Turning The Back Of Your Phone Into A Touchpad

July 21, 2022 by Lewin Day 28 Comments

Smartphones use big touchscreens on the front as a useful tactile interface. However, our hands naturally wrap around the back of the phone, too. This area is underutilized as an interface, but the designers of BackTrack found a way to change that.

Touches on the 2D rear matrix are translated into a pair of touches on the linear line of pads on the front screen. This can then be reconstructed into the touch location on the rear touchpad.

The idea is simple. The project video notes that conductive tape can be placed on a multitouch touchscreen, allowing touches to be read at a remote location. Taking this concept further, BackTrack works by creating a 2D matrix on the back of the phone, and connecting this matrix to a series of pads in a row on the front touchscreen. Then, touches on the back touchpad can be read by the existing touchscreen on the front screen. Continue reading “Turning The Back Of Your Phone Into A Touchpad” →

Apple AirTags Hacked And Cloned With Voltage Glitching

July 14, 2022 by Lewin Day 33 Comments

Apple AirTags are useful little devices. They essentially use iPhones in the wild as a mesh network to tell the owner where the AirTag is. Now, researchers have shown that it’s possible to clone these devices.

The research paper explains the cloning process, which requires physical access to the hardware. To achieve the hack, the Nordic nRF52832 inside the AirTag must be voltage glitched to enable its debug port. The researchers were able to achieve this with relatively simple tools, using a Pi Pico fitted with a few additional components.

With the debug interface enabled, it’s simple to extract the microcontroller’s firmware. It’s then possible to clone this firmware onto another tag. The team also experimented with other hacks, like having the AirTag regularly rotate its ID to avoid triggering anti-stalking warnings built into Apple’s tracing system.

As the researchers explain, it’s clear that AirTags can’t really be secure as long as they’re based on a microcontroller that is vulnerable to such attacks. It’s not the first AirTag cloning we’ve seen either. They’re an interesting device with some serious privacy and safety implications, so it pays to stay abreast of developments in this area.

[Thanks to Itay for the tip!]

iPhone 6 with Linux boot log on its screen

Boot Mainline Linux On Apple A7, A8 And A8X Devices

June 12, 2022 by Arya Voronova 10 Comments

[Konrad Dybcio] tells about his journey booting Linux on A7/8/8X processors, playing around with an old iPhone 5 he’s got in a drawer. It’s been a two-year “revisit every now and then” journey, motivationally fueled by the things like Linux on M1 Macs announcement. In the end, what we have here is a way to boot mainline Linux on a few less-than-modern but still very usable iPhones, and a fun story about getting there.

[Konrad]’s work is based on the Sandcastle project research, but he couldn’t quite figure out how to make their code work, and had to make sense of it as he went. At some point, he got stuck on enabling the MMU, which was the main roadblock for a while. Joined by another developer intrigued by Apple hardware, they were hacking away at it, developing tools and neat tricks on their way, but to no avail. With the framebuffer accessible and no other decent debugging methods in sight, he tells about a code snippet they wrote that printed register values as valid barcodes Continue reading “Boot Mainline Linux On Apple A7, A8 And A8X Devices” →

Porting DOOM To A Forgotten Apple OS

June 9, 2022 by Bryan Cockfield 28 Comments

Apple hasn’t always had refined user experiences in their operating systems. In the distant past of the ’90s they were still kind of clunky computers that were far from the polished, high-end consumer machines of the modern era. That wasn’t all that Apple offered back then, though. They had a long-forgotten alternative operating system that was called A/UX designed for government applications, and [Keriad] is here to show us this relic operating system and port DOOM to it.

A/UX was designed in the pre-PowerPC days when Macintosh computers ran on Motorola 68000 chips. Luckily, [Keriad] has a Mac Quadra 800 with just such a chip that is still fully-functional. DOOM was developed with the NeXTSTEP operating system which can run on old Macs thanks to another tool called MacX which allows X11 applications to run on Mac. A version of gcc for A/UX was found as well and with the source code in hand they were eventually able to compile a binary. There were several hiccups along the way (including the lack of sound) but eventually DOOM was running on this forgotten operating system.

