IoT

318 Articles

Compact Driver Powers Steppers With USB-C PD

August 24, 2024 by 12 Comments

NEMA-17 steppers are (almost) a dime a dozen. They’re everywhere, they’re well-known to hackers and makers, and yet they’re still a bit hard to integrate into projects. That’s because the motor alone isn’t much use, and by the time you find or build a driver and integrate it with a microcontroller, you’ve probably expended more effort than you will on the rest of the project. This USB-C PD stepper driver aims to change that.

What caught our eye about [Josh Rogan]’s PD Stepper is his effort to make this a product rather than just a project. The driver is based on a TMC2209 for silent operation and a lot of torque thanks to the power delivery capabilities of USB-C PD. The PCB is very nicely designed and has an AS5600 rotary magnetic encoder for closed-loop operation. There’s also an ESP32-S3 on-board, so WiFi and Bluetooth operation are possible — perfect for integration into Home Assistant via ESPHome.

[Josh]’s mechanical design is top-notch, too, with a machined aluminum spacer that fits on the back of a NEMA-17 motor perfectly and acts as a heat spreader. A machined polycarbonate cover protects the PCB and makes a very neat presentation. [Josh] has kits available, or you can roll your own with the provided build files.

Continue reading “Compact Driver Powers Steppers With USB-C PD”

Hackaday Links Column Banner

Hackaday Links: August 11, 2024

August 11, 2024 by 8 Comments

“Please say it wasn’t a regex, please say it wasn’t a regex; aww, crap, it was a regex!” That seems to be the conclusion now that Crowdstrike has released a full root-cause analysis of its now-infamous Windows outage that took down 8 million machines with knock-on effects that reverberated through everything from healthcare to airlines. We’ve got to be honest and say that the twelve-page RCA was a little hard to get through, stuffed as it was with enough obfuscatory jargon to turn off even jargon lovers such as us. The gist, though, is that there was a “lack of a specific test for non-wildcard matching criteria,” which pretty much means someone screwed up a regular expression. Outside observers in the developer community have latched onto something more dire, though, as it appears the change that brought down so many machines was never tested on a single machine. That’s a little — OK, a lot — hard to believe, but it seems to be what Crowdstrike is saying. So go ahead and blame the regex, but it sure seems like there were deeper, darker forces at work here.

Continue reading “Hackaday Links: August 11, 2024”

Hackaday Links Column Banner

Hackaday Links: July 28, 2024

July 28, 2024 by 14 Comments

What is this dystopia coming to when one of the world’s largest tech companies can’t find a way to sufficiently monetize a nearly endless stream of personal data coming from its army of high-tech privacy-invading robots? To the surprise of almost nobody, Amazon is rolling out a paid tier to their Alexa service in an attempt to backfill the $25 billion hole the smart devices helped dig over the last few years. The business model was supposed to be simple: insinuate an always-on listening device into customers’ lives to make it as easy as possible for them to instantly gratify their need for the widgets and whatsits that Amazon is uniquely poised to deliver, collecting as much metadata along the way as possible; multiple revenue streams — what could go wrong? Apparently a lot, because the only thing people didn’t do with Alexa was order stuff. Now Amazon is reportedly seeking an additional $10 a month for the improved AI version of Alexa, which will be on top of the ever-expanding Amazon Prime membership fee, currently at an eye-watering $139 per year. Whether customers bite or not remains to be seen, but we think there might be a glut of Echo devices on the second-hand market in the near future. We hate to say we told you so, but — ah, who are we kidding? We love to say we told you so.

Continue reading “Hackaday Links: July 28, 2024”

Cutting An IoT Fan Free Of The Cloud

July 25, 2024 by 22 Comments

The cloud is supposed to make everything better. You can control things remotely, with the aid of a benevolent corporation and their totally friendly servers. However, you might not like those servers, and you might prefer to take personal control of your hardware. If that’s the case, you might like to follow the story of [ouaibe] and their quest to free a fan from the cloud.

