Newest PlayStation Exploit Skips The Disc

April 10, 2021 by Tom Nardi 17 Comments

Last month we brought you word of tonyhax, a clever exploit for the original Sony PlayStation that leveraged a buffer overflow in several of the games from the Tony Hawk Pro Skater series to load arbitrary code from a specially prepared memory card. But now [Bradlin] has taken that idea a step further and developed a software exploit for Sony’s iconic console that doesn’t need to be triggered from a game.

The exploit is considerably more complex this time around, but [Bradlin] does an excellent job of breaking it down for those who want the gritty details. The short version is that missing boundary checks in the PlayStation’s built-in memory card handling routines mean a carefully formatted “block” on the memory card can get the console to execute a small 128 byte payload. That’s not a lot of room to work with, but it ends up being just enough to load up additional code stored elsewhere on the memory card and really kick things off.

Unlike tonyhax, which was designed specifically to allow the user to swap their retail Tony Hawk disc with a game burned to a CD-R, [Bradlin]’s FreePSXBoot is presented as more of a generic loader. As of right now, it doesn’t allow you to actually play burned games, although its inevitable that somebody will connect those last few dots soon.

If you want to check out the progress so far, all you need is wire a PlayStation memory card up to an Arduino, write the provided image to it, and stick it in the slot. [Bradlin] says the exploit doesn’t work 100% of the time (something else that will surely be addressed in future releases), but it shouldn’t take too many attempts before you’re greeted with the flashing screen that proves Sony’s 27 year old console has now truly been bested.

Continue reading “Newest PlayStation Exploit Skips The Disc” →

Kerbal Space Program Goes To The Movies In Stowaway

April 9, 2021 by Tom Nardi 14 Comments

Fans of the lusciously voiced space aficionado [Scott Manley] will know he often uses Kerbal Space Program (KSP) in his videos to knock together simple demonstrations of blindingly complex topics such as orbital mechanics. But as revealed in one of his recent videos, YouTube isn’t the only place where his KSP craft can be found these days. It turns out he used his virtual rocket building skills to help the creators of Netflix’s Stowaway develop a realistic portrayal of a crewed spacecraft in a Mars cycler orbit.

The Mars cycler concept was proposed in 1985 by Buzz Aldrin as a way to establish a long-term human presence on the Red Planet. Put simply, it describes an orbit that would allow a vehicle to travel continuously between Earth and Mars while needing only an occasional engine burn for course corrections. The spacecraft couldn’t actually stop at either planet, but while it made a close pass, smaller craft could rendezvous with it to hitch a ride. The concept can be thought of as a sort of interplanetary train: where passengers and cargo are picked up and dropped off at “stations” above Earth and Mars. It’s worth noting that a similar cycler orbit should be possible for Earth-Venus trips, but nobody really wants to go there.

An early KSP proof of concept for *Stowaway.*

The writers of Stowaway wanted their film to take place on a Mars cycler, and to avoid having to create the illusion of weightlessness, they wanted their fictional craft to also have some kind of artificial gravity. The only problem was, they weren’t sure what that would actually look like. So they reached out to [Scott], who in turn used KSP to throw together a rough idea of how such a ship might work in the real-world.

As you can see in the video below, the CGI spacecraft shown in the film’s recently released trailer ended up bearing a strong resemblance to its KSP prototype. While naturally some artistic license was used, [Scott] is excited by what he’s seen so far. The spinning spacecraft, which uses a spent upper stage to counterbalance its crew module and features a stationery utility node at the center, certainly looks impressive; all the more so with the knowledge that it’s based on sound principles.

While Netflix has had a hand in some surprisingly realistic science fiction in the past, they’ve also greenlit some real groan-worthy productions (if you haven’t watched Away, don’t). So until we can see the whole thing for ourselves, we can only hope that [Scott]’s sage advice will allow the crew of Stowaway to fly safe.

Continue reading “Kerbal Space Program Goes To The Movies In Stowaway“ →

Taking A Peek Inside The Newest Echo Show 10

April 9, 2021 by Tom Nardi 26 Comments

When Amazon released the original Echo, it was a pretty simple affair. Cylinder, some LEDs on top, done. Then they came out with the Echo Dot, which was basically the same thing, but shorter. It seemed like there was a pretty clear theme for awhile, but then at some point Amazon decided it would be a good idea to start producing Echo devices in every form factor imaginable, from wall plugs to literal sunglasses, and things got a lot more complicated. As a perfect example, take a look at this teardown of the third generation Echo Show 10 by [txyzinfo].

