Supercon 2023: Alex Lynd Explores MCUs In Infosec

The average Hackaday reader hardly needs to be reminded of the incredible potential of the modern microcontroller. While the Arduino was certainly transformative when it hit the scene, those early 8-bit MCUs were nothing compared to what’s on the market now. Multiple cores with clock speeds measured in the hundreds of megahertz, several MB of flash storage, and of course integrated WiFi capability mean today’s chips are much closer to being fully-fledged computers than their predecessors.

It’s not hard to see the impact this has had on the electronics hobby. In the early 2000s, getting your hardware project connected to the Internet was a major accomplishment that probably involved bringing some hacked home router along for the ride. But today, most would consider something like an Internet-connected remote environmental monitor to be a good starter project. Just plug in a couple I2C sensors, write a few lines of Python, and you’ve got live data pouring into a web interface that you can view on your mobile device — all for just a few bucks worth of hardware.

But just because we’re keenly aware of the benefits and capabilities of microcontrollers like the ESP32 or the Pi Pico, doesn’t mean they’ve made the same impact in other tech circles. In his talk Wireless Hacking on a $5 Budget, Alex Lynd goes over some examples of how he’s personally put these devices to work as part of his information security (infosec) research.

Continue reading “Supercon 2023: Alex Lynd Explores MCUs In Infosec”

Remoticon 2021 // Jay Bowles Dips Into The Plasmaverse

Every hacker out there is familiar with the zaps and sizzles of the Tesla coil, or the crash and thunder of lighting strikes on our hallowed Earth. These phenomena all involve the physics of plasma, a subject near and dear to Jay Bowles’s heart. Thus, he graced Remoticon 2021 with a enlightening talk taking us on a Dip Into the Plasmaverse.

Jay’s passion for the topic is obvious, having fallen in love with high voltage physics as a teenager. He appreciated how tangible the science was, whether it’s the glow of neon lighting or the heating magic of the common microwave. His talk covers the experiments and science that he’s studied over the past 17 years and in the course of running his Plasma Channel YouTube channel. Continue reading “Remoticon 2021 // Jay Bowles Dips Into The Plasmaverse”

The Ultimate Game Boy Talk

It is absolutely no exaggeration to say that [Michael Steil] gave the Ultimate Game Boy talk at the 33rd Chaos Communication Congress back in 2016. Watch it, and if you think that there’s been a better talk since then, post up in the comments and we’ll give you the hour back. (As soon as we get this time machine working…)

We were looking into the audio subsystem of the Game Boy a while back, and scouring the Internet for resources, when we ran across this talk. Not only does [Michael] do a perfect job of demonstrating the entire audio system, allowing you to write custom chiptunes at the register level if that’s your thing, but he also gets deep into the graphics engine. You’ll never look at a low-bit Pole Position clone the same again. The talk even includes some new (in 2016, anyway) hacks on the pixel pipeline in the last 15 minutes, and a quick review of the hacking tools and even the Game Boy camera.

Why do you care about the Game Boy? It’s probably the last/best 8-bit game machine that was made in mass production. You can get your hands on one, or a clone, for dirt cheap. And if you build a microcontroller-based cartridge, you can hack the whole thing non-destructively live, and in Python! Or emulate either the whole shebang. Either way, when you’re done, you’ve got a portable demo of your hard work thanks to the Nintendo hardware. It makes the perfect retro project.

Continue reading “The Ultimate Game Boy Talk”

Supercon 2018: Mike Szczys And The State Of The Hackaday

Every year at Superconference, Editor-in-Chief Mike Szczys gets the chance to talk about what we think are the biggest, most important themes in the Hackaday universe. This year’s talk was about science and technology, and more importantly who gets to be involved in building the future. Spoiler: all of us! Hackaday has always stood for the ideal that you, yes you, should be taking stuff apart, improving it, and finding innovative ways to use, make, and improve. To steal one of Mike’s lines: “Hackaday is an engine of engagement in engineering fields.”

