Ask Hackaday: How Much Would You Stake On An Online Retailer

On the bench where this is being written, there’s a Mitutoyo vernier caliper. It’s the base model with a proper vernier scale, but it’s beautifully made, and it’s enjoyable to see younger hardware hackers puzzle over how to use it. It cost about thirty British pounds a few years ago, but when it comes to quality metrology instruments that’s really cheap. The sky really is the limit for those in search of ultimate accuracy and precision. We can see then why this Redditor was upset when the $400 Mitutoyo they ordered from Amazon turned out to be nothing of the sort. We can’t even call it a fake, it’s just a very cheap instrument stuffed oddly, into a genuine Mitutoyo box.

Naturally we hope they received a refund, but it does raise the question when buying from large online retailers; how much are we prepared to risk? We buy plenty of stuff from AliExpress in out community, but in that case the slight element of chance which comes with random Chinese manufacture is offset by the low prices. Meanwhile the likes of Amazon have worked hard to establish themselves as trusted brands, but is that misplaced? They are after all simply clearing houses for third party products, and evidently have little care for what’s in the box. The £30 base model caliper mentioned above is an acceptable punt, but at what point should we go to a specialist and pay more for some confidence in the product?

It’s a question worth pondering as we hit the “Buy now” button without thinking. What’s your view? Let us know in the comments. Meanwhile, we can all be caught with our online purchases.

Thanks [JohnU] for the tip.

When Is A 6502 Not Quite A 6502?

We all know that fake chips are a risk when it comes to buying parts on eBay or from Chinese markets such as AliExpress. It’s a simple enough scam, take a cheap chip and mark it as an expensive one, pocket the difference. It’s happened in several different forms, with everything from completely different devices through cheaper equivalents to incredibly, chips purpose fabricated to emulate better-known ones. We have a chance to see such a scam in action via [LinuxJedi], with a 6502 that wasn’t quite as it seemed.

The chip in question was a Rockwell 65C02 destined for an Acorn Atom, and when installed it failed to deliver the expected power consumption saving. Unsurprisingly when tested it turned out to be a fake, in this case a run-of-the-mill 6502 with new markings. The interesting part for Hackaday readers comes in the physical clues. The too-bright markings started to dissolve with a bit of acetone. A deeper investigation revealed the date and wafer codes did not agree with the branding. A new chip was secured which also turned out to be a fake, though in this case a real 65C02 rated for a lower clock speed than marked.

It’s evident that in-demand retro chips are likely to be an ever-greater minefield of fakes as time passes, and the number of survivors dwindles. It’s as well to be aware then and learn from any fakes like these posted online. It’s not the first fake chip we’ve brought you.

Cheap Power Supplies With Fake Chips Might Not Be That Bad

We all know the old maxim: if it’s too good to be true, it’s probably made with fake components. OK, maybe that’s not exactly how it goes, but in our world gone a little crazy, there’s good reason to be skeptical of pretty much everything you buy. And when you pay the equivalent of less than a buck for a DC-DC converter, you get what you pay for.

Or do you? It’s not so clear after watching [Denki Otaku]’s video on a bargain bag of buck converters he got from Amazon — ¥1,290 for a lot of ten, or $0.85 a piece. The thing that got [Denki]’s Spidey senses tingling is the chip around which these boards were built: the LM2596. These aren’t especially cheap chips; Mouser lists them for about $5.00 each in a reel of 500.

Initial testing showed the converters, which are rated at 3 to 42 VDC in and 1.25 to 35 VDC out, actually seem to do a decent job. At least with output voltage, which stays at the set point over a wide range of input voltages. The ripple voltage, though, is an astonishing 400 mV — almost 10% of the desired 5.0 V output. What’s more, the ripple frequency is 18 kHz, which is far below the 150 kHz oscillator that’s supposed to be in the LM2596. Other modules from the batch tested at 53 kHz ripple, so better, but still not good. There were more telltales of chip fakery, such as dodgy-looking lettering on the package, incorrect lead forming, and finger-scorching heat under the rated 3 A maximum load. Counterfeit? Almost definitely. Useless? Surprisingly, probably not. Depending on your application, these might do the job just fine, especially if you slap a bigger cap on the output to smooth that ripple and keep the draw low. And keep your fingers away, of course.

Worried that your chips are counterfeits? Here’s a field guide for fake chip spotters. And what do you do if you get something fake? A refund might just be possible.

Continue reading “Cheap Power Supplies With Fake Chips Might Not Be That Bad”

A modchip described in the article - a small PCB with an epoxy blob on it, soldered to the Cisco switch PCB using four thin wires

Counterfeit Cisco Hardware Bypasses Security Checks With Modchips

Some pictures recently surfaced on social media, showing a small PCB tapped into four points on Cisco-branded boards. What is this about? A NSA backdoor so data can be exfiltrated to some third party? Well, that’s theoretically possible, but it’s actually used for bypassing hardware authenticity checks in Cisco hardware being cloned — a sizable industry. Of course, “can’t believe it’s not Cisco” hardware is only valuable insofar that it’s able to run the Cisco software, and that’s where the bodge boards play a major role.

An unidentified IC on the a different counterfeit Cisco board, with markings soldered offA 2020 report by F-Secure details an investigation, comparing three switches marked as Cisco 2960X – one known genuine and two known counterfeits. The counterfeits had the aforementioned implants either soldered to the bottom of the PCB or added to the board as a separate component, and the paper goes into why they’re important for successful counterfeiting.

