The FPC adapter shown soldered between the BGA chip and the phone's mainboard, with the phone shown to have successfully booted, displaying an unlock prompt on the screen

IPhone 6S NVMe Chip Tapped Using A Flexible PCB

Psst! Hey kid! Want to reverse-engineer some iPhones? Well, did you know that modern iPhones use PCIe, and specifically, NVMe for their storage chips? And if so, have you ever wondered about sniffing those communications? Wonder no more, as this research team shows us how they tapped them with a flexible printed circuit (FPC) BGA interposer on an iPhone 6S, the first iPhone to use NVMe-based storage.

The research was done by [Mohamed Amine Khelif], [Jordane Lorandel], and [Olivier Romain], and it shows us all the nitty-gritty of getting at the NVMe chip — provided you’re comfortable with BGA soldering and perhaps got an X-ray machine handy to check for mistakes. As research progressed, they’ve successfully removed the memory chip dealing with underfill and BGA soldering nuances, and added an 1:1 interposer FR4 board for the first test, that proved to be successful. Then, they made an FPC interposer that also taps into the signal and data pins, soldered the flash chip on top of it, successfully booted the iPhone 6S, and scoped the data lines for us to see.

This is looking like the beginnings of a fun platform for iOS or iPhone hardware reverse-engineering, and we’re waiting for further results with bated breath! This team of researchers in particular is prolific, having already been poking at things like MITM attacks on I2C and PCIe, as well as IoT device and smartphone security research. We haven’t seen any Eagle CAD files for the interposers published, but thankfully, most of the know-how is about the soldering technique, and the paper describes plenty. Want to learn more about these chips? We’ve covered a different hacker taking a stab at reusing them before. Or perhaps, would you like to know NVMe in more depth? If so, we’ve got just the article for you.

We thank [FedX] for sharing this with us on the Hackaday Discord server!

The End Of Landlines?

Imagine if, somehow, telephones of all kinds had not been invented. Then, this morning, someone entered a big corporation board room and said, “We’d like to string copper wire to every home and business in the country. We’ll get easements and put the wires on poles mostly. But some of them will go underground where we will dig tunnels. Oh, and we will do it in other countries, too, and connect them with giant undersea cables!” We imagine that executive would be looking for a job by lunchtime. Yet, we built that exact system and with far less tech than we have today. But cell phones have replaced the need for copper wire to go everywhere, and now AT&T is petitioning California to let them off the hook — no pun intended — for servicing landlines.

The use of cell phones has dramatically decreased the demand for the POTS or plain old telephone service. Even if you have wired service now, it is more likely fiber optic or, at least, an IP-based network connection that can handle VOIP.

Continue reading “The End Of Landlines?”

Your 1983 Video Phone Is Finally Ready

If you read Byte magazine in 1983, you might have expected that, by now, you’d be able to buy the red phone with the video screen built-in. You know, like the one that appears on the cover of the magazine. Of course, you can’t. But that didn’t stop former Hackaday luminary [Cameron] from duplicating the mythical device, if not precisely, then in spirit. Check it out in the video, below.

The Byte Magazine Cover in Question!

While the original Byte article was about VideoTex, [Cameron] built a device with even more capability you couldn’t have dreamed of in 1983. What’s more, the build was simple. He started with an old analog phone and a tiny Android phone. A 3D-printed faceplate lets the fake phone serve as a sort of dock for the cellular device.

That’s not all, though. Using the guts of a Bluetooth headset enables the fake phone’s handset. Now you can access the web — sort of a super Videotex system. You can even make video calls.

There isn’t a lot of detail about the build, but you probably don’t need it. This is more of an art project, and your analog phone, cell phone, and Bluetooth gizmo will probably be different anyway.

Everyone always wanted a video phone, and while we sort of have them now, it doesn’t quite seem the same as we imagined them. We wish [Cameron] would put an app on the phone to simulate a rotary dial and maybe even act as an answering machine.

Continue reading “Your 1983 Video Phone Is Finally Ready”

Schematics, For A Modern Flagship Phone

The mobile phone is an expensive and often surprisingly fragile device, whose manufacturers are notorious for making them as difficult to repair as possible. Glued-together cases and unreplaceable batteries abound, and technical information is non-existent. But amongst all that there’s one manufacturer with a different approach — Fairphone. Case in point, they’ve released the full service guide including schematics for their flagship Fairphone 5.

