One Less Binary Blob

Open-source software has gone a long way into making modern technology the way it is today. The Linux kernel alone is almost single-handedly holding up the entire Internet, and various other open-source projects allow for more access to computing resources not just because the software is often free, but because it’s possible to look under the hood and modify it for specific needs. Without open-source software available we often run into problems both expected, such as software licensing costs, and unexpected, which often come up because a developer can’t or won’t fix issues or add features. To that end, a group at Ghent University in Belgium are attempting to rectify a problem with the ESP32 by eliminating one of its binary blobs and replacing it with an open source driver.

The ESP32 is famously a low-cost microcontroller with on-board wireless capabilities, but its Wi-Fi functionality currently relies on closed-source software from Espressif. The team is currently working on building a fully working open-source networking stack with the hopes of enabling greater flexibility of these devices but also making things like security auditing possible. The other major goal is to improve low-cost mesh networking which is currently not available with the proprietary driver. Reverse engineering is the name of the game here, both from a hardware and a software level, but current versions of the software already able to send and receive packets.

The source code for the project is available on the team’s GitHub page for any open-source aficionados to take a look at. We certainly hope the project gains some steam, as any new open source project helps all of us using the platform. Open source projects frequently get stymied by a single or small handful of binary blobs too, often with little hope for recourse. Examples include Android being an open-source operating system but generally using the closed-source Google Play suite in practice, or Firefox including support for Adobe Flash. Another great example is that even computers running 100% open-source code once they boot their operating systems, there’s still some black boxes running in the background few of us think about.

Thanks to [Crote] for the tip!

Bare PCB Makes A Decent Homemade Smart Watch

These days, we live in a post-Dick Tracy world, where you can make a phone call with your fancy wristwatch, and lots more besides. [akashv44] has gone a simpler route, designing their own from scratch with a bare PCB design.

The build is based around the ESP-12E microcontroller, providing useful wireless connectivity that lets the watch interface with the outside world. The firmware makes queries of NTP servers and Yahoo’s weather API to collect time and weather data for display. It’s also capable of interacting with Blynk relay modules for controlling other equipment, which [akashv44] uses with lights and an air conditioner. The watch uses a small OLED display and a handful of small surface-mount tactile buttons for control. Power is courtesy of a small lithium-ion pouch cell, with charging handled by a TP4056 battery management IC.

It’s a simple smartwatch, but nonetheless one that teaches all kinds of useful skills in embedded development and design. It’s also funny to think how simple it is to build. A decade ago, before the ESP8266 was released, getting wireless connectivity in such a small package was a major engineering challenge. Even the Apple Watch didn’t come out until 2015! Food for thought.

Impossible WiFi On An Ancient Mac Portable

The Macintosh Portable was possibly one of the coolest computing devices to be seen with back at the end of the 1980s, providing as it did a Mac in a slightly nicer version of the hefty luggable portables of the day than the PC world could offer. Inside was a mere 68000, but it ran Mac OS system 6 and looked light years ahead of any comparable PC in doing so.

Back in 1989 it wasn’t even the norm for a computer to have built-in Ethernet, and WiFi was still a gleam in the eye of some Dutch engineers, so how has [Joshua Stein] managed to get his Mac Portable on a wireless network here in 2023? The answer contains a few surprises.

When seeing a WiFi upgrade for a classic retrocomputer the usual expectation is that it’s done by emulating a modem connection to the Internet over a serial port. But this wireless network card is a bit different, it’s a real network card capable of being used for much more than just connecting to the Internet.

We have to admit to not knowing that there were SCSI Ethernet interfaces back in the day, and it’s one of these that he’s created. He’s building on a decade’s work in producing disk emulators for the SCSI bus, and he’s taken the code for a Raspberry Pi Pico version and adapted the SCSI driver part to interface with the onboard WiFi on a Pico W. Altogether it’s a beautiful piece of work, and you can color us impressed.

Reverse Engineering Reveals Hidden API In Abandonware Trail Camera

It sometimes seems like there are two kinds of cheap hardware devices: those dependent on proprietary software that is no longer available and those that are equally dependent but haven’t been abandoned just quite yet. But rest assured, abandonment is always on the table, and until then, you get to deal with poorly written apps that often suffer from a crippling lack of essential functionality.

Such was the case for the wireless game camera that [Chris Jones] scored on the cheap, but rather than suffering with the original software, he decided to reverse engineer the camera and turn it into something more useful. The eBay description was promising — Bluetooth LE! WiFi! — but the reality proved less so. To save the batteries, WiFi is off by default and can only be turned on by connecting to the camera via BLE using a janky and crash-prone Android app.

