USB + μC = Peril?

August 25, 2017 by John Baichtal 50 Comments

You hear about people finding USB drives and popping them into a computer to see what’s on them, only to end up loading some sort of malware onto their computer. It got me to thinking, given this notorious vulnerability, is it really a great idea to make electronics projects that plug into a computer’s USB port? Should I really contribute to the capitulation-by-ubiquity that USB has become?

A of couple years ago I was working on an innocuous project, a LED status light running off of USB. It ran off USB because I had more complicated hopes for it–some vague notion about some kind of notification thing and also it was cool to have access to 5 V right from the ‘puter. This was about the time that those little RGB LEDs connected to USB were all the rage, like blink(1), which raised $130,000 on Kickstarter. I just wanted to make a status light of some sort and had the parts, so I made it.

My version was a small rectangular PCB from OSHPark packing a Tiny85, with a 10 mm RGB LED providing pretty much all of the functionality — no spare pins broken out. Honestly, for the amount of code on it, even the Tiny85 was overpowered. I recall thinking at the time, could my creation be misused for evil? Could some wicked programmer include malware alongside my LED-lighting Arduino sketch?

It’s absurd, of course. My meager engineering skills ought not interest anyone. On the other hand, couldn’t some heartless poltroon, the hardware equivalent of a script kiddie, make my creation into a malware-spewing Typhoid Mary of a project? It has always been the realistic consequence of building anything–that it could be misused. I’d be thrilled to the point of giddiness if someone remade one of my projects into something cool, but I’d really hate for a USB light I designed to turn into some vector into someone’s computer. But how much of that is my responsibility?

If you think I’m the only one who thinks this, go to SparkFun or Adafruit and count all of the boards with microcontrollers and USB A male plugs. Even the tiny boards like the Huzzah and Gemma use USB cables, rather than plugging directly into the computer. Granted, they are microcontrollers that realistically would be connected to a project and it might not be possible to physically move them into position and plug them in. Also requiring a charging cable does not in any way make a microcontroller board work any differently than one plugged right into the computer. I’m left wondering if I’m spazzing out over nothing, and there’s nothing we can do about our tendency to treat any electronic gizmo with a shiny case as being safe to plug into the same computer we use to pay bills.

If there is no data transfer taking place, and I’m just getting power, wouldn’t it be enough to disable (or not connect) the data pins of the USB on the circuit board? Or maybe we really have no business connecting a data connection to a microcontroller if we’re not reflashing the chip with fresh code–think I’m paranoid? Maybe you should just get power from a wall wart and leave the USB cord in the drawer. It’s one thing to urge our friends and family to steer clear of mystery plugs, but as engineers and tinkerers, do we not owe the community the benefit of our knowledge?

Of course, Hackaday contains numerous examples of USB projects, including canary for USB ports, tips on protecting your ports with two microcontrollers, a guide to stopping rubber ducky attacks, and removing security issues from untrusted USB connections. Also, has anyone used the USB condom?

Friends, let me know your thoughts on the subject. Am I a freak to steer clear of USB-powered project like my dumb LED? Leave your comments and weigh in with your opinions.

Someone Finally Did It With A 555

August 22, 2017 by Brian Benchoff 73 Comments

[Jarunzel] needed a device that would automatically click the left button on a mouse at a pre-set interval. For regular Hackaday readers, this is an easy challenge. You could do it with an ATtiny85 using the VUSB library, a few resistors and diodes, and a bit of code that emulates a USB device that constantly sends mouse clicks over USB every few seconds. You could also do it with a Raspberry Pi Zero, using the USB gadget protocol. Now, this mouse-clicking gadget would be connected to the Internet (!), programmable with Node or whatever the kids are using these days, and would have some major blog cred. If you’re feeling adventurous, this mouse clicker gadget could be built with an STM32, Cypress PSoC, or whatever microcontroller you have in your magical bag of hacker tricks.

Then again, you could also do it with a 555 timer.

The reason [Jarunzel] couldn’t use any of the fancy hackertools for this build is because the system wouldn’t accept two mouse devices. No matter, because Maplin has a neat kit with a 555 timer and a relay. The relay is wired up across the microswitch in the mouse, and setting the values correctly makes the mouse click about once per second, with a click duration of about 100ms. Good enough.

With the kit built, wired into the mouse, a small app built to test the device, and a nice project box constructed, [Jarunzel] had exactly what he needed. There’s even a video of this mouse clicker in action. You can check out that riveting footage below.

Continue reading “Someone Finally Did It With A 555” →

Hackaday Prize Entry: Low Cost KVM

August 5, 2017 by Brian Benchoff 30 Comments

Back in the old days, when handing someone a DB serial cable when they asked for a DE serial cable would get you killed, KVM switchers were a thing. These devices were simple boxes with a few VGA ports, a few PS/2 ports, and a button or dial that allowed your input (keyboard and mouse) and output (video) to be used with multiple computers. Early KVMs were really just a big ‘ol rotary switch with far, far too many poles. Do you remember that PS/2 wasn’t able to be hot plugged? The designers of these KVMs never knew that.

Today, KVM switchers are a bit more complicated than a simple rotary switch. We’re not dealing with VGA anymore — we have HDMI muxes. We’re also not dealing with PS/2 anymore, and USB requires a bit of microelectronics to switch from one computer to another. For one of his many Hackaday Prize entries, [KC Lee] is designing a low-cost HDMI switch and USB mux. It works, it’s cheap, and if you need to switch a keyboard, mouse, and monitor between boxes, it’s exactly what you need.

