An 128x64 OLED display with a weird image on it, showing a mouse cursor, date and time in the bottom right corner, and a whole lot of presumably dithered dots

Making Your Own Technically-HDMI OLED Monitor

April 1, 2022 by 17 Comments

One day, [mitxela] got bored and decided to build his own HDMI monitor – the unconventional way. HDMI has a few high-speed differential pairs, but it also has an I2C interface used for detecting the monitor’s resolution and issuing commands like brightness control. In fact, I2C is the backbone for a lot of side channels like these – it’s also one of our preferred interfaces for connecting to cool sensors, and in this case, an OLED display!

[mitxela] describes his journey from start to end, with all the pitfalls and detours. Going through the pinout with a broken hence sacrificial HDMI cable in hand, he figured out how to probe the I2C lines with Linux command-line tools and used those to verify that the display was recognized on the HDMI-exposed I2C bus. Then, he turned to Python and wrote a short library for the display using the smbus bindings – and, after stumbling upon an FPS limitation caused by SMBus standard restrictions, rewrote his code to directly talk to the I2C device node, raising FPS from 2 to 5-10.

From there, question arose – what’s the best software route to take? He tried making a custom X modeline on the HDMI port the display was technically attached to, but that didn’t work out. In the end, he successfully employed the Linux capability called “virtual monitors”, and found out about an interesting peculiarity – there was no mouse cursor to be seen. Turns out, they’re typically hardware-accelerated and overlaid by our GPUs, but in [mitxela]’s case, the GPU was not involved, so he added cursor support to the picture forwarding code, too.

With partial refresh, the display could be redrawn even faster, but that’s where [mitxela] decided he’s reached a satisfactory conclusion to this journey. The write-up is a great read, and if videos are more your forte, he also made a video about it all – embedded below.

We first covered the ability to get I2C from display ports 14 years ago, and every now and then, this fun under-explored opportunity has been popping up in hackers’ projects. We’ve even seen ready-to-go breakouts for getting I2C out of VGA ports quickly. And if you go a bit further, with your I2C hacking skills, you can even strip HDCP!

We thank [sellicott] and [leo60228] for sharing this with us!

Continue reading “Making Your Own Technically-HDMI OLED Monitor”

TV Ambient Lighting Built For Awesome Performance

June 11, 2021 by 36 Comments

[AndrewMohawk] had seen all kinds of ambient lighting systems for TVs come and go over the years, and the one thing they all had in common was that they didn’t live up to his high standards. Armed with the tools of the hacker trade, he set about building an Ambilight-type system of his own that truly delivered the goods.

The development process was one full of roadblocks and dead ends, but [Andrew] persevered. After solving annoying problems with HDCP and HDMI splitters, he was finally able to get a Raspberry Pi to capture video going to his TV and use OpenCV to determine the colors of segments around the screen. From there, it was simple enough to send out data to a string of addressable RGB LEDs behind the TV to create the desired effect.

For all the hard work, [Andrew] was rewarded with an ambient lighting system that runs at a healthy 20fps and works with any HDMI video feed plugged into the TV. It even autoscales to work with video content shot in different aspect ratios so the ambient display always picks up the edge of the video content.

With 270 LEDs fitted, the result is an incredibly smooth and fluid ambient display we’d love to have at home. You can build one too, since [Andrew] shared all the code on Github. As an added bonus, he also gave the system an audio visualiser, and tested it out with some Streetlight Manifesto, the greatest third-wave ska band ever to roam the Earth. The Fourth Wave still eludes us, but we hold out hope.

We’ve seen plenty of hacks in this vein before; one of the most impressive hacked a smart TV into doing the video processing itself. Video after the break.

Continue reading “TV Ambient Lighting Built For Awesome Performance”

DMCA Review: Big Win For Right To Repair, Zero For Right To Tinker

October 26, 2018 by 35 Comments

This year’s Digital Millennium Copyright Act (DMCA) triennial review (PDF, legalese) contained some great news. Particularly, breaking encryption in a product in order to repair it has been deemed legal, and a previous exemption for reverse engineering 3D printer firmware to use the filament of your choice has been broadened. The infosec community got some clarification on penetration testing, and video game librarians and archivists came away with a big win on server software for online games.

Moreover, the process to renew a previous exemption has been streamlined — one used to be required to reapply from scratch every three years and now an exemption will stand unless circumstances have changed significantly. These changes, along with recent rulings by the Supreme Court are signs that some of the worst excesses of the DMCA’s anti-circumvention clause are being walked back, twenty years after being enacted. We have to applaud these developments.

However, the new right to repair clause seems to be restricted to restoring the device in question to its original specifications; if you’d like to hack a new feature into something that you own, you’re still out of luck. And while this review was generally favorable of opening up technology to enable fair use, they didn’t approve Bunnie Huang’s petition to allow decryption of the encryption method used over HDMI cables, so building your own HDMI devices that display encrypted streams is still out. And the changes to the 3D printer filament exemption is a reminder of the patchwork nature of this whole affair: it still only applies to 3D printer filament and not other devices that attempt to enforce the use of proprietary feedstock. Wait, what?

Finally, the Library of Congress only has authority to decide which acts of reverse engineering constitute defeating anti-circumvention measures. This review does not address the tools and information necessary to do so. “Manufacture and provision of — or trafficking in — products and services designed for the purposes of circumvention…” are covered elsewhere in the code. So while you are now allowed decrypt your John Deere software to fix your tractor, it’s not yet clear that designing and selling an ECU-unlocking tool, or even e-mailing someone the decryption key, is legal.

