Honeywell X2S Smart Thermostat Firmware Reverse-Engineering

May 26, 2026 by 4 Comments

The Honeywell X2S Smart Thermostat is a Wi-Fi-enabled thermostat that is meant to integrate with your typical ‘smart home’ setup, with mobile app control available as well. Of course, just using it as-is would be extremely boring, so fortunately we have [author0] to take it apart and reverse-engineer its encrypted firmware.

Of the two brains in this thermostat the first is a succinctly named Renesas R7FA6M4AF3CFP MCU containing a 200 MHz Cortex-M33 core with TrustZone features to theoretically keep out any firmware hackers. Handling the wireless side is a Realtek RTL8721DM Wi-Fi/BLE 5.0 SoC. There are also two Winbond Flash chips connected to these two main chips, with their contents of course encrypted.

Fortunately there are plenty of test points to connect to, for which a custom pogo-pin equipped breakout board was created. Cracking the encryption for the Realtek turned out to be as simple as using its RSIP decrypt-on-the-fly feature. From there exploring the firmware was the next step, with a TLS issue pertaining to certificates found to make man-in-the-middle attacks easy, along with a seeding bug that makes recovering session keys possible.

Although the Renesas MCU firmware still has to be decrypted and the full wireless handshake reverse-engineered, these do seem to be solid steps towards fully reverse-engineering this thermostat. It also makes it very clear once again that the ‘S’ in IoT absolutely stands for ‘security’. Maybe that’s why the smart home bubble popped.

Tiny C64 PSU Rejects Tradition, Embraces USB

May 26, 2026 by 7 Comments

The Commodore 64 has, by modern standards, the interesting power requirement of needing both 5 VDC and 9 VAC. Traditionally, one would use an iron-core transformer to step-down the wall current — be it 220 V or 115 V, 50 Hz or 60 Hz — to produce the low-voltage AC.

That’s how Commodore did it, and that’s how most of the aftermarket replacements do it, too. That iron-core transformer is bulky, though, and [Side Projects Lab] decided that in this day and age of switching supplies and USB-PD he could surely do better. Which he did, with the diminutive PD-64.

As you can see, it just covers the power port of the C64, and not much else. Partly that small size comes from offloading some of the hard work onto a USB-PD wall wart. The PD-64 requests 12 VDC, which it then steps down to 5 VDC with the usual buck converter, and inverts to 9 VAC in a circuit that is the most interesting part of the project.

There are various ways one could do this, after all, and we’re sure some of you will have different ideas than [Side Projects Lab], but his method seems sound. In order to provide galvanic isolation between the two outputs, the 12 VDC line is first chopped into a 500 kHz signal, and run through a tiny 5:6 ferrite transformer. That output gets rectified to 13.6 VDC, a voltage that is used to run a class-D audio amplifier to produce the 9 V peak-to-peak, zero-DC-offset signal the C64 needs.

[Side Projects Lab] has released both FreeCAD files for the case and STLs as BY-CC-ND 4.0, and a circuit diagram is available for the electrical side. If you don’t want to design your own PCB, [sideprojectslab] will be selling finished versions.

If you’re interested in further dragging your C64 into the modern era, check out the HDMI output that [Side Projects Lab] hacked together for the iconic computer last year.

Continue reading “Tiny C64 PSU Rejects Tradition, Embraces USB”

Linux Fu: The Bluetooth Regression

May 26, 2026 by 10 Comments

There’s a line in a [Weird Al] (no relation) song that says, “I upgrade my system at least twice a day…” I know how that is. I primarily use a rolling distro, OpenSuse Tumbleweed, and if I’m having a problem that I’m too lazy to run down, it is extremely tempting to do an upgrade and see if it just happens to fix the problem.

Of course, the problem is often caused by a previous upgrade. Recently, I’ve been having a lot of trouble with the NVIDIA proprietary drivers, so I updated them yet again. After a huge amount of effort to sort out the video problems, I found that the latest kernel didn’t like my MediaTek Bluetooth adapter, which is built into the motherboard’s WiFi chipset.

This post isn’t about how to fix your Bluetooth problem. You probably don’t have the same setup I do, and even if you do, it will be sorted out in a week or two anyway. But how I temporarily fixed this issue is worth documenting. The details are going to apply to Tumbleweed and this particular adapter, but the general approach should work anywhere with any sort of kernel module problem.

My Own Fault

Part of my problem is my own fault, of course. I have a complex disk setup and do not use the recommended btrfs root file system. That means I can’t do the snapshot thing where I can just undo a bad upgrade. If I did, then sure, I should just roll back and wait for an upstream fix.

