Listening To Mains Power, Part 2

The electricity on the power grid wherever you live in the world will now universally come to you as AC. That is to say that it will oscillate between positive and negative polarity many times every second. The frequency of 50 or 60Hz just happens to be within the frequency range for human hearing. There’s a lot more than this fundamental frequency in the spectrum on the power lines though, and to hear those additional frequencies better you’ll have to do a little bit of signal processing.

We first featured this build back when it was still in its prototyping phase, but since then it’s been completed and used successfully to find a number of anomalies on the local power grid. It takes inputs from the line, isolates them, and feeds them into MATLAB via a sound card where they can be analyzed for frequency content. It’s been completed, including a case, and there are now waterfall diagrams of “mystery” switching harmonics found with the device, plus plots of waveform variation over time. There’s also a video below that has these harmonics converted to audio so you can hear the electricity.

Since we featured it last, [David] also took some feedback from the comments on the first article and improved isolation distances on his PCB, as well as making further PCB enhancements before making the final version. If you’ve ever been curious as to what you might find on the power lines, be sure to take a look at the updates on the project’s page.

Continue reading “Listening To Mains Power, Part 2”

Years Don’t Dim The Shine of These Curious Gadgets

[Maarten Tromp] recently took the time to document some of the unusual and creative electronic projects he received as gifts over the years. These gadgets were created in the early 2000’s and still work flawlessly today. Two of our favorites are shown here: Hardware Tetris Unit (shown in the image above) and Heap of Electronic Parts.

The “Heap of Electronic Parts” makes sounds when in sunlight.

Heap of Electronic Parts was a kind of hardware puzzle and certainly lives up to its name. It’s a bunch of parts soldered in a mystifying way to the backs of four old EPROMs — the chips with the little window through which UV is used to erase the contents. Assured that the unit really did have a function, [Maarten] eventually figured out that when placed in sunlight, the device ticks, buzzes, and squeals. [Jeroen] had figured out that the EPROMs could act like tiny solar cells when placed in sunlight, and together the four generate just enough power to drive an oscillator connected to a piezo speaker. It still chirps happily away, even today.

Hardware Tetris plays in a terminal window.

Hardware Tetris Unit was a black box intended to be plugged into a serial port. With a terminal opened using the correct serial port settings, a fully-functional Tetris game using ASCII-art graphics could be played. It was even self-powered from the serial port pins.

Inside Hardware Tetris is an AVR microcontroller with some level shifters, and the source code and schematics are available for download. 14 years later, computers no longer have hardware serial ports but [Maarten] says a USB-to-serial converter worked just fine and the device still functions perfectly.

There are a couple more devices documented on [Maarten]’s gifts page, including a Zork-inspired mini text adventure and a hardware board that does some trippy demos on an old Nokia color LCD.  [Maarten]’s friend [Jeroen Domburg] (aka Sprite_tm) had a hand in creating most of the gadgets, and he’s someone whose brilliant work we have had the good fortune to feature many times in the past.

Blowing the Dust off of an IBM AS/400 Server

If you’ve never seen an IBM AS/400 machine, don’t feel bad. Most people haven’t. Introduced in 1988 as a mid-range server line, it used a unique object-based operating system and was geared specifically towards business and enterprise customers. Unless you’re a particularly big fan of COBOL you probably won’t have much use for one today, but that doesn’t mean they aren’t worth playing around with if the opportunity presents itself.

So when a local IT company went belly up and was selling their old hardware, including a late 90’s era IBM AS/400e Series, [Rik te Winkel] jumped at the chance to take this unique piece of computing history home. He knew it was something of a risk, as maintenance and repair tasks for these machines were intended to be done by IBM certified technicians rather than the DIYer, leaving little in the way of documentation or even replacement parts. But in the end it worked out, and best of all, he documented the successful process of dragging this 90’s behemoth into the blinding light of the twenty-first century for all the world to see.

After getting the machine home and sitting through its thirty minute boot process, [Rik] was relieved to see the code 01 B N pop on the server’s display. This meant the system passed all the internal checks and was ready to go, he just had to figure out how to talk to the thing. Built to be a pure server, the machine didn’t offer any video output so he’d have to log into it over the network.

[Rik] noted that there was no new DHCP entry in his router for the server, but of course that was hardly surprising as the machine would have certainly had a static IP when it was in use. So he shut the server down, plugged it directly into his laptop’s Ethernet port, and watched the output of Wireshark as it went through its arduous boot sequence. Eventually he started to pick up packets coming from the IP address 10.10.10.9, and he had his target.

