WiFi Meets LoRa For Long Range

October 7, 2024 by 20 Comments

What do you get when you cross WiFi and LoRa? Researchers in China have been doing this, and they call the result WiLo. They claim to get reliable connections over about half a kilometer. Typical WiFi runs 40 to 60 meters, barring any Pringle’s cans or other exotic tricks.

According to [Michelle Hampson] writing in IEEE Spectrum, the researchers manipulated Wi-Fi’s OFDM multiplexing to emulate LoRa’s chirp-spreading signal. The advantage is that existing WiFi hardware can use the protocol to increase range.

Continue reading “WiFi Meets LoRa For Long Range”

Creating Video Games With AI: A Mario Example

October 2, 2024 by 22 Comments

Artificial intelligence (AI) seems to be doing everything these days. Making images, making videos, and replacing most of us real human writers if you believe the hype. Maybe it’s all over! And yet, we persist, to write about yet another job taken over by AI: creating video games.

The research paper is entitled “Video Game Generation: A Practical Study using Mario.” The basic idea is whether a generative AI model can create an interactive video game by first training it on an existing game.

MarioVGG, as it is called, is a “text-to-video model.” It hasn’t built the Mario game that you’re familiar with, though. It takes player commands as text inputs—such as “run, or “jump”—and then outputs video frames showing the result in the ‘game.’ The model was trained on a dataset of frame-by-frame Super Mario Brothers game play, combined with data on user inputs at the time. The model shows an ability to generate believable video output for given player inputs, including basic game physics, item interactions, and collisions. It’s able to do this in a chained way, so that it can reasonably simulate a player making multiple actions and moving through a level of the game.

It’s not like playing a real Mario game yet, by any means. Regardless, the AI model has shown an ability to replicate the world of the game in a way that behaves relatively consistently with its established rules. If you’re in the field of video game development, though, you probably don’t have a lot to worry about just yet—you probably moved past making basic Mario clones years ago, so you’ve got quite an edge for now!

ROG Ally Community Rebuilds The Proprietary Asus EGPU

October 1, 2024 by 15 Comments

As far as impressive hacks go, this one is more than enough for your daily quota. You might remember the ROG Ally, a Steam Deck-like x86 gaming console that’s graced our pages a couple of times. Now, this is a big one – from the ROG Ally community, we get a fully open-source eGPU adapter for the ROG Ally, built by reverse-engineering the proprietary and overpriced eGPU sold by Asus.

We’ve seen this journey unfold over a year’s time, and the result is glorious – two different PCBs, one of them an upgraded drop-in replacement board for the original eGPU, and another designed to fit a common eGPU form-factor adapter. The connector on the ROG Ally is semi-proprietary, but its cable could be obtained as a repair part. From there, it was a matter of scrupulous pinout reverse-engineering, logic analyzer protocol captures, ACPI and BIOS decompiling, multiple PCB revisions and months of work – what we got is a masterpiece of community effort.

Do you want to learn how the reverse-engineering process has unfolded? Check out the Diary.md – it’s certainly got something for you to learn, especially if you plan to walk a similar path; then, make sure to read up all the other resources on the GitHub, too! This achievement follows a trend from the ROG Ally community, with us having featured dual-screen mods and battery replacements before – if it continues the same way, who knows, maybe next time we will see a BGA replacement or laser fault injection.

Java Ring: One Wearable To Rule All Authentications

October 1, 2024 by 30 Comments

Today, you likely often authenticate or pay for things with a tap, either using a chip in your card, or with your phone, or maybe even with your watch or a Yubikey. Now, imagine doing all these things way back in 1998 with a single wearable device that you could shower or swim with. Sound crazy?

These types of transactions and authentications were more than possible then. In fact, the Java ring and its iButton brethren were poised to take over all kinds of informational handshakes, from unlocking doors and computers to paying for things, sharing medical records, making coffee according to preference, and much more. So, what happened?

Continue reading “Java Ring: One Wearable To Rule All Authentications”

Internet Connected TI-84 To Cut Your Academic Career Short

September 29, 2024 by 22 Comments

In an educational project with ethically questionable applications, [ChromaLock] has converted the ubiquitous TI-84 calculator into the ultimate cheating device.

The foundation of this hack lies in the TI-84’s link protocol, which has been a mainstay in calculator mods for years. [ChromaLock] uses this interface to connect to a tiny WiFi-enabled XIAO ESP32-C3 module hidden in the calculator. It’s mounted on a custom PCB with a simple MOSFET-based level shifting circuit, and slots neatly into a space on the calculator rear cover. The connecting wires are soldered directly to the pads of the 2.5 mm jack, and to the battery connections for power.

