Hackaday Links: September 8, 2019

We start this week with very sad news indeed. You may have heard about the horrific fire on the dive boat Conception off Santa Cruz Island last week, which claimed 33 lives. Sadly, we lost one of our own in the tragedy: Dan Garcia, author of the wildly popular FastLED library. Dan, 46, was an Apple engineer who lived in Berkley; his partner Yulia Krashennaya died with him. Our community owes Dan a lot for the work he put into FastLED over the last seven years, as many an addressable LED is being driven by his code today. Maybe this would be a good chance to build a project that uses FastLED and add a little light to the world, courtesy of Dan.

In happier news, the biggest party of the hardware hacking year is rapidly approaching. That’s right, the 2019 Hackaday Superconference will be upon us before you know it. Rumor has it that there aren’t that many tickets left, and we haven’t even announced the slate of talks yet. That’s likely to clean out the remaining stock pretty darn quickly. Are you seriously prepared to miss this? It seems like a big mistake to us, so why don’t you hop over and secure your spot before you’re crying into your Club-Mate and wondering what all the cool kids will be doing in November.

Of course one of the highlights of Superconference is the announcement of the Hackaday Prize winner. And while we naturally think our Prize is the best contest, that doesn’t mean there aren’t others worth entering. MyMiniFactory, the online 3D-printing community, is currently running a “Design with Arduino” competition that should be right up the alley of Hackaday readers. The goal is simple: submit a 3D-printed design that incorporates Arduino or other electronics. That’s it! Entries are accepted through September 16, so you’ve still got plenty of time.

Sometimes you see something that just floors you. Check out this tiny ESP32 board. It doesn’t just plug into a USB port – it fits completely inside a standard USB Type A jack. The four-layer board sports an ESP32, FTDI chip, voltage regulator, an LED and a ceramic antenna for WiFi and Bluetooth. Why would you want such a thing? Why wouldn’t you! The board is coming soon on CrowdSupply, so we hope to see projects using this start showing up in the tipline soon.

Here’s a “why didn’t I think of that?” bench tip that just struck us as brilliant. Ever had to probe a board to trace signal paths? It’s a common enough task for reverse engineering and repairs, but with increasingly dense boards, probing a massive number of traces is just too much of a chore. Hackaday superfriend Mike Harrison from “mikeselectricstuff” makes the chore easier with a brush made from fine stainless wires crimped into a ring terminal. Attached to one probe of a multimeter, the brush covers much more of the board at a time, finding the general area where your trace of interest ends up. Once you’re in the neighborhood you can drop back to probing one pad at a time. Genius! We’d imagine a decent brush could also be made from a bit of coax braid too.

Another shop tip to wrap up this week, this one for woodworkers and metalworkers alike. Raw materials are expensive, and getting the most bang for your buck is often a matter of carefully laying out parts on sheet goods to minimize waste. Doing this manually can be a real test of your spatial relations skills, so why not automate it with this cut list optimizer? The app will overlay parts onto user-defined rectangles and snuggle them together to minimize waste. The program takes any units, can account for material lost to kerfs, and will even respect grain direction if needed. It’s built for wood, but it should prove useful for sheet metal on a plasma cutter, acrylic on a laser, or even PCBs on a panel.

The Amazon Dash Button: A Retrospective

The Internet of Things will revolutionize everything! Manufacturing? Dog walking? Coffee bean refilling? Car driving? Food eating? Put a sensor in it! The marketing makes it pretty clear that there’s no part of our lives which isn’t enhanced with The Internet of Things. Why? Because with a simple sensor and a symphony of corporate hand waving about machine learning an iPhone-style revolution is just around the corner! Enter: Amazon Dash, circa 2014.

The first product in the Dash family was actually a barcode scanning wand which was freely given to Amazon Fresh customers and designed to hang in the kitchen or magnet to the fridge. When the Fresh customer ran out of milk they could scan the carton as it was being thrown away to add it to their cart for reorder. I suspect these devices were fairly expensive, and somewhat too complex to be as frequently used as Amazon wanted (thus the extremely limited launch). Amazon’s goal here was to allow potential customers to order with an absolute minimum of friction so they can buy as much as possible. Remember the “Buy now with 1-Click” button?

