Here’s How The Precursor Protects Your Privacy

At some point, you will find yourself asking – is my device actually running the code I expect it to? [bunnie] aka [Andrew Huang] is passionate about making devices you can fundamentally, deeply trust, and his latest passion project is the Precursor communicator.

At the heart of it is an FPGA, and Precursor’s CPU is created out of the gates of that FPGA. This and a myriad of other design decisions make the Precursor fundamentally hard to backdoor, and you don’t have to take [bunnie]’s word for it — he’s made an entire video going through the architecture, boot protections and guarantees of the Precursor, teaching us what goes into a secure device that’s also practical to use.

Screenshot from the video, showing a diagram of how precursor's software and hardware components relate to each other If you can’t understand how your device works, your trust in it might be misplaced. In the hour long video, [bunnie] explains the entire stack, from the lower levels of hardware to root keys used to sign and verify the integrity of your OS, along the way demonstrating how you can verify that things haven’t gone wrong.

He makes sure to point out aspects you’d want to be cautious of, from physical security limitations to toolchain nuances. If you’re not up for a video, you can always check out the Precursor wiki, which has a treasure trove of information on the device’s security model.

As you might’ve already learned, it’s not enough for hardware to be open-source in order to be trustworthy. While open-source silicon designs are undoubtedly the future, their security guarantees only go so far.

Whether it’s esoteric hard drive firmware backdoors, weekend projects turning your WiFi card into a keylogger, or rootkits you can get on store-bought Lenovo laptops, hell, even our latest This Week In Security installment has two fun malware examples – there’s never a shortage of parties interested in collecting as much data as possible.

Hackaday Links Column Banner

Hackaday Links: December 22, 2019

It’s hard to believe it, but the Raspberry Pi has been on the market for only seven years now. The single-board computer has become so entrenched in the hobby electronics scene that it’s hard to imagine life without it, or what we did before it came along. And with the recent announcement that the 30 millionth Raspberry Pi was recently manufactured, now we have some clarity on the scale of its success. Just roll that number around in your head for a bit – that’s one Pi for every nine or so people in the USA. Some of the other facts and figures in the linked article boggle the mind too, like Eben Upton figured they’d only ever sell about 10,000 units, or that the factory in Wales where most Pis are made can assemble 15,000 units a day.

Speaking of manufacturing, have you ever considered what goes into getting a small-scale manufactured product ready for shipping? The good folks over at Gigatron know all about the joys of kitting, and have put together an interesting un-unboxing video for their flagship TTL-only retro computer. It’s a nice riff on the unboxing videos that are somehow popular on YouTube these days, and shows just how much effort they put into getting a Gigatron out the door. All told, it takes about an hour to ship each unit, and the care put into the process is evident. We especially like the part where all the chips are placed into antistatic foam in the same orientation they’ll be on the completed board. Nice touch.

Last time we checked in on the Lulzbot saga, the open source 3D printer manufacturer had been saved from complete liquidation by a company named FAME 3D. Now we’re getting the first solid details about where things go from here. Not only will thirteen of the remaining Lulzbot employees be staying on, but FAME 3D plans to hire 50 new employees to get operations back up as quickly as possible. The catch? The “F” in FAME 3D stands for Fargo, North Dakota, where Fargo Additive Manufacturing Equipment 3D is based. So Lulzbot will be moving north from Loveland, Colorado in the coming months.

For the last few years, adventure travelers making the pilgrimage to Shenzhen to scour the electronics markets have stuffed a copy of Andrew “Bunnie” Huang’s The Essential Guide to Electronics in Shenzhen into their soon-to-be-overflowing backpacks. The book is a goldmine of insider information, stuffed with maps and translation tables critical for navigating a different culture with no local language skills. Bunnie’s book has only been available in dead-tree format and now that all but the last few copies have been sold, he decided to make a web version available for free. We’d have to think a tablet or phone would be a bit harder to use in the heat of negotiation than the nice spiral-bound design of the print copy, but the fact that the insider information will now be widely available probably makes this a net positive.

