Scotty Allen Builds A USB Drive From An IPhone

May 2, 2018 by 13 Comments

What happens when you come across a mysterious, partially populated circuit board in the Huaqiangbei electronics market in Shenzhen? If you’re [Scotty Allen], the only answer is to make your own USB drive from iPhone parts.

[Scotty] made a name for himself through his YouTube channel Strange Parts where he built his own iPhone from scratch, added a headphone jack to an iPhone, and other various exploits involving hot air in Shenzhen. This latest build is no different. It begins with a random PCB [Scotty] found at the electronics market. It has a USB port on one end, it has pads for an iPhone memory chip, and it has an IC that looks like a USB to Flash converter.

The build involved finding a few broken iPhones, desoldering and reballing their Flash chips, and when those didn’t work, finding the correct Flash chips for this tiny little USB adapter board. Here, [Scotty] ran into trouble. The first Flash chip didn’t have the right pins, there was blue smoke, and the toolchain for initializing the USB to Flash IC was a mess.

In the end, [Scotty] managed to create a USB Flash drive after five or six visits to the electronics market, two stencils to reball Flash chips, and finding the OEM software for the USB to Flash chip on this very special PCB. That, itself, required Windows (the horror!), and finding the right version of the software.

Is this technically building a Flash drive purely from disposed iPhone components? We’d quibble. But is it a cool build, regardless? Absolutely. And the real story here is how quickly [Scotty] could iterate on his engineering. When the greatest electronics market is right around the corner, you can do anything with a microscope and a hot air gun.

Oh Great, WPA2 Is Broken

October 16, 2017 by 131 Comments

WPA2, the standard security for Wi-Fi networks these days, has been cracked due to a flaw in the protocol. Implications stemming from this crack range from decrypting Wi-Fi, hijacking connections, and injecting content. It’s fair to say, WPA2 is now Considered Harmful. The paper is available here (PDF).

This is a proof-of-concept exploit, and like all headline-making network security stories, it has a name. It’s called KRACK, for Key Reinstallation Attack. The key insight to this exploit is a vulnerability in the handshaking between routers and devices to establish a secure connection.

This is not the first time the researchers behind this exploit have found holes in WPA2. In a paper published by the KRACK researchers at the USENIX Symposium last August (PDF), they showed that the Random Number Generator used in 802.11 is flawed, ill-defined, and insecure. The researchers have also spoken at 33c3 on predicting WPA2 Group Keys.

The practical consequences of a poor definition and implementation of an RNG can be found in consumer hardware. The researchers found that in MediaTek-based routers, the only source of randomness is the current time. Meanwhile Broadcom-based routers do not use the RNG proposed by the 802.11 spec, but instead take the MD5 of the current time in microseconds. The researchers do not mention if the current time is a secret.

So what do we do now?

This has happened before. In 2001, WEP, the Wi-Fi security protocol many security-ignorant people are still running, was cracked in much the same was as KRACK. This quickly led to the development of Aircrack, and in 2003, the Wi-Fi Alliance rolled out WPA and WPA2. Sure, you can still select a deprecated security protocol for your router, but the problem of WEP hacking is as solved as it’s ever going to be.

The early 2000s were a different time when it came to wireless networks, though here in 2017 Wi-Fi permeates every cubic inch of our lives. Everything and everyone has Wi-Fi now. This is going to be a bit bigger than cracking WEP, but it remains possible to patch devices to ensure that this exploit is rendered useless. Install those security updates, people! Of course there will still be millions of unpatched devices in a year’s time, and for those routers, IoT baubles, and other wireless devices, turning on WPA2 will be akin to having no security at all.

That said, this isn’t a world-ending Armageddon in the way the botnet of webcams was. You will only be vulnerable if an attacker is within range of your router, and you will still be secure if you’re accessing secure websites. However, turning off Wi-Fi on your phone, relying on mobile data, not ignoring HTTPS cert warnings, and plugging into an Ethernet port might not be a bad idea.

An Android Phone Makes A Better Server Than You’d Think

March 22, 2017 by 52 Comments

There was a time a few years ago when the first Android phones made it to market, that they seemed full of promise as general purpose computers. Android is sort of Linux, right, or so the story went, so of course you must be able to run Linux on an Android phone and do all sorts of cool stuff with it.

