Building Badges The Hard Way

May 1, 2018 by Anool Mahidharia 5 Comments

What’s a hacker to do to profess his love for his dearest beloved? [Nitesh Kadyan] built his lady-love this awesome LED pendant – the LED BLE Hearty Necklace Badge.

The hardware is pretty vanilla by today’s hacker standards. An ATMega328p does most of the heavy lifting. An HM-11 BLE module provides connection to an Android mobile app. Two 74HC595 shift registers drive 16 columns of red LEDs and a ULN2803 sinks current from the 8 rows. The power section consists of a charger for the 320mAh LiPo and an LDO for the BLE module. All the parts are SMD with the passives mostly being 0603, including the 128 LEDs.

[Nitesh] didn’t get a stencil made for his first batch of boards, so all the parts were painstakingly soldered manually and not in a reflow oven. And on his first board, he ended up soldering all of the LED’s the wrong way around. Kudos to him for his doggedness and patience.

The Arduino code on the ATmega is also quite straightforward. All characters are stored as eight bytes each in program memory and occupy 8×8 pixels on the matrix. The bytes to be displayed are stored in a buffer and the columns are left shifted fast enough for the marquee text effect. The Android app is built by modifying a demo BLE app provided by Google. The firmware, Android app, and the KiCAD design files are all hosted on his Github repository.

[Nitesh] is now building a larger batch of these badges to bring them to hillhacks – the annual hacker-con for making and hacking in the Himalayas. Scheduled for later this month, you’ll have to sign up on the mailing list for details and if you’d like to snag one of these badges. To make it more interesting, [Nitesh] has added two games to the code – Tetris and Snakes. Hopefully, this will spur others to create more games for the badge, such as Pong.

Continue reading “Building Badges The Hard Way” →

Unlock & Talk: Open Source Bootloader & Modem

April 19, 2018 by Drew Risinger 13 Comments

During the early years of cell phones, lifespan was mainly limited by hardware (buttons wearing out, dropping phones, or water damage), software is a primary reason that phones are replaced today. Upgrades are often prompted by dissatisfaction with a slow phone, or manufacturers simply stopping updates to phone software after a few years at best. [Oliver Smith] and the postmarketOS project are working to fix the update problem, and have begun making progress on loading custom software onto cellphone processors and controlling their cellular modems. Continue reading “Unlock & Talk: Open Source Bootloader & Modem” →

Fix Your Insecure Amazon Fire TV Stick

April 18, 2018 by Tom Nardi 48 Comments

I recently spent a largely sleepless night at a hotel, and out of equal parts curiosity and boredom, decided to kill some time scanning the guest network to see what my fellow travelers might be up to. As you’d probably expect, I saw a veritable sea of Samsung and Apple devices. But buried among the seemingly endless number of smartphones charging next to their sleeping owners, I found something rather interesting. I was as picking up a number of Amazon-made devices, all of which had port 5555 open.

As a habitual Android tinkerer, this struck me as very odd. Port 5555 is used for Android Debug Bridge (ADB), a development tool used to control and perform various administrative tasks on an Android device over the network or (more commonly) locally over USB. The number of users who would have legitimately needed to enable network ADB on their devices is surely rather low, so to see a half dozen of them on the network at the same time seemed improbable to say the least.

Why would so many devices manufactured by Amazon all have network ADB enabled? I realized there must be a connection, and it didn’t take long to figure it out.

Continue reading “Fix Your Insecure Amazon Fire TV Stick” →

Android Sources For The Asus Tinker Board

March 10, 2018 by Jenny List 18 Comments

The Asus Tinker Board is one of the quiet achievers of the powerful single board computer market. A Raspberry Pi form factor with a significantly more powerful processor, more memory, faster networking, and Asus build quality. In hardware terms it leaves many of the other Pi competitors in the dust. If the Tinker Board has a problem though it is the same one that affects so many otherwise promising offerings, that its software support isn’t as strong as the fruity computer from Cambridge. When you buy a Pi it’s Raspbian that makes it a wise purchase, along with the huge community support that surrounds it.

An interesting development on that front comes courtesy of [Justin], who tells us that the sources have been released for the Tinkerboard flavour of Android. The community have put in the work on the board’s Linux distro, but the Android side hasn’t had the same opportunity. This step makes the Tinker Board a significantly more interesting choice for custom Android development, as unlike some of its competitors for which only precompiled builds are available it puts a bespoke Android build in the hands of its developers.

We like the Tinker Board here at Hackaday. We first reviewed it when the boards became available, but later found that they had reached the market in error before Asus had a stable operating system. We therefore returned with another review six months later, and found it to be a credible Raspberry Pi alternative saved by its band of enthusiasts who have filled in for any of its software shortcomings.