And finally, if you’ve ever nearly been run over by an EV or hybrid silently backing out of a parking space, you’ll no doubt appreciate attempts to legislate some sort of audible presence to these vehicles. But what exactly should an electric vehicle be made to sound like? Volkswagen has begun to address that question, and while you can certainly read through the fluff in their press release, all you really need to do is listen to the sample. We’ve got to say that they pretty much nailed what a car of the future should sound like. Although they might have missed a real opportunity here.

Bunnie Weighs In On Tariffs

[Bunnie] has penned his thoughts on the new 25% tariffs coming to many goods shipped from China to the US. Living and working both in the US and China, [Bunnie] has a unique view of manufacturing and trade between the two countries. The creator of Novena and Chumby, he’s also written the definitive guide on Shenzen electronics.

All the marked items are included in the new tariffs

The new US tariffs come into effect on July 6th. We covered the issue last week, but Bunnie has gone in-depth and really illustrates how these taxes will have a terrible impact on the maker community. Components like LEDs, resistors, capacitors, and PCBs will be taxed at the new higher rate. On the flip side, Tariffs on many finished consumer goods such as cell phone will remain unchanged.

As [Bunnie] illustrates, this hurts small companies buying components. Startups buying subassemblies from China will be hit as well. Educators buying parts kits for their classes also face the tax hike. Who won’t be impacted? Companies building finished goods. If the last screw of your device is installed in China, there is no tax. If it is installed in the USA, then you’ll pay 25% more on your Bill of Materials (BOM). This incentivizes moving assembly offshore.

What will be the end result of all these changes? [Bunnie] takes a note from Brazil’s history with a look at a PC ISA network card. With DIP chips and all through-hole discrete components, it looks like a typical 80’s design. As it turns out the card was made in 1992. Brazil had similar protectionist tariffs on high-tech goods back in the 1980’s. As a result, they lagged behind the rest of the world in technology. [Bunnie] hopes these new tariffs don’t cause the same thing to happen to America.

[Thanks to [Robert] and [Christian] for sending this in]

Friday Hack Chat: Making And Breaking Hardware With Bunnie

bunnie03-01This Friday, February 10th, at 9am PST, will be graced with one of the greatest hardware creators in recent memory. [Bunnie Huang] will be talking about making and breaking hardware in the Hack Chat.

[Bunnie] is a nearly peerless hardware hacker. He literally wrote the book on hacking the XBox, developed the Chumby, and developed the Novena, an open source Laptop. He’s torn down the Form 2 3D printer, explored the iPhone’s hackability with [Edward Snowden], wrote the book you want to have on your carryon when flying into Hong Kong, and recently released The Hardware Hacker, a retelling of his adventures in hardware hacking. He’s now working on the Love to Code platform.

[Bunnie] is a bridge across worlds. There is no one else so deeply embedded in the world of electronics manufacturing that is also willing to tell the world about what he’s found. If you want to learn about electronics, the Bunnie Studios blog is a mandatory read.

For this week’s Hack Chat, [Bunnie] will be taking questions from the community. If you’ve ever wanted to know what it takes to build a few thousand things, this is the guy to ask.

Having trouble figuring out when 09:00 PST is in your local time zone? Here’s a countdown timer!

Here’s How To Take Part:

Buttons to join the project and enter the Hack Chat
Buttons to join the project and enter the Hack Chat

Our Hack Chats are live community events on Hack Chat group messaging. Log into, visit that page, and look for the ‘Join this Project’ Button. Once you’re part of the project, the button will change to ‘Team Messaging’, which takes you directly to the Hack Chat.

You don’t have to wait until Friday; join whenever you want and you can see what the community is talking about.

Upcoming Hack Chats

These Hack Chats are a weekly thing, and we have a few more on the books. Next week, we’ll be covering RF design with [Jenny List], and later going over mechanical manufacturing with Fictiv. You can check out all the upcoming Hack Chats on this project.

