An Overview Of The Dreaded EMC Tests

February 20, 2017 by 43 Comments

There is one man whose hour-long sessions in my company give me days of stress and worry. He can be found in a soundless and windowless room deep in the bowels of an anonymous building in a town on the outskirts of London. You’ve probably driven past it or others like it worldwide, without being aware of the sinister instruments  that lie within.

The man in question is sometimes there to please the demands of the State, but there’s nothing too scary about him. Instead he’s an engineer and expert in electromagnetic compatibility, and the windowless room is a metal-walled and RF-proof EMC lab lined with ferrite tiles and conductive foam spikes. I’m there with the friend on whose work I lend a hand from time to time, and we’re about to discover whether all our efforts have been in vain as the piece of equipment over which we’ve toiled faces a battery of RF-related tests. As before when I’ve described working on products of this nature the specifics are subject to NDAs and in this case there is a strict no-cameras policy at the EMC lab, so yet again my apologies as any pictures and specifics will be generic.

There are two broadly different sets of tests which our equipment will face: RF radiation, and RF injection. In simple terms: what RF does it emit, and what happens when you push RF into it through its connectors and cables? We’ll look at each in turn as a broad overview pitched at those who’ve never seen inside an EMC lab, sadly there simply isn’t enough space in a Hackaday article to cover every nuance.

Continue reading “An Overview Of The Dreaded EMC Tests”

Project Zero Finds A Graphic Zero Day

February 20, 2017 by 46 Comments

After finding the infamous Heartbleed vulnerability along with a variety of other zero days, Google decided to form a full-time team dedicated to finding similar vulnerabilities. That team, dubbed Project Zero, just released a new vulnerability, and this one’s particularly graphic, consisting of a group of flaws in the Windows Nvidia Driver.

Most of the vulnerabilities found were due to poor programming techniques. From writing to user provided pointers blindly, to incorrect bounds checking, most vulnerabilities were due to simple mistakes that were quickly fixed by Nvidia. As the author put it, Nvidia’s “drivers contained a lot of code which probably shouldn’t be in the kernel, and most of the bugs discovered were very basic mistakes.”

When even our mice aren’t safe it may seem that a secure system is unattainable. However, there is light at the end of the tunnel. While the bugs found showed that Nvidia has a lot of work to do, their response to Google was “quick and positive.” Most bugs were fixed well under the deadline, and google reports that Nvidia has been finding some bugs on their own. It also appears that Nvidia is working on re-architecturing their kernel drivers for security. This isn’t the first time we’ve heard from Google’s Project Zero, and in all honesty, it probably won’t be last.

HackBusting: Can You Fake A TV Remote With A Lighter And Some Paper?

February 20, 2017 by 62 Comments

We recently published an article where someone apparently controlled their TV by simulating a remote with merely a lighter and a sheet of paper. The paper had a barcode like cutout for a supposed “Universal Standby Signal”. The video rightfully attracted a substantial crowd, some awestruck by its simplicity, others sceptical about its claims.

Coming from some generic “Viral Life Hack” production house, the characteristic blare of background music, more suited to an underground rave than a technical video, certainly did not do it any favours. As any moderately experienced campaigner would know, modern televisions and remotes have been carefully engineered  to prevent such mishaps. Many of us at Hackaday, were under the impression that it would take something slightly more sophisticated than a fluorescent-bodied lighter and a crisp sheet of A4 to deceive the system. So we tested it out. Our verdict? Unlikely, but not impossible. (And we’re pretty sure that the video is a fake either way.) But enough speculation, we’re here to do science.

Continue reading “HackBusting: Can You Fake A TV Remote With A Lighter And Some Paper?”

33C3: Dissecting 3G/4G Phone Modems

February 20, 2017 by 21 Comments

[LaForge] and [Holger] have been hacking around on cell phones for quite a while now, and this led to them working on the open cellphone at OpenMoko and developing the OsmocomBB GSM SDR software. Now, they are turning their sights on 3G and 4G modems, mostly because they would like to use them inside their own devices, but would also like to make them accessible to the broader hacker community. In this talk at the 33rd Chaos Communications Congress (33C3), they discuss their progress in making this darkest part of the modern smartphone useful for the rest of us.

This talk isn’t about the plug-and-play usage of a modern cell-phone modem, though, it’s about reprogramming it. They pick a Qualcomm chipset because it has a useful DIAG protocol, and in particular choose the Quectel EC20 modem that’s used in the iPhone5, because it makes the DIAG stream easily available.