Granted the base still looks a bit like the Echos of old, but the family resemblance stops there. As you can probably gather from the name, the Show features a high resolution 10.1 inch LCD panel, greatly improving the number and type of advertisements Amazon is able to force on the user. In true Black Mirror fashion, there’s even a brushless motor in the base that allows the machine to rotate the display towards the user no matter how hard they try to escape.

A salvageable part if there ever was one.

The teardown is presented with no commentary; in both the video below and on the Hackaday.IO page, all you’ll find are clear and well-lit images of the device’s internals. But for those who are just interested in what the inside of one of these $250 USD gadgets looks like, that’s all you really need.

At this point, it doesn’t seem like [txyzinfo] is trying to reverse engineer the Show or figure out how it all works, and looking at the complexity of that main board, we’re not surprised. Still, it’s a marvel to look at all the hardware they packed into such a relatively small device.

If you’re looking for a more technical examination at the newer Echo devices, [Brian Dorey] did some impressive poking around on the third generation Dot in 2019 and [electronupdate] went as far as decapping a few of the chips inside the Flex. On the software side of things, check out the recent efforts to craft an open source firmware for the original Echo.

Continue reading “Taking A Peek Inside The Newest Echo Show 10” →

An Open Source Smart Watch You’d Actually Wear

April 8, 2021 by Tom Nardi 39 Comments

We’ve seen a number of open source smart watches over the years, and while they’ve certainly been impressive from a technical standpoint, they often leave something to be desired in terms of fit and finish. Exposed PCBs and monochromatic OLED displays might be fine for a trip to the hackerspace, but it wouldn’t be our first choice for date night attire.

Enter the Open-SmartWatch from [pauls_3d_things]. This ESP32 powered watch packs a gorgeous circular 240×240 TFT display, DS323M RTC, BMA400 three-axis accelerometer, and a 450 mAh battery inside of a 3D printed enclosure that can be produced on your average desktop machine. WiFi and Bluetooth connectivity are a given with the ESP32, but there’s also an enhanced edition of the PCB that adds another 4 MB of RAM, a micro SD slot, and a Quectel L96 GPS receiver.

As it’s an open source project you’re free to download the PCB design files and get the board produced on your own, but [pauls_3d_things] has actually partnered with LILYGO to do a run of the Open-SmartWatch electronics which you can pick up on AliExpress right now for just $24 USD. You’ll still need to order the battery separately and 3D print your own case, but it still seems like a pretty sweet deal to us.

On the software front, things are pretty basic right now. The watch can update the time from NTP using a pre-configured WiFi network, and there’s a Bluetooth media controller and stopwatch included. Of course, as more people get the hardware in their hands (or on their wrists, as the case may be), we’ll likely start seeing more capabilities added to the core OS.

While getting our own code running on commercially produced smartwatches holds a lot of promise, the Open-SmartWatch is arguably the best of both worlds. The partnership with LILYGO brings professional fabrication to the open hardware project, and the GPLv3 licensed firmware is ripe for hacking. We’re very excited to see where the community takes this project, and fully expect to start seeing these watches out in the wild once we can have proper cons again.

Continue reading “An Open Source Smart Watch You’d Actually Wear” →

18650 Brings ESP8266 WiFi Repeater Along For The Ride

April 8, 2021 by Tom Nardi 30 Comments

We’re truly fortunate to have so many incredible open source projects floating around on the Internet, since there’s almost always some prior art you can lean on. By combining bits and pieces from different projects, you can often save yourself a huge amount of time and effort. It’s just a matter of figuring out how all the pieces fit together, like in this clever mash-up by [bethiboothi] that takes advantage of the fact that the popular TP4056 lithium-ion battery charger module happens to be almost the exact same size of the ESP-01.

