Oddball LCDs Reverse Engineered Thanks To Good Detective Work

December 12, 2023 by Dan Maloney 5 Comments

Is there anything more discouraging to the reverse engineer than to see a black blob of epoxy applied directly to a PCB? We think not, because that formless shape provides no clue as to what chip lies beneath, and that means a lot of detective work if you’re going to figure out how to use this thing.

[Sudhir Chandra]’s detective story starts with a bunch of oddball LCDs, slim 1×32 character units rather than the more familiar 2×16 displays. Each bore the dreaded black COB blob on the back, as well as a handful of SMD components and not much else. Googling revealed no useful documentation, and the manufacturer wasn’t interested in fielding calls from a hobbyist. Reasoning that most manufacturers wouldn’t spin up a custom chip for every display, [Sudhir] assumed there was an ST7066, a common LCD driver chip, underneath the blob, especially given the arrangement of external components. But a jumper set was bodged together under this assumption didn’t get the display going.

Next up were more destructive methods, to decap the COB and see what kind of numbers might be on the chip. Sandpaper worked at first, but [Sudhir] eventually turned to the “Chips a la [Antoine]” method of decapping, which uses heat and brute force to get at the goods. This got down to the chip, but [Sudhir]’s microscope wasn’t up to the task of reading the die markings.

What eventually cracked the case was tracing out the voltages across the various external resistors and matching them up to other chips in the same family as the ST7066, plus the realization that the long, narrow epoxy blob probably covered a similarly shaped chip, which led to the culprit: an ST7070. This allowed [Sudhir] to build an adapter PCB for the displays, with plans for a custom Arduino library to talk to the displays.

This was a great piece of reverse engineering and a good detective story to boot. Hats off to [Sudhir] for sticking with it.

Hacking The Xiaomi Mi Band 8 With Custom Firmware

December 7, 2023 by Maya Posch 11 Comments

Over the past years, fitness trackers have gone from fairly unobtrusive bands that relied mostly on smartphone apps for interaction to essentially being fashion statements and smart watches, with large screens and impressive specs. The Xiaomi Mi Band 8 is no exception, with a zippy MCU and a 1.62″ AMOLED screen that just asks for some serious rick-rolling. This was a challenge which [Aaron Christophel] was all too happy to accept, resulting in some reverse-engineering and flashing of custom firmware onto one of these marvels of modern wearable technology.

Block Diagram for the Apollo4 Blue Lite. (Credit: Ambiq)

The Mi Band 8 is built around an Ambiq Apollo4 Blue Lite MCU which features a Cortex-M4 core for applications, along with a Bluetooth LE radio and a lot of SRAM and Flash. This naturally implies an SWD interface for programming, which was mostly a matter of reverse-engineering the PCB to find the locations for these signals and realizing that the original firmware disables the SWD interface on boot. Unfortunately the Ambiq SDK requires you to create an account, but you can get the basics from [Aaron]’s GitHub project. It appears that for BLE you do need the full SDK, and OTA updates feature a signing check, so physical access is required.

So far the display, touchscreen and light sensor are working, with the remaining peripherals just a matter of time. With a list price of around $64 for one of these fitness bands with a 192 x 490 touch-enabled AMOLED display and a variety of health-related sensors, they’d seem to be a fun toy to hack, especially when found on sale or used.

Continue reading “Hacking The Xiaomi Mi Band 8 With Custom Firmware” →

The Deere Disease Spreads To Trains

December 6, 2023 by Jenny List 37 Comments

If the right-to-repair movement has a famous story, it’s the familiar green and yellow John Deere tractor. Farmers and mechanics have done their own repairs as long as there have been tractors, but more recent Deeres have been locked down such that only Deere-authorised agents can fix them. It’s a trend that has hurt the value of a second-had Deere, but despite that it appears to be spreading within the machinery world. Now there’s a parallel on Polish railways, as Polish-made Newag electric passenger trains have been found to give errors when serviced by non-Newag workshops.

At the heart of the problem are the PLCs which control all aspects of a modern rail traction system, which thanks to a trio of Poland and Germany based researchers have been found to play a range of nasty tricks. They’ll return bogus error codes after a set date which would presumably be reset by the official service, if the train has been laid up for a while, or even if they are detected via GPS to have visited a third-party workshop. Their work will be the subject of a talk at 37C3 which should be worth watching out for.

It will be especially interesting to juxtapose the reaction to this revelation with cases such as the Deere tractors, because of course Poland is part of the European Union. We’re not specialist EU competition lawyers, but we know enough to know that the EU takes a dim view of these types of practices and has been strong on the right to repair. Who knows, Polish trains may contribute further to the rights of all Europeans.

three resin-printed Single8 film cartridges, uncropped image

Re-Inventing The Single 8 Home Movie Format

November 23, 2023 by Dave Walker 22 Comments

[Jenny List] has been reverse-engineering and redesigning the Single8 home movie film cartridge for the modern age, to breathe life into abandoned cine cameras.

