Both of these mods are hacks in the purest sense of the word. The controller mod took a wireless keyboard’s sending circuit board and wedged it inside the NES controller. The original NES controller reads out the buttons into a shift register and sends that down a wire. That’s all gone. [ModPurist] just wired up each button to the sender PCB and figured out which keys they corresponded to on the PC by pressing the buttons. Simple.
The best part of his video about building the controller? After about a minute in, he forgets that he’s filming a technical how-to video and plays Pokemon for the remaining four minutes. That’s the sign of success.
Then there’s the NES hack itself. He stripped everything out, added a Raspberry Pi 2 and a fan, made it all work with the power switch and the original TV outs, and it’s done. Again, nothing more than needs doing, but nothing less. It looks just right plugged up to the CRT monitor (from a C64, no less), and there’s no doubt that being able to play wirelessly on an original NES controller is cool.
Sorting. It’s a classic problem that’s been studied for decades, and it’s a great first step towards “thinking algorithmically.” Over the years, a handful of sorting algorithms have emerged, each characterizable by it’s asymptotic order, a measure of how much longer an algorithm takes as the problem size gets bigger. While all sorting algorithms take longer to complete the more elements that must be sorted, some are slower than others.
For a sorter like bubble sort, the time grows quadradically longer for a linear increase in the number of inputs; it’s of order O(N²).With a faster sorter like merge-sort, which is O(N*log(N)), the time required grows far less quickly as the problem size gets bigger. Since sorting is a bit old-hat among many folks here, and since O(N*log(N)) seems to be the generally-accepted baseline for top speed with a single core, I thought I’d pop the question: can we go faster?
In short — yes, we can! In fact, I’ll claim that we can sort in linear time, i.e a running time of O(N). There’s a catch, though: to achieve linear time, we’ll need to build some custom hardware to help us out. In this post, I’ll unfold the problem of sorting in parallel, and then I”ll take us through a linear-time solution that we can synthesize at home on an FPGA.
Need to cut to the chase? Check out the full solution implemented in SystemVerilog on GitHub. I’ve wrapped it inside an SPI communication layer so that we can play with it using an everyday microcontroller.
To understand how it works, join us as we embark on an adventure in designing algorithms for hardware. If you’re used to thinking of programming in a stepwise fashion for a CPU, it’s time to get out your thinking cap!
While sorely lacking in pictures of the innards of this digital canvas, we were extremely impressed with the work that went into making such a convincing object. [Clay Bavor] wanted a digital picture frame, but couldn’t find one on the market that did what he wanted. They all had similar problems, the LCDs were the lowest quality, they were in cheap bezels, they had weird features, they had no viewing angle, and they either glowed like the sun or were invisible in dark environments.
[Clay] started with the LCD quality, he looked at LCD specs for the absolute best display, and then, presumably, realized he lived in a world where money is no object and bought a 27″ iMac. The iMac has a very high pixel density, no viewing angle, and Apple goes through the trouble of color balancing every display. Next he got a real frame for the iMac, cut a hole in the wall to accommodate it, and also had a mat installed to crop the display to a more convincing aspect ratio for art. One of the most interesting part of the build is the addition of a Phidgets light sensor. Using this, he has some software running that constantly adjusts the Mac to run at a brightness that’s nearly imperceptible in the room’s lighting.
Once he had it built he started to play around with the software he wrote for the frame. Since he wanted the frame to look like a real art print he couldn’t have the image change while people were looking, so he used the camera on the Mac and face detection to make sure the image only changed when no one was looking for a few minutes. He also has a mode that trolls the user by changing the image as soon as they look away.
We admit that a hackier version of this would be tearing the panel out of a broken iMac and using a lighter weight computer to run all the display stuff. [Clay] reached the same conclusion and plans to do something similar for his version 2.0.
Solderless breadboards are extremely handy. You always hear, of course, that you need to be careful with them at high frequencies and that they can add unwanted capacitance and crosstalk to a circuit. That stands to reason since you have relatively long pieces of metal spaced close together — the very definition of a capacitor.
[Ryan Jensen] did more than just listen to that advice. He built a circuit and used a scope to investigate just how much coupling he could expect with a simple digital circuit. Better still, he also made a video of it (see below). The test setup shows a single gate of a hex Schmitt trigger inverter with a sine wave input. The output transitions ring and also couple back into the input.