There are a few clients out there that allow you to remotely log into an AS/400, so he downloaded one and pointed it to the server’s IP. He was surprised to see the operating system was apparently in Dutch, but at least he was in. He tried a few common usernames and passwords, helped along by the fact that this OS from a somewhat more innocent era will actually tell you if you have the username right or wrong, and eventually managed to hack the Gibson with the classic admin/admin combo.

So he was in, but now what? [Rik] decided that he couldn’t truly call this machine bested until he could pull up the Hackaday Retro Edition, so he started work on writing a program to let him pull down the page directly on the AS/400 in IBM’s proprietary Report Program Generator (RPG) programming language. You know, as one does. He didn’t quite feel up to writing a whole HTML parser, but he got as far as generating a HTTP GET request, downloading the page’s source, and opening it up as a local file. That’s good enough for us.

Our very own [Al Williams] documented his adventures poking around an Internet-connected AS/400 machine, which might serve as a helpful primer if you ever find one of these delightfully oddball computers kicking around the local recycling center.

Program This Badge in Lisp

This hardware badge is a computer programmed with Lisp. You can write your own programs right on the badge using the built-in keyboard, as long as you know Lisp.

If there’s one thing we really like to see, it’s people advancing their own projects based on inspiration from others. The Lisp Badge by [David Johnson-Davies] is a perfect example. With an interface inspired by [Voja Antonic’s] hardware design for the 2018 Hackaday Belgrade Conference Badge, this version is an upgrade of an earlier single-board Lisp machine, now sporting an integrated keyboard.

Unlike the Belgrade badge, which is programmed in BASIC, this new badge is programmed in uLisp, a subset of common lisp designed for microcontrollers. Let’s face it, BASIC is retro, but Lisp is even more so, only pre-dated by FORTRAN as the oldest high-level language. So, if you’re into retro-style programming on small devices (physically small, that is), you should consider building one of these.

A 16 MHz ATmega 1284P serves as the badge’s brain, allowing storage for 2,816 Lisp cells, while the 256×64 pixel OLED display shows 8 lines of 42 characters in 16 gray levels. A full complement of I/O connections includes four analog inputs, two analog outputs, I2C, SPI, serial, and a handful of GPIOs for interfacing with just about anything. Power comes from a LiPO battery, which at a nominal voltage of 3.7 V doesn’t quite meet the datasheet requirements for running the processor at 16 MHz, although it seems to work fine in practice. Really cautious builders could opt for a 12 MHz crystal transplant to avoid any possibility of problems.

The keyboard layout is optimized for uLisp programming: unnecessary keys have been removed and the all-important parenthesis are afforded their own dedicated keys on the bottom row. This is presumably for convenience of use, but we suspect this will also make it easier to replace the parenthesis key switches when they inevitably wear out from overuse [obligatory Lisp/parenthesis joke].

As far as entering uLisp programs, you can simply use the keyboard. The built-in editor buffers a full screen of text, and includes parenthesis matching that highlights each pair as you type. We’re guessing that we won’t see Emacs implemented in the near future, so this bracket management is a great feature for a badge-based editor. If you find the keyboard difficult to type on, you can also enter programs over the serial port.

The other thing we really like to see is open-source projects. [David] doesn’t let us down on this point, either. The Eagle design files for the PCB as well as the source code for the badge are available on GitHub. The PCB is also shared on OSH Park, and there are detailed instructions for installing the bootloader and uploading the code.

If programmable badges is your thing, also check out the 2018 Hackaday Supercon Badge, the successor the Belgrade design.

Thanks to [Sven] for the tip!

BSD Breathes New Life Into Obsolete Equipment

An old laptop or desktop computer that’s seen better days might still have a little bit of use left in it for a dedicated task. Grabbing a lightweight flavor of Linux and running a web server, firewall, or Super Nintendo emulator might get a few more years out of it. You can also get pretty creative repurposing obsolete single purpose  machines, as [Kristjan] did with some old Cisco server equipment.

The computer in question isn’t something commonly found, either. It’s an intrusion detection system meant to mount in a server rack and protect the server itself from malicious activity. While [Kristjan] mentions that Cisco equipment seems to be the definition of planned obsolescence, we think that this Intel Celeron machine with an IDE hard drive may have gone around the bend quite some time ago. Regardless, it’s modern enough to put back to work in some other capacity.

To that end, a general purpose operating system was installed, and rather than use Linux he reached for BSD to get the system up and running. There’s one other catch, though, besides some cooling issues. Since the machine was meant to be used in a server, there’s no ACPI which means no software shutdown capability. Despite all the quirks, you can still use it to re-implement a network security system if you wanted to bring it full-circle.

Add A Trackpoint To A Mechanical Keyboard

People love their tech, and feel like something’s missing when it’s not there. This is the story of one person’s desire to have the venerable trackpoint in their new keyboard.

