bluetooth

570 Articles

Smartphone App Uses AR To Visualize The RF Spectrum

January 9, 2019 by 21 Comments

Have you ever wished you could see in the RF part of the radio spectrum? While such a skill would probably make it hard to get a good night’s rest, it would at least allow you to instantly see dead spots in your WiFi coverage. Not a bad tradeoff.

Unwilling to go full [Geordi La Forge] to be able to visualize RF, [Ken Kawamoto] built the next best thing – an augmented-reality RF signal strength app for his smartphone. Built to aid in the repositioning of his router in the post-holiday cleanup, the app uses the Android ARCore framework to figure out where in the house the phone is and overlays a color-coded sphere representing sensor data onto the current camera image. The spheres persist in 3D space, leaving a trail of virtual breadcrumbs that map out the sensor data as you warwalk the house. The app also lets you map Bluetooth and LTE coverage, but RF isn’t its only input: if your phone is properly equipped, magnetic fields and barometric pressure can also be AR mapped. We found the Bluetooth demo in the video below particularly interesting; it’s amazing how much the signal is attenuated by a double layer of aluminum foil. [Ken] even came up with an Arduino with a gas sensor that talks to the phone and maps the atmosphere around the kitchen stove.

The app is called AR Sensor and is available on the Play Store, but you’ll need at least Android 8.0 to play. If your phone is behind the times like ours, you might have to settle for mapping your RF world the hard way.

Continue reading “Smartphone App Uses AR To Visualize The RF Spectrum”

Pi Zero Gives Amateur Astronomer Affordable Control Of Telescope

January 3, 2019 by 18 Comments

Like many other hobbies, astronomy can be pursued on many levels, with equipment costs ranging from the affordable to the – well, astronomical. Thankfully, there are lots of entry-level telescopes on the market, some that even come with mounts that automatically find and track heavenly bodies. Finding a feature is as easy as aligning to a few known stars and looking up the object in the database embedded in the remote.

Few of the affordable mounts are WiFi-accessible, though, which is a gap [Dane Gardner]’s Raspberry Pi interface for Celestron telescopes aims to fill. For the price of a $10 Pi Zero W and a little know-how, [Dane] was able to gain full control over his ‘scope. His instrument is a Celestron NexStar, a Schmidt-Cassegrain reflector with a 150-mm aperture, has a motorized altitude-azimuth mount. The handheld remote had enough room for him to add the Zero, powering it from the mount’s battery pack. The handset has an RS-232 serial port built-in, but with the level differences [Dane] just connected the Pi directly to the handset before the UART. Running INDI, a cross-platform astronomical instrument control library, he now has total control of the scope, and he can use open source astronomy software rather than the limited database within the handset. As a neat side trick, the telescope can now be controlled with a Bluetooth gamepad.

Astronomy and electronics go hand in hand, whether in the optical or radio part of the spectrum. We like the way [Dane] was able to gain control of his telescope, and we’d like to hear about what he sees with his new tool. Assuming the Seattle weather ever cooperates.

Continue reading “Pi Zero Gives Amateur Astronomer Affordable Control Of Telescope”

35C3: Finding Bugs In Bluetooth

December 30, 2018 by 24 Comments

[Jiska Classen] and [Dennis Mantz] created a tool called Internal Blue that aims to be a Swiss-army knife for playing around with Bluetooth at a lower level. The ground for their tool is based in three functions that are common to all Broadcom Bluetooth chipsets: one that lets you read arbitrary memory, on that lets you run it, and one that lets you write it. Well, that was easy. The rest of their work was analyzing this code, and learning how to replace the firmware with their own version. That took them a few months of hard reversing work.

In the end, Internal Blue lets them execute commands at one layer deeper — the LMP layer — easily allowing monitoring and injection. In a series of live (and successful!) demos they probe around on a Nexus 6P from a modified Nexus 5 on their desk. This is where they started digging around in the Bluetooth stack of other devices with Broadcom chipsets, and that’s where they started finding bugs.

As is often the case, [Jiska] was just poking around and found an external code handler that didn’t do bounds checking. And that meant that she could run other functions in the firmware simply by passing the address handler offset. Since they’re essentially calling functions at any location in memory, finding which functions to call with which arguments is a process of trial and error, but the ramifications of this include at least a Bluetooth module crash and reset, but can also pull such tricks as putting the Bluetooth module into “Device Under Test” mode, which should only be accessible from the device itself. All of this is before pairing with the device — just walking by is sufficient to invoke functions through the buggy handler.

All the details of this exploit aren’t yet available, because Broadcom hasn’t fixed the firmware for probably millions of devices in the wild. And one of the reasons that they haven’t fixed it is that patching the bug will disclose where the flaw lies in all of the unpatched phones, and not all vendors can be counted on to push out updates at the same time. While they focused on the Nexus 5 cellphone, which is fairly old now, it’s applicable to any device with a similar Broadcom Bluetooth chipset.

Aside from the zero-day bug here, the big story is their Bluetooth analysis framework which will surely help other researchers learn more about Bluetooth, finding more glitches and hopefully helping make Bluetooth more openly scrutinized and more secure. Now anyone with a Raspberry Pi 3/3+ or a Nexus 5, is able to turn it into a low-level Bluetooth investigation tool.

You might know [Jiska] from her previous FitBit hack. If not, be sure to check it out.

Continue reading “35C3: Finding Bugs In Bluetooth”

Bose Wants You To Listen Up For Augmented Reality

December 9, 2018 by 21 Comments

Perhaps it is true that if all you have is a hammer every problem you see looks like a nail. When you think of augmented reality (AR), you usually think of something like the poorly-received Google Glass where your phone or computer overlays imagery in your field of vision. Bose isn’t known for video, though, they are known for audio. So perhaps it isn’t surprising that their upcoming (January 2019) AR sunglasses won’t feature video overlays. Instead, the $200 sunglasses will tell you what you are looking at.

