Wireshark screenshot with QCSuper-produced packets streaming into it; QCSuper script running in an adjacent terminal

Turn Your Qualcomm Phone Or Modem Into Cellular Sniffer

If your thought repurposing DVB-T dongles for generic software defined radio (SDR) use was cool, wait until you see QCSuper, a project that re-purposes phones and modems to capture raw 2G/3G/4G/5G. You have to have a Qualcomm-based device, it has to either run rooted Android or be a USB modem, but once you find one in your drawers, you can get a steady stream of packets straight into your Wireshark window. No more expensive SDR requirement for getting into cellular sniffing – at least, not unless you are debugging some seriously low-level issues.

It appears there’s a Qualcomm specific diagnostic port you can access over USB, that this software can make use of. The 5G capture support is currently situational, but 2G/3G/4G capabilities seem to be pretty stable. And there’s a good few devices in the “successfully tested” list – given the way this software functions, chances are, your device will work! Remember to report whether it does or doesn’t, of course. Also, the project is seriously rich on instructions – whether you’re using Linux or Windows, it appears you won’t be left alone debugging any problems you might encounter.

This is a receive-only project, so, legally, you are most likely allowed to have fun — at least, it would be pretty complicated to detect that you are, unlike with transmit-capable setups. Qualcomm devices have pretty much permeated our lives, with Qualcomm chips nowadays used even in the ever-present SimCom modules, like the modems used in the PinePhone. Wondering what a sniffer could be useful for? Well, for one, if you ever need to debug a 4G base station you’ve just set up, completely legally, of course.

How Wireless Charging Works And Why It’s Terrible

Wireless charging is pretty convenient, as long as the transmitter and receiver speak the same protocol. Just put the device you want to charge on the wireless charger without worrying about plugging in a cable. Yet as it turns out, the disadvantages of wireless charging may be more severe than you think, at least according to tests by iFixIt’s [Shahram Mokhtari] and colleagues. In the article the basics of wireless charging are covered, as well as why wireless charging wastes a lot more power even when not charging, and why it may damage your device’s battery faster than wired charging.

The inefficiency comes mostly from the extra steps needed to create the alternating current (AC) with wireless coupling between the coils, and the conversion back to DC. Yet it is compounded by the issue of misaligned coils, which further introduce inefficiencies. Though various protocols seek to fix this (Qi2 and Apple’s MagSafe) using alignment magnets, these manage to lose 59% of the power drawn from the mains due to these inefficiencies. Wireless chargers also are forced to stay active, polling for a new device to charge, which keeps a MagSafe charger sucking up 0.2 W in standby.

Continue reading “How Wireless Charging Works And Why It’s Terrible”

Rabbit Sighted In The Wild

Here at Hackaday we’re suckers for old abandoned technologies, the more obscure the better. The history of the telephone has plenty to capture our attention, and it’s from that arena that something recently floated past our timeline. [IanVisits] reports a sighting of a Rabbit in a London Underground station. The bunny in question definitely isn’t hopping though, it’s been dead for more than three decades. It’s a base station for a failed digital mobile phone system.

We’ve had a look in the past at CT2, the system this Rabbit base station once formed part of. It was an attempt to make an inexpensive phone system by having the handsets work with fixed base stations rather than move from cell to cell. It was one of the first public digital mobile phone systems, but the convenience of a phone that could both receive calls and make them anywhere without having to find a base station meant that GSM phones took their market.

The one in Seven Sisters tube station is a bit grubby looking, but it’s not the only survivor out there in the field. We have to admit to being curious as to whether it’s still powered on even though its backhaul will be disconnected, as in our experience it’s not uncommon for old infrastructure to be left plugged into the wall for decades, unheeded. Does anyone fancy sniffing for it with a Flipper Zero?

A Dial Phone SIPs Asterisk

An endless source of amusement for those of advancing years can come from handing a rotary phone to a teenager and asking them to dial a number with it. It’s rare for them to be stumped by a piece of technology, after all. [Mnutt]’s 4-year-old son had no such problems when he saw rotary phones at an art exhibition, so what was a parent to do but wire the phone to an Asterisk PBX with shortcut numbers for calls to family and such essential services as a joke line, MTA status, or even a K-pop song.

