Reverse Engineering Apple’s Lightning Connector

Introduced with the iPhone 5 nearly two and a half years ago, Apple’s Lightning connector has stymied the incredible homebrew electronics scene that was previously accustomed to the larger, older, better documented, and more open 30-pin connector. Now, finally, the protocols inside the Apple Lightning connector have been broken. We’re still a ways off from a Lightning breakout board, but this is the first proof that a serial console can be obtained through a Lightning connector. That’s the first step to totally owning an iDevice, and this is how all those exploits will start.

[Ramtin Amin] began the teardown of the Lightning connector began as most reverse engineering tasks should – looking at the patents, finding a source for the connectors, and any other products that use similar hardware. [Ramtin] found a Lightning to Serial converter powered by an STM32 microcontroller. Disassembling the firmware and looking at the output on a logic analyzer, [Ramtin] figured out part of the protocol, most of the wiring, and after some research, schematics for how an until-now unidentified chip in Lightning-enabled iProducts was wired.

The chip in question is colloquially known as the Tristar, and more accurately as a CBTL1608A1. During the teardown craze of the iPhone 5 launch, this chip was frequently identified as a DisplayPort Multiplexer. It is a mux, but not for DisplayPort – it’s only to connect the accessory (Lightning) UART, debug UART, baseband, SoC, and JTAG. This is the key to the castle, and being able to get through this chip means we can now own our iDevices.

The chip is an incredibly small BGA affair that [Ramtin] desoldered, reflowed onto a breakout board, and connected to an STM32 Discovery board. Using the techniques he used with other Lightning-enabled hardware, [Ramtin] was able to connect his iPhone and ever so slightly peek his head into the inner workings of his device.

It’s not complete control of an iDevice yet, but this is how all those future exploits will start. [Ramtin] uploaded a short video as a proof of concept, you can check that out below.

Continue reading “Reverse Engineering Apple’s Lightning Connector”

Clockety Uses Phone Flash For Projection Clock

[Gaurav Taneja] was showing off his projection clock add-on for iPhone called Clockety at this year’s Consumer Electronics Show. The concept is pretty neat, a clip-on clock which uses the iPhone flash LED as the light source. It may sound a little gimmicky until you see the functionality of the accompanying app which is shown off in the video after the break. Once clipped onto the phone, you lay it face down on your night stand and a gentle tap on the furniture will turn the projection on or off. This is a killer feature when you’re staying some place without an illuminated bedside clock.

Continue reading “Clockety Uses Phone Flash For Projection Clock”

Selfie-Bot

Selfie-Bots Will Take Your Best Shots For You

Professor [Bruce Land] teaches a microcontroller class at Cornell University, and it seems like this year’s theme was selfie-taking-robots.

First up is a clever mix of technology by [Han, Bihan and Chuan]. What happens when you take an iPhone, three microphones and a microcontroller? The ultimate device in selfie-taking-technology, that’s what — Clap-on! The iPhone is mounted on a few servo motors which allows the bot to direct the camera towards, you guessed it, a clapping noise. On the second clap, the phone takes your picture. Cute.

Next up is a bit more sophisticated — a facial recognition selfie-bot. This little robot can be programmed to track faces and take pictures of you and your friends when your arm is just not long enough. Not only that, you can set all kinds of parameters so you get the perfect picture. It uses OpenCV to crunch the raw data and outputs commands to an ATmega1284 which controls the servo motors that direct the camera. This project was by [Michael and Jennifer] — two fourth year students at Cornell.

Continue reading “Selfie-Bots Will Take Your Best Shots For You”

Real-Time Thermal Projection Saves Your Tastebuds From The Hot Stuff

With another wave of holiday parties about to land on our doorstep, we still haven’t found a great way to stop scalding our tongues each time [Uncle Dave] pours us an enticing cup of boiling cocoa.

Thankfully, [Ken] has both you and your holiday guests covered with a clever trick that takes the data from a FLIR ONE and projects a heat profile onto the surface it’s observing. Here, [Ken] has superimposed his FLIR ONE data onto his kitchen table, and he’s able to visualize 2D heat profiles in near-real-time.