Apparently, these chips emulate or bypass an I2C EEPROM containing part of the code executed during the boot sequence, and Cisco depends on this EEPROM’s contents for authenticity verification. Cisco software reads the EEPROM twice — once for verification, and once again for actually running it. The microcontroller included on the mod board can return a genuine binary with a valid signature on the first read, and a binary with hardware checks patched out for subsequent reads.

The paper will tell you about way more than this — it’s thorough yet captivating. As you’d expect, it devotes quite a bit of time to comparing genuine and counterfeit boards, showing that the cloning process is pretty to-the-T, save for some part substitutions. For instance, check out the PDF page 12 to see how via locations are exactly copied between PCBs in a bizarre way, or the Cisco file format and authenticity check analysis closer to the end of the report. All in all, the 38 pages of the document make for a fun foray into what makes Cisco authentication mechanisms tick, and what helps clone hardware makers bypass them.

Are such chips ever used for adding backdoors and data exfiltration? There’s no evidence of that, as much as that’s not to be excluded — bypassing anti-cloning protections would make other hijinks more viable no doubt, that said, only hardware authentication bypass measures were found so far. This mechanism also breaks during software updates, and absolutely, leaves some to be desired when it comes to its stated functionality. That said, such fun insights can help us, say, enforce right-to-repair, enable hardware reuse, and thwart many predatory business practices in areas where laws fail us.

Perhaps It’s Time To Talk About All Those Fakes And Clones

A while back, I bought a cheap spectrum analyser via AliExpress. I come from the age when a spectrum analyser was an extremely expensive item with a built-in CRT display, so there’s still a minor thrill to buying one for a few tens of dollars even if it’s obvious to all and sundry that the march of technology has brought within reach the previously unattainable. My AliExpress spectrum analyser is a clone of a design that first appeared in a German amateur radio magazine, and in my review at the time I found it to be worth the small outlay but a bit deaf and wide compared to its more expensive brethren. Continue reading “Perhaps It’s Time To Talk About All Those Fakes And Clones”

Is Your Device Actually USB 3.0, Or Is The Connector Just Blue?

Discount (or even grey market) electronics can be economical ways to get a job done, but one usually pays in other ways. [Majenko] ran into this when a need to capture some HDMI video output ended up with rather less than was expected.

Faced with two similar choices of discount HDMI capture device, [Majenko] opted for the fancier-looking USB 3.0 version over the cheaper USB 2.0 version, reasoning that the higher bandwidth available to a USB 3.0 version would avoiding the kind of compression necessary to shove high resolution HDMI video over a more limited USB 2.0 connection.

The device worked fine, but [Majenko] quickly noticed compression artifacts, and interrogating the “USB 3.0” device with lsusb -t revealed it was not running at the expected speeds. A peek at the connector itself revealed a sad truth: the device wasn’t USB 3.0 at all — it didn’t even have the right number of pins!

A normal USB 3.0 connector is blue inside, and has both sets of pins for backward compatibility (five in the rear, four in the front) like the one shown here.

A USB 3.0 connection requires five conductors, and the connectors are blue in color. Backward compatibility is typically provided by including four additional conductors, as shown in the image here. The connector on [Majenko]’s “USB 3.0” HDMI capture device clearly shows it is not USB 3.0, it’s just colored blue.

Most of us are willing to deal with the occasional glitch or dud in exchange for low prices, but when something isn’t (and never could be) what it is sold as, that’s something else. [Majenko] certainly knows that as well as anyone, having picked apart a defective power bank module to uncover a pretty serious flaw.

Unmasking The Identity Of An Unusual Nintendo DS

The Nintendo DS family encompasses a dizzying array of portable game systems released over a span of 17 years. The original DS received several refreshes and special editions, and when the next generation 3DS came along, it spawned a whole new collection of spin-offs. But even among all those machines there’s a name that even Mario himself would never have heard of: the Nintendo DS ML.

In a recent video, [The Retro Future] says he discovered this oddball system selling for around $25 USD on Chinese shopping site Taobao and bought one so he could get a closer look at it. Externally the system looks quite a bit like the refreshed DS Lite, but it’s notably larger and the screens look quite dated. That was already a strong hint to its true identity, as was the placement of its various buttons and controls.

Note the conspicuous absence of Nintendo’s name.

But it wasn’t until [The Retro Future] cracked the system open that he could truly confirm what he had on his hands. This was an original Nintendo DS, potentially a new old stock unit that had never been distributed, which was transplanted into a custom enclosure designed to look like one of the later upgraded models. As for what this seller meant by calling this chimera the DS ML is anyone’s guess, though one of the commenters on the video thought “Maybe Legal” had a nice ring to it.

Now assuming these really are brand new systems that were simply installed in fresh cases, $25 is arguably a good deal. So long as you aren’t concerned with playing the latest titles, anyway. But at the same time its a reminder that you get what you pay for when dealing with shady overseas sellers. It’s just as likely, perhaps even more so, that these were used systems that got spruced up to make a quick buck.

Fake components are everywhere. In fact there’s an excellent chance most of the people reading this site have received some fake parts over the years, even if they didn’t realize it at the time. When there’s fly by night companies willing to refurbish a nearly 20 year old Nintendo handheld for $25, what are the chances that Bosch actually made that $2 temperature sensor you just ordered on eBay?

Continue reading “Unmasking The Identity Of An Unusual Nintendo DS”