Software Hacks

999 Articles

Amazon Echo Gets Open Source Brain Transplant

March 22, 2021 by 20 Comments

There’s little debate that Amazon’s Alexa ecosystem makes it easy to add voice control to your smart home, but not everyone is thrilled with how it works. The fact that all of your commands are bounced off of Amazon’s servers instead of staying internal to the network is an absolute no-go for the more privacy minded among us, and honestly, it’s hard to blame them. The whole thing is pretty creepy when you think about it.

Which is precisely why [André Hentschel] decided to look into replacing the firmware on his Amazon Echo with an open source alternative. The Linux-powered first generation Echo had been rooted years before thanks to the diagnostic port on the bottom of the device, and there were even a few firmware images floating around out there that he could poke around in. In theory, all he had to do was remove anything that called back to the Amazon servers and replace the proprietary bits with comparable free software libraries and tools.

Taping into the Echo’s debug port.

Of course, it ended up being a little trickier than that. The original Echo is running on a 2.6.x series Linux kernel, which even for a device released in 2014, is painfully outdated. With its similarly archaic version of glibc, newer Linux software would refuse to run. [André] found that building an up-to-date filesystem image for the Echo wasn’t a problem, but getting the niche device’s hardware working on a more modern kernel was another story.

He eventually got the microphone array working, but not the onboard digital signal processor (DSP). Without the DSP, the age of the Echo’s hardware really started to show, and it was clear the seven year old smart speaker would need some help to get the job done.

The solution [André] came up with is not unlike how the device worked originally: the Echo performs wake word detection locally, but then offloads the actual speech processing to a more powerful computer. Except in this case, the other computer is on the same network and not hidden away in Amazon’s cloud. The Porcupine project provides the wake word detection, speech samples are broken down into actionable intents with voice2json, and the responses are delivered by the venerable eSpeak speech synthesizer.

As you can see in the video below the overall experience is pretty similar to stock, complete with fancy LED ring action. In fact, since Porcupine allows for multiple wake words, you could even argue that the usability has been improved. While [André] says adding support for Mycroft would be a logical expansion, his immediate goal is to get everything documented and available on the project’s GitLab repository so others can start experimenting for themselves.

Continue reading “Amazon Echo Gets Open Source Brain Transplant”

WebSerial: Browser Based Development For Your Boards And Electronic Badges

March 21, 2021 by 9 Comments

For years, one of the most accessible and simplest-to-implement methods of talking to a dev board has been to give it a serial port. Almost everything has serial in some form, so all that’s needed is to fire up a terminal. But even with that simplicity, there are still moments when the end user might find a terminal interface a little daunting. Think of a board aimed at kids for example, or an event badge which must be accessible to as many people as possible.

We’ve seen a very convenient solution to this problem in the form of WebUSB, but for devices without the appropriate USB hardware there’s WebSerial, an in-browser API for communicating with serial ports including USB-to-serial chips. [Tom Clement] argues that this could serve as the way forward for event badges. Best of all it can be a retro-fit to enable in-browser development for older badges or dev boards with a serial port.

The boards on which he demonstrates the technique are the series of event badges running the badge.team firmware platform including his own i-Pane from CampZone 2019 and going right back to the SHA 2017 badge, but there’s no reason why the same technique can’t be extended to other boards.

There’s a snag with all this though, sadly only browsers in the Chrome family support it at the time of writing, with no plans from Mozilla and apple, and silence from Microsoft. So things look likely to stay that way. It is however inevitable that in time there will be commercial products taking advantage of it via the use of cheap USB to serial chips, so perhaps the case to incorporate it will make itself.

Header: Mobius, Public domain.

An Algorithm For Art: Thread Portraits

March 18, 2021 by 27 Comments

We’ve all been there — through the magic of the internet, you see someone else’s stunning project and you just have to replicate it. For [Jenny Ma], that project was computer-generated string art, as in the computer figures out the best nail order to replicate a given image, and you lay out the thread yourself.

So, how does it work? Although a few algorithms are out there already, [Jenny] wanted to make her own using Python. Essentially it crops the image into a circle and then lays out evenly-spaced software nails around the circumference. The algorithm starts from a random nail and then determines the best next nail to wrap around by drawing a line from that nail to every other nail and choosing the darkest one based on the darkness of the image underneath that little line. It repeats this one chord at a time, subtracting from the original image until every pixel has been replaced with a thread or lack thereof, and then it spits out an ordered list of nail numbers.

Once the software was ready, [Jenny] made a wood canvas that’s 80 cm (31.5″) in diameter and started laying out the nail hole locations. There wasn’t quite enough room for 300 nails, so instead of starting over, [Jenny] changed the algorithm to use 298 nails and re-ran it.

[Jenny] does a great job of discussing the many variables at play in this hardware representation of software-created art. The most obvious of course is that the more nails used, the higher the resolution would be, but she determined that 300 is the sweet spot — more than that, and the resolution doesn’t really improve. We have to wonder if 360 nails would make things any easier. Check out the build video after the break.

Want to cut out most of the manual labor altogether? Build yourself a string art machine.

Continue reading “An Algorithm For Art: Thread Portraits”

PlayStation Unlocked With New Software Hack

March 15, 2021 by 43 Comments

The original PlayStation might be pushing 30 years old now, but that doesn’t mean hackers have given up on chipping away at it. A new exploit released by [Marcos Del Sol Vives] allows users to run copied games on all but the earliest hardware revisions of this classic console, and all you need to trigger it is a copy of Tony Hawk’s Pro Skater 2.