If you haven’t started quantifying yourself recently (and what are you waiting for?), the FLIR ONE is yet another opportunity to help you become more aware of your surroundings than you are now. It’s a thermal camera attachment for your iPhone, allowing you to see into the infrared band and look at the world in terms of heat. We’ve covered the FLIR ONE before, and we’ve seen ways of making it both clearer and more hacker-friendly.

As we tip our hats to [Ken], we’d say he’s a generous fellow. This hack is a clever inversion of the normal use case where you might whip out your FLIR-ONE-enabled iPhone and warn your cousins not to try the hot chocolate for a few more minutes. With [Ken’s] solution, the data is right there on your condiments and in plain sight of everyone, not just for you with your sweet, Star-Trek-augmented iPhone.

Continue reading “Real-Time Thermal Projection Saves Your Tastebuds From The Hot Stuff”

Connected Thermostat

Raspberry PiPhone Thermostat Monitors Your Entire House — Or At Least That’s The Plan

[Jeff McGehee] or how he likes to be known, [The Nooganeer] just finished his first big tech project after finishing grad school. It’s a connected thermostat that makes use of his old iPhone 4, and a Raspberry Pi.

Ever since [The Nooganeer] bought his first home with his wife back in the spring of 2014, he’s had ever consuming dream of adding home automation to every appliance. As he puts it…

Home automation has always been a fascination of mine.  How much time and irritation would I save if I didn’t have to worry about turning things on and off, or wonder in which state they were left?  How much more efficient would my home be?  Wouldn’t it be cool to always know the state of every power consumer in my home, and then be able to record and analyze that data as well?

His first challenge was making a smart thermostat — after all, heating and cooling your house typically takes the most energy. Having used a Raspberry Pi before he figured it would be the best brain for his system. After researching a bit about HVAC wiring, [The Nooganeer] settled on a Makeatronics Solid State Relay board to control the HVAC. This allows him to use the GPIO’s on the Raspberry Pi in order to control the furnace and AC unit.  Continue reading “Raspberry PiPhone Thermostat Monitors Your Entire House — Or At Least That’s The Plan”

iPhone trace repair

Using The Wrong Screw: A Painful Lesson In IPhone Repair

If you’ve ever had to repair an iPhone for a friend, you’ll know they have a ridiculous number of screws. Most companies standardize screws in their products, but since Apple doesn’t expect you to fix a phone yourself… they may have let this one slide.

You see, each of these screws is different.iPhone screws The red ones are 1.7mm long, the yellow one, 1.3mm, and the orange one, 1.2mm.

Guess what happens if you install either red or yellow screws into the orange spot, since your eyesight isn’t good enough to notice a 0.1mm difference? The screw will cut into the PCB and break several 50 micron traces, as shown in the picture above, causing a blue screen error on the phone.

Fun stuff.

[Sam Schmidt] is the owner of a repair outfit called iRepairNational, and he and his team spent a day trying to figure out the problem – it’s not exactly easy to spot. They’ve managed to repair it by cutting thin strips  of copper foil (the width of a human hair) and floating it into place using the surface tension of the flux they were using for soldering. On average it takes them around 2 hours to do the repair, though they’ve done a few in just under an hour.

Since discovering and sharing the problem, they’ve had customers around the world sending in phones for repair – often at the fault of someone else trying to repair something completely different in the phone, and then using the wrong screw as they put it all back together.

Counterfeit Apple Charger

More Counterfeit Apple Chargers Than You Can Shake An IPod At

Phones, MP3 players, designer bags, artwork, money…. anything with value will bring out the counterfeiters looking to make a quick buck. Sometimes the product being counterfeited isn’t even necessarily expensive. For example, an Apple iPad Charger. [Ken Shirriff] got a hold of a counterfeit iPad Charger, took it apart, and did some testing.

So why would someone buy a counterfeit product? To save some money! The counterfeits are usually cheaper to reel the potential buyer in thinking they are getting a deal. In this case, the Apple product costs $19 and the knock-off is $3, that’s a huge difference.

Continue reading “More Counterfeit Apple Chargers Than You Can Shake An IPod At”