The thing hinges on your device knowing your approximate location and the glasses knowing their orientation due to an inertial measuring system. In other words, the glasses — combined with your smart device — know where you are and what you are looking at. Approximately. So at the museum, if you are looking at a piece of art, the glasses could tell you more information about it. There’s a video showing an early prototype from earlier this year, below.

Continue reading “Bose Wants You To Listen Up For Augmented Reality”

Non-Nefarious Raspberry Pi Only Looks Like A Hack

November 13, 2018 by 50 Comments

We’re going to warn you right up front that this is not a hack. Or at least that’s how it turned out after [LiveOverflow] did some digital forensics on a mysterious device found lurking in a college library. The path he took to come to the conclusion that nothing untoward was going on was interesting and informative, though, as is the ultimate purpose of the unknown artifacts.

As [LiveOverflow] tells us in the video below, he came upon a Reddit thread – of which we can now find no trace – describing a bunch of odd-looking devices stashed behind garbage cans, vending machines, and desks in a college library. [LiveOverflow] recognized the posted pictures as Raspberry Pi Zeroes with USB WiFi dongles attached; curiosity piqued, he reached out to the OP and offered to help solve the mystery.

The video below tells the tale of the forensic fun that ensued, including some questionable practices like sticking the device’s SD card into the finder’s PC. What looked very “hackerish” to the finder turned out to be quite innocuous after [LiveOverflow] went down a remote-diagnosis rabbit hole to discern the purpose of these devices. We won’t spoil the reveal, but suffice it to say they’re part of a pretty clever system with an entirely non-nefarious purpose.

We thought this was a fun infosec romp, and instructive on a couple of levels, not least of which is keeping in mind how “civilians” might see gear like this in the wild. Hardware and software that we deal with every day might look threatening to the general public. Maybe the university should spring for some labels describing the gear next time.

Continue reading “Non-Nefarious Raspberry Pi Only Looks Like A Hack”

Lightsaber Uses Pogo Pins To Make Assembly A Breeze

November 7, 2018 by 9 Comments

There was an endless supply of fantastic projects at Supercon this year, but one whose fit and finish really stood out was [Scott]’s lightsaber. If you were walking around and saw someone with a very bright RGB device with a chromed-out handle hanging off their belt it was probably this, though it may have been hard to look at directly. On the outside, the saber looks like a well-polished cosplay prop, and it is! But when Scott quickly broke down the device into component pieces it was apparent that extra care had been put into the assembly of the electronics.

Like any good lightsaber replica the blade is lit, and wow is it bright. The construction is fairly simple, it’s a triplet of WS2812B LED strips back to back on a triangular core, mounted inside a translucent polycarbonate tube with a diffuser. Not especially unusual. But the blade can be popped off the hilt at a moments notice for easy transport and storage, so the strips can’t be soldered in. Connectors would have worked, but who wants flying wires when they’re disconnecting their lightsaber blade. The answer? Pogo pins! Scott runs the power, ground, and data lines out of the strips and into a small board with slip ring-style plated rings. On the hilt, there is a matching array of pogo pins to pass along power and data. The data lines from all the strips are tied together minimizing the number of connections to make, and the outer two power rings have more than one pin for better current-carrying capacity. A handy side effect is that there is nowhere on the blade where there aren’t LEDs; the strips go down to the very end of the blade where it meets the main board inside the hilt.

The hilt is filled with an assembly of 18650’s and a Teensy mounted with a custom shield, all fit inside a printed midframe. The whole build is all about robust design that’s easy to assemble. The main board is book-ended by perpendicular PCBs mounted to the ends, one at the top to connect to the blade and one at the bottom to connect to a speaker. Towards the bottom there is space for an optional Bluetooth radio to allow remote RGB control.

Scott is selling this as a product but also provides detailed instructions and parts lists for each component. Assembly instructions for the blade are here. The hilt is here. And pogo adapters are on OSH Park here. An overview of the firmware with links to GitHub is here. Check out a walkthrough of the handle assembly and blade attachment after the break!

Continue reading “Lightsaber Uses Pogo Pins To Make Assembly A Breeze”

A Bluetooth Upgrade For An Unusual Set Of Headphones

October 30, 2018 by 11 Comments

We will have all picked up something from a junk pile or swap meet in our time that caught our eye not because we needed it but because it looked cool. [Quinn Dunki] did just that with an irresistible set of 1980s air traffic control headphones. What did she do with them? Turn them into a set of Bluetooth headphones of course!

The ‘phones in question are particularly interesting, as they turned out upon inspection to be a two-way radio in disguise. Cracking them open revealed a radio board and a logic board, and what makes them particularly interesting to this Hackaday scribe’s eye is their choice of frequency. She finds a crystal with a VHF airband frequency multiplier and concludes that they must operate there, but a look at the photos reveals all the ingredients of a classic AM or low HF receiver. There is a ferrite rod antenna and a variable capacitor, if we didn’t know that these were very high-end professional ‘phones we’d almost suspect they were a novelty AM radio from Radio Shack. If any readers can shed any light on the frequency and purpose of this device, we’re all ears.

The conversion involved a Sparkfun Bluetooth module breakout board paired with a little audio power amplifier. The original drivers were high-impedance and one of them had died, so she replaced them with a modern pair of identical size. The control buttons were mounted in the headphone’s external housing, after a wrong turn into attempting to create a custom enclosure. The result is a rather novel but high-quality set of ‘phones, and one we rather wish we’d found ourselves.