Wireless All The Things!

Neither Tom Nardi nor I are exactly young anymore, and we can both remember a time when joysticks were actually connected with wires to the computer or console, for instance. Back then, even though wireless options were on the market, you’d still want the wired version if it was a reaction-speed game, because wireless links just used to be too slow.

Somehow, in the intervening years, and although we never even really noticed the transition as such, everything has become wireless. And that includes our own hacker projects. Sure, the ESP8266 and other WiFi-capable chips made a big difference, but I still have a soft spot in my heart for the nRF24 chipset, which made at least point-to-point wireless affordable and easy. Others will feel the same about ZigBee, but the point stands: nothing has wires anymore, except to charge back up.

The reason? As this experiment comparing the latency of many different wireless connections bears out, wireless data links have just gotten that good, to the point that the latency in the radio is on par with what you’d get over USB. And the relevant software ecosystems have made it easier to go wireless as well. Except for the extra power requirement, and for cases where you need to move a lot of data, there’s almost no reason that any of your devices need wires anymore.

Are you with us? Will you throw down your chains and go wireless?

Benchmarking Latency Across Common Wireless Links For MCUs

Although factors like bandwidth, power usage, and the number of (kilo)meters reach are important considerations with wireless communication for microcontrollers, latency should be another important factor to pay attention to. This is especially true for projects like controllers where round-trip latency and instant response to an input are essential, but where do you find the latency number in datasheets? This is where [Michael Orenstein] and [Scott] over at Electric UI found a lack of data, especially when taking software stacks into account. In other words, it was time to do some serious benchmarking.

The question to be answered here was specifically how fast a one-way wireless user interaction can be across three levels of payload sizes (12, 128, and 1024 bytes). The effective latency is measured from when the input is provided on the transmitter, and the receiver has processed it and triggered the relevant output pin. The internal latency was also measured by having a range of framework implementations respond to an external interrupt and drive a GPIO pin high. Even this test on an STM32F429 MCU already showed that, for example, the STM32 low-level (LL) framework is much faster than the stm32duino one.

Continue reading “Benchmarking Latency Across Common Wireless Links For MCUs”

Garden Light Turned Mesh Network Node

We love a good deal, especially when it comes to scavenging parts for projects. Cheap outdoor solar lights are more than just garden accessories; they’re a handy source of waterproof enclosures, solar panels and batteries. This is demonstrated by [Tavis], who turned one such light into a Meshtastic LoRa communication node.

Solar Light With Meshtastic node inside
Where there’s an antenna, there’s a radio

A nice feature on this specific $15 Harbor Breeze Solar LED is the roomy solar panel enclosure with integrated 18650 battery holder, allowing for easy battery swaps. [Tavis] was able to easily fit the RAKwireless modular dev board, and wire it into the light’s charging circuit. The cheap  circuit is likely not the most efficient, but will probably get the job done. It’s always possible to just swap it out with a better charging board. [Tavis] also added an external antenna by using a panel-mount SMA pigtail connector.

The Meshtastic project is all about enabling text-only communications through LoRa-based mesh networks, built using off-the-shelf devices and development boards that won’t break the bank. The project has seen some incredible growth, with people all over the world setting up their own networks.

It’s not the first time we’ve seen garden lights get used in project. We’ve seen MQTT added to a PIR solar light with some clever power saving circuitry, and as a power source for Attiny85-based projects.

Reverse-Engineering The ESP32’s WiFi Binary Blob With A Faraday Cage

The Faraday cage constructed by Jasper Devreker.
The Faraday cage constructed by Jasper Devreker.

As part of a team reverse-engineering the binary blob driver for the ESP32’s WiFi feature at Ghent University, [Jasper Devreker] saw himself faced with the need to better isolate the network packets coming from the ESP32-under-test. This is a tough call in today’s WiFi and 2.4 GHz flooded airwaves. To eliminate all this noise, [Jasper] had to build a Faraday cage, but ideally without racking up a massive invoice and/or relying on second-hand parts scavenged from eBay.

We previously reported on this reverse-engineering project, which has since seen an update. Although progress has been made, filtering out just the packets they were interested in was a big challenge. The solution was a Faraday cage, but on a tight budget.

Rather than relying on exotic power filters, [Jasper] put a battery inside a Faraday cage he constructed out of wood and conductive fabric. To get Ethernet data in and out, a fiber link was used inside a copper tube. Initial testing was done using a Raspberry Pi running usbip and a WiFi dongle.  The Faraday cage provided enough attenuation that the dongle couldn’t pick up any external WiFi signals in listening mode.

