Hackaday Podcast 174: Breaking Into The Nest, The Cheapest 3D Printer, A Spy In Your HDMI, And AI All Over The Place

June 24, 2022 by 2 Comments

Fresh from vacation, Editor-in-Chief Elliot Williams makes his triumphant return to the Hackaday Podcast! He’s joined this week by Managing Editor Tom Nardi, who’s just happy he didn’t have to do the whole thing by himself again. In this episode we’ll talk about tackling BGA components in your custom PCBs, a particularly well executed hack against Google’s Nest Hub, and why you probably don’t really want the world’s cheapest 3D printer. We’ll also take a look at an incredible project to turn the Nokia 1680 into a Linux-powered handheld computer, a first of its kind HDMI firewall, and a robot that’s pretty good at making tacos. Listeners who are into artificial intelligence will be in for quite a treat as well, as is anyone who dreams of elevating the lowly automotive alternator to a more prominent position in the hacker world.

By the way, it seems nobody has figured out the hidden message in last week’s podcast yet. What are you waiting for? One of you out there has to be bored enough to give it a shot.

Direct download, and play it offline. You don’t need no stinkin’ cloud.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 174: Breaking Into The Nest, The Cheapest 3D Printer, A Spy In Your HDMI, And AI All Over The Place”

Active Signal Tracer Probe Has AGC

June 24, 2022 by 3 Comments

[Electronics Old and New] has a new version of one of his old projects. The original project was an active probe. He took what he learned building that probe and put it into a new probe design. He also added automatic gain control or AGC. You can see a video explanation of the design below. The probe is essentially a high-impedance input using a JFET that can amplify audio or demodulated RF signals, which is a handy device to have when troubleshooting radios.

The audio amplifier is a simple LM386 circuit. The real work is in the input stage and the new AGC circuit. Honestly, we’ve used the amplifier by itself for a similar function, although the raw input impedance of the chip is only about 50K and is less in many circuits that use a pot on the input. Having a JFET buffer and an RF demodulating diode is certainly handy. You’d think the AGC block would be in the audio stage. However, the design uses it ahead of the detector which is great as long as the amplifier can handle the RF frequency you are interested in. In this case, we think he’s mostly working on old tube AM radios, so the max signal is probably in the neighborhood of 1 MHz.

A similar device was a Radio Shack staple for many years

The module is made to amplify an electret microphone using a MAX9814 which has AGC. The module had a microphone that came off for this project. The datasheet doesn’t mention an upper frequency limit, but a similar Maxim part mentions its gain is greater than 5 at 600 kHz, so for the kind of signals this is probably used for, it should work well. We wondered if you could use the module and dispense with the JFET input. The chip probably has a pretty high input impedance, but the datasheet doesn’t give a great indication.

For years we used a signal tracer from Radio Shack which — if we could still find it — now has an LM386 inside of it after the original electronics failed decades ago. In those days, fixing an AM radio involved either using a device like this to find where you did and didn’t have a signal or injecting signals at different points in the radio. Two sides of the same coin. For example, if you could hear a signal at the volume control — that indicated the RF stages were good and you had a problem on the audio side. Conversely, if you injected a signal at the volume control, not hearing would mean the same thing. Once you knew if the problem was in the RF or AF side, you’d split that part roughly in half and repeat the operation until you were down to one bad stage. Of course, you could use signal generators and scopes, but in those days you weren’t as likely to have those.

Heathkit, of course, had their own version. It even had on of those amazing magic eye tubes.

Continue reading “Active Signal Tracer Probe Has AGC”

This Week In Security: IoT In The Hot Tub, App Double Fail, And FreeBSD BadBeacon

June 24, 2022 by 3 Comments

[Eaton Zveare] purchased a Jacuzzi hot tub, and splurged for the SmartTub add-on, which connects the whirlpool to the internet so you can control temperature, lights, etc from afar. He didn’t realize he was about to discover a nightmare of security problems. Because as we all know, in IoT, the S stands for security. In this case, the registration email came from smarttub.io, so it was natural to pull up that URL in a web browser to see what was there. The page presented a login prompt, so [Eaton] punched in the credentials he had just generated. “Unauthorized” Well that’s not surprising, but what was very odd was the flash of a dashboard that appeared just before the authorization complaint. Could that have been real data that was unintentionally sent? A screen recorder answered that question, revealing that there was indeed a table loaded up with valid-looking data.

Digging around in the page’s JavaScript comes up with the login flow. The page uses the Auth0 service to handle logins, and that service sends back an access token. The page sends that access token right back to the Auth0 service to get user privileges. If the logged in user isn’t an admin, the redirect happens. However, we already know that some real data gets loaded. It appears that the limitations to data is all implemented on the client side, and the backend only requires a valid access token for data requests. What would happen if the response from Auth0 were modified? There are a few approaches to accomplish this, but he opted to use Fiddler. Rewrite the response so the front-end believes you’re an admin, and you’re in.

