A multifactor authentication device showing TOTP codes

An ESP32 MultiFactor TOTP Generator

March 7, 2024 by Dave Rowntree 20 Comments

MFA, or multifactor authentication, is a standard security feature these days. However, it can be a drag to constantly reach into one’s pocket, scroll to Google Authenticator (other MFA applications are available!), and find the correct TOTP code to log in to a site for a short while. [Allan Oricil] felt this pain point, so they took the problem by the horns and created a desktop MFA TOTP generator to make life just that little bit easier.

TOTP, which stands for Time-based One-Time Password, is a security measure that uses a device or application to provide unique codes that expire after a short time. Two-factor authentication requires a physical item (something you have), such as a key or swipe card, and knowledge of a fact (something you know), like a password, rather than relying on a single factor. This approach ensures a higher level of security. [Allan]’s project is a physical thing one would use with a password or key file.

Continue reading “An ESP32 MultiFactor TOTP Generator” →

Alarm Panel Hack Defeats Encryption By Ignoring It

January 19, 2024 by Dan Maloney 23 Comments

As frustrating as it may be for a company to lock you into its ecosystem by encrypting their protocols, you have to admit that it presents an enticing challenge. Cracking encryption can be more trouble than it’s worth, though, especially when a device gives you all the tools you need to do an end-run around their encryption.

We’ll explain. For [Valdez], the encrypted communication protocols between a DSC alarm panel and the control pads on the system were serious impediments to integration into Home Assistant. While there are integrations available for these alarm panels, they rely on third-party clouds, which means that not only is your security system potentially telling another computer all your juicy details, but there’s also the very real possibility that the cloud system can either break or be shut down; remember the Chamberlain MyQ fiasco?

With these facts in mind, [Valdez] came up with a clever workaround to DSC encryption by focusing on physically interfacing with the keypad. The device has a common 16×2 LCD and a 25-key keypad, and a little poking around with a multimeter and a $20 logic analyzer eventually showed that the LCD had an HD44780 controller, and revealed all the lines needed to decode the display with an ESP32. Next up was interfacing with the keypad, which also involved a little multimeter work to determine that the keys were hooked up in a 5×5 matrix. Ten GPIOs on the ESP32 made it possible to virtually push any key; however, the ten relays [Valdez] originally used to do the switching proved unwieldy. That led to an optocoupler design, sadly not as clicky but certainly more compact and streamlined, and enabling complete control over the alarm system from Home Assistant.

We love this solution because, as [Valdez] aptly points out, the weakest point in any system is the place where it can’t be encrypted. Information has to flow between the user and the control panel, and by providing the electronic equivalents to eyes and fingers, the underlying encryption is moot. Hats off to [Valdez] for an excellent hack, and for sharing the wealth with the HA community.

Oddball LCDs Reverse Engineered Thanks To Good Detective Work

December 12, 2023 by Dan Maloney 5 Comments

Is there anything more discouraging to the reverse engineer than to see a black blob of epoxy applied directly to a PCB? We think not, because that formless shape provides no clue as to what chip lies beneath, and that means a lot of detective work if you’re going to figure out how to use this thing.

[Sudhir Chandra]’s detective story starts with a bunch of oddball LCDs, slim 1×32 character units rather than the more familiar 2×16 displays. Each bore the dreaded black COB blob on the back, as well as a handful of SMD components and not much else. Googling revealed no useful documentation, and the manufacturer wasn’t interested in fielding calls from a hobbyist. Reasoning that most manufacturers wouldn’t spin up a custom chip for every display, [Sudhir] assumed there was an ST7066, a common LCD driver chip, underneath the blob, especially given the arrangement of external components. But a jumper set was bodged together under this assumption didn’t get the display going.

Next up were more destructive methods, to decap the COB and see what kind of numbers might be on the chip. Sandpaper worked at first, but [Sudhir] eventually turned to the “Chips a la [Antoine]” method of decapping, which uses heat and brute force to get at the goods. This got down to the chip, but [Sudhir]’s microscope wasn’t up to the task of reading the die markings.

What eventually cracked the case was tracing out the voltages across the various external resistors and matching them up to other chips in the same family as the ST7066, plus the realization that the long, narrow epoxy blob probably covered a similarly shaped chip, which led to the culprit: an ST7070. This allowed [Sudhir] to build an adapter PCB for the displays, with plans for a custom Arduino library to talk to the displays.

This was a great piece of reverse engineering and a good detective story to boot. Hats off to [Sudhir] for sticking with it.

“Cheap Yellow Display” Builds Community Through Hardware

October 28, 2023 by Dan Maloney 24 Comments

For the most part, Hackaday is all about hardware hacking projects. Sometimes, though, the real hack in a project isn’t building hardware, but rather building a community around the hardware.

Case in point: [Brian Lough]’s latest project, which he dubs “CYD,” for the “cheap yellow display” that it’s based on; which is a lot easier to remember than its official designation, ESP32-2432S028R. Whatever you call it, this board is better than it sounds, with an ESP32 with WiFi, Bluetooth, a 320×480 resistive touch screen, and niceties like USB and an SD card socket — all on aforementioned yellow PCB. The good news is that you can get this thing for about $15 on Ali Express. The bad news is that, as is often the case with hardware from the Big Rock Candy Mountain, the only documentation available comes from a website we wouldn’t touch with a ten-foot pole.

To fix this problem, [Brian] started what he hopes will be a collaborative effort to build a knowledge base for the CYD, to encourage people to put these little gems to work. He has already kick-started that with a ton of quality documentation, including setup and configuration instructions, tips and gotchas, and some sample projects that put the CYD’s capabilities to the test. It’s all on GitHub and there’s already at least one pull request; hopefully that’ll grow once the word gets out.

