We’ve seen rumors floating around the Twittersphere about a new integrated microprocessor and WiFi SOC: the NL6621 from Nufront. Details are still scarce, but that doesn’t seem to be because the chip is vaporware: you could buy modules on Taobao.com and eBay right now for between two-and-a-half and three bucks, and Nufront’s website says they’ve produced a million modules since 2013.
The NL6621 WiFi SOC is powered by a 160 MHz ARM Cortex-M3 with 448 KB of RAM, and everything else is integrated in the SOC. The module has 32 GPIOs, SPI, I2C, I2S digital audio, and most of the peripherals that you’d expect. They say they have a completely open source SDK, but we can’t find a link to it anywhere. An English-language forum has sprung up in anticipation of the next new thing, and they say that they’ve contacted Nufront about the SDK, so that’s probably as good a place as any to lurk around if you’re interested. With an ARM core, it shouldn’t be long before someone gets GCC working on these things anyway.
It’s also worth noting that we’ve announced ESP8266 killers before, and it hasn’t come to pass. The mixture of community and official support that (eventually) came out of Espressif seems to be the main factor determining the ESP8266’s success, and we don’t see that yet with the NL6621. So take the question mark in the title seriously, but if this turns out to be the next big thing, remember where you heard it first, ok?
Cheap consumer WiFi devices are great for at least three reasons. First, they almost all run an embedded Linux distribution. Second, they’re cheap. If you’re going to break a couple devices in the process of breaking into the things, it’s nice to be able to do so without financial fears. And third, they’re often produced on such low margins that security is an expense that the manufacturers just can’t stomach — meaning they’re often trivially easy to get into.
The hack begins with [Benajmin] finding a telnet prompt on port 11880 and simply logging in as root, with the same password that’s used across all Zsun devices: zsun1188. It’s like they want to you get in. (If you speak Chinese, you’ll recognize the numbers as being a sound-alike for “want to get rich”. So we’ve got the company name and a cliché pun. This is basically the Chinese equivalent of “password1234”.) Along the way, [Benjamin] also notes that the device executes arbitrary code typed into its web interface. Configure it to use the ESSID “reboot”, for instance, and the device reboots. Oh my!
From here [q3k] and co. took over and ported OpenWRT to the device and documented where its serial port and GPIOs are broken out on the physical board. But that’s not all. They’ve also documented how and where to attach a wired Ethernet adapter, should you want to put this thing on a non-wireless network, or use it as a bridge, or whatever. In short, it’s a tiny WiFi router and Linux box in a package that’s about the size of a (Euro coin | US quarter) and costs less than a good dinner out. Just add USB power and you’re good to go.
This pictures show the PCB. As you can see there are pins labeled as RX,TX,GND,3.3V. I simply connected an USB-Serial converter to the pins. The two other pins are GND and GPIO0. If you set a jumper between this two pins, the controller starts in bootloader mode.
The chip above is a NXP HC245, a 3-state Octal bus transceiver. It is used to drive the N-channel MOSFETS (20N06L – 20 A, 60 V, N−Channel DPAK).
The power supply is a 2 stage design. A AOZ1212 3A Simple Buck Regulator to convert the input voltage to about 5V and an AMS1117 low dropout voltage regulator to get 3.3V.
So, what differentiates this from say, something like an ESP-12 or similar boards? So this is a small WIFI-enabled controller, programmed in something that looks suspiciously like the Arduino language – this is course is deliberate to give it that familiar look and feel. But looks can be deceiving – this is a powerful ARM Cortex M3 processor with a Broadcom WIFI chip complete with on-board v3v3 power supply – oh and the design is open-source.
Pins include D0-D7, A0-A5, ADC, DAC and serial I/O an the unit supports battery operation. You get 1 MB Flash and 128KB RAM. There’s an RGB status LED (nice touch) and FreeRTOS is pre-installed. There is a softAP setup mode and the unit is FCC,CE and IC certified. There is an internal ceramic aerial and a connector for an external aerial. You also have SPI,I2C,I2S (whatever that is), CAN, USB and PWM.
If you haven’t heard about the Amazon dash button yet we’re glad you quit watching cat videos and have joined us. Just to get you up to speed: the Amazon dash button is a small wireless device that lets your lazy ass order more laundry soap by pushing the “dash button” which should be affixed to something near your washing machine. The pushing of the button will set in motion the gut wrenching process that we used to know as “buying things we ran out of” but thanks to Amazon we can now just cover our entire lives with an assortment of buttons that take zero credentials to physically push. We can’t see that being a problem whatsoever.
Needless to say we as a community set out to find an actual use for these fantastic little devices. [maximus64] has done quite a nice job at enabling this hardware in a most usable way. Most of the hacks we have seen for the dash button remove the physical push button and add a sensor of some kind. Replacing the button with a sensor still uses the WiFi connection to send data from the button to the cloud. Instead of the button ordering more <<product>> from Amazon, a sensor might trigger the dash to increment a counter on your website letting you know that your dog went through the doggy door +1 more times.
[maximus64] has the dash button working in the reverse manner by porting the Broadcom IoT WICED SDK to the button. He is using the dash button as a receiver and when [maximus64] sends the “all good” signal from his laptop to the dash button his garage door opens which you can see in the video after the break. We find this extremely more useful than the dash button’s original intended use. [maximus64] has instructions in the readme.md file of the github repo so that you too can hack your dash button in this way.
About a million of you emailed us over the weekend about this new implementation of the Raspberry Pi, in a rifle-shaped device which the US Army’s Cyber Institute appears to have made in order to shoot down domestic drones for…a bit of a lark.
What you’re seeing here is a Pi and a dirty great Wi-Fi antenna, which the fella in camouflage is using to trigger a known exploit in a commercial Parrot quadrotor.
In an interview with Popular Mechanics, Captain Brent Chapman explains that the form factor is useful in showing non-technical senior officers what cyber-weaponry is useful for (he hasn’t just made it gun-shaped because gun-shaped things are what armies do). The shape of this setup makes it easy to demonstrate that this isn’t impenetrable, hard-to-understand technology: it’s something you recognise. A thing you point at something and shoot with.
In the video above, the cyber-rifle is being used to demonstrate how to remotely breach the security of a locked bunker. (This bunker is much cuter and less full of deadly stuff than the ones I imagine when I read the news.)
Captain Chapman says:
“It was something that we built in order to illustrate the power of enabling the soldiers at the tactical level to ‘make’ in support of a mission. It’s an idea we call tactical making, or expeditionary making.”