That original Dash Wand was eventually upgraded to include a push button activated Alexa (barcode scanner and fridge magnet intact) and is generally available. But Amazon had pinned its hopes on a new beau. Mid 2015 Amazon introduced the Dash Replenishment Service along with a product to be it’s exemplar – the Dash Button. The Dash Button was to be the 1-Click button of the physical world. The barcode-scanning Wands require the user to remember the Wand was nearby, find a barcode, scan it, then remember to go to their cart and order the product. Too many steps, too many places to get off Mr. Bezos’ Wild Ride of Commerce. The Dash Buttons were simple! Press the button, get the labeled product shipped to a preconfigured address. Each button was purchased (for $5, with a $5 coupon) with a particular brand affinity, then configured online to purchase a specific product when pressed. In the marketing materials, happy families put them on washing machines to buy Tide, or in a kitchen cabinet to buy paper towels. Pretty clever, it really is a Buy now with 1-Click button for the physical world.

There were two versions of the Dash button. Both have the same user interface and work in fundamentally the same way. They have a single button (the software can recognize a few click patterns), a single RGB LED (‘natch), and a microphone (no, it didn’t listen to you, but we’ll come back to this). They also had a WiFi radio. Version two (silently released in 2016) added Bluetooth and completely changed the electrical innards, though to no user facing effect.

In February 2019, Amazon stopped selling the Dash Buttons. Continue reading “The Amazon Dash Button: A Retrospective”

RTL-SDR: Seven Years Later

Before swearing my fealty to the Jolly Wrencher, I wrote for several other sites, creating more or less the same sort of content I do now. In fact, the topical overlap was enough that occasionally those articles would get picked up here on Hackaday. One of those articles, which graced the pages of this site a little more than seven years ago, was Getting Started with RTL-SDR. The original linked article has long since disappeared, and the site it was hosted on is now apparently dedicated to Nintendo games, but you can probably get the gist of what it was about from the title alone.

An “Old School” RTL-SDR Receiver

When I wrote that article in 2012, the RTL-SDR project and its community were still in their infancy. It took some real digging to find out which TV tuners based on the Realtek RTL2832U were supported, what adapters you needed to connect more capable antennas, and how to compile all the software necessary to get them listening outside of their advertised frequency range. It wasn’t exactly the most user-friendly experience, and when it was all said and done, you were left largely to your own devices. If you didn’t know how to create your own receivers in GNU Radio, there wasn’t a whole lot you could do other than eavesdrop on hams or tune into local FM broadcasts.

Nearly a decade later, things have changed dramatically. The RTL-SDR hardware and software has itself improved enormously, but perhaps more importantly, the success of the project has kicked off something of a revolution in the software defined radio (SDR) world. Prior to 2012, SDRs were certainly not unobtainable, but they were considerably more expensive. Back then, the most comparable device on the market would have been the FUNcube dongle, a nearly $200 USD receiver that was actually designed for receiving data from CubeSats. Anything cheaper than that was likely to be a kit, and often operated within a narrower range of frequencies.

Today, we would argue that an RTL-SDR receiver is a must-have tool. For the cost of a cheap set of screwdrivers, you can gain access to a world that not so long ago would have been all but hidden to the amateur hacker. Let’s take a closer look at a few obvious ways that everyone’s favorite low-cost SDR has helped free the RF hacking genie from its bottle in the last few years.

Continue reading “RTL-SDR: Seven Years Later”

Reverse Engineering Cyclic Redundancy Codes

Cyclic redundancy codes (CRC) are a type of checksum commonly used to detect errors in data transmission. For instance, every Ethernet packet that brought you the web page you’re reading now carried with it a frame check sequence that was calculated using a CRC algorithm. Any corrupted packets that failed the check were discarded, and the missing data was detected and re-sent by higher-level protocols. While Ethernet uses a particularly common CRC, there are many, many different possibilities. When you’re reverse-engineering a protocol that contains a CRC, although it’s not intended as a security mechanism, it can throw a wrench in your plans. Luckily, if you know the right tool, you can figure it out from just a few sample messages.

A case in point was discussed recently on the hackaday.io Hack Chat, where [Thomas Flayols] came for help reverse engineering the protocol for some RFID tags used for race timing. Let’s have a look at the CRC, how it is commonly used, and how you can reverse-engineer a protocol that includes one, using [Thomas’] application as an example.

Continue reading “Reverse Engineering Cyclic Redundancy Codes”

Homemade Magic Makes The Metcal Go

First soldering irons are often of the Radioshack or Maplin firestarter variety. They’re basically wall power shorted across a nichrome heater or similar with some inline resistance to make it harder to burn down the house. You plug them in, the current flows, and they get hot. Done.

If you stick with the hobby for a while, these eventually get replaced with something like the venerable HAKKO FX-888D or that one Weller everyone likes with the analog knob. These are much improved; having temperature control leads to a more consistently heated tip and much improved soldering experience.

Entering the electronics workplace one comes across the next level of quality soldering iron: high end HAKKOs, Metcals, JBCs, and the like. Using one of these irons is practically a religious experience; they heat in a flash and solder melts while you blink. They even turn off when you put the handpiece down! But they’re expensive to buy (hint: think used). What’s a hobbyist to do?