Could we hope for more? Sure! But making laws in a country as large as the US is a balancing act among many different interests, and the Library of Congress’s ruling is laudably clear about how they reached their decisions. The ruling itself is worth a read if you want to dive in, but be prepared to be overwhelmed in apparent minutiae. Or save yourself a little time and read on — we’ve got the highlights from a hacker’s perspective.

Continue reading “DMCA Review: Big Win For Right To Repair, Zero For Right To Tinker”

TruffleHog Sniffs Github For Secret Keys

January 13, 2017 by 22 Comments

Secret keys are quite literally the key to security in software development. If a malicious actor gains access to the keys securing your data, you’re toast. The problem is, to use keys, you’ve got to write them down somewhere – oftentimes in the source code itself. TruffleHog has come along to sniff out those secret keys in your Github repository.

It’s an ingenious trick — a Python script goes through the commit history of a repository, looking at every string of text greater than 20 characters, and analyzing its Shannon entropy. This is a mathematical way of determining if it looks like a relatively random string of numbers and letters. If it has high entropy, it’s probably a key of some sort.

Sharing source code is always a double-edged sword for security. Any flaws are out for all to see, and there are both those who will exploit the flaws and those who will help fix them. It’s a matter of opinion if the benefits outweigh the gains, but it’s hard to argue with the labor benefits of getting more eyes on the code to hunt for bugs. It’s our guess though, that a lot of readers have accidentally committed secret keys in a git repository and had to revert before pushing. This tool can crawl any publicly posted git repo, but might be just as useful in security audits of your own codebase to ensure accidentally viewable keys are invalidated and replaced.

For a real world example of stolen secret keys, read up on this HDMI breakout that sniffs HDCP keys.

Bunnie And EFF Sue US Government Over DMCA 1201

July 21, 2016 by 35 Comments

This morning Bunnie Huang wrote about his reasons for suing the US Government over Section 1201 of the Digital Millennium Copyright Act (DMCA).

The DMCA was enacted in 1996 and put in place far-reaching protections for copyright owners. Many, myself included, think these protections became far-overreaching. The DMCA, specifically section 1201 of the act which is known as the anti-circumvention provision, prohibits any action that goes around mechanisms designed to protect copyrighted material. So much has changed since ’96 — software is now in every device and that means section 1201 extends to almost all electronics sold today.

So protecting copyright is good, right? If that were the only way section 1201 was enforced that might be true. But common sense seems to have gone out the window on this one.

If you legally purchase media which is protected with DRM it is illegal for you to change the format of that media. Ripping your DVD to a digital file to view on your phone while on the plane (something usually seen as fair use) is a violation. Want to build an add-on for you home automation system but need to reverse engineer the communications protocol first? That’s a violation. Perhaps the most alarming violation: if you discover a security vulnerability in an existing system and report it, you can be sued under DMCA 1201 for doing so.

Cory Doctorow gave a great talk at DEF CON last year about the Electronic Frontier Foundation’s renewed push against DMCA 1201. The EFF is backing Bunnie on this lawsuit. Their tack argues both that section 1201 is stiffling innovation and discouraging meaningful security research.

If it’s illegal to write about, talk about, or even privately explore how electronics are built (and the ecosystem that lets them function) it’s hard to really master creating new technology. A successful lawsuit must show harm. Bunnie’s company, Alphamax LLC, is developing hardware that can add an overlay to an HDMI signal (which sounds like the continuation of the hack we saw from him a few years ago). But HDCP would prevent this.

Innovation aside, the security research angle is a huge reason for this law (or the enforcement of it) to change. The other plaintiff named in the suit, Matthew Green, had to seek an exemption from the DMCA in order to conduct his research without fear of prosecution. Currently there is a huge disincentive to report or even look for security vulnerabilities, and that is a disservice to all. Beneficial security research and responsible disclosure need to be the top priority in our society which is now totally dependent on an electronically augmented lifestyle.

HDMI Extender Reverse Engineered

June 9, 2016 by 41 Comments

[danman] has been playing around with various HDMI video streaming options, and he’s hit on a great low-cost solution. A $40 “HDMI extender” turns out to actually be an HDMI-to-RTP converter under the hood.

He’d done work previously on a similar extender that turned out to use a quirky method to send the video, which he naturally reversed and made to do his bidding. But non-standard formats are a pain. So when he was given a newer version of the same device, and started peeking into the packets with Wireshark, he was pleasantly surprised to find that the output was just MPEG-encoded video over RTP. No hacking necessary.

Until now, streaming video over an IP network from an arbitrary HDMI output has been tricky, [danman] has been more than a little obsessed with getting it working on the cheap. In addition to the previous version of this extender, he also managed to get a stream out of a rooted Android set-top box. That costs a bit more, but can also record at the same time, should you need to.

None of this solves the HDMI HDCP encryption problem, though. You’re on your own for that one.

(Those of you Wireshark wizards out there will note that we just swiped the headline image from the previous version of the project. There were no good images for this one. Sorry about that.)

Video Standards Are More Than Video Signals

November 19, 2015 by 78 Comments

The number of hours we spend staring at screens is probably best unknown, but how about the technology that makes up the video on the screen? We’ve all seen a reel-to-reel projector on TV or in a movie or maybe you’re old enough to have owned one, surely some of you still have one tucked away real nice. Whether you had the pleasure of operating a projector or just watched it happen in the movies the concept is pretty straight forward. A long piece of film which contains many individual frames pass in front of a high intensity lamp while the shutter hides the film movement from our eyes and our brain draws in the imaginary motion from frame to frame. Staring at a Blu-ray player won’t offer the same intuition, while we won’t get into what must the painful detail of decoding video from a Blu-ray Disc we will look into a few video standards, and how we hack them.

Continue reading “Video Standards Are More Than Video Signals”