Author: Maya Posch

1738 Articles

Exploring Security Vulnerabilities In A Cheap WiFi Extender

March 3, 2026 by 15 Comments

If all you want is just a basic WiFi extender that gets some level of network connectivity to remote parts of your domicile, then it might be tempting to get some of those $5, 300 Mbit extenders off Temu as [Low Level] recently did for a security audit. Naturally, as he shows in the subsequent analysis of its firmware, you really don’t want to stick this thing into your LAN. In this context it is also worrying that the product page claims that over a 100,000 of these have been sold.

Starting the security audit is using $(reboot) as the WiFi password, just to see whether the firmware directly uses this value in a shell without sanitizing. Shockingly, this soft-bricks the device with an infinite reboot loop until a factory reset is performed by long-pressing the reset button. Amusingly, after this the welcome page changed to the ‘Breed web recovery console’ interface, in Chinese.

Here we also see that it uses a Qualcomm Atheros QCA953X SoC, which incidentally is OpenWRT compatible. On this new page you can perform a ‘firmware backup’, making it easy to dump and reverse-engineer the firmware in Ghidra. Based on this code it was easy to determine that full remote access to these devices was available due to a complete lack of sanitization, proving once again that a lack of input sanitization is still the #1 security risk.

In the video it’s explained that it was tried to find and contact a manufacturer about these security issues, but this proved to be basically impossible. This leaves probably thousands of these vulnerable devices scattered around on networks, but on the bright side they could be nice targets for OpenWRT and custom firmware development.

Continue reading “Exploring Security Vulnerabilities In A Cheap WiFi Extender”

A Look Inside The Creative MB-10 MIDI Blaster

March 3, 2026 by 16 Comments

Before it became viable to distribute and play music tracks on home computers, the use of FM and Wavetable synthesis was very common, with MIDI Wavetable-based devices like the Roland MT-32 and SC-55 still highly sought after today. The Creative Midi Blaster MB-10 that [Yeo Kheng Meng] reviewed and tore down for an analysis isn’t quite as famous or sought after, but it provides a good example of what Creative Labs was doing at the time in this space.

Released in 1993, it definitely has more of a popular style vibe to it than the utilitarian Roland devices, even if this means highly impractical curves. In the list of features it claims Roland MT-32 emulation, which would have made it quite a bit more useful to the average user, including gamers of the era. Games likeĀ DOOM supported these MIDI devices for audio, for example.

In terms of price only the Roland SC-55ST comes close to the MB-10, similarly dropping a screen and a host of features. In terms of features the MB-10 claims far fewer instruments than the SC-55 variants, with even with the slightly higher priced SC-55ST massively outgunning it in raw specs. So would you ever buy the MB-10 back then and consider it a ‘good deal’? If $100 in 1990s money was worth losing full MIDI compatibility for, then it seems the answer was ‘yes’.

Continue reading “A Look Inside The Creative MB-10 MIDI Blaster”

NASA Uses Mars Global Localization As GNSS Replacement For The Perseverance Rover

March 2, 2026 by 16 Comments

Unlike on Earth there aren’t dozens of satellites whizzing around Mars to provide satellite navigation functionality. Recently NASA’s JPL engineers tried something with the Perseverance Mars rover that can give such Marsbound vehicles the equivalent of launching GPS satellites into Mars orbit, by introducing Mars Global Localization.

Although its remote operators back on Earth have the means to tell the rover where it is, it’d be incredibly helpful if it could determine this autonomously so that the rover doesn’t have to constantly stop and ask its human operators for directions. To this end the processor which was originally used to communicate with its Ingenuity helicopter companion was repurposed, reprogrammed to run an algorithm that compares panoramic images from the rover’s navigation cameras with its onboard orbital terrain maps.

Much like terrain-based navigation as used in cruise missiles back on Earth, this can provide excellent results depending on how accurate your terrain maps are. This terrain mapping process used to be done back on Earth, but for the past years engineers have worked to give the rover its own means to perform this task.

Continue reading “NASA Uses Mars Global Localization As GNSS Replacement For The Perseverance Rover”

SNES Controllers Are (Almost) SPI-Compatible

March 2, 2026 by 10 Comments

Considering that the Serial Peripheral Interface bus semi-standard has been around since the early 1980s, it’s perhaps not that shocking that the controllers of the Super Nintendo Entertainment System (SNES) would take at least some strong design hints for the used protocol. This does however raise the question of exactly how compatible a SNES controller is when connected to the SPI master peripheral of any random MCU. Recently [James Sharman] set out to answer this question decisively.

