A Hacker’s Introduction To DIY Light Guide Plates

March 13, 2023 by 34 Comments

Last year, I found myself compelled to make a scaled-down replica of the iconic test chamber signs from the video game Portal. If you’ve played the game, you’ll remember these signs as the illuminated monoliths that postmarked the start of every test chamber. In hyperstylized video game fashion, they were also extremely thin.

Stay tuned for cake at the end of this article.

True to the original, my replica would need to be both slimmed down and backlit with a uniform, natural white glow. As fate would have it, the crux of this project was finding a way to do just that: to diffuse light coming in from the edges so that it would emit evenly from the front.

What I thought would be quick project ended up being a dive down the rabbit hole that yielded some satisfying results. Today, I’d like to share my findings and introduce you to light guide plates, one of the key building blocks inside of much of today’s backlit screen technology. I’ll dig into the some of the working principles, introduce you to my homebrew approach, and leave you with some inspirational source code to go forth and build your own. Continue reading “A Hacker’s Introduction To DIY Light Guide Plates”

Breaking Into The Nintendo DSi Through The (Browser) Window

March 13, 2023 by 9 Comments

The Nintendo DSi was surpassed by newer and better handhelds many years ago, but that doesn’t stop people like [Nathan Farlow] from attempting to break into the old abandoned house through a rather unexpected place: the (browser) window.

When the Nintendo DSi was released in 2008, one of its notable features was a built-in version of the Opera 9.50 web browser. [Nathan] reasoned an exploit in this browser would be an ideal entry point, as there’s no OS or kernel to get past — once you get execution, you control the system. To put this plan into action, he put together two great ideas. First he used the WebKit layout tests to get the browser into weird edge cases, and then tracked down an Windows build of Opera 9.50 that he could run on his system under WINE. This allowed him to identify the use-after-free bugs that he was looking for.

Now that he had an address to jump to, he just had to get his code into the right spot. For this he employed what’s known as a NOP sled; basically a long list of commands that do nothing, which if jumped into, will slide into his exploit code. In modern browsers a good way to allocate a chunk of memory and fill it would be a Float32Array, but since this is a 2008 browser, a smattering of RGBA canvases will do.

The actual payload is designed to execute a boot.nds file from the SD card, such as a homebrew launcher. If you want to give it a shot on your own DSi, all you need to do is point the system’s browser to stylehax.net.

If you’re looking for a more exotic way to crack into a DSi, perhaps this EM glitching attack might tickle your fancy?

Continue reading “Breaking Into The Nintendo DSi Through The (Browser) Window”

AI And Savvy Marketing Create Dubious Moon Photos

March 13, 2023 by 48 Comments

Taking a high-resolution photo of the moon is a surprisingly difficult task. Not only is a long enough lens required, but the camera typically needs to be mounted on a tracking system of some kind, as the moon moves too fast for the long exposure times needed. That’s why plenty were skeptical of Samsung’s claims that their latest smart phone cameras could actually photograph this celestial body with any degree of detail. It turns out that this skepticism might be warranted.

Samsung’s marketing department is claiming that this phone is using artificial intelligence to improve photos, which should quickly raise a red flag for anyone technically minded. [ibreakphotos] wanted to put this to the test rather than speculate, so a high-resolution image of the moon was modified in such a way that most of the fine detail of the image was lost. Displaying this image on a monitor, standing across the room, and using the smartphone in question reveals details in the image that can’t possibly be there.

The image that accompanies this post shows the two images side-by-side for those skeptical of these claims, but from what we can tell it looks like this is essentially an AI system copy-pasting the moon into images it thinks are of the moon itself. The AI also seems to need something more moon-like than a ping pong ball to trigger the detail overlay too, as other tests appear to debunk a more simplified overlay theory. It seems like using this system, though, is doing about the same thing that this AI camera does to take pictures of various common objects.

Flipper Zero Mayhem Hat Adds Camera, More Radios

March 12, 2023 by 28 Comments

For a device advertised as the “Multi-tool Device for Hackers”, the Flipper Zero already offers a considerable list of onboard capabilities. But some hard decisions had to be made to get the retail price down, so features like WiFi and Bluetooth had to be left off. Luckily, there’s an expansion interface along the top of the device which makes it possible to plug in additional hardware.

One of those expansions is the “Mayhem Hat” from [Erwin Ried]. This board adds many requested features to the Flipper Zero, as well as some that might not seem as obvious. The addition of an ESP32-CAM brings WiFi and Bluetooth to the party, while also unlocking access to the highly-capable ESP32Marauder firmware and the plethora of security research tools therein.

But the camera also enables some interesting features, such as motion detection and the ability to read QR codes. It even lets you use the Flipper as an impromptu digital camera, complete with an onscreen viewfinder reminiscent of the Game Boy Camera.