As anyone who tried to root an Android phone from 2010 will tell you, it was a painful and unrewarding process. There was normally a convoluted rooting process followed by somehow squeezing your own Linux filesystem tree onto the device, then chroot-ing into it. You’d then have to set up a VNC server and VNC into it, and eventually you’d feel immensely proud of your very slow tiny-screen Linux desktop that you’d slaved over creating. It was one of those things that’s simple in theory, but extremely convoluted in practice.

But six years have passed since those days, phones have gotten much faster and so has the software for tasks such as rooting, so maybe it’s time to return to the topic of Linux on an Android device. [Pete Scargill] gave it a try when a friend gave him a Chinese quad-core Android phone with a broken screen. He proceeded to put a Debian installation on it, upon which he runs his collection of server processes.

Rooting the phone was straightforward process using the KingRoot app, a sideloaded version as it seems there’s a bogus copy on the Play Store. Then bringing a Linux system to it could be achieved with the LinuxDeploy app. The result is surprisingly useful, after some installation steps upon which he goes into detail.

You might ask what would be the point of this exercise, given that you can do the same thing much more easily with a single board computer such as a Raspberry Pi. But to buy a Pi, SD card, screen, and UPS, as he points out you’d have to spend a lot more than you would for a second-hand phone from eBay — or a free, slightly broken, one from friends or family.

If getting more from your Android phone is your thing, perhaps you’d like to know about installing Busybox on it. We’ve also advocated for using old Android phones for ARM dev.

IPhone Brain Surgery

February 24, 2017 by 44 Comments

You think you’re good at soldering? Can you solder a CPU? A CPU inside an iPhone? A decapped CPU inside an iPhone? Can you solder inside a decapped CPU inside of an iPhone?

If you can’t, fear not – someone can, and we found him or her courtesy of a video that [Bunnie Huang] tweeted a while back. There’s not much information in the video, but from what we can gather it comes from an outfit called G-Lon Technology in Guang Zhou. Their Facebook page suggests that they teach cellphone repair, and if they take their repairs this far, we’d say the students are getting their tuition’s worth.

The reason for the repair is unclear, although the titles refer to a “CPU to U0301 AP31 AR31 broken repair,” which we take to refer to a boot error that can be repaired by exposing a couple of pads inside the CPU and wiring them to another chip. We’d love to hear comments from anyone familiar with the repair, but even in the absence of a clear reason for undertaking this, the video is pretty impressive. The epoxy cap of the CPU is painstakingly ground away under a microscope, then tiny tools are used to scrape down to the correct layers. Solder mask is applied, hair-thin wires are tacked to the pads, and a UV-curing resin is applied to fill the CPU’s new gaping hole and to stabilize the wires. It seems like a lot of work to save an iPhone, but it sure is entertaining to watch.

Can’t get enough of poking around the innards of chips? We’ve got decapping stories aplenty: one, two, and three that you might like. We’ve even covered at least one CPU internal repair before too.

Continue reading “IPhone Brain Surgery”

How To Fix Your Broken Onion Omega2

February 11, 2017 by 55 Comments

A decade ago, while RISC architecture was busy changing everything and people were wearing Utilikilts without beards, hackers were doing something amazing. They repurposed off-the-shelf routers and turned them into what we would now call the Internet of Things. Need to set up a PBX? A Linksys router will do it. Want to drive a remote control car over the Internet? It’s your old friend, WRT54G.

Now that the Internet of Things is a thing, a few companies have realized people will buy bare bones router chipsets. It’s like an Arduino, or something, and it connects to the Internet. We’ll sell a million. Get Indiegogo on the phone.

The Onion Omega2 launched on Kickstarter last year, and so far has seen some success. They’ve shipped their units, and people are generally happy with them. One thing that wasn’t mentioned in the Kickstarter was the fundamental problem with the design. The pins on this seemingly breadboard-compatible dev board have a pitch of two millimeters. Horribly broken. Huge mistake. Terrible deal.  Not the best people we have working on this.

onion
Imperial is a superior unit of measurement. Metric is outdated.

