32 is Espressif’s new wonder-chip, and one of the most interesting aspects of its development has been the almost entirely open-source development strategy that they’re taking. But the “almost” in almost entirely open is important — there are still some binary blobs in the system, and some of them are exactly where a hacker wouldn’t want them to be. Case in point: the low-level WiFi firmware.

So that’s where [Jeija]’s reverse engineering work steps in. He’s managed to decode enough of a function called ieee80211_freedom_output to craft and send apparently arbitrary WiFi data and management frames, and to monitor them as well.

This ability is insanely useful for a WiFi device. With low-level access like this, one can implement custom protocols for mesh networking, low-bandwidth data transfers, or remove the requirement for handshaking entirely. One can also spam a system with so many fake SSIDs that it crashes, deauth everyone, or generally cause mayhem. Snoop on your neighbors, or build something new and cool: with great power comes great responsibility.

Anyway, we reported on [Jeija]’s long distance hack and the post may have read like it was all about the antenna, but that vastly underestimates the role played by this firmware reverse-engineering hack. Indeed, we’re so stoked about the hack that we thought it was worth reiterating: the ESP32 is now a WiFi hacker’s dream.

ESP32’s Dev Framework Reaches 2.0

April 23, 2017 by 22 Comments

We’ve been watching the development of the ESP32 chip for the last year, but honestly we’ve been a little bit cautious to throw all of our friendly ESP8266s away just yet. Earlier this month, Espressif released version 2.0 of their IoT Development Framework (ESP-IDF), and if you haven’t been following along, you’ve missed a lot.

We last took a serious look at the IDF when the chips were brand-new, and the framework was still taking its first baby steps. There was no support for such niceties as I2C and such at the time, but you could get both cores up and running and the thing connected to the network. We wanted to test out the power-save modes, but that wasn’t implemented yet either. In short, we were watching the construction of a firmware skyscraper from day one, and only the foundation had been poured.

But what a difference eight months make! Look through the GitHub changes log for the release, and it’s a totally new ballgame. Not only are their drivers for I2C, I2S, SPI, the DAC and ADCs, etc, but there are working examples and documentation for all of the above. Naturally, there are a ton of bugfixes as well, especially in the complex WiFi and Bluetooth Low Energy stacks. There’s still work left to do, naturally, but Espressif seems to think that the framework is now mature enough that they’ve opened up their security bug bounty program on the chip. Time to get hacking!

Continue reading “ESP32’s Dev Framework Reaches 2.0”

Ultrasonic Raspberry Pi Piano

April 22, 2017 by 9 Comments

Cheap stuff gets our creative juices flowing. Case in point? [Andy Grove] built an eight-sensor HC-SR04 breakout board, because the ultrasonic distance sensors in question are so affordable that a hacker can hardly avoid ordering them by the dozen. He originally built it for robotics, but then it’s just a few lines of code to turn it into a gesture-controllable musical instrument. Check out the video, embedded below, for an overview of the features.

His Octasonic breakout board is just an AVR in disguise — it reads from eight ultrasonic sensors and delivers a single SPI result to whatever other controller is serving as the brains. In the “piano” demo, that’s a Raspberry Pi, so he needed the usual 5 V to 3.3 V level shifting in between.

The rest is code on the Pi that enables gestures to play notes, change musical instruments, and even shut the Pi down. The Pi code is written in Rust, and up on GitHub. An Instructable has more detail on the hookups.

All in all, building a “piano” out of robot parts is surely a case of having a hammer and every problem looking like a nail, but we find some of the resulting nail-sculptures arise that way. This isn’t the first time we’ve seen an eight-sensor ultrasonic setup before, either. Is 2017 going to be the year of ultrasonic sensor projects? Continue reading “Ultrasonic Raspberry Pi Piano”

How Many Watts Are You Using?

April 22, 2017 by 28 Comments

One of the best smart home hacks is implementing an energy monitor of some kind. It’s easy enough to say that you’re trying to save energy, but without the cold hard data, it’s just talk. Plus, it’s easy and a great way to build up something DIY that the whole family can use.

[Bogdan] built up a simple whole-apartment power monitor from scratch over the weekend, and he’s been nice enough to walk us through the whole procedure, starting with picking up a split-core CT sensor and ending up with a finished project.

The brains of his project are an ESP8266 module, which means that he needed to adapt the CT sensor to put out a voltage that lies within the chip’s ADC range of 0 V to 3.3 V. If you’re undertaking an energy monitor project, it’s as easy as picking the right burden resistor value and then shifting the ground-centered voltage up by 1.6 V or so. We say it’s easy, but it’s nice to have a worked example and some scope shots. The microcontroller reads the ADC frequently, does a little math, and you’re done. Continue reading “How Many Watts Are You Using?”

