Vintage Apple Keyboard Revived As Standalone Computer

December 10, 2014 by 23 Comments

Many of our readers are familiar with the gold standard of classic PC keyboards – the bunker with switches known as the IBM Model M. The Model M’s Apple contemporary is the Apple Extended Keyboard and they are just as highly sought-after by their respective enthusiasts. Though discontinued almost 25 years ago and incompatible with anything made in the last 15, the codenamed “Saratoga” is widely considered the best keyboard Apple ever made.

[Ezra] has made a hobby of modernizing these vintage heartthrobs and rescuing them from their premature obsolescence. In a superbly documented tutorial he not only shows how to convert them to USB (a popular and trivial hack), but teaches you how and where to smuggle a Raspberry Pi in as well.

After disassembly, the project requires only a little bit of chisel and Dremel work before the soldering iron comes out. [Ezra] was fairly meticulous in removing or redirecting the Pi’s connectors and hardwiring the internals. Only 3 pins need to be traced from the original keyboard and [Ezra]’s ADB–>USB Rosetta Stone of choice is the Hasu Converter running on a Atmega 32u4 clone. Balancing cost, range, and power draw from the Pi, he settled on the TP-LINK WN722N for his WiFi solution which is also tucked away inside the case. A single pullup resistor to finish it off and [Ezra] was delighted to discover it worked the first time he plugged it in.

Keyboards from this era use actual momentary switches that audibly click twice per keypress. In our world of screens-as-keys celebrating the lack of tactile constraints, using beasts like the Model M or the AEK to force transistors to do your bidding is like racking a shotgun during a game of lasertag – comically obtuse but delightfully mechanical.

If you are looking to expand on [Ezra]’s tinkering, he has already made a wishlist of additions: a toggle switch to lobotomize the Pi back into a plain USB keyboard, an internal USB hub, and a power switch.

Hear the video of an AEK in action after the break (or loop it to sound productive while you nap).

Continue reading “Vintage Apple Keyboard Revived As Standalone Computer”

YikYak

Yik Yak MITM Hack (Give The Dog A Bone)

December 10, 2014 by 24 Comments

Yik Yak is growing in popularity lately. If you are unfamiliar with Yik Yak, here’s the run down. It’s kind of like Twitter, but your messages are only shared with people who are currently within a few miles of you. Also, your account is supposed to be totally anonymous. When you combine anonymity and location, you get some interesting results. The app seems to be most popular in schools. The anonymity allows users to post their honest thoughts without fear of scrutiny.

[Sanford Moskowitz] decided to do some digging into Yik Yak’s authentication system. He wanted to see just how secure this “anonymous” app really is. As it turns out, not as much as one would hope. The primary vulnerability is that Yik Yak authenticates users based solely on a user ID. There are no passwords. If you know the user’s ID number, it’s game over.

The first thing [Sanford] looked for was an encrypted connection to try to sniff out User ID’s. It turned out that Yik Yak does actually encrypt the connection to its own servers, at least for the iPhone app. Not to worry, mobile apps always connect to other services for things like ad networks, user tracking, etc. Yik Yak happens to make a call to an analytics tool called Flurry every time the app is fired. Flurry needs a way to track the users for Yik Yak, so of course the Yik Yak App tells Flurry the user’s ID. What other information would the anonymous app have to send?

Unfortunately, Flurry disables HTTPS by default, so this initial communication is in plain text. That means that even though Yik Yak’s own communications are protected, the User ID is still exposed and vulnerable. [Sanford] has published a shell script to make it easy to sniff out these user ID’s if you are on the same network as the user.

Once you have the user ID, you can take complete control over the account. [Sanford] has also published scripts to make this part simple. The scripts will allow you to print out every single message a user has posted. He also describes a method to alter the Yik Yak installation on a rooted iPhone so that the app runs under the victim’s user ID. This gives you full access as if you owned the account yourself.

Oh, there’s another problem too. The Android app is programmed to ignore bad SSL certificates. This means that any script kiddie can perform a simple man in the middle attack with a fake SSL certificate and the app will still function. It doesn’t even throw a warning to the user. This just allows for another method to steal a user ID.

