Poking at the femtocell hardware in an AT&T Microcell

April 12, 2012 By Leave a Comment

Here’s a picture of the internals of an AT&T Microcell. This hardware extends the cellular network by acting as its own cell tower and connecting to the network via a broadband connection. So if you don’t get service in your home, you can get one of these and hook it up to your cable modem or DSL and poof, you’re cellphone works again. [C1de0x] decided to crack one open and see what secrets it holds.

On the board there are two System-0n-Chips, an FPGA, the radio chip, and a GPS module. There is some tamper detection circuitry which [C1de0x] got around, but he’s saving that info for a future post. In poking and prodding at the hardware he found the UART connections which let him tap into each of the SoCs which dump data as they boot. It’s running a Linux kernel with BusyBox and there are SSH and ROOT accounts which share the same password. About five days of automated cracking and the password was discovered.

But things really start to get interesting when he stumbles upon something he calls the “wizard”. It’s a backdoor which allow full access to the device. Now it looks like the developers must have missed something, because this is just sitting out there on the WAN waiting for someone to monkey with it. Responses are sent to a hard-coded IP address, but a bit of work with the iptables will fix that. Wondering what kind of mischief can be caused by this security flaw? Take a look at the Vodafone femtocell hacking to find out.

Filed Under: cellphones hacks, security hacks Tagged With: , , ,

The teensiest Atari 2600 ever

April 7, 2012 By Leave a Comment

[Dablio] sent in an awesome console mod he made. It may just be the smallest Atari 2600 ever (Portuguese, here’s the Google translation).

The build began with a Dynacom MegaBoy, from the same company that put out many less-than-legal 2600 clones. The MegaBoy PCB is an exercise in parsimony consisting of only a single IC, a crystal, and some resistors and caps. [Dablio] made a new PCB board based on the schematic he reverse engineered and this thing is tiny. It’s much smaller than even the smallest [Ben Heck] 2600 console build.

[Dablio] now needed a case for his new console. He had originally planned to mount the whole thing in an Atari controller like this commercial product. Serendipity intervened and he realized the entire system (sans cartridge port) fit inside a plastic tube of m&m minis.

Currently, [Dablio] has two ports on his ‘Atari tube of m&ms’ – the largest is the cartridge slot, and a small VGA port sits in the lid of the tube. This VGA port carries the power supply, controller, sound and video signals to and from the console.

[Dablio] sent in a bunch of pictures of his build which are in a gallery after the break. Now for the million-dollar question: anybody know where to buy one of these Dynacom MegaBoys?

[Read more…]

Filed Under: toy hacks Tagged With: , ,

Another homebrew Segway clone comes in at under $300

March 19, 2012 By Leave a Comment

[Matt Turner] tipped us off back in January about his homemade Segway project. Unfortunately that message slipped through the cracks but we’re glad he sent in a reminder after reading Friday’s feature an a different 2-wheeled balancer.

We like it that he refers to this project as being on the budget of a graduate student with a young family. We certainly understand where he’s coming from, and we hope he can ride this to job interviews to show them he truly lives engineering. The control circuitry is a bit higher-end than we’re used to seeing. He chose a Cypress CY8C29466 SoC to control the device. But the sensors are a common choice, using the Wii Motion Plus and Wii Nunchuk for the gyroscope and accelerometer they contain. This is a no-brainer since the sensors are high-quality, cheap and available locally, and communicate of the standard I2C protocol.

When looking for motors [Matt] was happy to find an old electric wheelchair on Craig’s List. This also gave him a gear box, wheels, and tires. He added a pair of motor drivers, with his own alterations to suppress feedback. Sounds like they run a little hot because he plans to add cooling fans to them in the future. But this first iteration is up and running quite well as you can see in the clip after the break.

[Read more…]

Filed Under: transportation hacks Tagged With: , , , , , ,