Eavesdropping On A VGA Monitor’s Conversations

March 29, 2018 by Dan Maloney 28 Comments

Did you ever wonder what your monitor and your computer are talking about behind your back? As it turns out, there’s quite a conversation going on while the monitor and the computer decide how to get along, and sniffing out VGA communications can reveal some pretty fascinating stuff about the I²C protocol.

To reverse engineer the configuration information exchanged between a VGA monitor and a video card, [Ken Shirriff] began by lopping a VGA cable in two. The inside of such cables is surprisingly complex, with separate shielding wires for each color and sync channel and a host of control wires, all bundled in multiple layers of shielding foil and braid to reduce EMI. [Ken] identified the clock and data lines used for the I²C interface and broke those out into a PocketBeagle for analysis using the tiny Linux machine’s I²C tools.

With a Python script to help decode the monitor’s Extended Display Identification Data (EDID) data, [Ken] was able to see everything the monitor knows about itself — manufacturer, serial number, all the supported resolution modes, and even deprecated timing and signal information left over from the days when CRTs ruled the desktop. Particularly interesting are the surprisingly limited capabilities of a VGA display in terms of color reproduction, as well as [Ken]’s detailed discussion on the I²C bus in general and how it works.

We always enjoy these looks under the hood that [Ken] is so good at, and we look forward to his reverse engineering write-ups. His recent efforts include a look at core memory from a 50-year old mainframe and reverse engineering at the silicon level.

Shoot-And-Forget Digital Photo Frame

March 5, 2018 by James Hobson 28 Comments

Digital photo frames these days require you to manage the photos stored on it or the cloud-based service tied to the frame’s manufacturer. [Henric Andersson] realized that he and his wife take a lot of photos but find little time to go through them — like photo albums of days past — and add them to any photo frame-like appliance or service. Since Google photos can do a lot of the sorting for them, he decided to incorporate that into a digital photo frame.

Using his wife’s old Viewsonic 24” 1080p monitor, he cracked it open and incorporated the screen into a 24×16 distressed wood frame — reinforcing it to account for the bulky, built-in power supply with pieces of HDF and a lot of glue. The brains behind this digital photo frame is a Raspberry Pi 3 he received from a friend. To turn the whole on/off, he built a small circuit but it turned out it wasn’t strictly necessary since everything started just fine without it.

While functionally complete, it needed one more addition. A little thing called ‘color temperature calibration’ — aka white balance.

Finding the TCS34725 RGB color sensor by Adafruit — and readily available code for easy integration — [Andersson] puzzled over how to add it to the frame. To disguise it while retaining its effectiveness, he had to glue it to the rear of the frame after drilling a hole in the top piece and sticking a plastic stick through the hole to let light through to the sensor.

To get the photos to display, [Henric Andersson] says all he did was add a few queries to Google Photos and it will display all your relevant photos that have been synced to the service. For a breakdown of that side of this hack, check out his other post with the details.

While Google Photos deftly displays photos of various orientations, sizes, and aspect ratios, we’ve featured a digital photo frame that handles the task a little differently.

Software Defined Television On An ESP32

February 22, 2018 by Dan Maloney 24 Comments

Composite video from a single-board computer? Big deal — every generation of Raspberry Pi has had some way of getting composite signals out and onto the retro monitor of your choice. But composite video from an ESP32? That’s a thing now too.

There are some limitations, of course, not least of which is finding a monitor that can accept a composite input, but since [bitluni]’s hack uses zero additional components, we can overlook those. It really is as simple as hooking the monitor up to pin 25 and ground because, like his recent ESP32 AM radio station, the magic is entirely in software. For video, [bitluni] again uses his I²S tweaks to push a lot of data into the DAC really fast, reproducing the sync and image signals in the 0-1 volt range of the PAL composite standard. His code also supports the NTSC standard, but alas because of frequency limitations in the hardware it’s monochrome only for both standards, at least for now. He’s also got a neat trick to improve performance by running the video signal generation and the 3D-rendering on separate cores in the ESP32. Check out the results in the video below.

It looks like the ESP32 is getting to be one of those “Is there anything it can’t do?” systems. Aside from radio and video, we’ve seen audio playback, vector graphics, and even a Basic interpreter easter egg.

Continue reading “Software Defined Television On An ESP32” →

Bark Back IoT Pet Monitor

January 5, 2018 by James Hobson 6 Comments

Does your pet get distressed when you’re not home? Or, perhaps their good behaviour slips when you’re not around and they cause a ruckus for the neighbours. Well, [jenfoxbot] has just such a dog, so she built a ‘bark back’ IoT pet monitor to keep an eye on him while she’s out.

The brains and backbone of the pet monitor is the ever-popular Raspberry Pi 3. A Sparkfun MEMS microphone breakout board listens for any unruly behaviour, with an MCP3002 analog to digital converter chip reading the mic input. Some trial-and-error coding allowed her to set a noise threshold that — once exceeded — will trigger an audio file, shushing her dog. It also logs events and uploads any status updates to a CloudMQTT server to be monitored while away from home. Her Imgur build album can be found here, and the GitHub project page is here if you want to build your own!