[Klapse] loves a Lenovo old-style non-chicklet keyboard, so, despite the cost, five were ordered. They very quickly ended up with keys that didn’t work, although the trackpoints still did. After buying a sixth which ended up the same, [Klapse] decided that maybe giving up on the Lenovo keyboards was the best idea. A quick stop at a local store scored a fill-in mechanical keyboard, but in the back of [klapse]’s mind the need for a trackpoint remained. Maybe one could be frankensteined in to the keyboard that was just purchased?

Underside of the trackpoint, fitted to the keyboard PCB

The keyboard’s circuit board had traces everywhere, with nowhere to drill through between the correct keys, typically between the G, H and Y keys. But there was a hole used for mounting the PCB nearby. between the H, J, U and Y keys. The trackpoint needed to be extended to reach all the way through the key caps, so [klapse] searched the house looking for something that might do. Turns out that a knitting needle fits perfectly.

At this point a side-hack emerged. [Klapse] found a drill bit small enough to make the necessary hole in the trackpoint shaft to fit the needle. But the bit was too small for the drill chuck. In true hacking style, the bit was wrapped with duct tape and held in the drill. Sure, it wobbled a lot and it was really difficult to get it to drill in the center of the shaft, but it worked, eventually. The needle was cut off and glued into the hole, the key caps were modified a bit to allow the trackpoint through and the rubber tip put back on.

They say, “desire to cram old tech into new is the mother of invention.” Or something similar, anyway. Check out how a Teensy liberated a Lenovo laptop keyboard trackpoint and all. Also, check out this custom keyboard with integrated trackpoint, of course.

Peering Into a Running Brain: SDRAM Refresh Analyzed from Userspace

Over on the Cloudflare blog, [Marek] found himself wondering about computer memory, as we all sometimes do. Specifically, he pondered if he could detect the refresh of his SDRAM from within a running program. We’re probably not ruining the surprise by telling you that the answer is yes — with a little more than 100 lines of C and help from our old friend the Fast Fourier Transform (FFT), [Marek] was able to detect SDRAM refresh cycles every 7818.6 ns, lining right up with the expected result.

The “D” in SDRAM stands for dynamic, meaning that unless periodically refreshed by reading and writing, data in the memory will decay. In this kind of memory, each bit is stored as a charge on a tiny capacitor. Given enough time (which varies with ambient temperature), this charge can leak away to neighboring silicon, turning all the 1s to 0s, and destroying the data. To combat this process, the memory controller periodically issues a refresh command which reads the data before it decays, then writes the data back to fully charge the capacitors again. Done often enough, this will preserve the memory contents indefinitely. SDRAM is relatively inexpensive and available in large capacity compared to the alternatives, but the drawback is that the CPU can’t access the portion of memory being refreshed, so execution gets delayed a little whenever a memory access and refresh cycle collide.

Chasing the Correct Hiccup

[Marek] figured that he could detect this “hiccup,” as he calls it, by running some memory accesses and recording the current time in a tight loop. Of course, the cache on modern CPUs would mean that for a small amount of data, the SDRAM would never be accessed, so he flushes the cache each time. The source code, which is available on GitHub, outputs the time taken by each iteration of the inner loop. In his case, the loop typically takes around 140 ns.

Hurray! The first frequency spike is indeed what we were looking for, and indeed does correlate with the refresh times.

The other spikes at 256kHz, 384kHz, 512kHz and so on, are multiplies of our base frequency of 128kHz called harmonics. These are a side effect of performing FFT on something like a square wave and totally expected.

As [Marek] notes, the raw data doesn’t reveal too much. After all, there are a lot of things that can cause little delays in a modern multitasking operating system, resulting in very noisy data. Even thresholding and resampling the data doesn’t bring refresh hiccups to the fore. To detect the SDRAM refresh cycles, he turned to the FFT, an efficient algorithm for computing the discrete Fourier transform, which excels at revealing periodicity. A few lines of python produced the desired result: a plot of the frequency spectrum of the lengthened loop iterations. Zooming in, he found the first frequency spike at 127.9 kHz, corresponding to the SDRAMs refresh period of 7.81 us, along with a number of other spikes representing harmonics of this fundamental frequency. To facilitate others’ experiments, [Marek] has created a command line version of the tool you can run on your own machine.

If this technique seems familiar, it may be because it’s similar the the Rowhammer attack we covered back in 2015, which can actually change data in SDRAM on vulnerable machines by rapidly accessing adjacent rows. As [Marek] points out, the fact that you can make these kinds of measurements from a userspace program can have profound security implications, as we saw with the meltdown and spectre attacks. We have to wonder what other vulnerabilities are lying inside our machines waiting to be discovered.

Thanks to [anfractuosity] for the tip!