Deciding to go for a full digital design for the circuitry, the peripheral is based off of a MEMS microphone and an STM32 microcontroller doing the heavy lifting between it and a USB connection. [Andy] notes that MEMS microphones are very delicate and you have to design the PCB around the hole where the sound enters, which is why he went with a breakout board which has the component already soldered onto it.
As for the MCU, he reasons that since this is a off-one project which won’t be produced in large numbers, the 180 MHz ARM core shouldn’t be seen as overkill, since it also gives him more than plenty of headroom to do signal processing to make the sound clearer before sending it through to a computer by the USB audio device descriptor.
Once the components are chosen and the board designed, [Andy] goes into detail explaining the firmware he wrote for the STM32 to translate the PCM samples from the microphone’s I²S interface into a format better suited for the computer. He also describes how it then processes the audio, applying a graphic equalizer to reduce noise and then ST’s own Smart Volume Control filter, which works more like a compressor than a simple amplitude multiplication.
Finally, all files for the project, including board gerbers and the STM32 firmware are available at the bottom of his post, and to boot, a video demonstrating the project which you can check here after the break. [Andy]’s choice of microcontroller for this project is no surprise to us, given he’s already made his own development board for the STM32 G0 series. But if this digital microphone project is a bit too modern for you, why not try your hand at building a ribbon microphone instead?
There are many ways to update an embedded system in the field. Images can fly through the air one a time, travel by sneaker or hitch a ride on other passing data. OK, maybe that’s a stretch, but there are certainly a plethora of ways to get those sweet update bytes into a target system. How are those bytes assembled, and what are the tools that do the assembly? This is the problem I needed to solve.
Recall, my system wasn’t a particularly novel one (see the block diagram below). Just a few computers asking each other for an update over some serial busses. I had chosen to bundle the payload firmware images into the binary for the intermediate microcontroller which was to carry out the update process. The additional constraint was that the blending of the three firmware images (one carrier and two payload) needed to happen long after compile time, on a different system with a separate toolchain. There were ultimately two options that fit the bill.
Performing over-the-air updates of devices in the field can be a tricky business. Reliability and recovery is of course key, but even getting the right bits to the right storage sectors can be a challenge. Recently I’ve been working on a project which called for the design of a new pathway to update some small microcontrollers which were decidedly inconvenient.
There are many pieces to a project like this; a bootloader to perform the actual updating, a robust communication protocol, recovery pathways, a file transfer mechanism, and more. What made these micros particularly inconvenient was that they weren’t network-connected themselves, but required a hop through another intermediate controller, which itself was also not connected to the network. Predictably, the otherwise simple “file transfer” step quickly ballooned out into a complex onion of tasks to complete before the rest of the project could continue. As they say, it’s micros all the way down.
[Dhole], like the fox, isn’t the first to connect his computer to a Game Boy printer but he has done a remarkable job of documenting the process so well that anyone can follow. The operation is described well enough that it isn’t necessary to scrutinize his code, so don’t be put off if C and Rust are not your first choices. The whole thing is written like a story in three chapters.
The first chapter is about hacking a link cable between two Game Boys. First, he explains the necessity and process of setting the speed of his microcontroller, a NUCLEO-F411RE development board by STMicroelectronics. Once the rate is set, he builds a sniffer by observing the traffic on the cable and listens in on two Game Boys playing Tetris in competition mode. We can’t help but think that some 8-bit cheating would be possible if Tetris thought your opponent instantly had a screen overflowing with tetrominoes. Spying on a couple of Game Boys meant that no undue stress was put on the printer.
Chapter two built on the first chapter by using the protocol to understand how the printer expects to be spoken to. There is plenty of documentation about this already, and it is thoughtfully referenced. It becomes possible to convince a Game Boy that the connected microcontroller is a printer so it will oblige by sending an image. Since there isn’t a reason to wait for printing hardware, the transfer is nearly instantaneous. In the image above, you can see a picture of [Dhole] taken by a Game Boy camera.
The final chapter, now that all the protocols are understood, is also the climax where the computer and microcontroller convince the printer they are a Game Boy that wants to print an image. In the finale, we get another lesson about measuring controller frequency without an oscilloscope. If you are looking for the hack, there it is. There is a handful of success in the form of old receipts with superimposed grayscale images since virgin thermal printer paper by Nintendo costs as much as a used printer.
For anyone with interest in electric vehicles, especially drives and control systems for EV’s, the Endless-Sphere forum is the place to frequent. It’s full of some amazing projects covering electric skateboards to cars and everything in between. [Marcos Chaparro] recently posted details of his controller project — the VESC-controller, an open source controller capable of driving motors up to 200 hp.