It’s possible to hook up a pulse dial phone with a SLIC module and a microcontroller, but in this case, a Grandstream SIP box did the trick. These are all-in-one devices that implement a SIP client with a physical connection, and older ones will talk to pulse dialers as well as the more usual tone dialing phones. The phone in question is a vintage American model. Writing this from Europe we were surprised to find a little simpler inside than its transatlantic counterparts of the same era.

An Asterisk install on a Raspberry Pi completed the project, and thus it became a matter of software configuration. It’s a useful run-through for Asterisk dilettantes, even if you haven’t got a 4-year-old. Perhaps you have an old payphone or two!

The FPC adapter shown soldered between the BGA chip and the phone's mainboard, with the phone shown to have successfully booted, displaying an unlock prompt on the screen

IPhone 6S NVMe Chip Tapped Using A Flexible PCB

Psst! Hey kid! Want to reverse-engineer some iPhones? Well, did you know that modern iPhones use PCIe, and specifically, NVMe for their storage chips? And if so, have you ever wondered about sniffing those communications? Wonder no more, as this research team shows us how they tapped them with a flexible printed circuit (FPC) BGA interposer on an iPhone 6S, the first iPhone to use NVMe-based storage.

The research was done by [Mohamed Amine Khelif], [Jordane Lorandel], and [Olivier Romain], and it shows us all the nitty-gritty of getting at the NVMe chip — provided you’re comfortable with BGA soldering and perhaps got an X-ray machine handy to check for mistakes. As research progressed, they’ve successfully removed the memory chip dealing with underfill and BGA soldering nuances, and added an 1:1 interposer FR4 board for the first test, that proved to be successful. Then, they made an FPC interposer that also taps into the signal and data pins, soldered the flash chip on top of it, successfully booted the iPhone 6S, and scoped the data lines for us to see.

This is looking like the beginnings of a fun platform for iOS or iPhone hardware reverse-engineering, and we’re waiting for further results with bated breath! This team of researchers in particular is prolific, having already been poking at things like MITM attacks on I2C and PCIe, as well as IoT device and smartphone security research. We haven’t seen any Eagle CAD files for the interposers published, but thankfully, most of the know-how is about the soldering technique, and the paper describes plenty. Want to learn more about these chips? We’ve covered a different hacker taking a stab at reusing them before. Or perhaps, would you like to know NVMe in more depth? If so, we’ve got just the article for you.

We thank [FedX] for sharing this with us on the Hackaday Discord server!

The End Of Landlines?

Imagine if, somehow, telephones of all kinds had not been invented. Then, this morning, someone entered a big corporation board room and said, “We’d like to string copper wire to every home and business in the country. We’ll get easements and put the wires on poles mostly. But some of them will go underground where we will dig tunnels. Oh, and we will do it in other countries, too, and connect them with giant undersea cables!” We imagine that executive would be looking for a job by lunchtime. Yet, we built that exact system and with far less tech than we have today. But cell phones have replaced the need for copper wire to go everywhere, and now AT&T is petitioning California to let them off the hook — no pun intended — for servicing landlines.

The use of cell phones has dramatically decreased the demand for the POTS or plain old telephone service. Even if you have wired service now, it is more likely fiber optic or, at least, an IP-based network connection that can handle VOIP.

Continue reading “The End Of Landlines?”

Your 1983 Video Phone Is Finally Ready

If you read Byte magazine in 1983, you might have expected that, by now, you’d be able to buy the red phone with the video screen built-in. You know, like the one that appears on the cover of the magazine. Of course, you can’t. But that didn’t stop former Hackaday luminary [Cameron] from duplicating the mythical device, if not precisely, then in spirit. Check it out in the video, below.

The Byte Magazine Cover in Question!

While the original Byte article was about VideoTex, [Cameron] built a device with even more capability you couldn’t have dreamed of in 1983. What’s more, the build was simple. He started with an old analog phone and a tiny Android phone. A 3D-printed faceplate lets the fake phone serve as a sort of dock for the cellular device.

That’s not all, though. Using the guts of a Bluetooth headset enables the fake phone’s handset. Now you can access the web — sort of a super Videotex system. You can even make video calls.

There isn’t a lot of detail about the build, but you probably don’t need it. This is more of an art project, and your analog phone, cell phone, and Bluetooth gizmo will probably be different anyway.

Everyone always wanted a video phone, and while we sort of have them now, it doesn’t quite seem the same as we imagined them. We wish [Cameron] would put an app on the phone to simulate a rotary dial and maybe even act as an answering machine.

Continue reading “Your 1983 Video Phone Is Finally Ready”