This approach seems to gain admin access to all of the SmartTub admin controls, though [Eaton] didn’t try actually making changes to see if he had write access, too. This was enough to demonstrate the flaw, and making changes would be flirting with that dangerous line that separates research from computer crime. The real problem started when he tried to disclose the vulnerability. SmartTub didn’t have a security contact, but an email to their support email address did elicit a reply asking for details. And after details were supplied, complete radio silence. Exasperated, he finally turned to Auth0, asking them to intervene. Their solution was to pull the plug on one of the two URL endpoints. Finally, after six months of trying to inform Jacuzzi and SmartTub of their severe security issues, both admin portals were secured.

Continue reading “This Week In Security: IoT In The Hot Tub, App Double Fail, And FreeBSD BadBeacon”

What Do You Get When A Raspberry Pi Pico Flashes A Nintendo 64

June 24, 2022 by 16 Comments

The joke was when the Nintendo 64 first hit the streets around a quarter century ago, that the 64 in the name referred not to the technology on board, but to the excessive cost of the cartridges. Whatever the truth in that, it’s something now completely laid to rest by [Konrad Beckmann] with his Nintendo 64 flash cart powered by a Raspberry Pi Pico (Nitter Link).

The schematic is surprisingly simple, in that the Pico does everything required to both interface to the N64 and to an SD card to hold the software. The clever work is done by the RP2040 firmware, which can be found along with the hardware details in the “develop” branch of the project’s GitHub repository. And while the earliest version was a Raspberry Pi Pico with a host of jumper wires, the more polished version focuses on a custom PCB and bare RP2040 chip.

Perhaps the N64 hasn’t received the attention it should have over the years, overshadowed as it was by its competitors such as the original PlayStation, but it’s projects like this one which remind us that there’s still life in Nintendo’s ’90s flagship. Speaking of which, if you were on Team Sony back in the day but still want to put your Pi Pico to use, check out this DIY PlayStation Memory Card we covered recently.

Scratch-Built Industrial Camera’s Modular Design Really Stacks Up

June 24, 2022 by 9 Comments

The news here isn’t so much that [Guarav Singh] built this high-quality industrial digital camera from scratch, but it’s in the way it was accomplished. That plus the amount of information that’s packed into the write-up, of course. And the excellent photography.

Modularity was one of [Guarav]’s design goals, with the intention of being able to swap out the sensor as the technology changes. To that end, [Guarav] came up with a stack of three PCBs. The middle board of the stack contains a Lattice FPGA chip along with two 16-MB RAMs and the FPGA config flash. The sensor board lies on one side of the FBGA board, while the USB 3.0 board is on the other. Each six-layer board is a masterpiece of high-density design, and the engineering that went into interfacing them and getting everything squeezed into a 3D-printed case with an integrated aluminum C-mount ring is pretty impressive.

[Guarav]’s write-up goes into a great deal of detail on processing the sensor data on the FPGA. Also, there’s quite a bit of practical information on implementing MIPI (Mobile Industry Processor Interface) and the CSI (Camera Serial Interface) specification. We’ve delved into this world before, but this project is a great hands-on explanation that might really help move your MIPI project along.

Thanks for the tip, [STR-alorman].

Around GPS In 100 Videos

June 23, 2022 by 9 Comments

Do you know what the IODC word in GPS data means? If so, great! If not, head over to see the 32nd of [Michel van Biezen’s] 100-part video series on GPS. You probably want to watch the other 31 videos before he gets too much further ahead of you, too. [Michel] reminds you of that professor you had in college who knows a whole lot about something. In fact, scanning his YouTube channel, he knows a lot about many topics ranging from optics, chemistry, kalman filters, and lots of electronics.

There is a dedicated playlist for the GPS videos dating back to 2016. So 32 videos in about six years. So you might have a little time to catch up.  While the first video is pretty introductory as you might expect, by the time you get to video 7 the topics switch to things like the C/A code, BPSK, and gory details of all the frame data, including the IODC word.

Continue reading “Around GPS In 100 Videos”

Design Your Next Robot Hand In Minutes

June 23, 2022 by 1 Comment

MIT complains that designing a robot hand is time-consuming and takes a lot of iterations. They want to improve that using a unique approach by giving a modular hand tactile sensors. They claim this can reduce the design time down to minutes for many practical applications. For example, cutting paper. You can see a video about the paper below as well as read the text itself.

Each style of manipulator has an associated graph. Predefined elements let you assemble a palm and specialized fingers. You deform the fingers to match the use of the hand. Then a sensor that looks like a mitten provides feedback fo the task.

Continue reading “Design Your Next Robot Hand In Minutes”