Check out the demo video after the break, that was probably confusing for her good dog, Marley.

Continue reading “Bark Back IoT Pet Monitor” →

A TEMPEST In A Dongle

November 26, 2017 by Dan Maloney 27 Comments

If a couple of generations of spy movies have taught us anything, it’s that secret agents get the best toys. And although it may not be as cool as a radar-equipped Aston Martin or a wire-flying rig for impossible vault heists, this DIY TEMPEST system lets you snoop on computers using secondary RF emissions.

If the term TEMPEST sounds familiar, it’s because we’ve covered it before. [Elliot Williams] gave an introduction to the many modalities that fall under the TEMPEST umbrella, the US National Security Agency’s catch-all codename for bridging air gaps by monitoring the unintended RF, light, or even audio emissions of computers. And more recently, [Brian Benchoff] discussed a TEMPEST hack that avoided the need for thousands of dollars of RF gear, reducing the rig down to an SDR dongle and a simple antenna. There’s even an app for that now: TempestSDR, a multiplatform Java app that lets you screen scrape a monitor based on its RF signature. Trouble is, getting the app running on Windows machines has been a challenge, but RTL-SDR.com reader [flatfishfly] solved some of the major problems and kindly shared the magic. The video below shows TempestSDR results; it’s clear that high-contrast images at easiest to snoop on, but it shows that a $20 dongle and some open-source software can bridge an air gap. Makes you wonder what’s possible with deeper pockets.

RF sniffing is only one of many ways to exfiltrate data from an air-gapped system. From power cords to security cameras, there seems to be no end to the ways to breach systems.

Continue reading “A TEMPEST In A Dongle” →

PocketCHIP As A Hardware Hacker’s Terminal

September 8, 2017 by Anool Mahidharia 15 Comments

Conferences these days can be tricky places to be at – especially hardware and hacker cons. If you aren’t the one doing the hacking, then you can be sure your devices are being probed, pinged and possibly, hacked. It certainly isn’t the place to bring your precious laptop. Besides, as the day wears on and your feet start aching, regular laptops start feeling bigger and heavier. What you need is a burner laptop – one that is lightweight, cheap and that you don’t mind getting hacked. [dalmoz] wrote a short, to-the-point, tutorial on making use of PocketCHIP as a hardware-hacker’s best friend when it comes to UART connections. It’s also handy to use as a stand alone serial monitor for your projects without having to dedicate a USB port and screen real estate.

The PocketCHIP is a dock for the C.H.I.P. microcomputer and adds a LED backlit touchscreen display, QWERTY keyboard and LiPo battery in a lightweight, molded case. For $70, you get a 1 GHz ARM v7 processor, 512MB RAM, Mali 400 GPU, WiFi and Bluetooth. It’s light enough to be hung around your neck via its lanyard slot. And all of the GPIO pins are conveniently broken out, including the UART pins. Right now, it’s in the hands of Kickstarter backers, but the Next Thing Co website indicates availability sometime this month.

On the hardware side, all you need to do is add header pins to TX, RX and GND (and maybe 5 V and 3 V if required) on the PocketCHIP GPIO header and you’re good to go. On the software side, things are equally easy. The UART pins are meant to provide debug access to the CHIP itself and need to be released from internal duty. Once the UART port is identified, a single terminal command frees its status as a debugging interface. After that, use any terminal emulator – [dalmoz] recommends Minicom – and you’re all set. In the unlikely event that all you have is an Arduino lying around, [dalmoz] posted a simple sketch that can be used to make sure you have it working. Great hacking tip, ’cause it is as simple as it gets. If you’d like to know more about the CHIP project, check out its documentation and Github repository – it’s all open source.

Hacking Touch Screens To Count Pulses

July 9, 2017 by Inderpreet Singh 5 Comments

Heart rate sensors available for DIY use employ photoplethysmography which illuminates the skin and measures changes in light absorption. These sensors are cheap, however, the circuitry required to interface them to other devices is not. [Petteri Hyvärinen] is successfully investigating the use of capacitive touchscreens for heart rate sensing among other applications.

The capacitive sensor layer on modern-day devices has a grid of elements to detect touch. Typically there is an interfacing IC that translates the detected touches into filtered digital numbers that can be used by higher level applications. [optisimon] first figured out a way to obtain the raw data from a touch screen. [Petteri Hyvärinen] takes the next step by using a Python script to detect time variations in the data obtained. The refresh rate of the FT5x06 interface is adequate and the data is sent via an Arduino in 35-second chunks to the PC over a UART. The variations in the signal are very small, however, by averaging and then using the autocorrelation function, the signal was positively identified as a pulse.

A number of applications could benefit from this technique if the result can be replicated on other devices. Older devices could possibly be recycled to become low-cost medical equipment at a fraction of the cost. There is also the IoT side of things where the heart-rate response to media such as news, social media and videos could be used to classify content.

Check out our take on the original hack for capacitive touch imaging as well as using a piezoelectric sensor for the same application.