PicoROM, A DIP-32 8-Bit ROM Emulator

As we all know, when developing software for any platform or simply hacking a bit of code to probe how something works, the ability to deploy code rapidly is a huge help. [Martin Donlon], aka [wickerwaka], is well known in retro gaming and arcade hardware reverse engineering circles and had the usual issues figuring out how an arcade CPU board worked while developing a MiSTer core. Some interesting ASICs needed quite a bit of poking, and changing the contents of socketed ERPOMs is a labour-intensive process. The solution was PicoROM, a nicely designed ROM emulator in a handy DIP-32 form factor.

As the title suggests, PicoROM is based on the Raspberry Pi RP2040. It emulates an 8-bit ROM up to 2MBits in size with speeds up to 100ns. Since it uses the RP2040, USB connectivity is simple, enabling rapid uploading of new images to one (or more) PicoROMs in mere seconds. A vertically orientated USB-C connector allows multiple PicoROMs to be cabled to the host without interfering with neighbouring hardware. The firmware running on core 1 passes data from the internal 264K SRAM, using the PIO block as a bus interface to the target. A neat firmware feature is the addition of a mechanism to use a ROM region as a bidirectional control channel, which the software running on the target can use to communicate back to the host computer. This allows remote triggering of actions and the reporting of responses. Responses which may not be physically observable externally. [Martin] is using this feature extensively to help probe the functionality of some special function chips on the target boards, which is still a slow process but helped massively by reducing that critical software iteration time. The PCB was designed with KiCAD. The project files for which can be found here.

This isn’t the first time we’ve seen the RP2040 used for ROM emulation; here’s a pile of wires that does the same job. It just isn’t as pretty. Of course, if you really must use EPROMs, then you could give this sweet programmer a look over.

Continue reading “PicoROM, A DIP-32 8-Bit ROM Emulator”

Man holding brass bar stock with several polygons turned on end

Polygons On A Lathe

Most professionals would put a polygon on the end of a turned part using a milling machine. But many a hobbyist doesn’t have a mill. And if the polygon needs to be accurately centered, remounting the stock costs accuracy.

[Mehamozg] demonstrates you can turn a polygon on a lathe.

Polygons on shaft ends are surprisingly common, whether you are replacing a lost chuck key, need an angular index, or need a dismountable drive. As the video shows, you can definitely make them on the lathe.

But how the heck does this work? It seems like magic.

Lets start by imagining we disengage and lock the rotating cutter in [Mehamozg]’s setup and run the lathe. If the tool is pointed directly at the center we are just turning normally.  If we angle the tool either side of center we still get a cylinder, but the radius increases by the sin of the angle.

Now, if we take a piece of stock with a flat on it and plot radius versus angle we get a flat line with a sin curve dip in it. So if we use [Mehamozg]s setup and run the cutter and chuck at the same speed, the cutter angle and the stock angle increase at the same time, and we end up with a flat on the part.  If the cutter is rotating an even multiple of the chuck speed, we get a polygon.

The rub in all this is the cutter angle.. At first we were convinced it was varying enormously. But the surface at the contact point is not perpendicular to  the radius from center to contact. So it cancels out, we think.  But our brains are a bit fried by this one. Opinions in the comments welcomed.

We like this hack. It’s for a commonly needed operation, and versatile enough  to be worth fiddling with the inevitable pain of doing it the first time.  For a much more specialized machining hack, check out  this tool that works much the same in the other axis.

Use PicoGlitcher For Voltage Glitching Attacks

We see a fair few glitcher projects, especially the simpler voltage glitchers. Still, quite often due to their relative simplicity, they’re little more than a microcontroller board and a few components hanging off some wires. PicoGlitcher by Hackaday.IO user [Matthias Kesenheimer] is a simple voltage glitcher which aims to make the hardware setup a little more robust without getting caught up in the complexities of other techniques. Based on the Raspberry Pico (obviously!), the board has sufficient niceties to simplify glitching attacks in various situations, providing controllable host power if required.

A pair of 74LVC8T245 (according to the provided BoM) level shifters allow connecting to targets at voltages from 1.8 V to 5 V if powered by PicoGlitcher or anything in spec for the ‘245 if target power is being used. In addition to the expected RESET and TRIGGER signals, spare GPIOs are brought out to a header for whatever purpose is needed to control a particular attack. If a programmed reset doesn’t get the job done, the target power is provided via a TPS2041 load switch to enable cold starts. The final part of the interface is an analog input provided by an SMA connector.

The glitching signal is also brought out to an SMA connector via a pair of transistors; an IRLML2502 NMOS performs ‘low power’ glitching by momentarily connecting the glitch output to ground. This ‘crowbarring’ causes a rapid dip in supply voltage and upsets the target, hopefully in a helpful way. An IRF7807 ‘NMOS device provides a higher power option, which can handle pulse loads of up to 66A. Which transistor you select in the Findus glitching toolchain depends on the type of load connected, particularly the amount of decoupling capacitance that needs to be discharged. For boards with heavier decoupling, use the beefy IRF7807 and accept the glitch won’t be as sharp as you’d like. For other hardware, the faster, smaller device is sufficient.

