Glitching USB Firmware For Fun

[Micah Elizabeth Scott], aka [scanlime], has been playing around with USB drawing tablets, and got to the point that she wanted with the firmware — to reverse engineer, see what’s going on, and who knows what else. Wacom didn’t design the devices to be user-updateable, so there aren’t copies of the ROMs floating around the web, and the tablet’s microcontroller seems to be locked down to boot.

With the easy avenues turning up dead ends, that means building some custom hardware to get it done and making a very detailed video documenting the project (embedded below). If you’re interested in chip power glitching attacks, and if you don’t suffer from short attention span, watch it, it’s a phenomenal introduction.

Continue reading “Glitching USB Firmware For Fun”

Hacklet 51 – Crowdfunding Projects

Ah crowdfunding. You might say we have a love/hate relationship with it here at Hackaday. We’ve seen some great projects funded through sites like Kickstarter, IndieGoGo, and the like. We’ve also seen projects where the creators were promising more than they could deliver. While the missed deliveries and outright scams do get a lot of press, we believe that crowdfunding in general is a viable platform for getting a project funded.

Closer to home, Hackaday.io hosts thousands of projects. It’s no surprise that some of these have had crowdfunding campaigns. This week’s Hacklet focuses on those projects which have taken the leap into the crowdfunding arena.

matrixWe start with [Louis Beaudoin] and SmartMatrix. [Louis] has created an awesome Teensy 3.1 based system for displaying images, animated graphics, and random patterns on a 32×32 RGB LED panel. The LED panel is the same type used in commercial LED billboards. SmartMatrix is open source, and includes extra pins for hacking. Our own [Mike Szczys] hacked the SmartMatrix to create a 1-pixel PacMan clone. [Louis’] Kickstarter is almost over, and needs a huge boost for fully-assembled SmartMatrix to make its goal. Even if the campaign isn’t successful, we think its a great project and you can always get a solder-it-yourself kit from The Hackaday Store!

psdrNext up is [Michael R Colton] with PortableSDR. PortableSDR was one of the five finalists in The 2014 Hackaday Prize. This pocket-sized software defined radio transceiver started as a ham radio project: a radio system which would be easy for hams to take with them on backpacking trips. It’s grown into so much more now, with software defined radio reception and transmission, vector network analysis, antenna analysis, GPS, and a host of other features. [Michael] raised a whopping $66,197 in his Kickstarter campaign, and he’s already delivered the hand assembled prototypes to their respective backers! Even the lower level rewards are awesome – [Michael’s] PSDR key chains are actually PCBs which can be turned into maple compatible ARM devboards with just about $10 of additional parts.

chip whisperNext we have The ChipWhisperer, [Colin Flynn’s] embedded security testing system, which won second place in the 2014 Hackaday Prize. We’ve covered both [Colin] and the ChipWhisperer  several times on the Blog. You can always buy the full ChipWhisperer from [Colin’s] company, NewAE Technology Inc. At $1500 USD, the ChipWhisperer is incredibly affordable for a hardware security tool. That price is still a bit high for the average hacker though. [Colin] created a Kickstarter campaign for a light version of the ChipWhisperer. This version is a great platform for learning hardware security, as well as an instrument for testing embedded systems. The campaign was a huge success, raising $72,079.

wingboardNot every crowdfunding project has to be a massive megabuck effort though. [ZeptoBit] just wanted to solve a problem, he needed a WiFi shield for Arduino using an ESP8266 module. ESP8266 WiFi modules have been all the rage for months now, but they can be a bit of a pain to wire up to an Arduino Uno. The dual row .100 headers are not bread board friendly. The ESP8266’s 3.3 V power and interface requirements mean that a regulator and level shifters are needed to get the two boards working together. [ZeptoBit] put all that and more on his wingboard. It worked so well that he launched a Kickstarter campaign for a small run of boards – his initial goal was kr3,500, or $425 USD. He ended up raising kr13,705, or $1665 USD. Not bad at all for a hobby project!

