Fighting To Keep Bluetooth Thermometers Hackable

January 16, 2025 by 39 Comments

Back in 2020, we first brought you word of the Xiaomi LYWSD03MMC — a Bluetooth Low Energy (BLE) temperature and humidity sensor that could be had from the usual sources for just a few dollars each. Capable of being powered by a single CR2032 battery for up to a year, the devices looked extremely promising for DIY smart home projects. There was only one problem, you needed to use Xiaomi’s app to read the data off of the things.

Enter [Aaron Christophel], who created an open source firmware for these units that could easily be flashed using a web-based tool from a smartphone in BLE range and opened up all sorts of advanced features. The firmware started getting popular, and a community developed around it. Everyone was happy. So naturally, years later, Xiaomi wants to put a stop to it.

Continue reading “Fighting To Keep Bluetooth Thermometers Hackable”

Simple Hardware Store Hack Keeps Your PCBs Right Where You Want Them

January 16, 2025 by 30 Comments

Sometimes it’s the simplest hacks that make the biggest impact.

Take these DIY magnetic PCB vises for example. Sure, you can go out and buy purpose-built tools, but [Dylan Radcliffe] just made a trip to the hardware store for some nuts and bolts. He chose 3/8″-16 bolts, which would probably be around M10 for the rest of the world. The head of each bolt is ground flat so a ceramic disc magnet can be attached to it with CA glue, while the head of the bolt gets a plastic washer glued to it. Another plastic washer gets glued to a nut, which when threaded onto the bolt provides the light clamping force needed to hold a PCB. Make four of those and stick them to a steel plate with the magnets, and you can stop chasing your boards around the bench with a soldering iron.

As much as we like this idea — and we do; we’re heading to Home Depot to buy the needed parts this very evening — we can think of a few useful modifications. With a long bolt and two nuts rather than one, you could make a set of vises that are easily adjustable along the Z-axis. This could prove useful to those of us working under a microscope. Also, rather than making the bolts the magnetic part we bet you could lay down a flexible magnetic sheet, the kind you can feed into a printer to roll your own fridge magnets. We suspect that would hold the bolts firmly enough for most work while still allowing easy repositioning. We’d also favor flange nuts over plain hex nuts, to give a larger clamping area. We’d still include the plastic washers, though, or possibly switch to rubber ones.

There’s more than one way to skin this cat, of course, especially if you’ve got a Harbor Freight nearby and a well-stocked Lego bin.

Piezo Buzzer Makes A Drum

January 15, 2025 by 6 Comments

The humble piezo disc buzzer is much more than something that makes tinny beeps in retro electronic equipment, it can also be used as a sensor. Tapping a piezo buzzer gives an interesting waveform, with a voltage spike followed by an envelope, and then a negative rebound voltage. It’s something [Igor Brichkov] is using, to make a simple but effective electronic drum.

First of all, the output of the buzzer must be tamed, which he does by giving it a little impedance to dissipate any voltage spikes. There follows some simple signal conditioning with passive components, to arrive at an envelope for the final drum sound. How to turn a voltage into a sound? Using a voltage controlled amplifier working on a noise source. The result is recognizably the drum sound, entirely in electronics.

In a world of digital music it’s easy to forget the simpler end of sound synthesis, using circuits rather than software. If you hanker for the Good Old Days, we have an entire series on logic noise, doing the job with 4000 series CMOS logic.

Continue reading “Piezo Buzzer Makes A Drum”

A Direct Conversion Receiver Anyone Can Build

January 15, 2025 by 28 Comments

A couple of years ago one of the Hackaday Prize finalists was a project to take highschoolers through building a direct conversion radio receiver for the 40 metre amateur band. It was originated by the SolderSmoke podcast, and we’re pleased to see that they’ve recently put up an overview video taking the viewer through the whole project in detail.

It’s a modular design, with all the constituent building blocks broken out into separate boards on which the circuitry is built Manhattan style. Direct conversion receivers are pretty simple, so that leaves us with only four modules for oscillator, bandpass filter, mixer, and audio amplifier. We particularly like that it’s permeability tuned using a brass screw and an inductor, to make up for the once-ubiquitous variable capacitors now being largely a thing of the past.

A point that resonated was that most radio amateurs never make something like this. Arguments can be made about off-the-shelf rigs and chequebook amateurs, but we’d like to suggest that everyone can benefit from a feel for analogue circuitry even if they rarely have a need for a little receiver like this one. We like this radio, and we hope you will too after seeing the video below the break.

