Side Channel Attacks Against Mixed Signal Microcontrollers

July 30, 2018 by 7 Comments

You shouldn’t transmit encryption keys over Bluetooth, but that’s exactly what some popular wireless-enabled microcontrollers are already doing. This is the idea behind Screaming Channels, an exploit published by researchers at EUERCOM, and will be a talk at Black Hat next week. So far, the researchers have investigated side-channel attacks on Bluetooth-enabled microcontrollers, allowing them to extract tinyAES keys from up to 10 meters away in controlled environments. A PDF of the paper is available and all the relevant code is available on GitHub.

The experimental setup for this exploit consisted of a BLE Nano, a breakout board for a Nordic nRF52832 Bluetooth microcontroller, a Hack RF, a USRB N210 software defined radio from Ettus, and a few high-gain antennas and LNAs. The example attack relies on installing firmware on the BLE Nano that runs through a few loops and encrypts something with tinyAES. Through very careful analysis of the RF spectrum, the AES keys can be extracted from the ether.

Side channel attacks have received a bit more popularity over recent years. What was once limited to Three Letter Agency-level Van Eck phreaking can now be done inexpensively and in a system with devices like the ChipWhisperer.

Of course, this is only a demonstration of what is possible with side-channel attacks in a highly controlled environment with a significant amount of work gone into the firmware running on the microcontroller. This isn’t evidence that balaclava-wearing hackers are sniffing your phone from across the parking lot to get the password to your Instagram account, but it does show what is possible with relatively cheap, off-the-shelf hardware.

Amiga Repairs Put One Tough Little Machine Back In Service

July 30, 2018 by 8 Comments

Returning a piece of retro hardware to factory condition is generally a labor of love for the restorationist. A repair, on the other hand, is more about getting a piece of equipment back into service. But the line between repair and restoration is sometimes a fine one, with the goals of one bleeding over into the other, like in this effort to save an otherwise like-new Amiga 2000 with a leaky backup battery.

Having previously effected emergency repairs to staunch the flow of electrolyte from the old batteries and prevent further damage, [Retromat] entered the restoration phase of the project. The creeping ooze claimed several caps and the CPU socket as it spread across the PCB, but the main damage was to the solder resist film itself. In the video below you can clearly see flaky, bubbly areas in the mask where the schmoo did its damage.

Using a fiberglass eraser, some isopropyl alcohol, and far more patience than we have, [Retromat] was able to remove the damaged resist to reveal the true extent of the damage below. Thankfully, most of the traces were still intact; only a pair of lines under the CPU socket peeled off as he was removing it. After replacing them with fine pieces of wire, replacing the corroded caps and socket, and adding a coin-cell battery holder to replace the old battery, the exposed traces were coated with a varnish to protect them and the machine was almost as good as new.

Amigas were great machines in their day and launched more than one business. They’ve proved their staying power too, some even in mission-critical roles.

Continue reading “Amiga Repairs Put One Tough Little Machine Back In Service”

The Nitty-Gritty Of Making A Brass Clock

July 29, 2018 by 23 Comments

Among all the timepieces that we feature here at Hackaday, surprisingly we bring you relatively few clocks. That might seem an incomprehensible statement given the plethora of, well, clocks, that appear here, but it’s one that hinges upon the type of clock. Electronic clocks of extreme skill, complexity, and beauty, yes, but traditional mechanical clocks? Not so many.

So [Thonemeister]’s wall-mounted brass alarm clock was a welcome sight on our tips line, and his write-up is a fascinating exposition of the path taken by a novice clockmaker on their first build. He starts by describing his workshop, then steps methodically through each of the constituent parts of the clock.

We see the frame, escapement mechanism, gears, and movement taking shape, and we learn something about clockmaker’s tools from the pitfalls he encountered. He was a complete lathe novice at the start of this build, and it’s fun to follow along with his learning curve. As we see thed finished clock taking shape, we even get to see the little touches like forming the hooks for the weights. He bought the bell for the clock off-the-shelf, not wishing to expend the considerable piece of brass stock it would have taken to machine it himself. But for the most part, this is an engaging scratch build you won’t want to miss.

Many of us will never make a traditional clock. But that need not stop us finding the work that goes into one an extremely fascinating read. We have more for you if this has whetted your appetite: you’ll be interested in the escapement mechanism, and if brass is a bit much, how about wood?

Robot Rovers Of The Early Space Race

July 29, 2018 by 3 Comments

In the early 1970s, the American space program was at a high point, having placed astronauts upon the surface of the moon while their Soviet competitors had not taken them beyond an Earth orbit. It is however a simplistic view to take this as meaning that NASA had the lead in all aspects of space exploration, because while Russians had not walked the surface of our satellite they had achieved a less glamorous feat of lunar exploration that the Americans had not. The first Lunokhod wheeled rover had reached the lunar surface and explored it under the control of earth-bound engineers in the closing months of 1970, and while the rovers driven by Apollo astronauts had placed American treadmarks in the  lunar soil and been reproduced on newspaper front pages and television screens worldwide, they had yet to match the Soviet achievements with respect to autonomy and remote control.

At NASA’s Jet Propulsion Laboratory there was a project to develop technology for future American rovers under the leadership of [Dr. Ewald Heer], and we have a fascinating insight into it thanks to the reminiscences of [Mike Blackstone], then a junior engineer.