The total cost of this build came down to a hair over €291, which makes it feasible for a lot of RF experiments by hobbyists and others. We wish [Jasper] and the rest of the team a lot of luck in figuring out the remaining secrets of Espressif’s binary WiFi blob using this new tool.

Faking Bluetooth LE With An NRF24L01+ Module

Despite the name, Bluetooth Low Energy (BLE) has very little to do with the original Bluetooth, other than its use of the same 2.4 GHz frequencies. This is where [Dmitry] got the idea to use a 2.4 GHz nRF24L01+ module to implement his very own BLE device, without the typical BLE chipset. This should be easy, since this popular IC supports GFSK modulation, 1 MHz channels and the 1 MBit data rate of BLE.

Despite of how simple BLE seems to implement, [Dmitry] quickly came across a range of issues due to limitations of the nRF24L01+. These include no support for a 24-bit CRC, a too sluggish PLL cycling for BLE’s frequency hopping, and as the coup de grâce, a lack for incoming data packets larger than 32 bytes — which destroyed any hope of accepting incoming connections.

Unperturbed, [Dmitry] set to work implementing what would work on this IC: broadcasting BLE packets. In the article he covers the entire code (in C) that allows the nRF24L01+ to send broadcast packets and any BLE-supporting device that’s listening to receive them. Admittedly not as useful as having a fully functional BLE stack, but good enough for broadcasting something like sensor data. It also raises the question of which alternative released in the intervening decade to the venerable nRF24L01+ might fill in the missing features, without making a dedicated BLE IC (or ESP32 variant) look more cost-effective.

It’s always a good day when a new project from [Dmitry] hits the tip line. We’ve previously covered his impressive efforts to add more RAM to the RP2040, and his business card that can boot Linux on an ATSAMD21.

802.11ah Wi-Fi HaLOW: The 1 Kilometer WiFi Standard

You too can add long-distance WiFi to your laptop with this new not-quite dongle solution. (Credit: Ben Jeffery)
You, too, can add long-distance WiFi to your laptop with this new not-quite dongle solution. (Credit: Ben Jeffery)

The 802.11ah WiFi (HaLow) standard is fairly new, having only been introduced in 2017. It’s supposed to fall somewhere between standard WiFi used in domiciles and offices and the longer range but low-bitrate LoRaWAN, ZigBee, and others, with bandwidth measured in megabits per second. In a recent video, [Ben Jeffery] looks at the 802.11ah chipsets available today and some products integrating these.

The primary vendors selling these chipsets are TaiXin Semiconductor (TXW8301), Morse Micro (MM6108), and Newracom (NRC7394), with a range of manufacturers selling modules integrating these. Among the products using these, [Ben] found an Ethernet range extender kit (pictured) that takes 12V input as power, along with Ethernet. Running some distance tests in a quarry showed that 300 meters was no problem getting a strong signal, though adding some trees between the two transceivers did attenuate the signal somewhat.

Another interesting product [Ben] tested is what is essentially an 802.11ah-based WiFi extender, using an 802.11ah link between the server node – with an Ethernet socket – and a client that features a standard 2.4 GHz 802.11n that most WiFi-enabled devices can connect to. Using this, he was able to provide a solid ~10 Mbps link to a cabin near the main house (~10 meters) through two outside walls. What makes 802.11ah so interesting is that it is directly compatible with standard Ethernet and WiFi protocols and uses the 900 MHz spectrum, for which a wide range of alternative antennae exist that can conceivably extend the range even more.

(Thanks to [Keith Olson] for the tip)

Continue reading “802.11ah Wi-Fi HaLOW: The 1 Kilometer WiFi Standard”

Diagram from the blog post, showing how GATT communication capture works

Hacking BLE To Liberate Your Exercise Equipment

It’s a story we’ve heard many times before: if you want to get your data from the Domyos EL500 elliptical trainer, you need to use a proprietary smartphone application that talks to the device over Bluetooth Low-Energy (BLE). To add insult to injury, the only way to the software will export your workout information is by producing a JPG image of a graph. This just won’t do, so [Juan Carlos Jiménez] gives us yet another extensive write-up, which provides an excellent introduction to practical BLE hacking.

He walks us through BLE GATT (Generic Attribute Profile), the most common way such devices work, different stages of the connection process, and the tools you can use for sniffing an active connection. Then [Juan] shows us a few captured messages, how to figure out packet types, and moves into the tastiest part — using an ESP32 to man-in-the-middle (MITM) the connection.

Continue reading “Hacking BLE To Liberate Your Exercise Equipment”