The main problem with the build in the end, besides the lack of sound, is that the game only runs at 2 – 3 frames per second. [Keriad] speculates that this is due to all of the compatibility layers needed to compile and run the game at all, but it’s still impressive. As far as we know, [Keriad] is the first person to port DOOM to this OS, although if you’re looking for something more straightforward we would recommend this purpose-built Linux distribution whose sole task is to get you slaying demons as quickly as possible.

A small round NRF51822 board glued to the underside of a mailbox lid, with a small vibration sensor attached

Check Your Mailbox Using The AirTag Infrastructure

May 30, 2022 by Arya Voronova 32 Comments

When a company creates an infrastructure of devices, we sometimes subvert this infrastructure and use it to solve tricky problems. For example, here’s a question that many a hacker has pondered – how do you detect when someone puts mail into your mailbox? Depending on the availability of power and wireless/wired connectivity options, this problem can range from “very easy” to “impractical to solve”. [dakhnod] just made this problem trivial for the vast majority of hackers, with the FakeTag project – piggybacking off the Apple’s AirTag infrastructure.

This project uses a cheap generic CR2032-powered NRF51822 board, sending the mailbox status over the FindMy system Apple has built for the AirTag devices. For the incoming mail detection, he uses a simple vibration sensor, glued to the flap lid – we imagine that, for flap-less mailboxes, an optical sensor or a different kind of mechanical sensor could be used instead. Every time someone with a FindMy-friendly iPhone passes by [dakhnod]’s mailbox, he gets an update on its status, with a counter of times the sensor has been triggered. [dakhnod] estimates that the device could run for up to a year on a single battery.

Continue reading “Check Your Mailbox Using The AirTag Infrastructure” →

The Huge Apple Toolkit For Fixing Your IPhone

May 27, 2022 by Jenny List 71 Comments

It’s been a frequent criticism of Apple, that their products are difficult to repair. They’ve hit back with a self-repair program for iPhones, and should you wish to take advantage of it they will hire you a tool kit. Not the iFixit box you might expect, instead they give you two hefty suitcases that contain 36 Kg of tools and equipment. Yes, you can repair an iPhone, but they ensure that it’s not for the faint-hearted.

In the kit is an impressive array of everything you might need for your iDevice, including the proper heat plate and press for the job. None of that messing about with a hot air gun for your $49 rental cost and $1200 if you don’t return the tools, but it remains an impossibly difficult and expensive process for all but the most dedicated of Apple fanboy technicians.

The sense from the Verge article is that Apple have had their arm twisted to the extent that they must provide a repair option, but they’ve gone to extravagant lengths to make it something nobody in their right mind would pursue. There’s an attraction in the idea of playing with a fully-equipped Apple repair kit for a few days, but maybe it’s not worth the cost.

Even without the Apple toolkit, it’s still possible to upgrade your iPhone.

Thanks [Nikolai Ivanov] for the tip.

90s Apple Computer Finally Runs Unsigned Code

April 28, 2022 by Bryan Cockfield 12 Comments

Back in the 90s, the console wars were in full swing. Nintendo vs Sega was an epic showdown at first, but when Nintendo seemed sure to clench the victory Sony came out of nowhere with the PlayStation. While these were the most popular consoles at the time, there were a few others around that are largely forgotten by history even if they were revolutionary in some ways. An example is the Pippin, a console made by Apple, which until now has been unable to run any software not signed by Apple.

The Pippin was Apple’s only foray into gaming consoles, but it did much more than that and included a primitive social networking system as well as the ability to run Apple’s Macintosh operating system. The idea was to be a full media center of sorts, and the software that it would run would be loaded from the CD-ROM at each boot. [Blitter] has finally cracked this computer, allowing it to run custom software, by creating an authentication file which is placed on the CD to tell the Pippin that it is “approved” by Apple.

The build log goes into incredible detail on the way these machines operated, and if you have a Pippin still sitting around it might be time to grab it out of the box and start customizing it in the way you probably always wanted to. For those interested in other obscure Apple products, take a look at this build which brings modern WiFi to the Apple Newton, their early PDA.

Continue reading “90s Apple Computer Finally Runs Unsigned Code” →