The Onion Omega2 won’t fit in a breadboard, but Onion does offer a breakout ‘expansion dock’ for $15 USD. There’s a better, cheaper solution, though. You can complain about it on Hackaday.io’s Hack Chat. That’s what [zach] did, and a few minutes later, [davedarko] whipped up a quick PCB design to convert the 2mm header to the much more logical 0.1 inch header. Imperial units win once again.

After sending three dollars and twenty cents to OSHPark, [zach] had his pin adapters in hand. A few minutes with a soldering iron, and the Onion Omega2 is made compatible with every breadboard ever made.

If you have an Onion Omega2 and would like a really cool hexagonal sticker, here’s the project on OSHPark.

Forget Wifi Or Bluetooth, Pair Directly With Your Phone’s Speaker

October 30, 2016 by 14 Comments

[Kedar Nimbalkar] hyperbolically advertises the ultimate cell phone speaker dock. It costs a dollar. It doesn’t need you to pair with it via Bluetooth or WiFi. It pairs extremely fast, 0.000000000001, he clarifies. It may also look like a broken laptop speaker with a stomped wall wart soldered to it, but who can keep up with industrial design trends these days?

He shows us the device in operation. He starts playing some music on his phone’s speaker. It’s not very loud, so he simply lays the phone on the dock. Suddenly, all the audio fidelity a Dell Lattitude from the 90s can provide erupts from the device! How is this done?

Of course, there’s not much to the trick. Since the cellphone speaker is a coil it can induce a small current in another coil. The resulting voltage can be picked up by an audio amplifier and played through the speakers. Nonetheless it’s pretty cool, and we like his suggestion of betting our friends that we could wirelessly pair with their ear buds. Video after the break.

Continue reading “Forget Wifi Or Bluetooth, Pair Directly With Your Phone’s Speaker”

Retrotechtacular: Whatever Happened To The Paper Mobile Phone

October 19, 2016 by 54 Comments

It was one of the more interesting consumer tech stories floating around at the turn of the century, a disposable cell phone manufactured using a multi-layer folded paper circuit board with tracks printed in conductive ink. Its feature set was basic even by the standards of the day in that it had no display and its only function was to make calls, but with a target price of only $10 that didn’t matter. It was the brainchild of a prolific New Jersey based inventor, and it was intended to be the first in a series of paper electronic devices using the same technology including phones with built-in credit card payment ability and a basic laptop model.

The idea of a $10 mobile phone does not seem remarkable today, it’s possible that sum might now secure you something with features far in excess of the Nokias and similar that were the order of the day at that time. But when you consider that those Nokias could have prices well into three figures without a contract, and that the new features people considered exciting were things like integrated antennas or swappable coloured plastic covers rather than the multicore processors or high-res cameras we’re used to today, a phone so cheap as to be disposable promised to be very disruptive.

The web site publicity shot for the disposable paper phone.
The web site publicity shot for the disposable paper phone.

The product’s wonderfully dated website (Wayback Machine link, we’ve skipped the Flash intro for you) has pictures of the device, and the video below the break features shots of it in use as its inventor is interviewed. But by the end of 2002 the Wayback Machine was retrieving 404 errors from the server, and little more was heard of the product. No sign of one ever came our way; did any make it to market, and did you have one?

With the benefit of fifteen years hindsight, why did we not have paper mobile phones as part of the ephemera of the early years of the last decade? It was not a product without promise; a ten-dollar phone might have been a great success. And the description of a cheap laptop that talks to a remote server for its software sounds not unlike today’s Chromebooks.

Some of you might claim the product was vapourware, but given that they demonstrated a working prototype we’d hesitate to go that far. The likelihood is that it did not find the required combination of component price and manufacturing ease to exploit its intended market segment before its competition improved to the point that it could no longer compete. If you have ever taken apart a typical mobile phone of the period you’ll have some idea of why they were not cheap devices, for example the RF filter modules of the day were individually adjusted precision components. And paper-and-ink printed circuit boards are still a technology with a way to go even now, perhaps the idea was simply too far ahead of its time. Meanwhile within a relatively short period of time the price of simple candybar phones dropped to the point at which they would tempt the $10 buyer to spend more for a better product, so the window of opportunity had passed.

Continue reading “Retrotechtacular: Whatever Happened To The Paper Mobile Phone”