Need reminding? See the Hackaday.io project page, and the Hackaday Prize finalists from that year.

Continue reading “A Direct Conversion Receiver Anyone Can Build”

All The Attacks On The RP2350

January 15, 2025 by 30 Comments

Raspberry Pi’s new microcontroller, the RP2350, has a small section of memory that is meant for storing secrets. It’s protected by anti-glitching and other countermeasures, and the Raspberries wanted to test it. So this summer, they gave them out, pre-programmed with a secret string, as part of the badge for DEFCON attendees. The results of the cracking efforts are in, and it’s fair to say that the hackers have won.

First place went to [Aedan Cullen], who also gave a great talk about how he did it at 38C3. One of the coolest features of the RP2350, from a hacker perspective, is that it has dual ARM and dual RISC-V cores onboard, and they can be swapped out by multiplexers. The security module has a critical register that has disable bits for both of these processors, but it turns out that the ARM disable bits have priority. When [Aedan] glitched the security module just right, it disabled the ARM cores but left the RISC-V cores running in the secure context, with full debug(!), and the game was over. As of yet, there is no mitigation for this one, because it’s baked into the secure boot module’s silicon.

[Marius Muench] managed to pre-load malicious code into RAM and glitch a reboot-out-of-secure-mode on the USB module. This one is possibly fixable by checking other reboot flags. [Kévin Courdesses] has a sweet laser fault-injection rig that’s based on the 3D-printable OpenFlexure Delta Stage, which we’ve seen used for microscopy purposes, but here he’s bypassing the anti-glitching circuitry by exposing the die and hitting it hard with photons.

Finally, [Andrew Zonenberg] and a team from IOActive went at the RP2350 with a focused ion beam and just read the memory, or at least the pairwise-OR of neighboring bits. Pulling this attack off isn’t cheap, and it’s a more general property of all anti-fuse memory cells that they can be read out this way. Chalk this up as a mostly-win for the offense in this case.

If you want to read up on voltage glitching attacks yourself, and we promise we won’t judge, [Matthew Alt] has a great writeup on the topic. And ironically enough, one of his tools of choice is [Colin O’Flynn]’s RP2040-based Chip Shouter EMP glitcher, which he showed us how to make and use in this 2021 Remoticon talk.

Forget The Coax, Wire Up Your Antennas With Cat 6 Cable

January 15, 2025 by 65 Comments

These days, anything with copper in it is expensive. If you doubt that, a walk into any Home Depot electrical department, where the wire is locked up tighter than Fort Knox, will prove otherwise. Coaxial cable is a particularly expensive species, which is a pity for hams and other radio enthusiasts since it’s the only thing we can use for antenna feedlines.

Or is it? [Steve (VE6WZ)] has found a way to use ordinary Cat 6 Ethernet cable for antenna feed lines that seems pretty clever. As he points out, Ethernet cables are designed to handle frequencies that coincide nicely with most of the interesting amateur radio bands, and their insertion losses are acceptably low, especially for Cat 6 cable. The twisted pairs are also a balanced system that’s good at rejecting common mode noise. Cat 6 cable also has four pairs of conductors, allowing you to feed multiple antennas with one cable, or to distribute power to amplifiers and switches along with antenna feeds.

The downside? Cat6 conductor pairs have a characteristic impedance of around 100 ohms, which isn’t a match for the 50-ohm feedline impedance universally expected by ham radios. Also, the relatively small wires probably aren’t up to the job of carrying much current, limiting their use to feedlines for receive-only antennas. That works for [Steve] since he uses Cat 6 to support his massive Beverage antenna farm (Beverage antennas are non-resonant horizontal antennas that live close to the ground and point in the direction of the signal, rather than broadside to the signal as with a resonant antenna like a dipole.) Each antenna in his farm has a transimpedance amplifier that needs to be powered, plus switching relays so he can turn the correct antennas on for the signals he wants to receive. He describes the amps in detail in the video below, along with the custom impedance-matching transformers he uses and the combining gear.

Coax will probably still be the cable of choice for most feedline applications, but it’s nice to know there are alternatives. And who knows—if you stick to QRP work, maybe Cat 6 could even be used for transmitting.

Continue reading “Forget The Coax, Wire Up Your Antennas With Cat 6 Cable”