So now you have control over some poor user’s account but at least they are still anonymous, right? That depends. The Yik Yak app itself appears to keep anonymity, but by analyzing the traffic coming from the client IP address can make it trivial to identify a person. First of all, [Sanford] mentions that a host name can be a dead giveaway. A host named “Joe’s iPhone” might be a pretty big clue. Other than that, looking out for user names and information from other unencrypted sites is easy enough, and that would likely give you everything you need to identify someone. Keep this in mind the next time you post something “anonymously” to the Internet.

[via Reddit]

Reverse Engineering The Proto X Quadcopter Radio

December 10, 2014 by 10 Comments

Just a few years ago, palm sized radio controlled toys were nothing more than a dream. Today, you can find them at every mall, toy store, and hobby shop. [Alvaro] couldn’t resist the tiny Estes Proto X quadcopter. While he enjoyed flying the Proto X, he found that the tiny controller left quite a bit to be desired. Not a problem for [Alvaro], as he embarked on a project to reverse engineer the little quad.

Inside the quadcopter and its lilliputian radio, [Alvaro] found a STM8 based processor and an Amiccom A7105 2.4G FSK/GFSK Transceiver radio. The A7105 is well documented, with datasheets easily obtained on the internet.  The interface between the processor and the radio chip was the perfect place to start a reverse engineering effort.

With the help of his Saleae logic analyzer, [Alvaro] was able to capture SPI data from both the quadcopter and the transmitter as the two negotiated a connection. The resulting hex files weren’t very useful, so [Alvaro] wrote a couple of Python scripts to decode the data. By operating each control during his captures, [Alvaro] was able to reverse engineer the Proto X’s control protocol. He tested this by removing the microcontroller from the remote control unit and wiring the A7105 to a STM32F4 dev board. Connecting the STM32 to his computer via USB, [Alvaro] was able to command the quad to take off. It wasn’t a very graceful flight, but it did prove that his grafted control system worked. With basic controls covered, [Alvaro] knocked up a quick user interface on his computer. He’s now able to fly the quadcopter around using keyboard and mouse. Not only did this prove the control system worked, it also showed how hard it is to fly a real aircraft (even a tiny model) with FPS controls.

The Estes Proto X is actually manufactured by Hubsan, a China based manufacturer best known for the x4 series of mini quadcopters. Since the Proto X and the x4 share the same communication protocol, [Alvaro’s] work can be applied to both. With fully computer controlled quads available for under $30 USD, we’re only a few cameras (and a heck of a lot of coding) away from cooperative drone swarms akin to those found in the University of Pennsylvania GRASP Lab.

Continue reading “Reverse Engineering The Proto X Quadcopter Radio”

The Epoch Christmas Tree

December 10, 2014 by 8 Comments

It’s that time of the year again, and the halls are being decked with trees, the trees covered in lights, and everyone working in retail is slowly going insane from Christmas songs piped over the PA. [Dan] has a tree and a bunch of programmable LEDs, but merely pumping jollity down that strip of LEDs wouldn’t be enough. The Nerd Quotient must be raised even higher with a tree that displays a Unix timestamp.

This build was inspired by an earlier, non-tree-based build that displays Unix time on a 32 LED array. That build used an ATMega328p for toggling LEDs on and off. This time around, [Dan] is using a dedicated LED controller – the AllPixel – that just wrapped up a very successful Kickstarter campaign. The AllPixel is, in turn, controlled by a Raspberry Pi running the BiblioPixel library,

The tree displays the current time stamp in binary across 32 spaces, with green representing a ‘one’ and a red representing ‘zero’. The top of the tree is the least significant bit, but in case [Dan] gets tired of the bottom of the tree staying completely still for the rest of this holiday season, he can switch the order making the base of the tree the LSB.

Video below.

Continue reading “The Epoch Christmas Tree”

Trinket Everyday Carry Contest Drawing #2 Results

December 9, 2014 by 6 Comments

We’ve held our second drawing for the Trinket Everyday Carry Contest. This week we used a Pro Trinket to pick the random winner. The winner is [mikeneiderhauser] with his project WorkoutAid!

workoutaid[Mike] loves hitting the gym, but hates pulling out his phone or fumbling with his headphones to change songs during his routine. WorkoutAid is designed to fix this problem. It’s essentially a Bluetooth media display and remote. Track metadata will be displayed on a 128×64 OLED. 6 buttons will allow the user to change tracks, volume, or perform other functions. The whole device will communicate with a custom Android application through an RN42X Bluetooth radio.

