Hackaday Podcast Ep6 – Reversing iPod Screens, Hot Isotopes, We <3 Parts, and Biometric Toiletseats

What’s the buzz in the hackersphere this week? Hackaday Editors Elliot Williams and Mike Szczys recap their favorite hacks and articles from the past seven days. In Episode Six we cover an incredible reverse engineering effort Mike Harrison put in with iPod nano replacement screens. We dip our toes in the radioactive world of deep-space power sources, spend some time adoring parts and partsmakers, and take a very high-brow look at toilet-seat technology. In our quickfire hacks we discuss coherent sound (think of it as akin to laminar flow, but for audio), minimal IDEs for embedded, hand-tools for metalwork, and the little ESP32 bot that could.

Links for all discussed on the show are found below. As always, join in the comments below as we’ll be watching those as we work on next week’s episode!

Direct download (63.5 MB)

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast Ep6 – Reversing iPod Screens, Hot Isotopes, We <3 Parts, and Biometric Toiletseats”

Little FPV Bot Keeps It Simple With An ESP32

When it comes to robots, it seems the trend is to make them as complicated as possible – look at anything from Boston Dynamics if you’ve any doubt of that. But there’s plenty to be said for simple robots too, such as this adorable ESP32-driven live-streaming bot.

Now it’s true that [Max.K]’s creation is more remote controlled car than robot, and comparing it to one of the nightmare-fuelling creations of Boston Dynamics is perhaps unfair. But [Max.K]’s new project is itself a simplification and reimagining of his earlier, larger “ZeroBot“. As the name implies, ZeroBot was controlled by a Raspberry Pi Zero, an obvious choice for a mobile platform designed to stream FPV video. The ESP32 bot eschews the Pi platform in favor of, well, an ESP32. To save as much space as possible, [Max.K] did a custom PCB for the microcontroller and its supporting components. The 3D-printed case is nicely designed to hold the board along with two motors, a small VGA camera, and a battery pack. At 160×120 resolution, the video isn’t amazing, but the fact that it can be streamed from the ESP32 at a decent enough framerate to drive the bot using a simple web interface is impressive.

This was a fun project and a very clean, smooth build. We like the lines of this little bot, and wouldn’t mind building one as a quick weekend project ourselves.

Continue reading “Little FPV Bot Keeps It Simple With An ESP32”

Cheap Power Over Ethernet For The ESP32

While most projects we see with the ESP32 make use of its considerable wireless capabilities, the chip can be connected to the wired network easily enough should you have the desire to do so. [Steve] liked the idea of putting his ESP32s on the wired network, but found the need for a secondary power connection burdensome. So he took it upon himself to modify some cheap Power Over Ethernet (PoE) hardware and create a single-cable solution (Google Translate).

[Steve] bought a PoE module intended for security cameras and ran a close eye over the board to figure out what kind of hardware it was using to generate the nominal 12 V output. He identified an MP2494 step-down converter, and with the datasheet in hand found how the output voltage is configured by changing the values of resistors in the circuit. Swapping out the stock 21.5 kΩ resistor for a 57.1 kΩ one changed the output of the converter to the 5 V necessary for his electronics.

But of course that was only half of the problem solved; he still had to connect the Ethernet side of the PoE device to the Waveshare LAN8720 board that’s providing Ethernet for the ESP32. So he removed the RJ45 jack from the LAN8720 completely, and wired that directly to the connector on the PoE board. Helpfully, the PoE board had all the pins labeled on the bottom side so this wasn’t nearly as tricky to figure out as you might expect (if only it was always that easy).

We’ve previously covered the Waveshare LAN8720 board for anyone who’s interested in the ins and outs of getting their ESP32 talking Ethernet. If you’re wondering how you can put PoE to work for you, our very own [Jonathan Bennett] has been showing off his home Raspberry Pi infrastructure which makes extensive use of the new PoE hat.

Back to Video Basics with an ESP32 VGA Display

In a world where standards come and go with alarming speed, there’s something comforting about VGA. It’s the least common denominator of video standards, and seeing that chunky DB15 connector on the back of a computer means that no matter what, you’ll be able to get something from it, if you can just find a VGA cable in your junk bin.

But that’s the PC world; what about microcontrollers? Can you coax VGA video from them? Yes, you can, with an ESP32, a handful of resistors, and a little bit of clever programming. At least that’s what [bitluni] has managed to do in his continuing quest to push the ESP32 to output all the signals. For this project, [bitluni] needed to generate three separate signals – red, green, and blue – but with only two DACs on board, he had to try something else. He built external DACs the old way using R/2R voltage divider networks and addressed them with the I2S bus in LCD mode. He needed to make some compromises to fit the three color signals and the horizontal and vertical sync pulses into the 24 available bits, and there were a few false starts, but the video below shows that he was able to produce a 320×240 signal, and eventually goosed that up to a non-native 460×480.

It’s a pretty impressive hack, and we learned a lot about both the ESP32 and the VGA standard by watching the video. He’s previously used the ESP32 to build an AM radio station and to output composite PAL video, and even turned his oscilloscope into a vector display with it. They’re all great learning projects too.