The impetus for answering this question came after [James] designed a separate SNES controller board for his homebrew computer system, which led to many comments on that video saying that he could just have hooked the controller up to the SPI board in said homebrew system.

Here the short answer is that the SNES controller protocol is very close to SPI Mode-1, with a similar arrangement of clock/data/chip select (latch) lines and clocking. If you think of the SNES controller as an SPI device with just a MISO line, you’re basically there already. The only niggle that popped up was that the ‘MISO’ line does not get pulled into a high-impedance state when the active-low latch connection is pulled high.

This was fixable by introducing a 74HC125 tri-state buffer IC, after which both the original SD card and twin SNES controllers could be used simultaneously.

Continue reading “SNES Controllers Are (Almost) SPI-Compatible”

Cynus Chess Robot: A Chess Board With A Robotic Arm

March 2, 2026 by 4 Comments
Downward-facing camera and microphone in the arm. (Credit: Techmoan, YouTube)
Downward-facing camera and microphone in the arm. (Credit: Techmoan, YouTube)

There are many chess robots, most of which require the human player to move the opposing pieces themselves, or have a built-in mechanism that can slide the opposing pieces around to their new location. Ideally, such a chess robot would move the pieces just like how a human would, of course. That’s pretty much the promise behind the Manya Cynus chess robot, which [Matt] over at the Techmoan YouTube channel bought from the Kickstarter campaign.

Advertising itself as a ‘Portable AI Chess Robot’, the Manya Cynus chess robot comes in the form of a case that unfolds into a chess board and also contains the robotic arm that contains the guts of the operation. Powered by the open source Stockfish chess engine, it can play games against a human opponent at a few difficulty levels without requiring any online connectivity or a companion app. It moves its own pieces by picking up the metal-cored chess pieces with its arm, while its front display tries to display basic emotions with animated eyes. A 3-MP downward-facing camera is located on the head section, along with a microphone.

As for how well it works, [Matt] isn’t the best chess player, but he had a fair bit of fun with the machine. His major complaints circle around how unfinished the firmware still feels, with e.g., invalid moves basically ignored with only a barely visible warning popping up on the screen. In general, he’d rather classify it as an interesting development kit for a chess robot, which is where the BLE 5.1-based interface and a purported Python-based development environment provided by Manya seem to come into focus.

Continue reading “Cynus Chess Robot: A Chess Board With A Robotic Arm”

Accidental Climate Engineering With Disintegrating Satellites

March 2, 2026 by 16 Comments

For many decades humankind has entertained the notion that we can maybe tweak the Earth’s atmosphere or biosphere in such a way that we can for example undo the harms of climate change, or otherwise affect the climate for our own benefit. This often involves spreading certain substances in parts of the atmosphere in order to reflect or retain thermal solar radiation or induce rain.

Yet despite how limited in scope these attempts at such intentional experiments have been so far – with most proposals dying somewhere before being implemented – we have already embarked on a potentially planet-wide atmospheric reconfiguration that could affect life on Earth for centuries to come. This accidental experiment comes in the form of rocket stages, discarded satellites, and other human-made space litter that burn up in the atmosphere at ever increasing rates.

Rather than burning up cleanly into harmless components, this actually introduces metals and other compounds into the upper parts of the atmosphere. What the long-term effects of this will be is still uncertain, but with the most dire scenarios involving significant climate change and ozone layer degradation, we ought to figure this one out sooner rather than later.

Continue reading “Accidental Climate Engineering With Disintegrating Satellites”

Teardown Of Dangerous Fake Wago Connectors

March 1, 2026 by 31 Comments

Everyone loves Wago connectors for how versatile and effective they are for quickly and securely connecting conductors, but it can be tempting to buy a bag of the significantly cheaper knock-offs. The reason why this can be a terrible idea is explained by [Big Clive] who tore down a few bags of them to ogle at their internals.

The main problem with some of these knock-offs is the way that they use the plastic molding as part of the structure that holds the conductors in place. Over time this plastic will develop larger tolerances, with heat developed from passing large currents speeding up the process. As the examined type of connector relies on metal clamps that securely push the conductor onto the busbar, having the plastic weaken, and the clamp correspondingly loosen up, is clearly not a desirable scenario.

As [Clive] says in the video, you’re probably okay using these cheapo knock-offs for a quick test on the bench, but you should never put them in a permanent installation. Not just due to potential fiery scenarios, but also for insurance claims should the worst come to pass, and the insurance company finds dodgy connectors everywhere in the electrical wiring. This isn’t the first we’ve heard of knock-off Wago problems.

Continue reading “Teardown Of Dangerous Fake Wago Connectors”