This is super cool! I would love to learn more about diving into hardware hacking like this, but I feel like the learning curve is basically a hockey stick. Do you have any advice or recommendations for someone like me?
theamk 19 days ago [-]
You start with interfacing with well-known, well-documented hardware devices (say anything from Adafruit or Sparkfun), then move to interfacing with rare devices with badly translated manuals and broken example code (many cheap sensors), and then to reverse engineering.
It helps if you use non-trivial hardware: while plugging STEMMA/Qwiic cables make for simple and reliable hardware, having a nest of wires on protoboard will teach you to how to trace connections and use multimeter/oscilloscope.
Also for reverse engineering, some devices are much easier than others. For example serial ports on various embedded linux devices are probably simplest - you might not be able to do anything useful, but boot logs are often very easy to discover, you don't even need oscillosope/logic analyzer.
The next step is simple one-way links, like most infrared remote controls or cheap radio transmitters (in OOK mode) - easy to capture, and fun (if tedious) to decode. There is a danger that device you pick will turn out unexpectedly complex, so don't be discouraged if you have to give up on one device and pick a different one.
jonwest 18 days ago [-]
This all makes sense, thank you for all of the info!
kokx 18 days ago [-]
The biggest piece of advice I have is to not give up too easily. The writeup makes things seem a lot easier than they actually are. While working on this project I had many moments where I almost gave up. Pushing past such roadblocks can get you to great insights.
For learning how to do such things? Well, a general computer science or electrical engineering background is a great start already. Ideally you learn a bit about embedded systems and how electricity works on circuit boards. A great resource for this is Big Clive on Youtube [1] who reverse engineers many circuits on his channel.
Tinkering around with hardware at a lower level will also reward you with a lot of knowledge. For example just working with an ESP32 and some off-the-shelf sensors will help you get a feeling for how these things work. See if you can communicate with other systems as well this way. Try to do as much as possible using jumper wires and breadboards rather than premade cables, so you get to know how it works. Also get a multimeter (one that beeps) and get comfortable using it. If you're unsure which multimeter to get, Big Clive has a pretty good video about that.
One thing I recommend getting is a logic analyzer. You don't need to go for an expensive Saleae (you can find pretty cheap clones on your regular Chinese webshops for example). Then just use it to investigate things that you already have access to. Attach it to a UART port where you know data is sent over and see if you can obtain that using the logic analyzer.
Then you can probably step over to investigating things you don't know. Just figure out with a multimeter what the voltages are and see if maybe data is sent over the line.
It helps if you use non-trivial hardware: while plugging STEMMA/Qwiic cables make for simple and reliable hardware, having a nest of wires on protoboard will teach you to how to trace connections and use multimeter/oscilloscope.
Also for reverse engineering, some devices are much easier than others. For example serial ports on various embedded linux devices are probably simplest - you might not be able to do anything useful, but boot logs are often very easy to discover, you don't even need oscillosope/logic analyzer.
The next step is simple one-way links, like most infrared remote controls or cheap radio transmitters (in OOK mode) - easy to capture, and fun (if tedious) to decode. There is a danger that device you pick will turn out unexpectedly complex, so don't be discouraged if you have to give up on one device and pick a different one.
For learning how to do such things? Well, a general computer science or electrical engineering background is a great start already. Ideally you learn a bit about embedded systems and how electricity works on circuit boards. A great resource for this is Big Clive on Youtube [1] who reverse engineers many circuits on his channel.
Tinkering around with hardware at a lower level will also reward you with a lot of knowledge. For example just working with an ESP32 and some off-the-shelf sensors will help you get a feeling for how these things work. See if you can communicate with other systems as well this way. Try to do as much as possible using jumper wires and breadboards rather than premade cables, so you get to know how it works. Also get a multimeter (one that beeps) and get comfortable using it. If you're unsure which multimeter to get, Big Clive has a pretty good video about that.
One thing I recommend getting is a logic analyzer. You don't need to go for an expensive Saleae (you can find pretty cheap clones on your regular Chinese webshops for example). Then just use it to investigate things that you already have access to. Attach it to a UART port where you know data is sent over and see if you can obtain that using the logic analyzer.
Then you can probably step over to investigating things you don't know. Just figure out with a multimeter what the voltages are and see if maybe data is sent over the line.
[1]: https://www.youtube.com/@bigclivedotcom