Crème Brûlée Camp
We decided to go big at Toorcamp this year and make a jar of crème brûlée for every single person that attended. Delicious? Yes. Too ambitious? Maybe. Open source? You got it.
Image via Patch Eudor
Harnessing the power of GreatFET, we were able to connect a temperature sensor, LCD screen, and some bucket heaters, and cook up a very large amount of crème brûlée inside an average sized cooler while at camp, and it worked… but there were some rough spots. The problem wasn’t necessarily in the cooking process, but in the preparation stage: the cooler was able to fit 120 4oz jars in it for a batch, so someone needs to be cracking 120 eggs and separating the yolks, someone needs to be washing/drying 120 jars and lids from the factory, someone needs to mix the egg yolks, cream, vanilla, and sugar into a huge jug, someone needs to pour the right amount of mix into 120 jars, and someone needs to tighten 120 jar lids to the correct tightness, all while 10 gallons of water heats up in a cooler. Once all this is done, the batch can be placed into the cooking cooler for about seventy-five minutes. Finally, jars can be pulled from the cooking cooler to be sugared and brûlée’d by a person with a blow torch one at a time. Repeat.
As you can imagine, this takes a considerable amount of time and effort for just one batch of 120 jars. Not only that, but there unsurprisingly was not a 100% success rate, as some lids were not tight enough before being cooked and jars were cracked during the blowtorch brûlée phase. Doing this back to back for a few days was a ton of work. We were able to make 695 crème brûlées in one weekend, and everyone that wanted one got at least one! But for anyone thinking about trying this, be prepared to get your hands dirty.
If you want to learn about the R&D process you can check out the talk we gave at Toorcamp or if you’re interested in the source code and set-up, check it out on GitHub.
September 2016 Open House Invitation
Earlier this month, we packed our things and moved our lab and offices to a new location in Evergreen, Colorado. We are are very excited to be in a bigger space (it was time!) and to celebrate, we are hosting an open house on Friday, September 16th from 5 pm to 8 pm. We welcome our friends, associates, and neighbors to come and see our new lab and enjoy food and drink with us.
Our address is:
31207 Keats Way
Suite 101
Evergreen, Colorado 80439
Please let us know you are coming so we don't run out of provisions! RSVP by September 10th to info@greatscottgadgets.com.
We hope to see you there!
Rapid Radio Reversing, ToorCon 2015
In this video of Michael Ossmann’s presentation at ToorCon 2015, he demonstrates how helpful it can be to use a combination of both SDR and non-SDR tools for reverse engineering wireless systems. Michael uses both HackRF One and YARD Stick One to reverse engineer a wireless cabinet lock.
You can download and watch the video on Internet Archive here.
The code from the presentation is in Michael Ossmann’s stealthlock repository.
PortaPack H1 at DEF CON 23
Jared Boone of ShareBrained Technology gave demonstrations of his new PortaPack H1 at the DEF CON 23 Demo Lab. I joined him at his table to help talk with people about the add-on for HackRF One.
PortaPack H1 turns HackRF One into a portable SDR platform. With an LCD, navigation control, and audio input and output, the device can be used as a handheld spectrum analyzer and can implement a wide variety of useful radio functions. A microSD slot on the PortaPack can be used for waveform or firmware storage, and a coin cell keeps the real-time clock and a small amount of configuration RAM going while the device is turned off.
Of course, the hardware designs and firmware for PortaPack H1 are published under an open source license. Jared has done an amazing job of implementing SDR functions for PortaPack that run entirely on HackRF One's ARM Cortex-M4 microcontroller.
To use PortaPack H1, you'll need a HackRF One, and you'll probably want a USB battery pack to make it a fully portable solution. Another popular add-on is the beautiful milled Aluminum enclosure for PortaPack. Jared provides a ShareBrained Technology guitar pick with every PortaPack H1. It is the perfect tool for opening your HackRF One's injection molded plastic enclosure prior to PortaPack installation.