But what does this mod do? It connects your calculator to the internet and gives you a launcher with several applets. These allow you to view images badly pixelated images on the TI-84’s screen, text-chat with an accomplice, install more apps or notes, or hit up ChatGPT for some potentially hallucinated answers. Inputting long sections of text on the calculator’s keypad is a time-consuming process, so [ChromaLock] teased a camera integration, which will probably make use of newer LLMs image input capabilities. The ESP32 doesn’t handle all the heavy lifting, and needs to connect to an external server for more complex interfaces.

To prevent pre-installed programs from being used for cheating on TI-84s, examiners will often wipe the memory or put it into test mode. This mod can circumvent both. Pre-installed programs are not required on the calculator to interface with the hardware module, and installing the launcher is done by sending two variables containing a password and download command to the ESP32 module. The response from the module will also automatically break the calculator out of test mode.

We cannot help but admire [ChromaLock]’s ingenuity and polished implementation, and hopefully our readers are more interested in technical details than academic self-sabotage. For those who need even more capability in their calculator, we’d suggest checking out the NumWorks. Continue reading “Internet Connected TI-84 To Cut Your Academic Career Short”

This Week In Security: Password Sanity, Tank Hacking, And The Mystery 9.9

September 27, 2024 by 15 Comments

It looks like there’s finally hope for sane password policies. The US National Institue of Standards and Technology, NIST, has released a draft of SP 800-63-4, the Digital Identity Guideline.

There’s password guidance in there, like “SHALL NOT impose other composition rules (e.g., requiring mixtures of different character types) for passwords” and “SHALL NOT require users to change passwords periodically.” NIST approved passwords must be at least 8 characters long, with a weaker recommendation of at least 15 characters. Security questions like name of first pet get the axe. And it’s strongly recommended that all ASCII and Unicode characters should be acceptable for passwords.

This is definitely moving in the right direction. NIST guidelines are only binding for government services and contractors, though they do eventually get picked up by banks and other industries. So there’s hope for sane password policies eventually.

Tank Hacking

Researchers at Bitsight are interested in infrastructure security, and they opted to take a closer look at Automatic Tank Gauging (ATG) systems. Those are found at gas stations, as well as any other facility that needs automated monitoring of liquids or gasses in a tank. There is an actual ATG message format, originally designed for RS-232 serial, and woefully unprepared for the interconnected present. The protocol allows for an optional security code, but it maxes out at only six alpha-numeric characters.

Among the vulnerabilities getting announced today, we have a pair of CVSS 10 command injection flaws, a quartet of 9.8 authentication bypass flaws, with one of those being a hardcoded credential — AKA a backdoor. The other CVSS9+ flaw is a SQL injection, with a trio of slightly less serious flaws. Continue reading “This Week In Security: Password Sanity, Tank Hacking, And The Mystery 9.9”

An Ode To The SAO

September 26, 2024 by 23 Comments

There are a lot of fantastic things about Hackaday Supercon, but for me personally, the highlight is always seeing the dizzying array of electronic bits and bobs that folks bring with them. If you’ve never had the chance to join us in Pasadena, it’s a bit like a hardware show-and-tell, where half the people you meet are eager to pull some homemade gadget out of their bag for an impromptu demonstration. But what’s really cool is that they’ve often made enough of said device that they can hand them out to anyone who’s interested. Put simply, it’s very easy to leave Supercon with a whole lot more stuff than when you came in with.

Most people would look at this as a benefit of attending, which of course it is. But in a way, the experience bummed me out for the first couple of years. Sure, I got to take home a literal sack of incredible hardware created by members of our community, and I’ve cherished each piece. But I never had anything to give them in return, and that didn’t quite sit right with me.

So last year I decided to be a bit more proactive and make my own Simple Add-On (SAO) in time for Supercon 2023. With a stack of these in my bag, I’d have a personalized piece of hardware to hand out that attendees could plug right into their badge and enjoy. From previous years I also knew there was something of an underground SAO market at Supercon, and that I’d find plenty of people who would be happy to swap one for their own add-ons for mine.

To say that designing, building, and distributing my first SAO was a rewarding experience would be something of an understatement. It made such an impression on me that it ended up helping to guide our brainstorming sessions for what would become the 2024 Supercon badge and the ongoing SAO Contest. Put simply, making an SAO and swapping it with other attendees adds an exciting new element to a hacker con, and you should absolutely do it.

So while you’ve still got time to get PCBs ordered, let’s take a look at some of the unique aspects of creating your own Simple Add-On.

Continue reading “An Ode To The SAO”