Dig Into The Apple Device Design Guide

December 29, 2017 by Roger Cheng 8 Comments

Millions of people worldwide have just added new Apple gadgets to their lives thanks to the annual end of December consumerism event. Those who are also Hackaday readers are likely devising cool projects incorporating their new toys. This is a good time to remind everybody that Apple publishes information useful for such endeavors: the Accessory Design Guidelines for Apple Devices (PDF).

This comes to our attention because [Pablo] referenced it to modify an air vent magnet mount. The metal parts of a magnetic mount interferes with wireless charging. [Pablo] looked in Apple’s design guide and found exactly where he needed to cut the metal plate in order to avoid blocking the wireless charging coil of his iPhone 8 Plus. What could have been a tedious reverse-engineering project was greatly simplified by Reading The… Fine… Manual.

Apple has earned its reputation for hacker unfriendliness with nonstandard fasteners and liberal use of glue. And that’s even before we start talking about their digital barriers. But if your project doesn’t involve voiding the warranty, their design guide eliminates tedious dimension measuring so you can focus on the fun parts.

This guide is packed full of dimensioned drawings. A cursory review shows that they look pretty good and aren’t terrible at all. Button, connector, camera, and other external locations make this an indispensable tool for anyone planning to mill or print an interface for any of Apple’s hardware.

So let’s see those projects! Maybe a better M&M sorter. Perhaps a time-lapse machine. Or cure your car’s Tesla envy and put a well-integrated iPad into the dashboard.

Face ID Defeated With 3D Printed Mask (Maybe)

November 14, 2017 by Tom Nardi 44 Comments

Information about this one is still tricking in, so take it with a grain of salt, but security company [Bkav] is claiming they have defeated the Face ID system featured in Apple’s iPhone X [Dead link, try the Internet Archive]. By combining 2D images and 3D scans of the owner’s face, [Bkav] has come up with a rather nightmarish creation that apparently fools the iPhone into believing it’s the actual owner. Few details have been released so far, but a YouTube video recently uploaded by the company does look fairly convincing.

For those who may not be keeping up with this sort of thing, Face ID is advertised as an improvement over previous face-matching identification systems (like the one baked into Android) by using two cameras and a projected IR pattern to perform a fast 3D scan of the face looking at the screen. Incidentally, this is very similar to how Microsoft’s Kinect works. While a 2D system can be fooled by a high quality photograph, a 3D based system would reject it as the face would have no depth.

[Bkav] is certainly not the first group to try and con Apple’s latest fondle-slab into letting them in. Wired went through a Herculean amount of effort in their attempt earlier in the month, only to get no farther than if they had just put a printed out picture of the victim in front of the camera. Details on how [Bkav] managed to succeed are fairly light, essentially boiling down to their claim that they are simply more knowledgeable about the finer points of face recognition than their competitors. Until more details are released, skepticism is probably warranted.

Still, even if their method is shown to be real and effective in the wild, it does have the rather large downside of requiring a 3D scan of the victim’s face. We’re not sure how an attacker is going to get a clean scan of someone without their consent or knowledge, but with the amount of information being collected and stored about the average consumer anymore, it’s perhaps not outside the realm of possibility in the coming years.

Since the dystopian future of face-stealing technology seems to be upon us, you might as well bone up on the subject so you don’t get left behind.

Thanks to [Bubsey Ubsey] for the tip.

Continue reading “Face ID Defeated With 3D Printed Mask (Maybe)” →

Bringing Back The IPhone7 Headphone Jack

September 7, 2017 by Adam Fabio 96 Comments

Plenty of people bemoaned Apple’s choice to drop the 1/8″ headphone jack from the iPhone 7. [Scotty Allen] wasn’t happy about it either, but he decided to do something about it: he designed a custom flex circuit and brought the jack back. If you don’t recognize [Scotty], he’s the same guy who built an iPhone 6 from parts obtained in Shenzhen markets. Those same markets were now used to design, and prototype an entirely new circuit.

The iPhone 7 features a barometric vent, which sits exactly where the headphone jack lived in the iPhone 6. The vent helps the barometric pressure sensor obtain an accurate reading while keeping the phone water proof. [Scotty] wasn’t worried about waterproofing, as he was cutting a hole through the case. The vent was out, replaced with a carefully modified headphone jack.

The next step was convincing the phone to play analog signals. For this, [Scotty] used parts from Apple’s own headphone adapter. The hard part was making all of this work and keeping the lightning port available. The key was a digital switch chip. Here’s how the circuit works:

When no headphone is plugged in, data is routed from the iPhone’s main board to the lightning port. When headphones are plugged in, the data lines are switched to the headphone adapter. Unfortunately, this means the phone can’t play music and charge at the same time — that is something for version 2.0.