Honestly, these look like fantastic little boards that are a heck of a bargain. We’re thinking about picking up a few of these while they last, and maybe even getting in on the action in this nascent community. And hats off to [Brian] for getting this effort going.

Continue reading ““Cheap Yellow Display” Builds Community Through Hardware” →

Adobe Scientist Cuts A Dash With LCD Shifting Dress

October 22, 2023 by Richard Baguley 63 Comments

Adobe research scientist [Christine Dierk] showed off an interesting new project at the Adobe Max conference: Project Primrose, a dress covered with a series of liquid crystal panels that could react to movement, changing the design of the dress. Now, Adobe has released a paper showing some of the technical details of the process.

The paper is from the User Interface & Software (UIST) conference in 2022, so the examples it uses are older: it discusses a canvas and handbag. The dress uses the same technology, though, draped over a scientist rather than a frame. If you can’t access the version from UIST, [Dierk] has a free version here.

The dress uses Polymer-dispersed Liquid Crystal (PDLC) panels from the wonderfully named Shanghai HO HO Industry Co and is designed for use in windows and doors for privacy. It uses an Indium Tin oxide-coated PET film that is opaque by default but becomes transparent when a voltage difference is applied across the material.

These panels are shaped to a hexagonal shape, then wired together with flexible PCBs in a daisy chain. Interestingly, [Dierk] found that the smaller the panels were made, the lower the voltage was required to trigger them. For their canvas example, they dropped the voltage to a much safer -15V to 15V levels to trigger the two states, which is much safer for a wearable device.

The panels are also not completely transparent when triggered: the paper describes them as having a “soft ivory” look when they are overlaying a reflective material. Greyscales can also be made using Pulse Coded Modulation (PCM) to vary the panel’s transparency. Driving the panels at 3.2KHz, they created 64 shades of grey.

The main controller is a custom PCB with a Teensy 4.1 and a BlueFruit LE SPI module. The power comes from two 14.8V LiPo batteries, with converters to power the chips and switch modules so the Teensy can switch the -15 and +15V levels for the panels directly from each battery.

The array is made from modules, each with four panels connected to a controller PCB, which has several Analog Signal Device (ASD) ADG1414 chips. These receive the signals from the bus with switch registers to switch the panels individually.

Rather cleverly, [Dierk] uses the bus that daisy chains the modules together to deliver both power and the bus signal that controls the panels, using the -15 and +15V levels modulated with a 50Hz square wave to create the bus signal and power the panels at the same time. That’s a neat hack that reduces the complexity of the modules significantly.

The Teensy 4.1 controls the whole system and can use its IMU to sense movement and change the pattern accordingly. You don’t get to see the system’s electronics in the dress video, but they claim that the canvas example took just 0.58 Watts to drive, so the dress probably only needs a few watts.

It is a fascinating build (and a rather cute dress), and has a lot of potential. What would you do with this?

Continue reading “Adobe Scientist Cuts A Dash With LCD Shifting Dress” →

Cheap LCD Uses USB Serial

September 11, 2023 by Al Williams 19 Comments

Browsing the Asian marketplaces online is always an experience. Sometimes, you see things at ridiculously low prices. Other times, you see things and wonder who is buying them and why — a shrimp pillow? But sometimes, you see something that probably could have a more useful purpose than the proposed use case.

That’s the case with the glut of “smart displays” you can find at very low prices. Ostensibly, these are being sold as system monitors. A business-card-sized LCD hooks up via USB and shows your CPU speed, temperature, and so on. Of course, this requires sketchy Windows software. I don’t run Windows, and if I did, I wouldn’t be keen to put some strange service on just so I could see tiny displays of my system information. But a 3.5-inch IPS LCD screen for $15 or less probably has some other uses. But how to drive it? Turns out, it is easier than you think and the hardware looks reasonably hackable, too.

Like a lot of this cheap stuff, these screens are sold under a variety of names, and apparently, there are some subtle differences. Two of the main makers of these screens are Turing and XuanFang, although you rarely see those names in the online listings. As you might expect, though, someone has reverse-engineered the protocol, and there is Python software that will replace the stock Windows software the devices use. Even better, there is an example of using the library for your own purposes.

Continue reading “Cheap LCD Uses USB Serial” →

Raspi-Powered Typewriter Is A Real MUSE

September 5, 2023 by Kristina Panos 4 Comments

Thanks to parenting and life in general, [Brendan] had fallen out of the habit of writing and wasn’t happy about it. If you write anything ever, you already know there are endless distractions when it comes to doing so on a computer. Sure, there always typewriters, but it’s difficult to do anything with the fruits of a typewriter other than scan it in or make copies, and it’s basically un-editable except by hand.

Instead of just sitting down and writing, [Brendan] did what any of us would do — took the time to create an elegant solution. The Most Unusual Sentence Extractor, or MUSE, is a Raspberry Pi-based typewriter with the best of both worlds. It’s essentially a word processor, but it can save to the cloud.

[Brendan] found beautiful inspiration in the Olympia Traveller de Luxe typewriter, a delightfully boxy affair made in the 1960s and 70s with lovely keys. Starting with a 68Keys.io board, [Brendan] set about re-creating the lines of the Traveller de Luxe in Tinkercad.

Since it doesn’t really need a platen, this was the perfect place to mount a screen using black PVC. At first, [Brendan] was going to use an e-ink screen, but a mishap led to a better solution — an LCD touchscreen that makes document navigation a breeze.

We absolutely love the look of this machine, which was obviously a labor of love. And yeah, it does the trick:[Brendan] is writing again. Though it maybe be inconvenient, we agree that it really is nice to have a dedicated workstation for certain things.

Looking for the complete opposite of this project? How about a Chat GPT-assisted daisywheel typewriter?