I do have “normal” backups, but they are not always totally up to date. Worse, I have found that for things like NVIDIA, the user stuff and the kernel module stuff have to match up. That makes it very hard to roll back a kernel with older modules. The modules themselves live with the kernel, but the user space stuff gets pushed out. Or, if you uninstall things, it uninstalls it for all kernels.

Truthfully, NVIDIA and others like that should keep all the user space stuff in a kernel-specific place, and then symlink it at boot to /usr/bin or wherever. But they don’t. In the end, I didn’t want to go through the trouble of rolling things back and decided to push ahead.

Continue reading “Linux Fu: The Bluetooth Regression”

A ZInc Air Battery You Can Make Yourself

May 26, 2026 by 8 Comments

Zinc air batteries have been a familiar sight for decades in the world of photography, where they provided an environmentally less dangerous alternative to mercury cells. They operate by the oxidation of metallic zinc using air, and the zinc comes in the form of a paste spread between two electrodes. Can their astounding energy density be harnessed for something useful? [ZollerLab] has designed a zinc air battery to find out, and is using it to power a rudimentary model car.

The video below is in German so you’ll have to enable translated subtitles if you’re an Anglophone, and it’s very long. But it goes into extreme detail on the chemistry, construction, and constraints of a zinc-air battery, and describes the system in this design. It’s a stack arrangement, in which the cells are held together on threaded rods, and pushed into each other with springs.

We think the car model is intended to demonstrate that this battery chemistry might one day be used in automotive applications. It’s not such a far-fetched idea given the low cost, relatively low environmental footprint, and high energy density, indeed we’ve heard of similar experiments with aluminium primary cells. But in this case we can see it provides the hacker with another route for their experiments, and that’s no bad thing.

Continue reading “A ZInc Air Battery You Can Make Yourself”

Remember When Flash Drives Were Going To Make Your PC Faster?

May 26, 2026 by 25 Comments

The 2000s was a decade of great change in the computer industry. The world had grown accustomed to corruptible floppy disks, blue screens of death, and achingly slow load times. In a few short years, all of that would change, as USB drives, better operating systems, and faster processors brought forth a new age of stability and speed.

Amidst this era of upheaval, Microsoft introduced a new technology. It was intended to increase performance on the cheap to a new generation of machines, but it would turn out to be little more than a gimmick that never really caught on. Let’s explore the easily-forgotten legacy of ReadyBoost.

Continue reading “Remember When Flash Drives Were Going To Make Your PC Faster?”

Figuring Out What James Webb’s Mysterious Little Red Dots Are

May 26, 2026 by 11 Comments

After the James Webb Space Telescope (JWST) began operations in 2022, it soon made a tantalizing discovery in the form of mysterious red dots: small, red-tinted astronomical objects of unknown origin and composition. So far well over 300 of such little red dots (LRDs) have been identified, with many theories on what they are. Fortunately the Chandra X-ray Observatory recently added some more clues as detailed in an accompanying paper.

Current theories include them being a form of primordial galaxy, or a supermassive black holes embedded in a dense gas cloud. The LRD discussed in the paper with the designation 3DHST-AEGIS-12014 was found to emit X-rays unlike other LRDs. By comparing the data between JWST and Chandra for this LRD it lends credence to the theory that these LRDs are a transitional phase as a supermassive black hole ingests the material of said gas cloud.

X-rays produced during this can sometimes make it out of the gas cloud, after which we can observe it. If that’s the case, these LRDs should cease to exist the moment the black hole has consumed enough of the cloud, which is something that we may be able to find evidence for if we’re lucky.

This adds just another reason why keeping the Chandra X-ray Observatory mission funded, after it narrowly got saved in 2024.

Power From Gravity

May 26, 2026 by 53 Comments

Gravity batteries aren’t exactly a new idea. You can store energy by lifting something heavy, converting kinetic energy into potential energy. To get it back, you let the mass fall and convert that motion to electricity. [Valeriamayara22] shows how to build a working demonstration model of such a system.

This isn’t free energy. Something has to lift the weight. In this case, the height is 1.8 meters, and the mass is 15.65 kg. Even so, the model achieves 13 W peak output and 58% efficiency, according to the post. Reportedly, it takes 394 drops of the weight to fully charge an iPhone 16, so this isn’t a practical project, but it does show how a gravity battery works. One nice thing is that the system stores as much energy on its 1,000,000 th charge as it does on the first one, especially if you keep the chain lubricated. Try that with a chemical battery.

The mechanical part uses a bicycle chain and some sprockets. There is a battery to even things out since, like wind power, when you make energy with a mechanical battery, you either use it now or lose it.

The cost of the build is about $400, and there’s a GitHub repo with all the files if you want to take your own shot at it. The energy efficiency number references the potential energy stored versus the energy produced. Obviously, if you are using some other energy source to lift the weight, that’s another calculation.

As you might expect, a practical system like this can be very large.