Most e-book readers don’t have physical page turn buttons. Why? They just don’t. Virtual page turns are accomplished with a tap at a screen edge. Determined to reduce the awkwardness of one-handed use, [Sagar Vaze] modified a Kobo e-reader with two physical page turn buttons as a weekend project.
[Sagar] points out that since the underlying OS of the Kobo device is Linux, it is possible to fake touches to the screen (and therefore trigger page turns) by recording then replaying the appropriate input event. However, there was a more direct solution available to those willing to tamper slightly with the hardware. Touch sensing on the screen is done via an infrared break-beam system. Along two edges of the screen are IR emitters, and opposite the emitters are receivers. Broadly speaking, when a fingertip touches the display a minimum of two IR beams are broken, and the physical location of the fingertip can therefore be determined by analyzing exactly how the IR pattern has been changed.
To spoof page turns, [Sagar] briefly shorts two IR emitters: one on each axis. The sudden winking out of the IR is interpreted by the device as a crisp tap, and the device obediently turns the page. The only hitch is that both IR emitters must be shorted at the same time. If one is shorted before the other, the device ignores it. Double-pole switches would probably do the trick, but with the part bin coming up empty in that respect, [Sagar] instead used a few transistors to accomplish the same thing. A 3D printed enclosure rounds out the whole mod, and a brief video is embedded below.
Continue reading “E-Book Reader Gets Page Turn Buttons, Is None The Wiser”
We’re all too spoiled nowadays with our comfortable ways to erase and write data to persistent memory, whether it’s our microcontroller’s internal flash or some external EEPROM. Admittedly, those memory technologies aren’t exactly new, but they stem from a time when their predecessors had to bathe under ultraviolet light in order to make space for something new. [Taylor Schweizer] recently came across some of these quartz-window decorated chips, and was curious to find out what is stored in them. Inspired by the BIOS reverse engineering scene in Halt and Catch Fire, he ended up building his own simple reader to display the EPROM’s content.
The 2732 he uses is a standard EPROM with 32kbit memory. Two pins, Chip Enable and Output Enable, serve as main control interface, while 12 address pins select the data stored in the chip’s internal 4K x 8 arrangement, to output it on the 8 data output pins. You could of course hook up the EPROM to a microcontroller and send what you read via serial line, but [Taylor] opted for a more hands-on approach that lets him read out the data in a manual way. He simply uses a bank of DIP switches to set the address and control pins, and added a row of LEDs as display.
As you can see from the short demonstration in the video after the break, reading out the entire EPROM would be a rather tedious task this way. If you do have more serious intentions to read out the content, you could have a look at one of those microcontroller based solutions sending data via serial line after all.
Continue reading “Reading Out An EPROM – With DIP Switches”
[James Tate] is starting up a project to make a “Super Reverse-Engineering Tool”. First on his list? A simple NAND flash reader, for exactly the same reason that Willie Sutton robbed banks: because that’s where the binaries are.
As it stands, [James]’s first version of this tool is probably not what you want to use if you’re dumping a lot of NAND flash modules. His Arduino code reads the NAND using the notoriously slow
digital_write() commands and then dumps it over the serial port at 115,200 baud. We’re not sure which is the binding constraint, but neither of these methods are built for speed.
Instead, the code is built for hackability. It’s pretty modular, and if you’ve got a NAND flash that needs other low-level bit twiddling to give up its data, you should be able to get something up and working quickly, start it running, and then go have a coffee for a few days. When you come back, the data will be dumped and you will have only invested a few minutes of human time in the project.
With TSOP breakout boards selling for cheap, all that prevents you from reading out the sweet memory contents of a random device is a few bucks and some patience. If you haven’t ever done so, pull something out of your junk bin and give it a shot! If you’re feeling DIY, or need to read a flash in place, check out this crazy solder-on hack. Or if you can spring for an FTDI FT2233H breakout board, you can read a NAND flash fast using essentially the same techniques as those presented here.
Resurrecting a beloved piece of tech can be a trying process when fighting through the mild heartbreak — doubly so if the product has been discontinued. When their old Sony PRS-T1 e-book reader refused to charge after leaving it on their dashboard during a hot day, [Andrea Gangemi] decided to leverage a little techno-necromancy and hack together a fix.
[Gangemi] found the problem to be a battery failure, but there was nary a replacement to be found. An old Motorola mobile phone battery ended up fitting the purpose nicely. Cracking open the e-book reader, de-soldering the old battery and — after deciphering which pins were which — installing the new one was simply done with a fine, high temperature soldering iron tip and Kapton tape to avoid short-circuiting. But hold on — the new battery wouldn’t charge, and the reader displayed a message saying that the battery was over heating; irony, thou art cruel.
Continue reading “Replacing A Failed Ebook Reader Battery”
Sometimes you just have parts lying around and want to make something out of them. [Tymkrs] had a robot paper cutter, so naturally they made punch cards. But then, of course, they needed a punch card reader, so they made one of those too. All with stuff lying around the shop.
The Silhouette Portrait paper cutter is meant for scrapbooking, but what evokes memories of the past more than punchcards? To cut out their data, rather than cute kittens or flowers, they wrote some custom code to turn ASCII characters into rows of dots. And the cards are done — you just have to clean up the holes that didn’t completely cut. These are infamously known as hanging chads.
The reader is made up of a block of wood, with a gap for the cards and perpendicular holes drilled for LEDs and photoresistors. This is cabled to a Propeller dev board with some simple firmware. We would have used photodiodes or phototransistors, because that’s what’s in our junk box (and because they have faster reaction time), but when you’ve got lemons, make lemonade.
OK, now that you’ve got a punch card reader and writer, what do you do with it? Password storage comes to mind.
Continue reading “DIY Punch Card System Despite Hanging Chads”
iClass is an RFID standard that is aimed at better security through encryption and authentication. While it is more secure than some other RFID implementations, it is still possible to hack the system. But initial iClass exploits were quite invasive. [Brad Antoniewicz] published a post which talks about early attacks on the system, and then demonstrates a better way to exploit iClass readers.
We remember seeing the talk on iClass from 27C3 about a year and a half ago. While the technique was interesting, it was incredibly invasive. An attacker needed multiple iClass readers at his disposal as the method involved overwriting part of the firmware in order to get a partial dump, then patching those image pieces back together. [Brad] makes the point that this is fine with an off-the-shelf system, but high-security installations will be using custom images. This means you would need to get multiple readers off the wall of the building you’re trying to sneak into.
But his method is different. He managed to get a dump of the EEPROM from a reader using an FTDI cable and external power source. If you wan to see how he’s circumventing the PIC read protection you’ll have to dig into the source code linked in his article.
[Andrea “Mancausoft” Milazzo] has been restoring old equipment which often contain EPROM chips. He thought he was all set with an EPROM reader which easily dumped the data from 2716 chips and a few others. But he found that the hardware was unable to read 2708 and 2704 chips. His solution was to build a PIC-based EPROM dumper.
You may remember from some of our recent features that these chips are something of a ticking clock. They store program code and other information vital to the functioning of old hardware. Since they’re erased with UV light, years of exposure to ambient light can zap some of the data.
The specs needed to read a chip of this type are rather rudimentary. There are ten address pins and eight data pins. [Andrea] also needed a way to get data from the microcontroller to a computer for backup. He uses two more pins for this purpose, bringing the I/O count to 20. He went with PIC 18F4610 and built the rest of the reader around it.