[Chris]’ first step in reverse engineering the camera was to snoop into the BLE by capturing the Bluetooth packets to a file and running them through Wireshark. This revealed a write command with the text “BT_KEY_ON” — very promising. After verifying that this command turned on the camera’s access point, [Chris] got to work capturing WiFi packets using PCAPDroid and analyzing the results, again with Wireshark. Using every function available in the OEM app eventually revealed the full API on the camera, which gives file system control, access to individual images, and even putting the camera into live video mode.

Continue reading “Reverse Engineering Reveals Hidden API In Abandonware Trail Camera”

Field Testing A Home Made WiFi Antenna

Most readers will be aware that a good way to extend WiFi range is to use a better antenna for those 2.4 GHz signals, but at the same time such high frequency hijinks have something of a reputation of being not for the faint-hearted. [Dereksgc] puts that reputation to the test by building a helical WiFi antenna — and if that weren’t enough — he also subjects it to a field test. In a real field, is there any other way?

We’ve put both videos below the break, and you can find his helical antenna calculator on his website and the parametric CAD file for the scaffold in his GitHub repository. He first delivers a crash course in the fundamentals of helical antennas before diving into the construction, and even soldering on an impedance matching strip. The field testing involves setting up a base station with an FTP server on a phone, and connecting to it with a variety of antennas over increasing distance across farmland. We’ve characterised antennas in this way before, and it really does give an immediate view of their performance.

In this case the helix comfortably outperforms a commercial patch antenna and a laptop’s internal antenna, making such an antenna a very worthwhile piece of work whether you’re making a fixed link or indulging in a bit of casual wardriving.

The tools mentioned here will make helical antennas a snap, but this isn’t the first time we’ve touched on the subject.

Continue reading “Field Testing A Home Made WiFi Antenna”

Reverse Engineering An Oil Burner Comms Board, With A Few Lucky Breaks

Here’s a question for you: How do you reverse engineer a circuit when you don’t even have it in hand? It’s an interesting problem, and it adds a level of difficulty to the already iffy proposition that reverse engineering generally presents. And yet, not only did [themole] find a way to replicate a comms board for his oil burner, he extended and enhanced the circuit for integration into his home automation network.

By way of backstory, [themole] has a wonky Buderus oil burner, which occasionally goes into safety mode and shuts down. With one too many cold showers as a result, he looked for ways to communicate with the burner controller. Luckily, Buderus sells just the thing — a serial port module that plugs into a spare slot in the controller. Unluckily, the board costs a bundle, and that’s even if you can find it. So armed with nothing but photos of the front and back of the board, the finding of which was a true stroke of luck, he set about figuring out the circuit.

With only a dozen components or so and a couple of connectors, the OEM board gave up its secrets pretty easily; it’s really just a level shifter to make the boiler talk RS-232. But that’s a little passé these days, and [the78mole] was more interested in a WiFi connection. So his version of the card includes an ESP32 module, which handles wireless duties as well as the logic needed to talk to the burner using the Buderus proprietary protocol. The module plugs right into the burner controller and connects it to ESPHome, so no more cold showers for [themole].

We thought this one was pretty cool, especially the way [themole] used the online photos of the board to not only trace the circuit but to get accurate — mostly — measurements of the board using an online measuring tool. That’s a tip we’ll keep in our back pocket.

Thanks to [Jieffe] for the tip.

Flipper Zero Mayhem Hat Adds Camera, More Radios

For a device advertised as the “Multi-tool Device for Hackers”, the Flipper Zero already offers a considerable list of onboard capabilities. But some hard decisions had to be made to get the retail price down, so features like WiFi and Bluetooth had to be left off. Luckily, there’s an expansion interface along the top of the device which makes it possible to plug in additional hardware.

One of those expansions is the “Mayhem Hat” from [Erwin Ried]. This board adds many requested features to the Flipper Zero, as well as some that might not seem as obvious. The addition of an ESP32-CAM brings WiFi and Bluetooth to the party, while also unlocking access to the highly-capable ESP32Marauder firmware and the plethora of security research tools therein.

But the camera also enables some interesting features, such as motion detection and the ability to read QR codes. It even lets you use the Flipper as an impromptu digital camera, complete with an onscreen viewfinder reminiscent of the Game Boy Camera.

What’s more, the Mayhem Hat features its own expansion capabilities. There’s a spot to plug in either a CC1101 or NRF24l01 radio module, both of which are supported by community developed plugins that allow the user to sniff out and hijack signals. There are also extra pins for connecting your own sensors or hardware. In the demo video below you can see the device automatically detect the popular DHT11 environmental sensor and display the current temperature and humidity readings.

[Erwin] has the Mayhem Hat up for sale on Tindie, but as of this writing, is currently out of stock. Apparently, demand for the add-on boards is just as high as for the Flipper Zero itself — not a huge surprise, given the excitement we saw around this platform during its $4.8 million Kickstarter campaign.

Continue reading “Flipper Zero Mayhem Hat Adds Camera, More Radios”