Aptly named tonyhax, this exploit uses a classic buffer overflow found in the “Create Skater” mode in Tony Hawk 2, 3, and 4. When the game sees a custom character saved on the memory card it will automatically load the name field to show it on the screen, but it turns out the developers didn’t think to check the length of the name before loading it. Thanks to this oversight, a long and carefully crafted name can be used to load an executable payload into the console’s memory.

The name contains the memory address of the payload.

That payload could be anything, such as a homebrew game, but in this case [Marcos] went all in and developed a simple tool that unlocks the console’s optical drive so it will play games burned to CD-Rs. Once the tonyhax exploit has been loaded, you simply swap the authentic Tony Hawk disc for whatever burned title you want to play. So far every game tested has worked, even those that span across multiple discs.

[Marcos] is providing not only the save files ready to load on your PlayStation memory card (either through a PC tool, or with the help of a hacked PS2), as well as the complete source code for tonyhax. This opens the door to the exploit being used to load other tools, emulators, and indie games, but as the PlayStation homebrew scene is relatively limited when compared to newer consoles, the demand might be limited.

Compared to the traditional physical modifications used to play copied games on the PlayStation, this new software approach is far more accessible. Expect to see memory cards with this exploit preinstalled hit your favorite import site in the very near future.

Continue reading “PlayStation Unlocked With New Software Hack”

Get Apple To Track Your Bluetooth Devices For You

March 5, 2021 by 10 Comments

Apple’s “Find My” service allows users to track their missing devices by leveraging a worldwide network of location-aware iGadgets. With millions of iPhones and Macs out in the wild listening for the missing device’s Bluetooth advertisements and relaying their findings to the Cupertino Mothership, it’s a highly effective way of tracking hardware so long as it stays in relatively urban areas. Unfortunately, the system is completely proprietary and non-Apple devices aren’t invited to play.

Or at least, that used to be the case. A project recently released by the [Secure Mobile Networking Lab] called OpenHaystack demonstrates how generic devices can utilize Apple’s Find My network by mimicking the appropriate Bluetooth Low Energy (BLE) broadcasts. Currently they have a firmware image for the BBC micro:bit, as well as a Python script for Linux, that will allow you to spin up an impromptu Find My target. But the team has also published all the information required to implement similar functionality on other BLE-capable devices and microcontrollers, so expect the list of supported hardware to grow shortly.

Diagram showing how the Apple Find My system worksSomewhat ironically, while OpenHaystack allows you to track non-Apple devices on the Find Me tracking network, you will need a Mac computer to actually see where your device is. The team’s software requires a computer running macOS 11 (Big Sur) to run, and judging by the fact it integrates with Apple Mail to pull the tracking data through a private API, we’re going to assume this isn’t something that can easily be recreated in a platform-agnostic way. Beyond the occasional Hackintosh that might sneak in there, it looks like Tim Cook might have the last laugh after all.

It’s not immediately clear how difficult it will be for Apple to close this loophole, but the talk of utilizing a private API makes us think there might be a built-in time limit on how long this project will be viable. After all, Big Tech doesn’t generally approve of us peons poking around inside their machinations for long. Though even if Apple finds a way to block OpenHaystack, it’s expected the company will be releasing “AirTags” sometime this year which will allow users to track whatever objects they like through the system.

Circuit Impedance Calculations Without Cumbersome Simulations

March 2, 2021 by 11 Comments

Using circuit simulating software like SPICE can be a powerful tool for modeling the behavior of a circuit in the real world. On the other hand, it’s not always necessary to have all of the features of SPICE available all the time, and these programs tend to be quite expensive as well. To that end, [Wes Hileman] noticed an opportunity for a specific, quick method for performing impedance calculations using python without bulky, expensive software and came up with a program which he calls fastZ.

The software works on any network of passive components (resistors, capacitors, and inductors) and the user can specify parallel and series connections using special operators. Not only can the program calculate the combined impedance but it can perform frequency analysis at a specified frequency or graph the frequency response over a wide range of frequencies. It’s also running in python which makes it as simple as importing any other python package, and is also easy to implement in any other python program compared to building a simulation and hoping for the best.

If you find yourself regularly drawing Bode plots or trying to cobble together a circuit simulation to work with your python code, this sort of solution is a great way to save a lot of headache. It is possible to get the a piece of software like SPICE to to work together with other python programs though, often with some pretty interesting results.

Fixing The Only Thing That’s Slow About Grand Theft Auto V

March 2, 2021 by 13 Comments

The driving, crime, and general mayhem game Grand Theft Auto V is something of a phenomenon that has lasted for the last seven or more years. Whether following the in-game missions, driving around like a hooligan for fun or performing crazy stunts, the depth of detail in its landscapes and the continual improvements to gameplay that have arrived over the years have assured it a massive following across multiple platforms. The game is not without its problems though, one of which is an unreasonably long loading time for its online version. This annoyed [T0st] to the extent that it was worth the effort of looking under the hood to find out where the problem lay.

It was evident that for PC users the effect varied depending on the hardware present. Furthermore AMD processors seemed worse-hit than Intel ones, and indeed they found an entire core maxed out by a couple of processes during the wait. Some diagnostics and disassembly led the trail to some string processing code which was identified as a JSON parser. This was not simply parsing the JSON but also performing a check for token uniqueness in an extremely inefficient manner, causing the whole process to be extremely slow. Sone nifty patching in a DLL containing a much more efficient function with a cache for unique values saved the day, and delivered an impressive 70% speed-up. It’s to be hoped that the game’s developers will take note, and a future GTA V update will deliver a fix.

Driving a car from a third-person viewpoint in a game like GTA V is a hoot. In real life though, not so much.

Thanks [Thanatos Erberus] for the tip.