Photo of a smartphone with the ATTiny85 inserted into it, with a screen unlock pattern being drawn on the screen

ATtiny85 Automates Your Smartphone

March 2, 2023 by 14 Comments

It might not seem too impressive these days, but when microcontrollers with hardware USB support were more expensive and rare, the VUSB library was often used to create USB devices with an ATtiny85. It became so popular that the ATtiny85 even got packaged into USB dongle formfactors, like the DigiSpark boards. Well, you might not know this, but your Android smartphones can also work with USB mice and touchscreens in lieu of the built-in touchscreen display. [ErfanSn] combined these two ideas, creating a library to automate smartphone touchscreen events and keyboard input with an ATtiny85 — open for all of us to use, and with examples to spare.

The library is called DigiCombo, and it comes with plenty of examples for any screen touch event emulation that you might want. For instance, check out the README — it has video examples for Instagram page scrolling, unlock screen brute-forcing with random coordinates, playing the Stack rhythm game, and pinch zoom — all the building blocks for your smartphone touch emulation needs are covered pretty well! Of course, all of these have example code corresponding to them, that you can download and base your own ideas on. What’s more, the library is available in current Arduino IDE under the DigiCombo name. So if you need to, say, make a quick autoclicker for your phone, the library is a few steps away!

If your smartphone project was stalled because you needed to emulate touchscreen input, this library is your chance to get it done! We appreciate projects that let us get more from smartphones — there’s a lot of those laying around, they’re pretty functional and self-sufficient devices, so it makes sense that some projects of ours could do with a phone instead of a Raspberry Pi. Some manufacturers let us get a bit more of our phones, but this hasn’t really caught on, which means we have to make do with help of libraries like these. Or, perhaps, you rely on your phone day-to-day, and you’d like to add a touchpad to its back?

Hacker Hotel 2023: Back Again!

March 2, 2023 by 13 Comments

After three years, it’s odd to think back to those few weeks before the COVID-19 pandemic morphed from something on the news into an immediate and ever-present threat which kept us isolating for so long. For me, some of the last moments of normality were a trip to the Netherlands for Hacker Hotel, a hacker event in the comfort of a resort hotel. Now three years later and after two cancelled events, Hacker Hotel is back, and I made the same journey to Garderen to hang out for a weekend with a bunch of hacker friends over some good Dutch beer and a lot of bitterballen. Continue reading “Hacker Hotel 2023: Back Again!”

A line art schematic of a bicycle CVT drive. Two large green circles at the bottom have the text "1. Increases speed" where the crank arm would enter the system. A series of cam arms highlighted in red say "2. Converts from rotary to reciprocating motion." Finally, a blue highlighted bearing says "3. Converts from reciprocating back to rotary motion."

A Look Inside Bicycle Gearboxes

March 2, 2023 by 23 Comments

While bicycle gearboxes date back to at least the 1920s, they’re relatively unseen in bike racing. One exception is Honda’s race-winning mid-drive gearboxes, and [Alee Denham] gives us a look at what makes these unique drives tick.

Honda has developed three generations of bicycle gearbox as part of their company’s R&D efforts, but none have ever been released as a commercial product. Designed as a way for their engineers to stretch their mental muscles, the gearboxes were only used in bike races and seen at a few trade shows. In 2004, the third gen “derailleur in a box” led to the first gearbox victory in the Downhill World Cup Circuit.

The third gen gearbox differs significantly from the CVT drivetrains in the first and second generation gearboxes, but it is unclear why Honda abandoned the CVT. [Denham] has a nice animation detailing the inner workings of these CVTs based on information from the original patents for these rarely seen gearboxes.

Derailleurs remain the primary drivetrain in racing due to their lighter weight and higher overall efficiency. While still expensive, the decreased maintenance of gearbox drivetrains make a lot of sense for more mundane cycling tasks like commuting or hauling cargo, but only time will tell if the derailleur can be supplanted on the track and trail.

For more on bicycle drivetrains, check out this chainless digital drivetrain or the pros and cons of e-bike conversions.

Continue reading “A Look Inside Bicycle Gearboxes”

How Hard Could It Be To Get Millions Of Phone Bills Right?

March 2, 2023 by 46 Comments

It may be a foreign concept to anyone who has never paid a dime for a phone call over and above the monthly service charge, but phone calls were once very, VERY expensive — especially long-distance calls, which the phone company ungenerously defined as anything more than a few towns away. Woe betide the 70s teen trying to talk to out-of-town friends or carry on a romance with anyone but the guy or girl next door when that monthly phone bill came around; did anyone else try to intercept it from the mailbox before the parents could see it?