trinket-prize-cordwoodWe hope [Mike] enjoys his new Cordwood Puzzle from The Hackaday Store. No jigsaws here, cordwood is a puzzle that involves solder! It’s built using the cordwood assembly technique which was popular in the 1950’s and 1960s. We’re not kidding about it being a puzzle either – there are no instructions for this kit! [Mike] will know he’s got it right when all 3 LEDs light up.

buspirate2

If you didn’t win this week, don’t worry, there are still three more chances to win a random drawing! Our next drawing will be on 12/16/2014 at 9pm EST. The prize will be the ever handy Bus Pirate V3.6. To be eligible you need to submit your project as an official entry and publish at least one project log during the week.

The deadline for the big contest is January 2, 2014! More than 60 projects are entered so far, but only the top 50 will receive custom t-shirts. The top three projects will win some seriously awesome prizes, including a Rigol DS1054Z Oscilloscope, a Fluke 179 meter, and a Hakko/Panavise soldering bundle.

So what are you waiting for? Get off the couch and get hacking!

Digging Into The APA102 Serial LED Protocol

December 9, 2014 by 18 Comments

[Tim] got his hands on some APA102 RGB LEDs, which are similar in function to the common WS2812 addressable LEDs seen in many projects we’ve featured. The advantage of APA102 LEDs is that they don’t have the strict timing requirements of the WS2812. These LEDs are controlled with a SPI bus that can be clocked at any arbitrary rate, making them easy to use with pretty much any microcontroller or embedded system.

After working with the LEDs, [Tim] discovered that the LEDs function a bit differently than the datasheet led him to believe. [Tim] controlled a strand of APA102 LEDs with an ATtiny85 and connected a logic analyzer between some of the LEDs. He discovered that the clock signal of the SPI interface isn’t just passed through each LED, it actually looks like it’s inverted on the output. After some investigation, [Tim] found that the clock signal is delayed by a half period (which looks like an inversion) before it’s passed to the next LED. This gives the next LED in the strand enough time for data on the data line to become valid before latching it in.

Since the clock is delayed, [Tim] discovered that additional bits must be clocked as an “end frame” to generate clock signals which propagate the remaining data to the end of the strand. Although the datasheet specifies a 32-bit end frame, this only works for strings of up to 64 LEDs. More bits must be added to the end frame for longer strands, which the datasheet doesn’t even mention. Check out [Tim]’s post for more information, where he walks you through his logic analysis of the APA102 LEDs.

12 Mbps Communication Between A PC And MCU

December 9, 2014 by 31 Comments

The world of hobby electronics have only started putting USB in projects for the last few years, and right now, pushing 1.5 Mbps down a USB port is good enough for most cases. This isn’t true for all cases; that’s a terrible data rate, really, and to get the most out of a USB connection, you can at least move up to USB Full Speed and 12 Mbps.

[Linas] is using the STM32F4 microcontroller for this example, an extremely large and very capable chip. [Linas] is using FTDI’s FT2232D USB UART to send data from an SPI port over USB. This chip does support 12 Mbps, but only after a few additions; an external EEPROM must be connected to the FTDI chip to provide a USB 2.0 device descriptor, otherwise the connection between the microcontroller and a computer is limited to 1.5 Mbps. Even using the USB on the STM32 would be a bottleneck in this case; [Linas] is moving data out of the processor using only the DMA controller – using the USB on the STM32 would eat up processor cycles in the microcontroller.

Thanks to the DMA controller inside the STM32, the microcontroller is capable of sending and receiving data through SPI at the same time. The STM32 is capable of reading and writing to the Tx and Rx buffer at the same time, but the computer is only capable of half-duplex operation – it can only read or write at any one time. [Linas] is setting up the DMA controller on the STM32 as a circular mode, putting everything in the buffer into the FTDI chip, and reading everything sent from the computer back into the STM32’s memory. After counting off the correct number of packets. the controller resets everything, moves the circular buffer back to the beginning, and starts the whole process over again.

The circuit was prototyped with an STM Discovery board. With Labview, [Linas] can see the bits coming out of the microcontroller, and send some bits back to the micro over USB. [Linas] has an extraordinarily detailed video tutorial on this project. You can check that out below.

Continue reading “12 Mbps Communication Between A PC And MCU”