One of the frustrating things about working with technologies that have been with us for a while is the proliferation of standards and the way that once-popular formats can become obsolete over time. This can leave equipment effectively unusable and unloved.

There is perhaps no greater example of this than in film photography – an industry and hobby that has been with us for over 100 years and that has left many cameras orphaned once the film format they relied on was no longer available (Disc film, anyone?).

Thankfully, Hackaday’s own [Jenny List] has been working hard to bring one particular cine film format back from the dead and has just released the fourth instalment in a video series documenting the process of resurrecting the Single8 format cartridge. Continue reading “Re-Inventing The Single 8 Home Movie Format” →

Revive A Sony Vaio P-Series With KiCad’s Background Bitmaps

November 20, 2023 by Arya Voronova 31 Comments

You might remember that KiCad 7 came out this February, with a multitude of wonderful features. One of them was particularly exciting to see, and the KiCad newsletter even had an animated GIF to properly demo it – a feature called “Background Bitmaps”, which is the ability to add existing board images into your board editor, both front and back, and switch between them as you design the board. With it, you can draw traces, recreate the outline and place connectors over these images, giving you a way to quickly to reproduce everything on an existing PCB! I’ve seen some friends of mine use this feature, and recently, I’ve had a project come up that’s a perfect excuse for me to try it.

Back in 2020, I managed to get a Sony Vaio P from a flea market, for about 20€. It’s a beloved tiny laptop from 2009, now a collectors item, and we’ve covered a few hacks with it! The price was this wonderful only because it was not fit for regular flea market customers – it was in bad condition, with the original DC jack lost and replaced by some Molex-like power connector, no hard drive, and no battery in sight.

In short, something worth selling to a known tinkerer like me, but not particularly interesting otherwise. Nevertheless, about half a year later, when I fed it the desired 10.5 V from a lab PSU and gave the power button a few chances, it eventually booted up and shown me the BIOS menu on the screen! I’ve disassembled and reassembled it a few times, replaced the DC jack with an original one from a different Vaio ultrabook I happened to have parts from, and decided to try to bring it back to original condition.

Continue reading “Revive A Sony Vaio P-Series With KiCad’s Background Bitmaps” →

Vectorscope KiCad Redrawing Project

November 13, 2023 by Chris Lott 23 Comments

When I saw this year’s Supercon Vectorscope badge, I decided that I had to build one for myself. Since I couldn’t attend in-person, I immediately got the PCBs and parts on order. Noting that the GitHub repository only had the KiCad PCB file and not the associated schematics and project file, I assumed this was because everyone was in a rush during the days leading up to Supercon weekend. I later learned, however, that there really wasn’t a KiCad project — the original design was done in Circuit Maker and the PCB was converted into KiCad. I thought, “how hard can this be?” and decided to try my hand at completing the KiCad project.

Fortunately I didn’t have to start from scratch. The PCB schematics were provided, although only as image files. They are nicely laid out and fortunately don’t suffer the scourge of many schematics these days — “visual net lists” that are neither good schematics nor useful net lists. To the contrary, these schematics, while having a slightly unorthodox top to bottom flow, are an example of good schematic design. Continue reading “Vectorscope KiCad Redrawing Project” →

NEC V20 - Konstantin Lanzet, CC BY-SA 3.0 via Wikimedia Commons

Intel V. NEC : The Case Of The V20’s Microcode

November 7, 2023 by Maya Posch 18 Comments

Back in the last century, Intel saw itself faced with a need to have ‘second source’ suppliers of its 8088 and 8086 processors, which saw NEC being roped in to be one of those alternative suppliers to keep Intel’s customers happy with the μPD 8086 and μPD 8088 offerings. Yet rather than using the Intel provided design files, NEC reverse-engineered the Intel CPUs, which led to Intel suing NEC over copying the microcode that forms an integral part of the x86 architecture. In a recent The Chip Letter entry by [Babbage] this case is covered in detail.

Although this lawsuit was cleared up, and NEC licensed the microcode from Intel, this didn’t stop NEC from creating their 8086 and 8088 compatible CPUs in the form of the V30 and V20 respectively. Although these were pin- and ISA-compatible, the internal microcode was distinct from the Intel microcode due to the different internal microarchitecture. In addition the V20 and V30 also had a special 8080 mode, that provided partial compatibility with Z80 software.

Long story short, Intel sued NEC with accusations of copyright infringement of the microcode, which led to years of legal battle, which both set many precedents about what is copyrightable about microcode, and ultimately cleared NEC to keep selling the V20 and V30. Unfortunately by then the 1990s had already arrived, and sales of the NEC chips had not been brisk due to the legal issues while Intel’s new 80386 CPU had taken the market by storm. This left NEC’s x86-compatible CPUs legacy mostly in the form of legal precedents, instead of the technological achievements it had hoped for, and set the tone for the computer market of the 1990s.

Thanks to [Stephen Walters] for the tip.