Fairphone’s selling point is the repairability and internal accessibility of their products and of course they’ve made hay with this as a marketing opportunity. But aside from that, it’s a fascinating chance to look in-depth at a modern smartphone from the inside out. We see the next-level PCB layout and how everything is so neatly packed into the minimum space, all without resorting to a heat gun.

It’s great to have another hackable phone, and fair play to Fairphone for releasing all this stuff, but perhaps the most interesting part from where we’re sitting is how and where this phone is being sold. There have been hackable phones before, for many the Pinephone will spring to mind, but they have always been sold to an audience who buy to hack. Here in Europe where this is being written, the Fairphone is being sold as a consumer device. It won’t shake Apple or Samsung from their perches, but for a hackable device to be so generally available to those who wish to do things with it can never be a bad thing.

We took a quick look at Fairphone back in 2015, when they launched.

A Crossbar Telephone Switch Explained

There’s an old adage about waiting hours for a bus only for two to appear at once, and for Hackaday this month we’re pleased to have seen this in a run of analogue telephone projects. Latest among them is the video below the break from [Wim de Kinderen], who is demonstrating the workings of a mechanical crossbar switch with the help of a vintage Ericsson unit and an Arduino replacing the original’s bank of control relays.

It’s possible everyone has a hazy idea of a crossbar array, but it was fascinating from this video to learn that the relays are worked by metal fingers being inserted by the bars into relays with wider than normal gaps between electromagnet and armature. This extra metal provides a path for the magnetic flux to actuate the relay.

The machine itself then is an extremely simple and elegant electromechanical device with many fewer moving parts than its Strowger rotary equivalents, but surprisingly we seem to see less of it than its American competitor. The video below the break is definitely worth a watch, even if you don’t own any analogue phones.

We recently saw a similar exchange implemented electronically.

Continue reading “A Crossbar Telephone Switch Explained”

A Complete Exchange From Scratch For Your Rotary Dial Phones

Such has been the success of the mobile phone that in many places they have removed the need for wired connections, for example where this is being written the old copper connection can only be made via an emulated phone line on an internet router. That doesn’t mean that wired phones are no longer of interest to a hardware hacker though, and many of us have at times experimented with these obsolete instruments. At the recent 37C3 event in Germany, [Hans Gelke] gave a talk on the analog exchange he’s created from scratch.

The basic form of the circuit is built around a crosspoint switch array, with interfaces for each line and a Raspberry Pi to control it all. But that simple description doesn’t fully express its awesomeness, rather than hooking up a set of off-the-shelf modules he’s designed everything himself from scratch. His subscriber line interface circuit uses a motor controller to generate the bell signal, his analogue splitter has an op-amp and a transistor, and his crosspoint array is a collection of JFETs. Having dabbled in these matters ourselves, it’s fascinating to see someone else making this work. Video below the break.

Have an analogue phone but nowhere to use it? Bring it to a hacker camp!

Continue reading “A Complete Exchange From Scratch For Your Rotary Dial Phones”

POTS At A Hacker Camp

For those of us off the Atlantic coast of Europe it’s a frigid winter as our isles are lashed by continuous storms. Summer seems a very long time ago, and the fun of the EMF 2022 hacker camp is an extremely distant memory. But the EMF team have been slowly releasing videos from the talks at that camp, the latest of which comes from [Matthew Harrold]. He was the force behind the public POTS phone network at the camp, providing anyone within range of one of his endpoints with the chance to have a wired phone line in their tent.

We’d love to imagine a mesh of overhead wires converging on a Strowger mechanical exchange somewhere on the field, but in a more practical move he used an array of redundant Cisco VOIP gear, and a multi-modem rack to provide dial-up services. Even then there were a few hurdles to overcome, but on the field it was definitely worth it as an array of unusual phone kit was brought along by the attendees. Our favourite is the Amstrad eMailer, an all-in-one phone and internet appliance from a couple of decades ago which perhaps due to its expensive pay as you go model, failed commercially. The video is below the break.

It’s a good time for this talk to come out, because it’s reminded us that the next EMF camp is on this summer. Time to dust off an old phone to bring along. Meanwhile, we’ve seen [Matthew] before, as he refurbished a sluggish dial mechanism.

Continue reading “POTS At A Hacker Camp”