The aim of the project was to demonstrate the feasibility of a rover exploring a planetary surface, picking up, and examining rocks. Lest you imagine a billion dollar budget for gleaming rover prototypes, it’s fair to say that this was to be achieved with considerably more modest means. The rover was a repurposed unit that had previously been used for remote handling of hazardous chemicals, and the project’s computer was an extremely obsolete DEC PDP-1.

We are treated to an in-depth description of the rover and its somewhat arcane control system. Sadly we have no pictures save for his sketches as the whole piece rests upon his recollections, but it sounds an interesting machine in its own right. Heavily armoured against chemical explosions, its two roughly-humanoid arms were operated entirely by chains similar to bicycle chains, with all motors resting in its shoulders. A vision system was added in the form of a pair of video cameras on motorised mounts, these could be aimed at an object using a set of crosshairs on each of their monitors, and their angles read off manually by the operator from the controls. These readings could then be entered into the PDP-1, upon which the software written by [Mike] could calculate the position of an object, calculate the required arm positions to retrieve it, and command the rover to perform the required actions.

The program was a success, producing a film for evaluation by the NASA bigwigs. If it still exists it would be fascinating to see it, perhaps our commenters may know where it might be found. Meanwhile if the current JPL research on rovers interests you, you might find this 2017 Hackaday Superconference talk to be of interest.

Thanks [JRD] for the tip.

Hackaday Links Column Banner

Hackaday Links: July 29, 2018

July 29, 2018 by 17 Comments

Another holy scroll for the Church of Robotron. PoC || GTFO is a semi-annual journal of hardware exploitation, and something you must read. About a year ago, No Starch Press released the first Bible of PoC || GTFO, and now it’s time for a new testament. PoC || GTFO Volume 2 is out now, covering Elegies of the Second Crypt War to Stones from the Ivory Tower, Only as Ballast. It’s still Bible-shaped, with a leatherette cover and gilt edges.

KiCad version 5 is out, and you know what that means: It’s time to start on version 6. To that end, CERN has opened up the floodgates where youyes, you can donate to KiCad development. The team is looking for 600 hours of development and 30,000 Swiss Francs or about that many US Dollars. As of this writing (last Wednesday), more than 200 people have donated, at an average donation per person of about 80 CHF.

Oh good, this is finally over. Qualcomm will not be buying NXP. Previously, Reuters reported Qualcomm would purchase the other semiconductor manufacturer for $38 Billion, the largest semiconductor deal ever. There were earlier rumors of an acquisition. The deal was struck down by Chinese regulators, and speculation rages that this is a reaction to the US/China trade war. Qualcomm now has to pay NXP $2 Billion in fees, which they could use to dig out some of the unobtanium Motorola datasheets locked away in a file cabinet.

The uStepper (or μStepper, whatever) is a neat little add-on to standard NEMA stepper motors. It bolts to the back and gives you the ability to control a stepper over a standard serial bus, with a built-in encoder. Now there’s a new Kickstarter for an improved version that uses the Trinamic TMC2208 ‘silent’ motor driver. That Kickstarter is just a draft now, but if you’re planning a 3D printer build, this could be what you’re waiting for.

Vampire Charger Is A Rugged Anything-to-5VDC Converter

July 29, 2018 by 43 Comments

USB sockets providing 5 VDC are so ubiquitous as a power source that just about any piece of modern portable technology can use them to run or charge. USB power is so common, in fact, that it’s easy to take for granted. But in an emergency or in the wake of a disaster, a working cell phone or GPS can be a life saver and it would be wise not to count on the availability of a clean, reliable USB power supply.

That’s where the Vampire Charger by [Matteo Borri] and [Lisa Rein] comes in. It is a piece of hardware focused on turning just about any source or power one might possibly have access to into a reliable source of 5 VDC for anything that can plug in by USB. This is much more than a DC-DC converter with a wide input range; when they say it is made to accept just about anything as an input, they mean it. Found a working power source but don’t know what voltage it is? Don’t know which wire is positive and which is negative? Don’t even know whether it’s AC or DC? Just hook up the alligator clips and let the Vampire Charger figure it out; when the light is green, the power’s clean.

The Vampire Charger was recently selected to move on to the final round of The Hackaday Prize, netting $1000 cash in the process. The next challenge (which will have another twenty finalists receiving $1000 each) is the Human-Computer Interface challenge. All you need to enter is an idea and some documentation, so dust off that project that’s been waiting for an opportunity, because here it is.

The HackadayPrize2018 is Sponsored by:

Flexible PCB Becomes The Actuator

July 29, 2018 by 13 Comments

An electromagnetic coil gun takes a line of electromagnets working together to form a moving electromagnetic field. These fields accelerate a project and boom, you have electricity moving matter, often at an impressive rate of speed.

[Carl Bugeja] has taken the idea and in a sense turned it upon its head with his flexible PCB actuator. Now the line of electromagnets are the moving part and the magnetic object the stationary one. There is still a line of flat PCB inductors in the classic coil gun configuration, but as the title suggests on a flexible substrate.

The result is a curiously organic motion reminiscent of some lizards, caterpillars, or snakes. It can move over the magnet in a loop, or flex in the air above it. It’s a novel moving part, and he’s treated us to a video which we’ve placed below the break.

He has plans to put it to use in some form of robot, though while it certainly has promise we’d be interested to know both what force it can produce and whether flexible PCB is robust enough for repeated operation. We salute him for taking a simple idea and so effectively proving the concept.

We’ve brought you [Carl]’s work before, most notably with his PCB motor.

Continue reading “Flexible PCB Becomes The Actuator”