The software to drive PicoGlitcher and the hardware design files for KiCAD are provided on the project GitHub page. There also appears to be an Eagle project in there. You can’t have too much hardware documentation! For the software, check out the documentation for a quick overview of how it all works and some nice examples against some targets known to be susceptible to this type of attack.

For a cheap way to glitch an STM8, you can just use a pile of wires. But for something a bit more complicated, such as a Starlink user terminal, you need something a bit more robust. Finally, voltage glitching doesn’t always work, so the next tool you can reach for is a picoEMP.

Continue reading “Use PicoGlitcher For Voltage Glitching Attacks”

Portable Solder Paste Station Prevents Smears With Suction

Applying solder paste to a new custom PCB is always a little nerve-racking. One slip of the hand, and you have a smeared mess to clean up. To make this task a little easier, [Max Scheffler] built the Stencil Fix Portable, a compact self-contained vacuum table to hold your stencil firmly in place and pop it off cleanly every time.

The Stencil Fix V1 used a shop vac for suction, just like another stencil holder we’ve seen. The vacuum can take up precious space, makes the jig a little tricky to move, and bumping the hose can lead to the dreaded smear and colorful language. To get around this [Max] added a brushless drone motor with a 3D printed impeller, with a LiPo battery for power. The speed controller gets its PWM signal from a little RP2040 dev board connected to a potentiometer. [Max] could have used a servo tester, but he found the motor could be a little too responsive and would move the entire unit due to inertia from the impeller. The RP2040 allowed him to add a low pass filter to eliminate the issue. The adjustable speed also means the suction force can be reduced a little for easy alignment of the stencil before locking it down completely.

We love seeing tool projects like these that make future projects a little easier. Fortunately, [Max] made the designs available so you can build your own.

Continue reading “Portable Solder Paste Station Prevents Smears With Suction”

RF Detector Chip Helps Find Hidden Cameras And Bugs

It’s a staple of spy thriller movies, that the protagonist has some kind of electronic scanner with which he theatrically searches his hotel room to reveal the bad guys’ attempt to bug him. The bug of course always had a flashing LED to make it really obvious to viewers, and the scanner was made by the props department to look all cool and futuristic.

It’s not so far-fetched though, while bugs and hidden cameras in for example an Airbnb may not have flashing LEDs, they still emit RF and can be detected with a signal strength meter. That’s the premise behind [RamboRogers]’ RF hunter, the spy movie electronic scanner made real.

At the rear of the device is an ESP32, but the front end is an AD8317 RF detector chip. This is an interesting and useful component, in that it contains a logarithmic amplifier such that it produces a voltage proportional to the RF input in decibels. You’ll find it at the heart of an RF power meter, but it’s also perfect for a precision field strength meter like this one. That movie spy would have a much higher chance of finding the bug with one of these.

For the real spies of course, the instruments are much more sophisticated.

A 3D Printed, Open Source Lathe?

[Chris Borge] has spent the last few years creating some interesting 3D printed tools and recently has updated their 3D printable lathe design to make a few improvements. The idea was to 3D print the outer casing of the lathe in two parts, adding structural parts where needed to bolt on motors and tool holders, and then fill the whole thing with concrete for strength and rigidity.

Only a few parts to print

The printed base is initially held together with two lengths of studding, and a pile of bolts are passed through from below, mating with t-nuts on the top. 2020 extrusion is used for the motor mount. The headstock is held on with four thread rods inserted into coupling nuts in the base. The headstock unit is assembled separately, but similarly; 3D printed outer shell and long lengths of studding and bolts to hold it together. Decent-sized tapered roller bearings make an appearance, as some areas of a machine tool really cannot be skrimped. [Chris] explains that the headstock is separate because this part is most likely to fail, so it is removable, allowing it to be replaced.

Continue reading “A 3D Printed, Open Source Lathe?”

Forget Flipper, How About Capybara?

One of the hacker toys to own over the last year has been the Flipper Zero, a universal wireless hacking tool which even caused a misplaced moral panic about car theft in Canada. A Flipper is cool as heck of course but not the cheapest of devices. Fortunately there’s now an alternative in the form of the CapibaraZero. It’s a poor-hacker’s Flipper Zero which you can assemble yourself from a heap of inexpensive modules.

At the center is an ESP32-S3 board, which brings with it that chip’s wireless and Bluetooth capabilities. To that is added an ST7789 TFT display, a PN532 NFC reader, an SX1276 LoRa and multi-mode RF module, and an IR module. The firmware can be found through GitHub. Since the repo is nearly two years old and still in active development, we’re hopeful CapibaraZero will gain features and stability.

If you’re interested in our coverage of the Canadian Flipper panic you can read it here, and meanwhile if you’re using one of those NFC modules, consider tuning it.