Sonoff Factory Tour Is A Lesson On Life In Shenzhen

December 29, 2017 by Dan Maloney 24 Comments

Judging by the popularity of “How It’s Made” and other shows of the genre, watching stuff being made is a real crowd pleaser. [Jonathan Oxer] from SuperHouse is not immune to the charms of a factory tour, so he went all the way to China to visit the factory where Sonoff IoT devices are made, and his video reveals a lot about the state of electronics manufacturing.

For those interested only in how Sonoff devices are manufactured, skip ahead to about the 7:30 mark. But fair warning — you’ll miss a fascinating discussion of how Shenzhen rose from a sleepy fishing village of 25,000 people to the booming electronics mecca of 25 million that it is today. With growth supercharged by its designation as a Special Economic Zone in the 1980s, Shenzhen is now home to thousands of electronics concerns, including ITEAD, the manufacturers of the Sonoff brand. [Jonathan]’s tour of Shenzhen includes a trip through the famed electronics markets where literally everything needed to build anything can be found.

At the ITEAD factory, [Jonathan] walks the Sonoff assembly line showing off an amazingly low-tech process. Aside from the army of pick and places robots and the reflow and wave soldering lines, Sonoff devices are basically handmade by a small army of workers. We lost count of the people working on final assembly, testing, and packaging, but suffice it to say that it’ll be a while before robots displace human workers in electronic assembly, at least in China.

We found [Jonathan]’s video fascinating and well worth watching. If you’re interested in Sonoff’s ESP8266 offerings, check out our coverage of reverse engineering them. Or, if Shenzhen is more your thing, [Akiba]’s whirlwind tour from the 2016 Superconference will get you started.

Continue reading “Sonoff Factory Tour Is A Lesson On Life In Shenzhen” →

Custom Lightbulb Firmware

October 1, 2017 by Lewin Day 15 Comments

The Internet of Things is developing at a rapid pace, as hobbyists and companies rush to develop the latest and greatest home automation gear. One area of particular interest to some is lighting – yes, even the humble lightbulb now comes with a brain and is ripe for the hacking.

[Tinkerman] starts by doing a full disassembly of the Sonoff B1 lightbulb. It’s a popular device, and available for less than $20 on eBay. Rated at 6 watts, the bulb has a heatsink that is seemingly far larger than necessary. Inside is the usual AC/DC converter, LED driver and an ESP8285 running the show. While this is a slightly different part to the usual ESP8266, it can be programmed in the same way by selecting the correct programming mode.

This is where it gets interesting – [Tinkerman] flashes the device with a custom firmware known as ESPurna. This firmware enables greater control over the function of the bulb, from colour choice, to speaking to the bulb over MQTT.

[Tinkerman] does a great job of walking through the exact steps needed to disassemble and reprogram the bulb, and touches upon the added flexibility given by the custom firmware. We love to see projects like this one, that give greater control over IoT devices and enable users to better integrate them with other systems.

Hijacking The Sonoff OTA Mechanism

May 31, 2017 by Lewin Day 25 Comments

ITEAD’s Sonoff line is a range of Internet-of-Things devices based around the ESP8266. This makes them popular for hacking due to their accessibility. Past projects have figured out how to reflash the Sonoff devices, but for [mirko], that wasn’t enough – it was time to reverse engineer the Sonoff Over-The-Air update protocol.

[mirko]’s motivation is simple enough – a desire for IoT devices that don’t need to phone home to the corporate mothership, combined with wanting to avoid the labor of cracking open every Sonoff device to reflash it with wires like a Neanderthal. The first step involved connecting the Sonoff device to WiFi and capturing the traffic. This quickly turned up an SSL connection to a remote URL. This was easily intercepted as the device doesn’t do any certificate validation – but a lack of security is sadly never a surprise on the Internet of Things.

After capturing the network traffic, [mirko] set about piecing together the protocol used to execute the OTA updates. After a basic handshake between client and server, the server can ask the client to take various actions – such as downloading an updated firmware image. After determining the messaging format, [mirko] sought to create a webserver in Python to replicate this behaviour.

There are some pitfalls – firmware images need to be formatted slightly differently for OTA updates versus the usual serial upload method, as this process leaves the stock bootloader intact. There’s also the split-partition flash storage system to deal with, which [mirko] is still working on.

Nevertheless, it’s great to see hackers doing what they do best – taking control over hardware and software to serve their own purposes. To learn more, why not check out how to flash your Sonoff devices over serial? They’re just an ESP8266 inside, after all.

Son Of Sonoff

May 12, 2017 by Al Williams 19 Comments

We’ve covered the Sonoff a few times–a very inexpensive box with an ESP8266, a power supply, and an AC relay along with a way to tap into a power cord. Very inexpensive means $5 or $6. The supplied software will work with several systems (including, recently, Alexa). But what self-respecting hacker wants to run the stock firmware on something with an ESP8266 inside?

[Tzapu] certainly didn’t. But he also knew he didn’t want to start from scratch every time he wanted to deploy a switch. So he built SonoffBoilerplate and put the code on GitHub. The code manages taking configuration (including network settings) using a web-portal, can update itself over the air, and integrates with Blynk and MQTT. If you don’t like that code base, there are other choices including one that has a failsafe reconfiguration mode.

Continue reading “Son Of Sonoff” →

Hacked IoT Switch Gains I2C Super Powers

March 27, 2017 by Elliot Williams 50 Comments

Economies of scale and mass production bring us tons of stuff for not much money. And sometimes, that stuff is hackable. Case in point: the $5 Sonoff WiFi Smart Switch has an ESP8266 inside but the firmware isn’t very flexible. The device is equipped with the bare minimum 1 MB of SPI flash memory. Even worse, it doesn’t have ~~the I2C ports~~ extra pins exposed so that you can’t just connect up your own sensors and make them much more than just a switch. But that’s why we have soldering irons, right?

Continue reading “Hacked IoT Switch Gains I2C Super Powers” →