There was a wonderful moment at the Demo Lab when Jared tuned his PortaPack to a frequency being used by Ang Cui at a nearby table. Jared's PortaPack was plugged in to a small speaker, so we could all listen to the AM radio transmission originating from a printer at Ang's table. The printer was physically unmodified but was running malicious software that transmitted radio signals with a funtenna! For more information about Ang's implementation, visit funtenna.org.
My First Look at rad1o Badge
Over the next several days, thousands of hackers will gather at the Chaos Communication Camp in Germany. An electronic badge for the event is being prepared, and it is based on my design for HackRF One!
At DEF CON over the weekend, I was fortunate to be able to meet up with Ray, one of the members of the Munich CCC group responsible for the rad1o badge. Ray was wearing one of the prototype units, so I was able to take a close look.
The design is a variation of HackRF One. It includes a small LCD and an audio interface, so it is a bit like having a HackRF One plus a PortaPack H1 on a single board. A slim, rechargeable LiPo battery is mounted on the back. The visual design of the PCB looks like a traditional AM/FM radio receiver complete with an antenna (which is not the actual RF antenna) and a dial (which is not really a dial).
There are some design modifications, especially in the RF section, that seemed strange to me at first. The reason for many of these changes is that the rad1o team was able to get certain chip vendors to agree to sponsor the badge by donating parts. By redesigning around donated components they were able to reduce the cost to a small fraction of the cost of manufacturing HackRF One, making it possible to build the rad1o badge for several thousand campers.
The firmware for rad1o is derived from HackRF One firmware but is in a separate repository. Because of the LCD and other differences between the two hardware designs, they are not firmware-compatible. When using rad1o as a USB peripheral, it is fully supported by existing software that supports HackRF One. Future rad1o firmware will use a USB product ID of 0xCC15 assigned from the Openmoko pool, but the shipping firmware will borrow HackRF One's product ID. This will ensure that any existing software for HackRF One will work with rad1o during camp. The new product ID (0xCC15) is already supported in libhackrf release 2015.07.2, so it should be easy for people to update to it in the near future.
If you are new to Software Defined Radio and are looking forward to using the badge as a way to get started with SDR, I recommend starting with my video series. You might want to download the videos before leaving for camp. Also take a look at Getting Started with HackRF and GNU Radio and the recommended software for rad1o. If you plan to do firmware or hardware hacking, be sure to clone the rad1o repositories. For examples of Digital Signal Processing (DSP) on the LPC43xx, I suggest studying Jared Boone's firmware for PortaPack H1. Also check out the video of Jared's Software-Defined Radio Signal Processing with a $5 Microcontroller at BSidesLV 2015.
As an open source hardware developer, it is extremely satisfying to see folks start with my design and do something amazing like the rad1o badge. I'm excited to be attending camp for my first time ever, and I can't wait to see the projects people will come up with!
Black Hat Student Pass
If you are a full-time university student and would like a free ticket to this summer's Black Hat Briefings, send an email to freestuff@greatscottgadgets.com today. We have two tickets to give away, and we would like to give them to students who share our interests. You must meet Black Hat's criteria, and you will be responsible for your own travel and lodging.
We'll be busy at Black Hat USA this year. I'm teaching two sessions of my Software Defined Radio class, and I will be giving a talk at the Briefings about the NSA Playset. Additionally, Taylor and I will show off a new project called YARD Stick One at the Black Hat Arsenal.
Open House Invitation
For the first time ever, Dominic, Taylor, and I will all be in the same place at the same time in June. We decided we should celebrate, and you are invited!
Please join us at our recently expanded lab in Evergreen, Colorado on 11 June 2015 from 17:00 to 19:00. You can see the lab, talk to us about our projects, check out our latest prototypes, and even learn to solder!
RSVP to info@greatscottgadgets.com by 4 June 2015 so we don't run out of refreshments.
Great Scott Gadgets
27902 Meadow Drive, Suite 150
Evergreen, Colorado 80439
(the Canyon Courier building)