Reddit user [nomoreimfull] posted code for a dynamic WiFi beacon to r/arduino. The simple, but clever, sketch is preloaded with some rather familiar lyrics and is configured to Rickroll wireless LAN users via the broadcast SSID (service set identifier) of an ESP32 WiFi radio.
The ESP32 and its smaller sibling the ESP8266 are tiny microcontrollers that featuring built-in WiFi support. With their miniature size, price, and power consumption characteristics, they’ve become favorites for makers, hackers, and yes pranksters for a wide variety of projects. They can be easily programmed using their own SDK or through a “board support” extension to the Arduino IDE.
For the dynamic WiFi beacon, the ESP32 is placed into AP (access point) mode and broadcasts its human readable name (SSID) as configured. What makes the SSID dynamic, or rolling, is that the sketch periodically updates the SSID to a next line of text stored within the code. Of course, in the Rickroll prank this means the next line of lyrics from “Never Gonna Give You Up” by Rick Astley himself.
We like big keyboards and we cannot lie, and we’ve seen some pretty big keyboards over the years. But this one — this one is probably the biggest working board that anyone has ever seen. [RKade] and [Kristine] set out to make the world’s largest keyboard by Guinness standards – and at 16 feet long, you would think they would be a shoe-in for the world record. More on that later.
As you might have figured out, what’s happening here is that each giant key actuates what we hope is a Cherry-brand lever switch that is wired to the pads of a normal-sized keyboard PCB. Once they designed the layout, they determined that there were absolutely no existing commercial containers that, when inverted, would fit the desired dimensions, so they figured out that it would take 350 pieces of cardboard to make 70 5-sided keycaps and got to work.
Aside from the general awesomeness of this thing, we really like the custom buttons, which are mostly made of PVC components, 3D printed parts, and a bungee cord for the return spring.
[RKade] encountered a few problems with the frame build — mostly warped boards and shrunken holes where each of the 70 keys mount. After the thing was all wired up (cleverly, we might add, with Ethernet cable pairs), [RKade] rebuilt the entire frame out of three-layers of particle board.
By the way, Guinness rejected the application, citing that it must be an exact replica of an existing keyboard, and it must be built to commercial/professional standards. They also contradict themselves, returning no search results for biggest keyboard, but offer upon starting a world record application that there is a record-holding keyboard on file after all, and it is 8 ft (2.4 m) long. It’s not the concrete Russian keyboard, which is non-functional, but we wonder if it might be the Razer from CES 2018 that uses Kailh Big Switches.
Once the keyboard was up and running, [RKade] and [Kristine] duke it out over a game of Typing Attack, where the loser has to type all the lyrics to “Never Gonna Give You Up” on the giant keyboard. Check it out after the break.
Nobody likes opening up a hacking target and finding a black epoxy blob inside, but all hope is not lost. At least not if you’ve got the dedication and skills of [Jeroen Domburg] alias [Sprite_tm].
It all started when [Big Clive] ordered a chintzy Chinese musical meditation flower and found a black blob. But tantalizingly, the shiny plastic mess also included a 2 MB flash EEPROM. The questions then is: can one replace the contents with your own music? Spoiler: yes, you can! [Sprite_tm] and a team of Buddha Chip Hackers distributed across the globe got to work. (Slides here.)
[Jeroen] started off with binwalk and gets, well, not much. The data that [Big Clive] dumped had high enough entropy that it looks either random or encrypted, with the exception of a couple tiny sections. Taking a look at the data, there was some structure, though. [Jeroen] smelled shitty encryption. Now in principle, there are millions of bad encryption methods out there for every good one. But in practice, naive cryptographers tend to gravitate to a handful of bad patterns.
Bad pattern number one is XOR. Used correctly, XORing can be a force for good, but if you XOR your key with zeros, naturally, you get the key back as your ciphertext. And this data had a lot of zeros in it. That means that there were many long strings that started out the same, but they seemed to go on forever, as if they were pseudo-random. Bad crypto pattern number two is using a linear-feedback shift register for your pseudo-random numbers, because the parameter space is small enough that [Sprite_tm] could just brute-force it. At the end, he points out their third mistake — making the encryption so fun to hack on that it kept him motivated!
Decrypted, the EEPROM data was a filesystem. And the machine language turned out to be for an 8051, but there was still the issue of the code resident on the microcontroller’s ROM. So [Sprite_tm] bought one of these flowers, and started probing around the black blob itself. He wrote a dumper program that output the internal ROM’s contents over SPI. Ghidra did some good disassembling, and that let him figure out how the memory was laid out, and how the flow worked. He also discovered a “secret” ROM area in the chip’s flash, which he got by trying some random functions and looking for side effects. The first hit turned out to be a memcpy. Sweet.
Meanwhile, the Internet was still working on this device, and [Neil555] bought a flower too. But this one had a chip, rather than a blob, and IDing this part lead them to an SDK, and that has an audio suite that uses a derivative of WMA audio encoding. And that was enough to get music loaded into the flower. (Cue a short rick-rolling.) Victory!
Well, victory if all you wanted to do was hack your music onto the chip. As a last final fillip, [Sprite_tm] mashed the reverse-engineered schematic of the Buddha Flower together with [Thomas Flummer]’s very nice DIY Remoticon badge, and uploaded our very own intro theme music into the device on a badge. Bonus points? He added LEDs that blinked out the LSFR that were responsible for the “encryption”. Sick burn!