[Marcos]’s controller is a fork of the VESC by [Benjamin Vedder] who has an almost cult following among the forum for “creating something that all DIY electric skateboard builders have been longing for, an open source, highly programmable, high voltage, reliable speed controller to use in DIY eboard projects”. We’ve covered several VESC projects here at Hackaday.
While [Vedder]’s controller is aimed at low power applications such as skate board motors, [Marcos]’s version amps it up several notches. It uses 600 V 600 A IGBT modules and 460 A current sensors capable of powering BLDC motors up to 150 kW. Since the control logic is seperated from the gate drivers and IGBT’s, it’s possible to adapt it for high power applications. All design files are available on the Github repository. The feature list of this amazing build is so long, it’s best to head over to the forum to check out the nitty-gritty details. And [Marcos] is already thinking about removing all the analog sensing in favour of using voltage and current sensors with digital outputs for the next revision. He reckons using a FPGA plus flash memory can replace a big chunk of the analog parts from the bill of materials. This would eliminate tolerance, drift and noise issues associated with the analog parts.
[Marcos] is also working on refining a reference design for a power interface board that includes gate drivers, power mosfets, DC link and differential voltage/current sensing. Design files for this interface board are available from his GitHub repo too. According to [Marcos], with better sensors and a beefier power stage, the same control board should work for motors in excess of 500 hp. Check out the video after the break showing the VESC-controller being put through its paces for an initial trial.
Here’s a DEF CON talk that uses tools you likely have and it should be your next hacking adventure. In their Saturday morning talk [Mark Williams] and [Rob Stanely] walked through the process of adding their own custom code to a gaming mouse. The process is a crash course in altering a stock firmware binary while still retaining the original functionality.
The jumping off point for their work is the esports industry. The scope of esporting events has blown up in recent years. The International 2016 tournament drew 17,000 attendees with 5 million watching online. The prize pool of $20 million ($19 million of that crowdfunded through in-game purchases) is a big incentive to gain a competitive edge to win. Contestants are allowed to bring their own peripherals which begs the questions: can you alter a stock gaming mouse to do interesting things?
The steelseries Sensei mouse was selected for the hack because it has an overpowered mircocontroller: the STM32F103CB. With 128 KB of flash the researchers guessed there would be enough extra room for them to add code. STM32 chips are programmed over ST-Link, which is available very inexpensively through the ST Discovery boards. They chose the STM32F4DISCOVERY which runs around $20.
Perhaps the biggest leap in this project is that the firmware wasn’t read-protected. Once the data, clock, and ground pads on the underside of the board were connected to the Discovery board the firmware was easy to dump and the real fun began.
They first looked through the binary for a large block of zero values signifying unused space in flash. The injected firmware is designed to enumerate as a USB keyboard, open Notepad, then type out, save, and execute a PowerShell script before throwing back to the stock firmware (ensuring the mouse would still function as a mouse). Basically, this builds a USB Rubber Ducky into stock mouse firmware.
There are a few useful skills that make taking on this project a worthwhile learning experience. To compile your custom code correctly you need to choose the correct offset address for where it will end up once pasted into the firmware binary. The vector table of the original code must be rewritten to jump to the injected code first, and it will need to jump back to the mouse execution once it has run. The program flow on the left shows this. Both of these jumps require the program counter and registers to be saved and restored. The ARM stack is subtractive and the address will need to be updated to work with the added code.
The talk ended with a live demo that worked like a charm. You can check out the code in the MDHomeBrew repo. In this case the PowerShell script adds keyboard shortcuts for DOOM cheats. But like we said before, the experience of getting under the hood with the firmware binary is where the value will be for most people. With this success under your belt you can take on more difficult challenges like [Sprite_TM’s] gaming keyboard hack where the firmware couldn’t easily be dumped and an update binary was quite obsfucated.
On the hardware front, it’s a tiny four-layer board that’s crammed with parts. At the core is an STM32F4 microcontroller and a DAC. Indeed, the build was inspired by other folks’ work on the STM32F4 Discovery dev kit that has been used to make some pretty interesting synthesizer devices. [Mario]’s version adds two stereo headphone outputs, two microphone inputs, two IR reflective distance sensors used as control inputs, some buttons, and a ton of LEDs. And then it makes good use of all of them.
The firmware isn’t open source yet (poke! poke!) but it looks like it’s going to be. On his blog, [Mario] works through an example of adding a drum machine into the existing firmware, so it looks like it’ll be hackable.
Squeezing a lot of DSP functionality out of a single microcontroller is a feat. On a similar chip from a different manufacturer, [Paul Stoffregen]’s Teensy Audio Library could also be made to do a lot of the same things. But the real beauty of the Gecho project is that it has some interesting hardware features already built in and ready to go. It wouldn’t be a bad launching pad for your own musical or audio explorations.