[SergeyMax] seems to have had this problem. He bit the bullet, figured out how the Metcal works, and made his own base. This is no mean feat as a Metcal might look like a regular iron but it’s significantly more complex than ye olde firestarter. The Metcal magic is based on a oscillating magnetic fields (notice the handpiece is connected via BNC?) interacting with a tip bearing a special coating. In the presence of the changing field the tip heats up until it hits its Curie temperature, at which point it stops interacting with the magnetic field and thus stops heating.

When the user solders, the tip cools by sinking its heat into the part and drops below the Curie temperature again, which starts the heating again. It’s like temperature control with the sensor placed absolutely as close to the part as possible and a nearly instant response time, without even a control loop! [SergeyMax] has a much more thorough description of how these irons work, which we definitely recommend reading.

So what’s the hack? Based on old schematics and some clever reverse engineering from photos [SergeyMax] built a new base station! The published schematic is as rich with capacitors and inductors as one could hope. He didn’t post source or fab files but we suspect the schematic and photos of the bare board combined with some tinkering are enough for the enterprising hacker to replicate.

The post contains a very thorough description of the reverse engineering process and related concerns in designing a cost efficient version of the RF circuitry. Hopefully this isn’t the last Metcal replacement build we see! Video “walkthrough” after the break.

Edit: I may have missed it, but eagle eyed commentor [Florian Maunier] noticed that [SergeyMax] posted the sources to this hack on GitHub!

Continue reading “Homemade Magic Makes The Metcal Go”

Reverse Engineering WyzeSense Hardware

Wyze are a company that produces a variety of home automation products. Their Wyze Sense package is a system of contact and PIR home security sensors, that piggy backs off their Wyze Cam product. In the interests of being able to use this hardware outside the prescribed corporate ecosystem, [Xuan Xing] got down to hacking.

The project starts by tearing down the Wyze Cam, and getting serial console access. This was made easier by an existing Github project, which develops custom firmwares for smart cameras. With that in place he was able to see what was going on under the hood, and read the camera’s system logs.

By poring over these logs, and examining the disassembled Wyze Sense dongle, he’s well on the way to discovering how the sensors communicate with the Wyze Cam. The end goal is to enable the Wyze security sensors to be used with the Raspberry Pi platform, and to share the code on Github for other makers to experiment with.

Home automation platforms come and go quicker than the seasons change. This makes the hardware a popular target for hackers trying to get things running independently of any one company’s servers.

Hail To The King, Baby: Reverse Engineering Duke

If you’re a fan of DOS games from the 1990s, you’ve almost certainly used DOSBox to replay them on a modern computer. It allows you to run software in a virtual environment that replicates an era-appropriate computer. That’s great for historical accuracy, but doesn’t do you much good if you’re trying to leverage modern computing power to breathe some new life into those classic titles. For that, you need to dig in a little deeper.

For the last two and a half years, [Nikolai Wuttke] has been doing exactly that for 1993’s Duke Nukem II. The end result is RigelEngine, an open source drop-in replacement for the original game binary that not only runs on a modern Windows, Linux, or Mac OS machine, but manages to improve on the original in a number of ways. An accomplishment made even more impressive once you learn that the original source code for the game has been lost to time, and that he had to do everything blind.

In a blog post chronicling his progress so far, [Nikolai] explains the arduous process he used to make sure his re-implementation was as accurate as possible to the original game. He spent untold hours studying the original game’s disassembled code in Ida Pro, handwriting out pages of notes and pseudocode as he tried to understand what was happening behind the scenes. Once a particular enemy or element of the game was implemented in RigelEngine, he’d record the gameplay from his version and compare it to the original frame by frame so he could fine tune the experience.

So what’s the end result of more than two years of work and over 25K lines of code? Thanks to the incredible advancements in computing power since the game’s release nearly 30 years ago, [Nikolai] has managed to remove the need for loading screens. His engine is also capable of displaying an unlimited number of particle effects on the screen at once, and multiple sound effects can now be played simultaneously. In the future he’s looking to implement smooth character movement (in the original game, movement was in 8 pixel increments) and adaptive volume for sound effects based on their distance from Duke. Ultimately, RigelEngine should be able to replace the original graphics with new high resolution textures once some issues with the rendering buffer gets sorted out.

It’s hard to overstate how important some of these classic games are to those who grew up playing them. With John Romero still releasing DLC for the original DOOM and hackers disassembling nearly 40 year old games to fix bugs, it doesn’t seem like they’re in any danger of being forgotten.

Continue reading “Hail To The King, Baby: Reverse Engineering Duke”