Editor’s Note: This is the last of the Remoticon 2 videos we’ve got. Thanks to all who gave presentations, to all who attended and participated in the lively Discord back channel, and to all you out there who keep the hacking flame alive. We couldn’t do it without you, and we look forward to a return to “normal” Supercon sometime soon.
If there is one educational institution that features on these pages more than any other, it may be Cornell University. Every year we receive a pile of tips showing us the engineering term projects from [Bruce Land]’s students, and among them are some amazing pieces of work. Outside the walls of those technical departments though, we suspect that cool hacks may have been thin on the ground. English Literature majors for example contain among their ranks some astoundingly clever people, but they are not known for their handiness with a soldering iron or a lathe.
We’re happy to note then that someone at Cornell who is handy with a soldering iron has been spreading the love. In the form of coin cell powered throwies that intermittently Rickroll the inhabitants of the institution’s halls of residence. We have few technical details, but they seem to be a simple affair of a small microcontroller dead-bug soldered to a coin cell and a piezoelectric speaker. If we were embarking on such a project we’d reach for an ATtiny of some description, but similar work could be done with a PIC or any number of other families.
The Cornell Daily Sun write-up is more a work of investigative journalism detailing the perplexed residents searching for the devices than it is one of technical reference. We’re pleased to note that the university authorities have a relaxed attitude to the prank, and that no action will be taken against the perpetrator should they be found.
Thus we’d like to take a moment to reach out to the Cornell prankster, and draw their attention to our Coin Cell Challenge competition. There is still time to enter, and a Rickrolling throwie would definitely qualify. This isn’t the first tiny Rickrolling prank we’ve shown you on these pages.
Our conscience almost prevented us from posting this one. Almost.
What do people all around the world want most? Free WiFi. And what inevitable force do they want to avoid most, just after death and taxes? Rick Astley. As a getting-started project with the ESP8266, Hackaday.io user [jaime] built a “free WiFi portal” that takes advantage of people’s deepest desires. Instead of delivering sweet, high-bandwidth connectivity, once you click through the onerous terms and conditions, it delivers you a looped GIF with background music.
And all of this on $4 worth of hardware, with firmware assembled in the cloud and easily available to anyone. We live in a truly frivolous glorious age.
Digging through our archives, we found a number of Rickroll posts that we’d rather forget, but this steam-powered record player bears a second look.
Summoning 4chans, 9gags, Reddits and other denizens of easily-digested content, Liberty Games stripped apart a dilapidated “Baby Doll” pinball arcade machine and turned it into this meme-spouting monstrosity. A complete redo of the vinyl and graphics to sport dozens of familiar internet tropes was first, then they had Shapeways create internal scenery and finally some electronics were added to spice things up.
We have seen PINMAME-based digital machines but this took a different path. Pinball machines this old pre-date common transistors so they rely on electro-mechanicals for everything. This made hacking the machine challenging so the team intercepted most of the signals and tied them into a Raspberry Pi with a Pi-face interface board. A videoscreen was added to the scoreboard, triggering all manner of memey videos and sounds according to actions performed and unlocked on the screen.
If you yearn for expired pranks of years gone by and are bad at pinball, you are in luck. Losing the game gets you Rickrolled – over and over again. On the plus side, Nyan Cat rockets away to bonuses and even the Admiral himself warns you of impending danger.
We resisted the urge to write this article as a chain of one meme to the next, you will get plenty of that from the well-documented project conversion and the following video. Someone in the comments will probably make a list of all memes.
Over on the reddits, [CarbonGod] thought he had a slightly overpowered laser pointer. His red laser pointer had a label that said it outputs less than 5 mW. The only problem is it melted black plastic and heated a thermocouple up to 140°F. [CarbonGod] is begging, borrowing, or stealing a power meter from an engineer friend, but until then we’ve got measurements from [The_Sourgrapes]. His lasers put out 105 mW (red), 56 mW (blue), and 53 mW (green).
While <5 mW lasers are fairly safe, these lasers that are labeled as having < 5 mW of output are not. Now if we only knew where to buy these overpowered lasers…
It’s impossible to find this video in HD
[Zach] created a physical rickroll device. It’s an Arduino and an MP3 shield hooked up to an ultrasonic sensor. When someone walks within six feet of the device, the Arduino starts playing Never Gonna Give You Up. When that person walks away, the song is paused only to start again when something else is detected by the ultrasonic sensor. There’s a hilarious video of [Zach] triggering his physical rickroll device, or you can check it out on the build page.
Hey, you! Write some code!
[William] wrote in to tell us about a project called ReactOS. The goal of the project is to create a free and open source operating system that is binary comparable with Windows XP. Yes, this project has been around for a very long time, but with Microsoft dropping support for XP, the ReactOS team could really use a few devs to get a beta out soon. If you know a bunch of low-level Windows stuff but haven’t ever contributed to an open source project, check out the developer’s wiki.
I’m [Johnny Knoxville] and this is electrostatic discharge
If gift giving were a contest, [Bradley] would win. His sister’s favorite movie is Indiana Jones and the Last Crusade, so when he needed to wrap a gift (a coffee cup, fittingly), he went all out. All the challenges required to obtain the Holy Grail are present in this present including the breath of God (needs more circular saws), the name of God (why was the letter ‘J’ even in the movie?), and the Leap of Faith (sand included).
Coming up for his sister’s birthday, a face-melting hair dryer.