First off, the HDMI switching. Designing a switch for HDMI would usually take some obscure parts, intricate routing, and a lot of prototyping time. [KC] found a way around this: just hack up a $5 HDMI switch. This cheap HDMI switch is as simple as it gets, with an HDMI mux doing the heavy lifting and an 8-pin microcontroller to handle the buttons and a selector LED.

For the USB, there are a few more design choices. For USB 1.x switching, [KC] figures he can get away with a 74HC4052 dual 4:1 analog mux. Yes, he’s doing digital with analog chips, the heathen. There are drawbacks to this: everything could break, and it’s only USB 1.x, anyway. For a USB 2.0 KVM, there are a few more professional options. The OnSemi NCN9252 is a proper USB 2.0 mux, and in the current design.

Hackaday Prize Entry: USB Packet Snooping

July 25, 2017 by Brian Benchoff 34 Comments

Sometimes you run into a few problems when developing your own hardware, and to solve these problems you have to build your own tools. This is exactly how [KC Lee]’s USB Packet Snooper was created. It’s a small device that allows for capturing and analyzing Full Speed USB traffic to debug one of [KC]’s other Hackaday Prize entries.

[KC] is building an HID Multimedia Dial for this year’s Hackaday Prize. It’s kind of like the Microsoft Surface Dial or the ubiquitous Griffin PowerMate that has been on the market for the better part of two decades. This multimedia dial is bitbanging USB with an STM8, which means [KC] needs a tool to capture raw USB packets.

The design of this USB Packet Snooper is split up into two parts. The first is either a dongle or a pass-through device that simply serves as a tap between a USB device and a USB host. The logging and analysis board attaches to this dongle, and uses a rather fast ARM microcontroller to listen in on USB packets and send everything over serial to a PC.

This is a rather novel device; V-USB is limited to Low Speed USB, and other USB capture tools are far out of reach of the hobbyist budget. Software solutions on a PC obviously won’t work because [KC] doesn’t even know if he’s sending valid USB packets. This is a great tool that finally brings hobbyist-level USB analysis up to Full Speed USB.

Hackaday Prize Entry: Dongle For A Headless Pi

July 18, 2017 by Elliot Williams 27 Comments

Mass production means that there’s a lot of great hardware out there for dirt cheap. But it also means that the manufacturer isn’t going to spend years working on the firmware to squeeze every last feature out of it. Nope, that’s up to us.

[deqing] took a Bluetooth Low Energy / USB dongle and re-vamped the firmware to turn it into a remote keyboard and mouse, and then wrote a phone app to control it. The result? Plug the USB dongle in, and the computer thinks it sees a keyboard and mouse. Connect the phone via BLE, and you’re typing — even if you don’t have your trusty Model F by your side.

[Deqing] points out that ergonomics and latency will make you hate using this in the long term, but it’s just meant to work until you’ve got SSH up and running on that headless single-board Linux thing. If you’ve ever worked with the USB or BLE specifications, you can appreciate that there’s a bit of work behind the scenes in making everything plug and play, and the web-based interface is admirably slick.

Kudos, [deqing]!

How To MIDI Interface Your Toys

June 30, 2017 by Lewin Day 5 Comments

There’s a great number toys in the world, many of which make all manner of pleasant or annoying noises for the entertainment of children. If you’re a musician, these toys may be of interest due to their unique or interesting sounds. However, due to their design being aimed at play rather than performance, it may be difficult to actually use the toy as a musical instrument. One way around this is to record the sounds of the toy into a sampler, but it’s not the only way. [little-scale] is here to demonstrate how to MIDI interface your toys.

[little-scale] starts out by discussing the many ways in which one can interface with a toy. The article discusses how a simple button can be replaced with a relay, or a multiplexer, and be interfaced to all manner of other devices to control the toy. This is demonstrated by using a mobile phone toy which makes sounds when buttons are pressed.

A Teensy 3.6 is used to run the show, acting as a USB-MIDI interface so the toy can be controlled by music software like Abelton. It’s connected to the toy’s buttons through a multiplexer. The toy’s speaker is cut off and used as an audio output instead, allowing the toy to be easily connected to other audio hardware for performance or recording. It’s also fed through a digital pot so MIDI commands can control the volume. A resistor is used to control pitch in the toy, so this too was replaced with a digital pot as well, to allow sample pitch to be controlled.

The project is incredibly well documented, with [little-scale] first tearing down the toy and highlighting the points of interest, before stepping through each stage of interfacing the toy to the digital world. We’ve seen some of [little-scale]’s work before, too – namely, this MIDI DAC for controlling vintage synthesizers. Video after the break. Continue reading “How To MIDI Interface Your Toys” →

A Table From Beyond Infinity

June 26, 2017 by James Hobson 10 Comments

Infinity mirrors are some far-out table mods and make a great centerpiece. Instructables user [bongoboy23] took a couple steps beyond infinity when designing this incredible table tailor-made for our modern age.

Poplar and pine wood make up the framing, and red oak — stained and engraved — make for a chic exterior. Programmed with Arduino and run on a Teensy 3.1, the tabletop has 960 LEDs in forty sections. There are, four USB ports hidden behind sliding panels, as well as a two-port AC outlet and an inductive charging pad and circuit. A hidden Adafruit TFT touchscreen display allows the user to control the table’s functions. Control is limited to changing lighting functions, but Pac-Man, Snake, and text features are still to come!

Weighing in at $850, it’s not a cheap build, but it looks amazing.

Continue reading “A Table From Beyond Infinity” →