Continue reading “Supercon 2018: Mike Szczys And The State Of The Hackaday”

Ben Krasnow At Supercon: Making Alien Technology In Your Own Shop

Ben Krasnow has a vision of future electronics: instead of the present PCB-screwed-into-a-plastic-box construction, flexible circuits will be deposited straight onto the plastic body of the device itself, merging the physical object and its electronics. There is existing copper-on-plastic technology, but Ben’s got something novel that he presents in this talk that you could implement yourself. You might also want a display, or at least something to blink, so he’s also working on some electroluminescent technology to complement it. If you were wondering why Ben is so interested in silkscreening photopolymers right now, watching this talk will pull a lot of interesting threads together. Continue reading “Ben Krasnow At Supercon: Making Alien Technology In Your Own Shop”

Scotty Allen Visits Strange Parts, Builds An IPhone

Scotty Allen has a YouTube blog called Strange Parts; maybe you’ve seen his super-popular video about building his own iPhone “from scratch”. It’s a great story, and it’s also a pretext for a slightly deeper dive into the electronics hardware manufacturing, assembly, and repair capital of the world: Shenzhen, China. After his talk at the 2017 Superconference, we got a chance to sit down with Scotty and ask about cellphones and his other travels. Check it out:

The Story of the Phone

Scotty was sitting around with friends, drinking in one of Shenzhen’s night markets, and talking about how bizarre some things seem to outsiders. There are people sitting on street corners, shucking cellphones like you’d shuck oysters, and harvesting the good parts inside. Electronics parts, new and used, don’t come from somewhere far away and there’s no mail-ordering. A ten-minute walk over to the markets will get you everything you need. The desire to explain some small part of this alternate reality to outsiders was what drove Scotty to dig into China’s cellphone ecosystem.

Continue reading “Scotty Allen Visits Strange Parts, Builds An IPhone”

34C3: Fitbit Sniffing And Firmware Hacking

If you walked into a gym and asked to sniff exercise equipment you would get some mighty strange looks. If you tell hackers you’ve sniffed a Fitbit, you might be asked to give a presentation. [Jiska] and [DanielAW] were not only able to sniff Bluetooth data from a run-of-the-mill Fitbit fitness tracker, they were also able to connect to the hardware with data lines using test points etched right on the board. Their Fitbit sniffing talk at 34C3 can be seen after the break. We appreciate their warning that opening a Fitbit will undoubtedly void your warranty since¬†Fitbits don’t fare so well after the sealed case is cracked. It’s all in the name of science.

There’s some interesting background on how Fitbit generally work. For instance, the Fitbit pairs with your phone which needs to be validated with the cloud server. But once the cloud server sends back authentication credentials they will never change because they’re bound to to the device ID of the Fitbit.¬†This process is vulnerable to replay attacks.

Data begin sent between the Fitbit and the phone can be encrypted, but there is a live mode that sends the data as plain text. The implementation seemed to be security by obscurity as a new Bluetooth handle is used for this mode. This technique prevents the need to send every encrypted packet to the server for decryption (which would be for every heartbeat packet). So far the fix for this has been the ability to disable live mode. If you have your own Fitbit to play with, sniffing live mode would be a fun place to start.

The hardware side of this hack begins by completely removing the PCB from the rubber case. The board is running an STM32 and the team wanted to get deep access by enabling GDB. Unfortunately, the debug pins were only enabled during reset and the stock firmware disables them at startup (as it should). The workaround was to rewrite the firmware so that the necessary GPIO remain active and there’s an interesting approach here. You may remember [Daniel Wegemer] from the Nexmon project that reverse engineered the Nexus 5 WiFi. He leveraged the binary patching he used on Nexmon to patch the Fitbit firmware to enable debugging support. Sneaky!

For more about 34C3 we have a cheatsheet of the first day and for more about Fitbit security, check out this WAV file.

Continue reading “34C3: Fitbit Sniffing And Firmware Hacking”