Hacking The Logitech Z906 Speaker System

May 19, 2022 by Lewin Day 40 Comments

The Logitech Z906 is a well-rounded 5.1 surround sound system. It’s capable of putting out 1000W in peak power, and can decode Dolby Digital and DTS soundtracks as you’d expect. It’s intended to be used as the heart of a home cinema system and used with a central command console. However, [zarpli] figured out the device’s serial secrets and can now run the device in a standalone manner.

As it turns out, the Z906 uses a main control console that speaks to the rest of the hardware over a DE15 connector (also known as the DB-15). [zarpli] realized that the hardware could instead be commanded by just about any device with a serial port. Thus, a library was whipped up that can be readily used with an Arduino to control all the major functions of the Z906. Everything from volume levels to effect modes and channel assignments can be commanded by microcontroller. As a finale, [zarpli] shows off the hardware playing a multi-channel composition without the console connected, with his own hardware running the show instead.

If you’ve got a Logitech Z906 or similar unit that you wish to automate, you might find this work useful. It’s also a good inspiration for anyone contemplating hacking away at the console ports on other hardware. Video after the break.

Continue reading “Hacking The Logitech Z906 Speaker System” →

Gaming Mouse Becomes Digital Camera

May 16, 2022 by Bryan Cockfield 15 Comments

Ever since the world decided to transition from mechanical ball mice to optical mice, we have been blessed with computer pointing devices that don’t need regular cleaning and have much better performance than their ancestors. They do this by using what is essentially a tiny digital camera to monitor changes in motion. As we’ve seen before, it is possible to convert this mechanism into an actual camera, but until now we haven’t seen something like this on a high-performance mouse designed for FPS gaming.

For this project [Ankit] is disassembling the Logitech G402, a popular gaming mouse with up to 4000 dpi. Normally this is processed internally in the mouse to translate movement into cursor motion, but this mouse conveniently has a familiar STM32 processor with an SPI interface already broken out on the PCB that could be quickly connected to in order to gather image data. [Ankit] created a custom USB vendor-specific endpoint and wrote a Linux kernel module to parse the data into a custom GUI program that can display the image captured by the mouse sensor on-screen.

It’s probably best to not attempt this project if you plan to re-use the mouse, as the custom firmware appears to render the mouse useless as an actual mouse. But as a proof-of-concept project this high-performance mouse does work fairly well as a camera, albeit with a very low resolution by modern digital camera standards. It is much improved on older mouse-camera builds we’ve seen, though, thanks to the high performance sensors in gaming mice.

An Exercise In Firmware Dumping With The GreatFET

June 4, 2021 by Tom Nardi 4 Comments

Looking to hone his hardware hacking skills, [James Chambers] recently set out to reverse engineer a common cheap wireless keyboard: the Logitech K360. The chipset it uses has already been fairly well explored (and exploited) by security researchers, but the goal here was more about gaining some practical hands-on experience than it was breaking any new ground.

The first post in what we’re sure will be a fascinating series deals with dumping the board’s firmware using the GreatFET. We actually haven’t seen too many projects that showcase the capabilities of this highly capable open hardware multi-tool, so the post serves as a nice demonstration of how one goes about writing the necessary Python scripts to put it to work in a practical scenario.

Of course, even with the best of tools, there’s always a few stumbling blocks. After identifying what was clearly some kind of programming header on the K360’s diminutive PCB, it took a few failed attempts at reading the firmware before [James] realized he needed to tap into more pins on the keyboard’s nRF24LE1 microcontroller. Once everything was physically wired up, he wrote some code for the GreatFET that would perform the proper incantations on the chip’s PROG and RESET pins to enable its programming interface.

[James] goes on to explain how you can pull some extended chip information out of the hardware and verify the contents of the firmware dump with Gihdra, but any more advanced analysis will have to wait until the next post in the series. In the meantime, if you like reading about hardware hacking from this “over the shoulder” viewpoint, you should check out some of the fantastic work that [wrongbaud] has sent in over the last year or so.

Logitech Joystick Gets A Mechanical Sidekick

December 19, 2020 by Bryan Cockfield 8 Comments

The mechanical keyboard rabbit hole is a deep one, and can swallow up as much money and time as you want to spend. If you’ve become spoiled on the touch and responsiveness of a Cherry MX or other mechanical switch, you might even start putting them on other user interfaces as well, such as this Logitech joystick that now sports a few very usable mechanical keys for the touch-conscious among us.

The Logitech Extreme 3D Pro that [ErkHal] and friend [HeKeKe] modified to accept the mechanical keys originally had a set of input buttons on the side, but these were unreliable and error-prone with a very long, inconsistent push. Soldering some mechanical switches directly on the existing board was a nice improvement, but the pair decided that they could do even better and rolled out an entire custom PCB to mount the keys more ergonomically. The switches are Kailh Choc V2 Browns and seem to have done a great job of improving the responsiveness of the joystick’s side buttons. If you want to spin up your own version, they’ve made the PCBs available on their GitHub page.

While [ErkHal] notes the switches aren’t the best and were only used since they were available, they certainly appear to work much better than what the joystick shipped with originally. In fact, we recently saw similar switches used to make a custom mechanical keyboard made for the PinePhone.

An Epic Quest For A Motorized Volume Knob

December 7, 2020 by Tom Nardi 23 Comments

[Haris Andrianakis] likes his Logitech Z623 sound system. He likes it a lot. Which is why he was willing to hack in his own remote volume control rather than just get a new pair of speakers. But he certainly didn’t make things easy on himself. Rather than trying to tap into the electronics, he decided to take the long way around and motorize the volume knob.

The belt drive looked great, but didn’t work.