By taking a 3D printed design intended to attach a TP4056 module to the end of an 18650 cell and combining it with an ESP8266 firmware that turns the powerful microcontroller into a WiFi repeater, [bethiboothi] ended up with a portable network node that reportedly lasts up to three days on a charge. The observed range was good even with the built-in PCB antenna, but hacking on an external can get you out a little farther if you need it.

While it doesn’t appear that [bethiboothi] is using it currently, the esp_wifi_repeater firmware does have an automatic mesh mode which seems like it would be a fantastic fit for this design. Putting together an impromptu mesh WiFi network with a bunch of cheap battery powered nodes would be an excellent way to get network connectivity at an outdoor hacker camp, assuming the ESP’s CPU can keep up with the demand.

Compute Module 4 NAS With Custom Carrier Board

April 8, 2021 by Tom Nardi 20 Comments

At this point, we’ve seen more Raspberry Pi Network Attached Storage (NAS) builds than we can possibly count. The platform was never a particularly ideal choice for this task due to the fact it could only connect to drives over USB, but it was cheap and easy to work with, so folks made the best of it. But that all changed once the Compute Module 4 introduced PCIe support to the Raspberry Pi ecosystem.

If this impressive NAS built by [mebs] represents the shape of things to come, we’re more than a little excited. On the outside, with its 3D printed case and integrated OLED display to show system status, it might look like plenty of builds that came before it. But pop the top of this cyberpunk-styled server, and you realize just how much work went into it.

At the heart of this NAS is a purpose-built carrier board that [mebs] designed based on the KiCad files the Raspberry Pi Foundation released for their official CM4 IO Board. While not much larger than the CM4 itself, the NAS board breaks out the board’s PCIe, Ethernet, HDMI, and USB. There’s also a header for I2C, used primarily for the OLED display but naturally expandable to additional sensors or devices, and nine GPIO pins for good measure.

Of course, that alone doesn’t make a NAS. Into that PCIe port goes a four channel SATA controller card, which in turn is connected to the hard disk drives that are nestled into their respective nodes of the printed case. A central fan blows over the electronics at the core, and thanks to clever design and a few cardboard seals, pulls air over the drives by way of intake vents printed into the sides.

As impressive as this build is, not everyone will need this level of performance. If you don’t mind being limited to USB speeds, you can 3D print a NAS enclosure for the standard Raspberry Pi. Or you could always repurpose an old PC case if you’d like something a bit more substantial.

Fun While It Lasted, Falcon 9 Telemetry Now Encrypted

April 7, 2021 by Tom Nardi 56 Comments

A few weeks back we brought word that Reddit users [derekcz] and [Xerbot] had managed to receive the 2232.5 MHz telemetry downlink from a Falcon 9 upper stage and pull out some interesting plain-text strings. With further software fiddling, the vehicle’s video streams were decoded, resulting in some absolutely breathtaking shots of the rocket and its payload from low Earth orbit.

Unfortunately, it looks like those heady days are now over, as [derekcz] reports the downlink from the latest Falcon 9 mission was nothing but intelligible noise. Since the hardware and software haven’t changed on his side, the only logical conclusion is that SpaceX wasn’t too happy about radio amateurs listening in on their rocket and decided to employ some form of encryption.

Since this data has apparently been broadcast out in the clear for nearly a decade before anyone on the ground noticed, it’s easy to see this as an overreaction. After all, what’s the harm in a few geeks with hacked together antennas getting a peek at a stack of Starlink satellites? [derekcz] even mused that allowing hobbyists to capture these space views might earn the company some positive buzz, something Elon Musk never seems to get enough of.

Some of the images [derekcz] was able to capture from the Falcon 9

On the other hand, we know that SpaceX is actively pursuing more lucrative national security launch contracts for both the Falcon 9 and Falcon Heavy. For these sensitive government payloads, the normal on-screen telemetry data and space views are omitted from the company’s official live streams. It seems likely the Pentagon would be very interested in finding out how civilians were able to obtain this information, and a guarantee from SpaceX that the link would be encrypted for all future flights could have helped smooth things over.

At the end of the post [derekcz] echos a sentiment we’ve been hearing from other amateur radio operators recently, which is that pretty soon space may be off-limits for us civilians. As older weather satellites begin to fail and get replaced with newer and inevitably more complex models, the days of picking up satellite images with an RTL-SDR and a few lines of Python are likely numbered.