Our story begins with a firmware upgrade from the manufacturer. They unzipped the files, and were pleasantly surprised to find that it’s actually running Linux, undocumented and without the source code being available. Now, [LaForge] just happens to be the founder of gpl-violations.org and knows a thing or two about getting code from vendors who use Linux without following the terms and conditions. The legal story is long and convoluted, and still ongoing, but they got a lot of code from Quectel, and it looks like they’re trying to make good.

Qualcomm, on the other hand, makes the Linux kernel source code available, if not documented. (This is the source on which Quectel’s code is based.) [LaForge] took over the task of documenting it, and then developing some tools for it — there is more going on than we can cover. All of the results of their work are available on the wiki site, if you’re getting ready to dig in.

Continue reading “33C3: Dissecting 3G/4G Phone Modems”

Tesseract Infinity Desk

February 20, 2017 by 13 Comments

We’ve all seen infinity mirrors. Even Mr. Spock had one in the Star Trek movies. Usually, these aren’t very large and hang on the wall. [QuackMasterDan] decided (after watching another movie, Interstellar) to try making a desk using the same idea. We aren’t sure it will make you more productive, but if you want to up your office cool factor, consider building his tesseract infinity desk. In fact, we imagine it would be pretty distracting. Sure to be a conversation starter, though.

Unlike a regular two-plate infinity mirror, [Dan’s] desk has six plates. He used metal for the structural parts of the desk and the top is a sandwich of an acrylic mirror and a large piece of half-inch tempered glass (available–unsurprisingly–on Amazon). There’s also privacy film to make the glass into a one-way mirror. He also includes instructions on how to make a wood version, too. You can see the desk in a video, below.

Continue reading “Tesseract Infinity Desk”

Custom Parts Put IKEA Window Shades On IoT

February 19, 2017 by 18 Comments

No matter what the project is about, we’re always suckers for nicely integrated builds with good fit and finish. There’s a certain appeal to rat’s nest wiring on a breadboard, and such projects are valuable because they push the limits. But eventually you need to go from prototype to product, and that’s where this IKEA window shade automation project shines.

Integration is more than just putting everything in a nice box, especially for home automation gear – it really needs to blend. [ehsmaes] roller blind motorization project accomplishes that nicely with a 3D-printed case for the electronics, as well as a custom case for the geared stepper motor to drive the shade. The drive replaces the standard spring-loaded cap on the end of the IKEA Tupplur shade, and the neutral color of both cases blends nicely with the shade and surroundings. The control electronics include a NodeMCU and a motor shield; [eshmaes] warns that narrow shades work just fine off of USB power, but that wider windows will need a power boost. The IoT end of things is taken care of by MQTT and OpenHab, allowing the shades to be raised and lowered to any position. The short video below shows the calibration procedure for the shade.

Need a primer on MQTT? We’ve got you covered. Or perhaps you need to control the windows rather than the treatments.

Continue reading “Custom Parts Put IKEA Window Shades On IoT”

An Electronic 90V Anode Battery

February 19, 2017 by 46 Comments

One of the miracle technological gadgets of the 1950s and 1960s was the transistor radio. Something that can be had for a few dollars today, but which in its day represented the last word in futuristic sophistication. Of course, it’s worth remembering that portable radios were nothing new when the transistor appeared. There had been tube radios in small attaché cases, but they had never really caught the imagination in the same way. They were bulky, like all tube radios they had to warm up, and they required a pair of hefty batteries to work.

If you have a portable tube radio today, the chances are you won’t be able to use it. The low voltage heater battery can easily be substituted with a modern equivalent, but the 90V anode batteries are long out of production. Your best bet is to build an inverter, and if you’re at a loss for where to start then [Ronald Dekker] has gone through a significant design exercise to produce a variety of routes to achieve that goal. It’s a page that’s a few years old, but still a fascinating read.

A problem with these radios lies with their sensitivity to noise. They are AM receivers from an era with a low electrical noise floor, so they don’t react well to high-frequency switch-mode power supplies. Thus, the inverters usually tasked for projects like this are low-frequency, at 50Hz as this is a European project, to mimic one source of electrical noise that would have been an issue for the designers in the 1950s.

We are taken through transformer selection and a variety of discrete inverter designs using multivibrators, investigating how to maximize efficiency through careful manipulation of switch-on and switch-off times. Then a PIC microcontroller design is presented, and finally a CMOS ring counter.

The final converter is mounted in a diecast box and covered with a printed card shell to mimic a period battery. If you weren’t intimately familiar with battery tube radios, you might mistake it for the real thing.

We’ve featured one of [Ronald]’s designs before, though only in passing. His Nixie PSU was used in this rather frightening clock with no PCB.