The idea seemed simple enough. Just drill a hole through the PCB behind the knob’s potentiometer, attach some kind of extension to the axle, and turn it with a small servo. Modifying the PCB and potentiometer went well enough, but the trouble came when [Haris] actually tried to turn the thing.

Attaching the servo directly to the axle worked, but it made turning the knob by hand extremely difficult. His next idea was to add a small belt into the mix so there would be some slip in the system. But after designing a 3D printed servo mount and turning custom pulleys on the lathe, it ended up having too much slip, and the knob didn’t always move when the servo turned.

He then swapped out the servo for a small stepper motor. The motor was easy enough to spin when powered down, but didn’t have quite enough torque to turn the knob. He tried with a larger stepper motor that he salvaged from an old printer, but since he could only run it at half the recommended 24 VDC, it too had a tendency to skip steps.

After experimenting with some 3D printed reduction gears, [Haris] finally stumbled upon the 28BYJ-48. This small stepper with an integrated gearbox proved to be the perfect solution, as it had enough muscle to turn the knob while at the same time not restricting its movement when powered down. The rest of the project was relatively easy; with a DRV8825, an ESP8266, and an IR receiver, he’s able to spin the stepper with his TV’s remote. A simple web page running on the ESP8266 even allows him to control volume over the network with his smartphone. Based on similar projects we’ve seen, he could probably add support for HDMI CEC as well.

[Haris] says you shouldn’t follow his example, but we’re not so sure. He kept going when others would have given up, and the engineering and thought that went into each attempt is certainly commendable. Even if he hadn’t ultimately gotten this project working, we’d still say it was a valiant hack worthy of praise.

What The Scale? Mouse Teardown Throws Up A Few Surprises

October 13, 2019 by Anool Mahidharia 35 Comments

[Eric Weinhoffer] and his colleagues did a great comparative tear down of the MX Master 3 and the MX Master 2S mice from Logitech. Tear down’s are great fun and often end up teaching us a lot. Looking at the insides of a product can tell us a great deal about how to solve certain problems, or avoid pitfalls. Opening up two versions of the same product provides an even greater wealth of useful information on how product design evolves based on lessons learned from the earlier versions. Logitech is no greenhorn when it comes to Mice design, so the MX Master 2S was already almost perfect. But looking at the Master MX 3 shows where the earlier version fell short of expectations and how it could be improved upon.

These mice have intelligent scroll wheels, which can rotate in either “detente” or “freewheel” modes. Detente allows slower, precise scrolling, while freewheeling allows rapid scrolling. The two mice models have completely different, and interesting, methods of achieving these actions. The older version has a rubber-coated wheel and uses a motor, which turns a cam. This forces a detent ball onto the inside of the wheel for detent mode and releases it for free mode. Once the rubber wears off, the mouse is pretty much headed for the dumpster. The new metal wheel does away with the rubber coating as well as the noisy, slow, and prone to wear-and-tear motor assembly. The actuation is now done using a bi-stable electromagnet. A 25 V pulse magnetizes the coil which sits inside the wheel and it pulls on little metal teeth on the inside rim of the wheel. This gives a noiseless detente feel, without any physical contact. A second 25 V spike de-magnetizes the coil, allowing the scroll wheel to spin freely.

[Eric] points out several incremental changes in design which have resulted in improved ergonomics. He also uncovers a few nuggets of useful information. The use of interchangeable mold inserts help make molds last longer while still offering the flexibility to make changes in the molded part. It’s interesting to see special components being used for withstanding vibration and high-G forces. Some of these insights can be useful for those moving from prototyping to production. There’s one puzzling feature on the new PCB that [Eric] cannot figure out. There is a 15 mm scale screen-printed over the blue tooth antenna. If you have an answer on its purpose, let us know in the comments below.

If you are left-handed (which makes 10% of us), you’re out of luck with these right-handed mice and might like to sign one of the several online petitions demanding lefty versions.

Wireless Mouse Power-Up: Logitech MX Master Gets USB-C And Big Battery

June 17, 2019 by Tom Nardi 23 Comments

When the internal rechargeable battery in his wireless mouse died, [cmot17] decided it was the perfect excuse for making a couple of modifications. The Logitech MX Master isn’t exactly a budget mouse to begin with, but that doesn’t mean there’s no room for improvement. With the addition of a larger battery and USB-C charging port, a very nice mouse just got even better.

As it turns out, there’s plenty of empty space inside the Logitech MX Master, which made it easy to add a larger battery. The original 500 mAh pack was replaced with a new 950 mAh one, which is often sold under the model number 603443. Realistically, if you wanted to go even bigger it looks like any three wire 3.7 V Li-Po pack would probably work in this application, but nearly doubling the capacity is already a pretty serious bump.

Adding the USB-C connector ended up being quite a bit trickier. [cmot17] ordered a breakout board from Adafruit that was just a little too large to fit inside the mouse. In the end, not only did some of the case need to get cut away internally, but the breakout PCB itself got a considerable trimming. Once it was shoehorned in there, a healthy dose of hot glue was used to make sure nothing shifts around.

Since [cmot17] didn’t change the mouse’s original electronics, the newly upgraded Logitech MX Master won’t actually benefit from the faster charging offered by USB-C. If anything, it’s actually going to charge slower thanks to the beefier battery. But considering how infrequently it will need to be charged with the upgraded capacity (Logitech advertised 40 days with the original 500 mAh battery), we don’t think it will be a problem.

Over the years, we’ve seen plenty of stuff crammed into the lowly mouse. Everything from a full computer, to malicious firmware code has been grafted onto that most ubiquitous of computer peripherals. So in the grand scheme of things, this is perhaps one of the most practical mouse modifications to ever grace these pages.