Designing the X-CTF 2016 Badge

X-CTF 2016 badge with Lithium-ion battery attached

I had the opportunity to collaborate with some NUS students to design the electronic badge for their X-CTF event this year.

The purpose of the badge was to inspire more people to take an interest in hardware hacking, or to get them started on electronics. With so much hype on the Internet-of-Things (IoT) these days, what better idea than to let participants take home their very own IoT device. The super low cost WiFi chip, Expressif’s ESP8266, made this possible. We also wanted it to be shaped like a gaming device, with a D-pad and an LCD.

You can see the final badge design above: a ESP8266-based board with a backlit monochrome Nokia LCD, D-pad and a SELECT button. Powered by a lithium-ion battery, charged via the USB port, which also provides a serial connection to the ESP8266.

I was inspired by the SyScan 2015 badge. It was so simple and spartan: a monochrome LCD, an LED, a 5-way joystick switch and a 32-bit ARM processor (on the back). As the regulator was built-in and it runs all the way down to 2.4V, there was no need for an external regulator.

SyScan 2015 electronic badge

Continue reading

Quick Update: Mailbag and WIP

Sorry I haven’t been updating the blog often enough.

I have been busy helping out with an electronics project, which will be in the hands of users very soon. There will be a detailed post on the project when that happens this coming weekend. For now, here’s a mysterious peek at its progress:

Ever since I made my first purchase on AliExpress, I have been buying random stuff and they’ve been arriving in batches. On a particular week, they might all combine to form a small pile, somewhat like this:

small pile of mailbag items

If you enjoy watching people buy stuff on AliExpress, eBay, or wherever else and taking them to bits, check out these YouTube channels I subscribe to:

I prefer bigclivedotcom because he shares a lot of insight from his previous job during the teardowns and draws the schematic for most of the items he takes apart.

A protip when buying on AliExpress is to read the reviews first. This may be obvious, but I didn’t do it for the first few items and managed to get away with it, until one incident when my luck apparently ran out. Now I prefer sellers with better reviews over those who offer the lowest price for a particular item. I also pay it forward by contributing to reviews with photos and technical details of the items, to help buyers like myself.

So what can you get on AliExpress?

  • Tools like spudgers, device openers, anti-static poking sticks
  • Soldering iron tips, to complement the soldering iron I just bought
  • Chinese components, like the popular ESP8266
  • Breakout boards
  • Alternative ARM boards, like the Orange Pi One that rivals the Raspberry Pi 2 in terms of price & performance

I bought quite a lot of stuff to work on and I’ll be writing about those projects in time.

A surprise package also came in last week. Unlike the other packages delivered via regular mail, this one was shipped via FedEx.

MPLAB Xpress on the FedEx Small Box it came in

Inside the FedEx Small Box was an even smaller box — the Microchip MPLAB Xpress Evaluation Board. I signed up shortly after I saw the announcement on Hackaday in February and heard nothing back. It took 4 months but I’m supposedly one of the lucky 2,000 sign-ups who received the board for free.

On the evaluation board there’s a PIC16F18855 microcontroller, together with a very under-utilized PIC18F25K50, which presents itself as a USB mass storage device when plugged in and serves to programs the PIC16F. MPLAB Xpress is a cloud-based IDE requiring no installation, and using this mass storage programming approach you don’t need any special USB drivers for the programmer. I’ll give that a go and report back here in a separate blog post.

In the meantime, stay tuned for the post on the mystery project this weekend!

CXG 936d Temperature-Controlled Soldering Iron

A few weeks ago, I watched a Mike’s Electric Stuff video in which he was talking about options for portable soldering irons:

The first soldering iron he talked about seems to be interesting. It’s a soldering iron with temperature control, but everything is built into the form factor of a regular soldering iron. He also showed the insides of the iron, which uses a triac to control the supply, hence eliminating the need for the bulky 24V transformer found in most soldering stations.

Ever since my temperature-controlled soldering station died, I was left without one and fell back to using my cheap 20W iron. I was previously using the Duratool D00673 from element14, which is actually just a re-branded Zhongdi ZD-916. It was really expensive (S$120), so when it died after very infrequent use, I didn’t think it was worth it to get a replacement unit.

The 24V transformer is quite heavy and accounts for most of the weight of this unit, so trying to ship it from overseas was also not worth it. After it died, I tore it down and found that its construction was pretty crappy:

If you want to see more teardown photos and a review of sorts, check out
this EEVBlog forum thread. Of course I have verified that this crappy connector job wasn’t the cause of failure. My preliminary troubleshooting found that the power supply seemed to be working, but there was nothing on the LCD display nor was it responding (no beeps on keypresses).

Thanks to this video, I realized that there are alternative products that combine the best of both worlds.

Continue reading

Paper Shredder Repair

Now is probably a good time to mention that I have a paper shredder. When I was shopping for a shredder, the basic requirement is that it must be relatively “secure”. Straight cut shredders (that produce long straight strips) are definitely not secure.

Ultimately I settled on the CARL DS-3000 personal paper shredder. The DS-3000 is a cross-cut shredder which produces “particles” no larger than 2mm x 4.5mm and this meets DIN security level 4. These days, the NSA mandates 1mm x 5mm “particles” for classified documents.

At this point, it’s probably helpful to show you what my shredder bin looks like:

shredder confetti

From the particles, you can make out various truncated words such as “A/C”, “exp” and the number “5”, but it’s almost impossible to reconstruct any bank balances or personal information from it.

This particular model was the right balance between my budget and the level of security. Plus, the shredder is compact enough to sit on your desk. I bought it in 2009 and I use it every couple of months when I have accumulated enough material that needs to be destroyed.

I was in the middle of shredding papers when it suddenly stopped working. Now the shredder does not respond when I stick paper into its slot. The LED indicator looks dimmer than usual when it is turned on.

But I’m not ready to give up on it just yet…

Continue reading

Interesting 31C3 Talks

31C3 logo "a new dawn"

The 31st Chaos Communication Congress (31C3) ended just 3 days ago, and there were several interesting talks.

They have got live streaming of the event over the web, as well as encourage you to use an external player with RTMP or HLS support. The video streams were very reliable and best of all, it’s available in HD. In comparison, I tried the Apple live event once and it was really crappy. For one, the HLS1 URL is not publicly available , so someone had to dig that out and post it. Even after that, the audio stream was (I believe, unintentionally) a mix of both English and Chinese simultaneously.

The 31C3 video recordings were also uploaded very quickly after the event. This is much quicker than other events such as Black Hat (although as an attendee, you do get a copy of the stuff on a DVD). A really big kudos to the organizers and the video production team!

If you don’t have time to listen to each and every talk, here are a few selected talks that were interesting to me, as well as a short summary to see if it’s worth 30 or 60 minutes of your time.

A full list of talks can be found here: http://media.ccc.de/browse/congress/2014/index.html

Continue reading