The Internet Of Rice Cookers

April 22, 2017 by 28 Comments

You’d be forgiven for thinking this was going to be an anti-IoT rant: who the heck needs an IoT rice cooker anyway? [Microentropie], that’s who. His rice cooker, like many of the cheapo models, terminates heating by detecting a temperature around 104° C, when all the water has boiled off. But that means the bottom of the rice is already dried out and starting to get crispy. (We love the crust! But this hack is not for us. This hack is for [Microentropie].)

So [Microentropie] added some relays, a temperature sensor, and an ESP8266 to his rice cooker, creating the Rice Cooker 2.0, or something. He tried a few complicated schemes but was unwilling to modify any of the essential safety features of the cooker. In the end [Microentropie] went with a simple time-controlled cooking cycle, combined with a keep-warm mode and of course, notification of all of this through WiFi.

There’s a lot of code making this simple device work. For instance, [Microentropie] often forgets to press the safety reset button, so the ESP polls for it, and the web interface has a big red field to notify him of this. [Microentropie] added a password-protected login to the rice cooker as well. Still, it probably shouldn’t be put on the big wide Internet. The cooker also randomizes URLs for firmware updates, presumably to prevent guests in his house from flashing new firmware to his rice cooker. There are even custom time and date classes, because you know you don’t want your rice cooker using inferior code infrastructure.

In short, this is an exercise in scratching a ton of personal itches, and we applaud that. Next up is replacing the relays with SSRs so that the power can be controlled with more finesse, adding a water pump for further automation, and onboard data logging. Overkill, you say? What part of “WiFi-enabled rice cooker” did you not understand?

[Hari] Prints An Awesome Spider Robot

April 22, 2017 by 14 Comments

Although we have strong suspicions that the model’s designer failed entomology, this spider robot is very cool. [Hari Wiguna] made one, and is justifiably thrilled with the results. (Watch his summary on YouTube embedded below.)

Thanks to [Regis Hsu]’s nice design, all [Hari] had to do was order a hexapod’s dozen 9g servos for around $20, print out the parts, attach an Arduino clone, and he was done. We really like the cutouts in the printed parts that nicely fit the servo horns. [Hari] says the calibration procedure is a snap; you run a sketch that sets all the servos to a known position and then tighten the legs in place. Very slick.

The parts should print without support on basically any printer. [Hari]’s is kinda janky and exhibits all sorts of layer-to-layer irregularities (sorry, man!) but the robot works perfectly. Which is not to say that [Hari] doesn’t have assembly skills — check out the world’s smallest (?) RGB LED cube if you think this guy can’t solder. Of course, you can entirely sidestep the 3D-printed parts and just fix a bunch of servos together and call it a robot. It’s harder to make building a four-legger any easier than these two projects. What are you waiting for?

Continue reading “[Hari] Prints An Awesome Spider Robot”

E-ink Display Driven DIY

April 20, 2017 by 44 Comments

E-ink displays are awesome. Humans spent centuries reading non-backlit devices, and frankly it’s a lot easier on the eyes. But have you looked into driving one of these critters yourself? It’s a nightmare. So chapeau! to [Julien] for his FPGA-based implementation that not only uses our favorite open-source FPGA toolchain, and serves as an open reference implementation for anyone else who’s interested.

Getting just black and white on an E-ink display is relatively easy — just hit the ink pixels with the same signal over and over until they give up. Greyscale is made by applying much more nuanced voltages because the pixels are somewhat state-dependent. If the desired endpoint is a 50% grey, for instance, you’d hit it with a different pulse train if the pixel were now white versus if it were now black. (Ever notice that your e-book screen periodically does a white-black flash? It’s resetting all the pixels to a known state.) And that’s not even taking into account the hassles with the various crazy voltages that E-ink displays require, which [Julien] wisely handed off to a dedicated chip.

In the end, the device has to make 20-50 passes through the screen for one user-visible refresh. [Julien] found that the usual microcontrollers just weren’t capable of the speed that he wanted, hence the FPGA and custom waveform tables. We’ve seen E-ink hacks before, and [Julien] is standing on the shoulders of giants, most notably those of [Petteri Aimonen] and [Sprite_tm]. [Julien]’s hack has the fastest updates we’ve ever seen.

We still can’t wait for the day that there is a general-purpose E-ink driver chip out there for pennies, because nearly every project we make with a backlit display would look better, and chew through the batteries slower, with E-ink. In the meantime, [Julien]’s FPGA implementation is pretty close, and it’s fully open.

Continue reading “E-ink Display Driven DIY”