The early days of electricity appear to have been a cutthroat time. While academics were busy uncovering the mysteries of electromagnetism, bands of entrepreneurs were waiting to pounce on the pure science and engineer solutions to problems that didn’t even exist yet, but could no doubt turn into profitable ventures. We’ve all heard of the epic battles between Edison and Tesla and Westinghouse, and even with the benefit of more than a century of hindsight it’s hard to tell who did what to whom. But another conflict was brewing at the turn of 19th century, this time between an Indian polymath and an Italian nobleman, and it would determine who got credit for laying the foundations for the key technology of the 20th century – radio.
Every once in a great while, a piece of radio gear catches the attention of a prolific hardware guru and is reverse engineered. A few years ago, it was the RTL-SDR, and since then, software defined radios became the next big thing. Last weekend at Shmoocon, [Travis Goodspeed] presented his reverse engineering of the Tytera MD380 digital handheld radio. The hack has since been published in PoC||GTFO 0x10 (56MB PDF, mirrored) with all the gory details that turn a $140 radio into the first hardware scanner for digital mobile radio.
The Tytera MD-380 digital radio
The Tytera MD380 is a fairly basic radio with two main chips: an STM32F405 with a megabyte of Flash and 192k of RAM, and an HR C5000 baseband. The STM32 has both JTAG and a ROM bootloader, but both of these are protected by the Readout Device Protection (RDP). Getting around the RDP is the very definition of a jailbreak, and thanks to a few forgetful or lazy Chinese engineers, it is most certainly possible.
The STM32 in the radio implements a USB Device Firmware Upgrade (DFU), probably because of some example code from ST. Dumping the memory from the standard DFU protocol just repeated the same binary string, but with a little bit of coaxing and investigating the terrible Windows-only official client application, [Travis] was able to find non-standard DFU commands, write a custom DFU client, and read and write the ‘codeplug’, an SPI Flash chip that stores radio settings, frequencies, and talk groups.
Further efforts to dump all the firmware on the radio were a success, and with that began the actual reverse engineering of the radio. It runs an ARM port of MicroC/OS-II, a real-time embedded operating system. This OS is very well documented, with slightly more effort new functions and patches can be written.
In Digital Mobile Radio, audio is sent through either a public talk group or a private contact. The radio is usually set to only one talk group, and so it’s not really possible to listen in on other talk groups without changing settings. A patch for promiscuous mode – a mode that puts all talk groups through the speaker – is just setting one JNE in the firmware to a NOP.
The Tytera MD-380 ships with a terrible Windows app used for programming the radio
With the help of [DD4CR] and [W7PCH], the entire radio has been reverse engineered with rewritten firmware that works with the official tools, the first attempts of scratch-built firmware built around FreeRTOS, and the beginnings of a very active development community for a $140 radio. [Travis] is looking for people who can add support for P25, D-Star, System Fusion, a proper scanner, or the ability to send and receive DMR frames over USB. All these things are possible, making this one of the most exciting radio hacks in recent memory.
Before [Travis] presented this hack at the Shmoocon fire talks, intuition guided me to look up this radio on Amazon. It was $140 with Prime, and the top vendor had 18 in stock. Immediately after the talk – 20 minutes later – the same vendor had 14 in stock. [Travis] sold four radios to members of the audience, and there weren’t that many people in attendance. Two hours later, the same vendor had four in stock. If you’re looking for the best hardware hack of the con, this is the one.
This week I was approached with a question. Why don’t passenger aircraft have emergency parachutes? Whole plane emergency parachutes are available for light aircraft, and have been used to great effect in many light aircraft engine failures and accidents.
But the truth is that while parachutes may be effective for light aircraft, they don’t scale. There are a series of great answers on Quora which run the numbers of the size a parachute would need to be for a full size passenger jet. I recommend reading the full thread, but suffice it to say a ballpark estimate would require a million square feet (92903 square meters) of material. This clearly isn’t very feasible, and the added weight and complexity would no doubt bring its own risks.
Both of these mods are hacks in the purest sense of the word. The controller mod took a wireless keyboard’s sending circuit board and wedged it inside the NES controller. The original NES controller reads out the buttons into a shift register and sends that down a wire. That’s all gone. [ModPurist] just wired up each button to the sender PCB and figured out which keys they corresponded to on the PC by pressing the buttons. Simple.