While it seems somewhat quaint now, being charged for phone calls was not only a big deal to the customers, but to the phone company itself. The Bell System, which would quickly become a multi-billion dollar enterprise, was built on the ability to accurately meter the use of their service and charge customers accordingly. Like any engineered system, it grew and changed over time, and it had to adapt to the technologies and economic forces at the time.

One of the most interesting phases of its development was the development of Automatic Message Accounting (AMA), which in a very real way paved the way for the wide-open, worldwide, too-cheap-to-meter phone service we enjoy today.

Continue reading “How Hard Could It Be To Get Millions Of Phone Bills Right?”

Security Vulnerabilities In Modern Cars Somehow Not Surprising

March 2, 2023 by 16 Comments

As the saying goes, there’s no lock that can’t be picked, much like there’s no networked computer that can’t be accessed. It’s usually a continual arms race between attackers and defenders — but for some modern passenger vehicles, which are essentially highly mobile computers now, the defenders seem to be asleep at the wheel. The computing systems that control these cars can be relatively easy to break into thanks to manufacturers’ insistence on using wireless technology to unlock or activate them.

This particular vulnerability involves the use of a piece of software called gattacker which exploits vulnerabilities in Bluetooth Low Energy (BLE), a common protocol not only for IoT devices but also to interface a driver’s smartphone or other wireless key with the vehicle’s security system. By using a man-in-the-middle attack the protocol between the phone and the car can be duplicated and the doors unlocked. Not only that, but this can be done without being physically close to the car as long as a network of some sort is available.

[Kevin2600] successfully performed these attacks on a Tesla Model 3 and a few other vehicles using the seven-year-old gattacker software and methods first discovered by security researcher [Martin Herfurt]. Some other vehicles seem to have patched these vulnerabilities as well, and [Kevin2600] didn’t have universal success with every vehicle, but it does remind us of some other vehicle-based attacks we’ve seen before.

A CH32V003 Toolchain — If You Can Get One To Try It On

March 2, 2023 by 40 Comments

We’re in an exciting time for cheap microcontrollers, as with both the rise of RISC-V and the split between ARM and its Chinese subsidiary, a heap of super-cheap and very capable parts are coming to market. Sometimes these cheap chips come with the catch of being difficult to program though, but for one of them the ever-dependable [CNLohr] has brought together his own open-source toolchain. The part in question is the WCH CH32V003, which is a ten-cent RISC-V part that has an impressive array of capabilities. As always though, there’s a snag, in that we’re also told that while supplies are improving this part can be hard to find. The repository is ready for when you can get them again though, and currently also contains some demo work including addressable LED driver code.

As an alternative there’s a comparable and slightly cheaper ARM-based part, the Puya PY32. It’s reckoned to be the cheapest of the flash-based microcontrollers, and like the WCH part is bearing down on the crop of one-time-programmable chips such as the famous and considerably less powerful 3-cent Padauk. This end of the market is certainly heating up a little, and from our point of view this can only mean some exciting projects ahead.

Screenshot of the code decompiled after these patches are applied, showing that all the register writes are nicely decompiled and appropriate register names are shown in the code

Making Ghidra Play Nice With RP2040

March 1, 2023 by 1 Comment

Developing firmware for RP2040 is undeniably fun, what’s with all these PIOs. However, sometimes you will want to switch it around and reverse-engineer some RP2040 firmware instead. If you’ve ever tried using Ghidra for that, your experience might have been seriously lackluster due to the decompiled output not making sense when it comes to addresses – thankfully, [Wejn] has now released patches for Ghidra’s companion, SVD-Loader, that turn it all around, and there’s a blog post to go with these.

SVD-Loader, while an indispensable tool for ARM work, didn’t work at all with the RP2040 due to a bug – fixed foremost. Then, [Wejn] turned to a pecularity of the RP2040 – Atomic Register Access, that changes addressing in a way where the usual decompile flow will result in nonsense addresses. Having brought a ton of memory map data into the equation, [Wejn] rewrote the decoding and got it to a point where peripheral accesses now map to nicely readable register writes in decompiled code – an entirely different picture!

You can already apply the patches yourself if you desire. As usual, there’s still things left in TODO for proper quality of life during your Ghidra dive, but the decompiled code makes way more sense now than it did before. Now, if you ever encounter a RP2040-powered water cooler or an air quality meter, you are ready to take a stab at its flash contents. Not yet familiar with the Ghidra life? Well, our own HackadayU has just the learning course for you!