Books You Should Read: The Hardware Hacker

There’s no one quite like Andrew ‘Bunnie’ Huang. His unofficial resume begins with an EE degree from MIT, the author of Hacking the Xbox, creator of the Chumby, developer of the Novena, the first Open Source laptop, and has mentored thousands of people with dozens of essays from his blog.

Above all, Bunnie is a bridge across worlds. He has spent the last decade plying the markets of Shenzhen, working with Chinese manufacturers, and writing about his experiences of taking an idea and turning it into a product with the help of Chinese partners. In short, there is no person better suited to tell the story of how Shenzhen works, what can be done, and how to do it.

Bunnie’s The Hardware Hacker ($29.95, No Starch Press) is the dead tree expression of years of living and working in Shenzhen, taking multiple products to market, and exploring the philosophy that turned a fishing village into a city that produces the world’s electronic baubles.

Continue reading “Books You Should Read: The Hardware Hacker”

Bunnie And Snowden Explore IPhone’s Hackability

[Bunnie Huang] and [Edward Snowden] have teamed up to publish a paper exploring the possibility of introspection on the iPhone.

A rendering of the proposed introspection device attached to an iPhone6
A rendering of the proposed introspection device attached to an iPhone6

The idea is that phones are increasingly complex and potentially vulnerable to all kinds of digital surveillance. Even airplane mode is insufficient for knowing that your phone isn’t somehow transmitting information. The paper looks at the various radios on the iPhone, going so far as opening up the device and reading signals at each of the chips for cell, WiFi, Bluetooth, GPS, and NFC to determine whether the chip itself is doing anything, regardless of what the screen says. This introspection can then be used to be confident that the phone is not communicating when it shouldn’t be.

The paper goes on to propose a device that they will prototype in the coming year which uses an FPC that goes into the phone through the SIM card port. It would contain a battery, display, buttons, multiple SIM cards, and an FPGA to monitor the various buses and chips and report on activity.

Significant hacking of an iPhone will still be required, but the idea is to increase transparency and be certain that your device is only doing what you want it to.

Hackaday Links: June 5, 2016

CERN is having a hackathon. It’s in October, yes, but the registration is closing on the 15th of June. They’ve been doing this every year, and the projects that come out of this hackathon are as diverse as infrastructure-less navigation, cosmic ray detectors, and inflatable refrigerators.

Have one of those solder fume extractors? Here’s an obvious improvement. [polyglot] put a strip of LEDs around the frame of his solder fume extractor to put a little more light on the subject.

A few months ago, [Bunnie] started work on a book. It was the Essential Guide to Electronics in Shenzhen. It’s made for hardware hackers to figure out how to buy stuff in Shenzhen, using a neat point-and-understand interface. Those books are now being shipped to people around the globe. I got one, and here’s the mini-review: it’s awesome. Is it a complete travel guide? No, but if you dropped me off at Hong Kong International, I could probably 1) Make it to Shenzhen 2) Buy random LEDs 3) Find a hotel 4) Get a beer 5) Not die. Pics below.

You’re hackers, and that means you’re the people who build stuff for all those ‘makers’ out there. Don’t have an MBA? No problem, [Dave Jones] has your back. He re-did his Economics of Selling Hardware video from several years ago. It’s 25 minutes long, and gives you enough information so you’re not a complete idiot at the business end of design.

Like Raspberry Pis stuffed into things? Here’s a Pi Zero stuffed into a MegaDrive cartridge. Now someone grab a Sonic and Knuckles cart, build a ROM reader, and do a proper cart-reading emulator.

If you’re into R/C, you know about Flite Test. They’re the folks that make crazy, crazy model planes out of Dollar Tree foam board, and have gotten hundreds of people into the hobby. Flite Test is having their own con, Flight Fest, in a little over a month. It’s in Ohio, and from last year’s coverage of the event, it looks like a really cool time.

So, No Man’s Sky is coming out soon. It’s a space game set in a procedurally generated, infinite galaxy. Does anyone have any idea on how to form a Hackaday clan? Somebody should start a Hackaday clan/alliance/thing. I’ll meet you guys at the core.