Continue reading “Back to Video Basics with an ESP32 VGA Display”

Cheap ESP32 Webcam

Looking for a cheap way to keep an eye on something? [Kevin Hester] pointed us to a way to make a WiFi webcam for under $10. This uses one of the many cheap ESP32 dev boards available, along with the Internet of Things platform PlatformIO and a bit of code that creates an RTSP server. This can be accessed by any software that supports this streaming protocol, and a bit of smart routing could put it on the interwebs. [Kevin] claims that the ESP32 camera dev boards he uses can be found for less than $10, but we found that most of them cost about $15. Either way, that’s cheaper than most commercial streaming cameras.

Continue reading “Cheap ESP32 Webcam”

Don’t Toss That Bulb, It Knows Your Password

Whether it was here on Hackaday or elsewhere on the Internet, you’ve surely heard more than a few cautionary tales about the “Internet of Things” by now. As it turns out, giving every gadget you own access to your personal information and Internet connection can lead to unintended consequences. Who knew, right? But if you need yet another example of why trusting your home appliances with your secrets is potentially a bad idea, [Limited Results] is here to make sure you spend the next few hours doubting your recent tech purchases.

In a series of posts on the [Limited Results] blog, low-cost “smart” bulbs are cracked open and investigated to see what kind of knowledge they’ve managed to collect about their owners. Not only was it discovered that bulbs manufactured by Xiaomi, LIFX, and Tuya stored the WiFi SSID and encryption key in plain-text, but that recovering said information from the bulbs was actually quite simple. So next time one of those cheapo smart bulb starts flickering, you might want to take a hammer to it before tossing it in the trash can; you never know where it, and the knowledge it has of your network, might end up.

Regardless of the manufacturer of the bulb, the process to get one of these devices on your network is more or less the same. An application on your smartphone connects to the bulb and provides it with the network SSID and encryption key. The bulb then disconnects from the phone and reconnects to your home network with the new information. It’s a process that at this point we’re all probably familiar with, and there’s nothing inherently wrong with it.

The trouble comes when the bulb needs to store the connection information it was provided. Rather than obfuscating it in some way, the SSID and encryption key are simply stored in plain-text on the bulb’s WiFi module. Recovering that information is just a process of finding the correct traces on the bulb’s PCB (often there are test points which make this very easy), and dumping the chip’s contents to the computer for analysis.

It’s not uncommon for smart bulbs like these to use the ESP8266 or ESP32, and [Limited Results] found that to be the case here. With the wealth of information and software available for these very popular WiFi modules, dumping the firmware binary was no problem. Once the binary was in hand, a little snooping around with a hex editor was all it took to identify the network login information. The firmware dumps also contained information such as the unique hardware IDs used by the “cloud” platforms the bulbs connect to, and in at least one case, the root certificate and RSA private key were found.

On the plus side, being able to buy cheap smart devices that are running easily hackable modules like the ESP makes it easier for us to create custom firmware for them. Hopefully the community can come up with slightly less suspect software, but really just keeping the things from connecting to anything outside the local network would be a step in the right direction.

(Some days later…)

[Limited Results] had hinted to us that he had previously disclosed some vulnerabilities to the bulb’s maker, but that until they fixed them, he didn’t want to make them public. They’re fixed now, and it appears that the bulbs were sending everything over the network unencrypted — your data, OTA firmware upgrades, everything.  They’re using TLS now, so good job [Limited Results]! If you’re running an old version of their lightbulbs, you might have a look.

On WiFi credentials, we were told: “In the case where sensitive information in the flash memory wasn’t encrypted, the new version will include encrypted storage processing, and the customer will be able to select this version of the security chips, which can effectively avoid future security problems.” Argue about what that actually means in the comments.

Compiling NodeMCU for the ESP32 With Support for Public-Private Key Encryption

When I began programming microcontrollers in 2003, I had picked up the Atmel STK-500 and learned assembler for their ATtiny and ATmega lines. At the time I thought it was great – the emulator and development boards were good, and I could add a microcontroller permanently to a project for a dollar. Then the ESP8266 came out.

I was pretty blown away by its features, switched platforms, except for timing-sensitive applications, and it’s been my chip of choice for a few years. A short while ago, a friend gave me an ESP32, the much faster, dual core version of the ESP8266. As I rarely used much of the computing power on the ESP8266, none of the features looked like game changers, and it remained a ‘desk ornament’ for a while.

About seven weeks ago, support for the libSodium Elliptic Curve Cryptography library was added. Cryptography is not the strongest feature of IoT devices, and some of the methods I’ve used on the ESP8266 were less than ideal. Being able to more easily perform public-private key encryption would be enough for me to consider switching hardware for some projects.

However, my preferred automated build tool for NodeMCU wasn’t available on the ESP32 yet. Compiling the firmware was required – this turned out to be a surprisingly user-friendly experience, so I thought I’d share it with you. If I had known it would be so quick, this chip wouldn’t have sat on my desk unused quite so long!  Continue reading “Compiling NodeMCU for the ESP32 With Support for Public-Private Key Encryption”