Making Software Defined Radio Portable

February 5, 2018 by Bryan Cockfield 20 Comments

While most smartphones can receive at least some radio, transmitting radio signals is an entirely different matter. But, if you have an Android phone and a few antennas (and a ham radio license) it turns out that it is possible to get a respectable software-defined radio on your handset.

[Adrian] set this up to be fully portable as well, so he is running both the transceiver and the Android phone from a rechargeable battery bank. The transceiver is also an interesting miniaturized version of the LimeSDR, the Lime SDR Mini, a crowdfunded Open Source radio platform intended for applications where space is at a premium. It operates on the 10 MHz to 3.5 GHz bands, has two channels, and has a decent price tag too at under $100.

For someone looking for an SDR project or who needs something very portable and self-contained, this could be a great option. The code, firmware, and board layout files are all also open source, which is always a great feature. If you’re new to SDR though, there’s a classic project that will get you off the ground for even less effort.

Continue reading “Making Software Defined Radio Portable” →

PostMarketOS Saves Old Smartphones

January 9, 2018 by Tom Nardi 67 Comments

Modern smartphones, even the budget models, are extremely impressive pieces of technology. Powerful ARM processors, plenty of RAM, and an incredible number of sensors and radios are packed into a device that in some cases are literally given away for free when you sign up for a service plan. Unfortunately manufacturers are not obligated to keep up with software updates, and while the hardware may be willing to keep on fighting, the user is often pushed to upgrade due to perennially outdated software. Even if you aren’t the kind of person to be put off by using a phone that doesn’t have the latest and greatest OS, the lack of software security updates pose a clear threat in a world where mobile devices are increasingly targeted by attackers.

But what if the operating system on your phone worked more like the on one your computer? That’s the dream of postmarketOS, a Linux distribution created by [Oliver Smith] that is designed to be installed on outdated (mostly Android) smartphones and tablets. He’s recently made a comprehensive blog post about the state of the project a little over 6 months since it started, and we have to say things are looking very impressive so far.

One of the key goals of postmarketOS is to avoid the fragmented nature of previous attempts at replacing Android with a community-developed operated system. By avoiding binary blobs and focusing on getting the mainline Linux kernel running on as much as the hardware as possible, there’s no need to make different forks and releases for each supported device. By unifying the OS as much as far as it can be, an upstream update can be pushed to all devices running postmarketOS regardless of their make and model, just like with traditional Linux distributions.

The blog post shows two things very clearly: that the community is extremely excited and dedicated to the prospect of running what is essentially desktop Linux on old smartphones and tablets, and that postmarketOS still has a long way to go. In these early days, many devices aren’t what could be considered “daily drivers” by most standards. In fact, the blog post mentions that they’ve decided to abandon the term “supported” when talking about devices, and make no claims beyond the fact that they will boot.

Still, incredible progress is being made on everything from mainline kernel development to getting standard Linux desktops such as Gnome, MATE and XFCE4 running. Work has also been done on the backend process of compiling and packaging up components of the operating system itself, promising to speed up development times even for those who don’t have a beefy machine they can dedicate to compiling. The blog post ends with a helpful list of things the reader can do to help support postmarketOS, ranging from making your own t-shirts to porting to new hardware.

At Hackaday we’ve seen our fair share of hackers and makers re-purposing old smartphones and tablets, keeping them out of the landfills they would almost certainly end up in otherwise. A project that aims to make it even easier to hack these cheap and incredibly useful devices is music to our ears.

The Bedside Light App That Phones Home

December 26, 2017 by Jenny List 31 Comments

Desiring a bedside lamp with a remote control, [Peadar]’s wife bought a Xiaomi Yeelight, an LED model with an accompanying Android app. And since he’s a security researcher by trade, he subjected the app to a close examination and found it to be demanding permissions phoning home to a far greater extent than you’d expect from a bedside light.

His write-up is worth a read for its fascinating run-through of the process for investigating any Android app, as it reveals the level to which the software crosses the line from simple light-controller into creepy data-slurper. The abilities to create accounts on your device, download without notification, take your WiFi details and location, and record audio are not what you’d expect to be necessary in this application. He also looks into the Xiaomi web services the app uses to phone home, revealing some interesting quirks along the way.

This story has received some interest across the Internet, quite rightly so since it represents a worrying over-reach of corporate electronic intrusion. It is interesting though to see commentary whose main concern is that the servers doing the data-slurping are in China, as though somehow in this context the location is the issue rather than the practice itself. We’ve written before about how some mildly sinister IoT technologies seem to bridge the suspicion gap while others don’t, it would be healthy to see all such services subjected to the same appraisal.

As a postscript, [Peadar] couldn’t get the app to find his wife’s Yeelight, let alone control it. That the spy part of the app works while the on-the-surface part doesn’t speaks volumes about the development priorities of its originator.

Image: Xiaomi Yeelight website.