If this isn’t enough crowdfunding goodness for you, check out our Crowdfunding list! That’s it for this week’s Hacklet, As always, see you next week. Same hack time, same hack channel, bringing you the best of Hackaday.io!

ChipWhisperer Hits Kickstarter

Even the most well designed crypto algorithms can be broken if someone is smart enough to connect an oscilloscope to a processor. Over the last 15 years or so, an entire domain of embedded security has cropped up around the techniques of power and side channel analysis. The tools are expensive and rare, but [Colin O’Flynn] and the ChipWhisperer are here to bring a new era of hardware security to the masses.

The ChipWhisperer was the second place winner of last year’s Hackaday Prize. It’s an interesting domain of security research, and something that was previously extremely expensive to study. If you’re looking for a general overview of what the ChipWhisperer does, you might want to check out when we bumped into [Colin] at DEFCON last year.

While the original goal of the ChipWhisperer was to bring the cost of the tools required for power and side channel analysis down to something a hackerspace or researcher could afford, this was still too expensive for a Kickstarter campaign. To that end, [Colin] designed the ChipWhisperer Lite, a cut-down version, but still something that does most of what the original could do.

There are two parts to the ChipWhisperer Lite – the main section contains a big microcontroller, a big FPGA, and a high gain, low noise amplifier. This is the core of the ChipWhisperer, and it’s where all the power analysis happens. The other part is a target board containing an XMega microcontroller. This is where you’ll run all your encryption algorithms, and where you’ll find out if they can be broken by power analysis. The main board and target board are held together by a break-away connection, so if you want to run a power analysis on another board, just snap the ChipWhisperer in half.

[Colin] is offering up a ChipWhisperer Lite for around $200 USD – far, far less than what these tools cost just a year ago. We’re looking forward to a successful campaign and all the neat findings people with this board will find.

The Hackaday Prize: Interview With A ChipWhisperer

chipwhisperer

Every finalist for The Hackaday Prize has some aspect of it that hasn’t been done before; finding the chemical composition of everything with some 3D printed parts is novel, as is building a global network of satellite ground stations with off the shelf components. [Colin]’s ChipWhisperer, though, has some scary and interesting implications. By looking inside a microcontroller as its running, the ChipWhisperer is able to verify – or break – security on these chips. It’s also extremely interesting and somewhat magical being able to figure out what data a chip is processing simply by looking at its power consumption.

We have no idea who the winner of The Hackaday Prize is yet, and I’m hoping to remain ignorant of that fact until the party two weeks from now. Until then, you can read the short interview with [Colin O’Flynn], or check out his five-minute video for the ChipWhisperer below:

Continue reading “The Hackaday Prize: Interview With A ChipWhisperer”

Who Will Win The Hackaday Prize? Judging Begins Tonight

It’s been a long road for each of the five finalists; but after tonight they can breathe easy. The last judging round of the 2014 Hackaday Prize begins at 11:50pm PDT.

Each finalist must finish documenting their project by that time as a cached version of each of the project pages will be sent off to our orbital judges. Joining the panel that judged the semifinal round is [Chris Anderson], CEO of 3D Robotics, founder of DIY Drones, former Editor-in-Chief of Wired, and technology visionary. These nine are charged with deciding who has built a project cool enough to go to space.

In case you’ve forgotten, the final five projects selected by our team of launch judges are:

  • ChipWhisperer, an embedded hardware security research device for hardware penetration testing.
  • Open Source Science Tricorder, a realization of science fiction technology made possible by today’s electronics hardware advances.
  • PortableSDR, is a compact Software Defined Radio module that was originally designed for Ham Radio operators.
  • ramanPi, a 3D printed Raman Spectrometer built around a Raspberry Pi.
  • SatNOGS, a global network of satellite ground stations.

The ultimate results of the judging will be revealed at The Hackaday Prize party we’re holding in Munich during Electronica 2014. We’re also holding an Embedded Hardware Workshop with Moog synths, robots, hacked routers, computer vision, and a name that’s official-sounding enough to convince your boss to give you the day off work. We hope to see you there!