What’s more, the Mayhem Hat features its own expansion capabilities. There’s a spot to plug in either a CC1101 or NRF24l01 radio module, both of which are supported by community developed plugins that allow the user to sniff out and hijack signals. There are also extra pins for connecting your own sensors or hardware. In the demo video below you can see the device automatically detect the popular DHT11 environmental sensor and display the current temperature and humidity readings.

[Erwin] has the Mayhem Hat up for sale on Tindie, but as of this writing, is currently out of stock. Apparently, demand for the add-on boards is just as high as for the Flipper Zero itself — not a huge surprise, given the excitement we saw around this platform during its $4.8 million Kickstarter campaign.

Continue reading “Flipper Zero Mayhem Hat Adds Camera, More Radios”

Efficient X86_64 Emulation With Box86

March 12, 2023 by 5 Comments

Running applications on a different architecture than the one for which they were compiled is a common occurrence, not in the least with Apple’s architectural migration every decade or so. It’s also commonly used with for example ARM, OpenRISC, and RISC-V systems to run applications that are only available for x86 or x86_64. While QEMU and kin are often used here, they’re pretty resource heavy, which is where an option like Box86 and its 64-bit sibling Box64 are attractive options. Unlike QEMU, both offer dynamic recompilation and redirection of dynamic library calls to native libraries, including those for SDL and OpenGL.

Both are available on GitHub under an MIT license, with Box64 probably the most interesting these days as applications and games have moved on to a 64-bit only world. The only hard requirement that Box64 has for a host system is that it is little-endian, which is a pretty easy requirement to meet. The most recent release was on March 10th, with Box86 0.3 and Box64 0.2.2. As essentially a translation layer, it does not offer full compatibility with every bit of software out there, but it’s already good enough to run Steam, GoG, and Epic Game Store clients and install and run Windows games via Wine for x86.

A simple set of benchmarks comparing it with QEMU and FEX (another emulator) shows it to run both more applications, and with significantly better performance.

Hackaday Links Column Banner

Hackaday Links: March 12, 2023

March 12, 2023 by 38 Comments

With a long history of nearly universal hate for their products, you’d think printer manufacturers would by now have found ways to back off from the policies that only seem to keep aggravating customers. But rather than make it a financially wiser decision to throw out a printer and buy a new one than to buy new ink cartridges or toners, manufacturers keep coming up with new and devious ways to piss customers off. Case in point: Hewlett-Packard now seems to be bricking printers with third-party ink cartridges. Reports from users say that a new error message has popped up on screens of printers with non-HP cartridges installed warning that further use of the printer has been blocked. Previously, printers just warned about potential quality issues from non-HP consumables, but now they’re essentially bricked until you cough up the money for legit HP cartridges. Users who have contacted HP support say that they were told the change occurred because of a recent firmware update sent to the printer, so that’s comforting.

Continue reading “Hackaday Links: March 12, 2023”

A Parts Bin Cyberdeck Built For Satellite Hacking

March 12, 2023 by 10 Comments

While there’s little in the way of hard rules dictating what constitutes a cyberdeck, one popular opinion is that it should be a piecemeal affair — a custom rig built up of whatever high-tech detritus the intrepid hacker can get their hands on, whether it be through trades or the time-honored tradition of dumpster diving. It should also be functional, and ideally, capable of some feats which would be difficult to accomplish with a garden variety laptop.

If you’re looking for an example that embraces these concepts to the fullest, look no further than the Spacedeck built by [saveitforparts]. Combining a touch screen all-in-one computer pulled from a police cruiser in the early 2000s, an RTL-SDR, and the contents of several parts bins, the rig is designed to work in conjunction with his growing collection of motorized satellite dishes to sniff out signals from space.

As you can see in the build video below, the design for this mobile satellite hacking station was originally very different, featuring considerably more modern hardware with all the buzzword interfaces and protocols you’d expect. But [saveitforparts] couldn’t get all the parts talking satisfactorily, so he went in the closet and dug out one of the surplus police terminals he’d picked up a while back.

He didn’t have the appropriate connector to power the machine up, but by cracking open the case and tracing out the wires, he figured out where he needed to inject the 12 V to get it spun up. From there he installed a new Mini PCI WiFi adapter, loaded up an era-appropriate build of Linux, and got the standard software-defined radio tools up and running.

What really sets this build apart are the two custom panels. The top one offers access to the various ports on the computer, as well as provides a sort of switchboard that connects the RTL-SDR to various onboard filters. The lower panel includes the hardware and controls necessary to aim different styles of motorized satellite dishes, as well as a USB hub and connector that leads into a commercial satellite meter tucked into the case.

At the end of the video [saveitforparts] demonstrates the various capabilities of the Spacedeck, such as the ability to pull in imagery from weather satellites. Considering the sort of satellite sniffing we’ve seen him pull off in the past, we have no doubt this machine is going to be listening in on some interesting transmissions before too long.

Continue reading “A Parts Bin Cyberdeck Built For Satellite Hacking”