The unit in question was a tower fan from Dreo. [ouaibe] noted that there was already a project to control the fans using Home Assistant, but pure lower-level local control was the real goal here. Work began on pulling apart the Dreo Android app to determine how it talked to the fan, eventually turning up a webserver on board, but little progress. The next step was to disassemble the unit entirely. That turned up multiple PCBs inside, with one obviously for wireless communication and another hosting a Sino Wealth microcontroller. Dumping firmwares followed,  along with reverse engineering the webserver, and finally establishing a custom ESPHome integration to fully control the fan.

[ouaibe] has shared instructions on how to cut your own fan from the cloud, though notes that the work won’t be extended to other Dreo products any time soon. In any case, it’s a great example of just how much work it can take to fully understand and control an IoT device that’s tethered to a commercial cloud server. It’s not always easy, but it can be done!

Hacking An IoT Camera Reveals Hard-Coded Root Password

July 24, 2024 by 24 Comments

Hacking — at least the kind where you’re breaking into stuff — is very much a learn-by-doing skill. There’s simply no substitute for getting your hands dirty and just trying something. But that doesn’t mean you can’t learn something by watching, with this root password exploit on a cheap IP video camera being a good look at the basics.

By way of background on this project, [Matt Brown] had previously torn into a VStarcam CB73 security camera, a more or less generic IP camera that he picked up on the cheap, and identified a flash memory chip from which he extracted the firmware. His initial goal was to see if the camera was contacting sketchy servers, and while searching the strings for the expected unsavory items, he found hard-coded IP addresses plus confirmation that the camera was running some Linux variant.

With evidence of sloppy coding practices, [Matt] set off on a search for a hard-coded root password. The second video covers this effort, which started with finding UART pins and getting a console session. Luckily, the bootloader wasn’t locked, which allowed [Matt] to force the camera to boot into a shell session and find the root password hash. With no luck brute-forcing the hash, he turned to Ghidra to understand the structure of a suspicious program in the firmware called encoder. After a little bit of poking and some endian twiddling, he was able to identify the hard-coded root password for every camera made by this outfit, and likely others as well.

Granted, the camera manufacturer made this a lot easier than it should have been, but with a lot of IoT stuff similarly afflicted by security as an afterthought, the skills on display here are probably broadly applicable. Kudos to [Matt] for the effort and the clear, concise presentation that makes us want to dig into the junk bin and get hacking.

Continue reading “Hacking An IoT Camera Reveals Hard-Coded Root Password”

Hackaday Links Column Banner

Hackaday Links: May 19, 2024

May 19, 2024 by 5 Comments

If there was one question we heard most often this week, it was “Did you see it?” With “it” referring to the stunning display of aurora borealis — and australis, we assume — on and off for several days. The major outburst here in North America was actually late last week, with aurora extending as far south as Puerto Rico on the night of the tenth. We here in North Idaho were well-situated for prime viewing, but alas, light pollution made things a bit tame without a short drive from the city lights. Totally worth it:

Hat tip to Tom Maloney for the pics. That last one is very reminiscent of what we saw back in 1989 with the geomagnetic storm that knocked Québec’s grid offline, except then the colors were shifted much more toward the red end of the spectrum back then.

Continue reading “Hackaday Links: May 19, 2024”

The Easy Way To Make A Smart Appliance

April 7, 2024 by 32 Comments

It seems that finding an appliance without some WiFi connectivity and an app to load your laundry data into the cloud is an increasingly difficult thing to do in the 2020s. Many of us resolutely refuse to connect these smart appliances to the Internet, but not because we don’t see the appeal — we just want to do it on our own terms.

[Terence Eden] did just this with his rice cooker, using a surprisingly straightforward approach. He simply connected it to the mains via an energy monitoring smart plug, and that was the hardware part, done. Of course, were it that simple we probably wouldn’t be featuring this here, as the meat of this project lies in connecting it to his smart home systems and getting something useful from it.

He’s using Home Assistant, and after a bit of messing about had it part of his home automation system. Then it was time for Appliance Status Monitor, which allowed him to easily have the rice cooker send him a notification once it has done its thing by monitoring the power it was using. All online, part of a smart home, and not a byte of his data captured and sold to anyone!

This isn’t the first home automation project we’ve brought you from this source.