The real journey in this video is watching [Scotty] work to fit all these parts inside an iPhone case. The design moved from a breadboard through several iterations of prototype printed circuit boards. The final product is built using a flexible PCB – the amber-colored Kapton and copper sandwiches that can be found in every mobile device these days.

Making everything fit wasn’t easy. Two iPhone screens perished in the process. But ultimately, [Scotty] was successful. He’s open sourced his design so the world can build and improve on it.

Want to read more about the iPhone 7 and headphone jacks? Check out this point and counterpoint. we published on the topic.

Continue reading “Bringing Back The IPhone7 Headphone Jack” →

Apple’s Secure Enclave Processor (SEP) Firmware Decrypted

August 18, 2017 by Jack Laidlaw 14 Comments

The decryption key for Apple’s Secure Enclave Processor (SEP) firmware Posted Online by self-described “ARM64 pornstar” [xerub]. SEP is the security co-processor introduced with the iPhone 5s which is when touch ID was introduced. It’s a black box that we’re not supposed to know anything about but [xerub] has now pulled back the curtain on that.

The secure enclave handles the processing of fingerprint data from the touch ID sensor and determines if it is a match or not while it also enables access for purchases for the user. The SEP is a gatekeeper which prevents the main processor from accessing sensitive data. The processor sends data which can only be read by the SEP which is authenticated by a session key generated from the devices shared key. It also runs on its own OS [SEPOS] which has a kernel, services drivers and apps. The SEP performs secure services for the rest of the SOC and much more which you can learn about from the Demystifying the Secure Enclave Processor talk at Blackhat

[xerub] published the decryption keys here. To decrypt the firmware you can use img4lib and xerub’s SEP firmware split tool to process. These tools make it a piece of cake for security researchers to comb through the firmware looking for vulnerabilities.

Charge Your Phone On An Iron Throne

July 20, 2017 by Adam Fabio 8 Comments

Game of Thrones season 7 is finally here! [Hoecrux] is celebrating by building a GoT inspired cell phone charger. No, this isn’t a 3D print, nor is it vacuum molded. This iron throne was hand made from hundreds of cocktail swords. The frame of the chair is made from medium density fiberboard (MDF). The frame is covered with upholstery foam, then a layer of thin gray foam which forms the surface of the chair.

[Hoecrux] then began the painstaking process of hot gluing 600 cocktail swords to her creation. Each sword had to be modified by cutting off the loop guard. Some of the swords are bent, which was achieved with a heat gun. The completed chair was finished with a coat of black spray paint, followed by dry brushing with acrylic silver paint.

This particular iron throne charger is built for an android phone. [Hoecrux] embedded a micro USB cable in the base of the seat. If you’re of the iOS persuasion, you can substitute a lightning cable.

Check out the video after the link, and while you’re at it, get a look at this beach ready solar charger setup.

Continue reading “Charge Your Phone On An Iron Throne” →

Hacking IBeacons For Automating Routines

July 17, 2017 by Inderpreet Singh 17 Comments

Every self-respecting hacker has an automation hack somewhere in his/her bag of tricks. There are a lot of modern-day technologies that facilitate the functionality like GPS, scripting apps, and even IFTTT. In an interesting hack, [Nick Lee] has combined iBeacons and a reverse engineered Starbucks API to create an automated morning routine.

By creating a mobile app that scans for iBeacons, [Nick Lee] was able to reduce the effort made every morning while heading to his office. When the app encounters a relevant beacon, a NodeJS app sitting in the cloud is triggered. This consequently leads to desired actions like ordering an Uber ride and placing an order for an iced latte.

[Nick Lee] shares the code for the Starbucks application on GitHub for anyone who wants to order their favorite cup of joe automatically. This project can be easily expanded to work with GPS or even RFID tags and if you feel like adding IoT to a coffee machine, you could automate all of your beverage requirements in one go.

Siri Controls Your PC Through Python And Gmail

April 27, 2017 by Lewin Day 8 Comments

Voice-based assistants are becoming more common on devices these days. Siri is known for being particularly good at responding to natural language and snarky responses. In comparison, Google’s Assistant is only capable of the most obvious commands, and this writer isn’t even sure Microsoft’s Cortana can understand English at all. So it makes sense then, if you want voice control for your PC, to choose Siri as your weapon of choice. [Sanjeet] is here to help, enabling Siri to control a PC through Python.

The first step is hooking up the iPhone’s Notes app to a Gmail account. [Sanjeet] suggests using a separate account for security reasons, as you’ll need to place the username and password in a Python script. The Python script checks the Gmail account every second, looking for new Notes from the iPhone. Then, it’s as simple as telling Siri to make a Note (for example, “Siri, Note shutdown”) and the Python script can then pick up the command, and act accordingly.

It’s a quick and easy way to get Siri to do your bidding. There’s other fancy ways to do it, too — like capturing Siri’s WiFi data on your home network.