I created an open-source Hardware Hacking Wiki – with tutorials for beginners
(hardbreak.wiki)737 points by hw-f3nter 6 days ago
737 points by hw-f3nter 6 days ago
Get a ham radio technician license, and you may develop an intuitive perspective on most electrical engineering concepts.
i.e. the physics lab derivation of the core EE tool set is unnecessary if you understand what the models are describing.
AI is slop in and slop out... and dangerous to students... =3
John Shive's Wave Machines is where every student should start:
> Get a ham radio technician license, and you may develop an intuitive perspective on most electrical engineering concepts.
May. I managed to get one without developing much intuition for most EE concepts, unfortunately.
Were you also completely turned off by the community?
I ask because I got into it about 15+ years ago for the purposes of helping with emergency comms and learning more about electronics, but found the community extremely hostile toward new comers that did not have money to burn on expensive gear. I ended up just giving up on it after a few years after investing in a bunch of Arduino stuff and learned far more about EE than I ever did playing at radio. The concept of the Elmer seemed dead, leaving nobody who wanted to show the new guys the ropes.
From what I understand, maybe that has changed in recent years?
Weirdly, I did take something away from my experience with ham radio; I know an awful lot about the weather and atmosphere now, which has turned into a lasting interest.
Did you mean you don't understand the equations/theory, or are having difficulty applying the concepts to design circuits?
In the first case, install LTSpice (free from Analog Devices), and head here to run down the basics:
https://www.youtube.com/@FesZElectronics/videos
And in the latter, go though common basic designs analyzing how they work:
https://archive.org/details/encyclopediaofelectroniccircuits...
https://archive.org/details/encyclopediaofel02graf
https://archive.org/details/isbn_9780070110779
https://archive.org/details/encyclopediaofel0006graf
Then try your own designs combining properties of several designs. Start with simple blinkers and buzzers at first... Try to avoid Arduino designs until you've done a few 555, transistor, and opamp circuits first. =3
At least in the UK you can't if you're a linux user, the software they use to spy on you while taking the test is windows only.
Well first off, the certificate comes with certain guarantees, and they can't give those guarantees if they can't prove you didn't cheat on the test. "spy on you" is absolutely correct, but a bad faith phrasing. That said, I did my AWS test at a test / exam center where there's isolated computers and cameras to validate that there was no cheating.
dangerous to students
It's fatally dangerous to students who ignore it or dismiss it out of hand. That much is already certain.
Case in point, under Case Study > Reconnaissance > OSINT, these two paragraphs follow one another - same content but different wording.
> The first step in any hardware hacking project is research. I started by Googling the router model number, "ASUS RT-N12 D1", and came across an article about a similar model, the ASUS RT-N12+ B1. The article mentioned that the device had an open UART interface allowing unauthenticated root access. However, it provided no exact details on how to exploit this or where the UART interface might be located. Could my router model have the same vulnerability?
> In the first step I googled the model number for my router "ASUS RT N12 D1" and I came accross this article. It shows that a similar model the "ASUS RT N12+ B1" appears to have an open UART interface, which gives unauthenticated root access. It does not show how to exacltly abuse this or any details where to find the UART interface. Let's see if our router model may have the same vulnerability!
Unfortunately not Open Source, in the common definition of the word.
From the license.md [0] page, under "Terms":
> Exemptions: Commercial Use: For inquiries regarding commercial use, please contact the author.
[0] https://github.com/f3nter/HardBreak/blob/fd3d2d4cd17624a3f62...
Thanks for your work in pointing this out! Like a trademark, we have to defend this term if we want its meaning to persist.
I don't have specific sources, but to those curious, the gist is this: open source, or more accurately free software or free culture, is not about the creator. It is about affirming the rights of the user, to use the work in any way they wish, which includes selling it.
A common phrase to correct this unfortunate misconception is "free as in speech, not as in beer". The price tag is not the issue (you can actually sell free work, like by commission or by phsyical copies), the freedom of the user is. This includes the freedom to reuse the content in a commercial manner. Just about the only freedom that may be restricted is the freedom to restrict others.
You may disagree with this, but this is just the history of the free software, free culture and open source movement, which built a significant portion of the software world we have today.
I just don't want anyone to copy the content and sell it. It's meant to be freely accessible to everyone.
That's fine. It's just not open source. Don't call it open source if it's not.
Definition: https://opensource.org/osd
Not everyone agrees with this definition. If the source is open to read, for me it's open source. The website you linked is an opinionated view on what open source is.
This reminds me of the discussion of whether if open source AI models are open source or not, when the training data is not available to the public.
I mean this lists MIT license as opensource license, when it's clearly not, because it doesn't at all mention source code. The license just talks about "software".
Anyone is free to publish only binaries+docs under this license, if they wish.
So the website is not very accurate.
>Free and open-source software (FOSS) or free/libre and open-source software (FLOSS) is openly shared source code that is licensed without any restrictions on usage, modification, or distribution. Confusion persists about this definition because the "free", also known as "libre", refers to the freedom of the product, not the price, expense, cost, or charge. For example, "being free to speak" is not the same as "free beer".
I generally think of open source as where I can see the code and freely modify it, not necessarily freely commercialize it on my own.
Have you thought of a Creative Commons license? You can have a Non-Commercial clause, while letting others to cooperate with you and remix the information in your site. CC licenses are IMHO better suited for documents than things like GPL, BSD or MIT.
This is great timing. I recently purchased a micro:bit for learning with my young daughter (who loves it) and found I was very quickly out of my depth with even the most rudimentary customisation for the board.
My draws have now exploded with breadboards, alligator clips, jump wires, LCDs and various other electrical components and I'm in desperate need of understanding the fundamentals of how all these things work.
There's something magical and addictive about being able to control your own hardware components from your own code though. We've had great joy from simply lighting up LEDs and programming our IR receiver.
This is rad! I’ll throw this in my embedded resources round up [1]
Whoa! Very much appreciated!
Fantastic round-up with loads of useful inclusions. Thanks for sharing!
Nice! Hopefully it will grow to include circuit bending [1] techniques, those typically used for altering music machines and similar.
Just in case folks are curious, a circuit bending wiki does exist:
A minor nitpick, but it would be great if you put a description of the site in the meta/og description[0] so people get an explanation of what the site is when linking elsewhere, e.g. the same "This page is a free and open-source wiki about hardware hacking!" as is on the page itself. I just linked the site in Slack and it just says "hardbreak.wiki / Welcome to HardBreak | Hardbreak" which is pretty terse. I imagine there might be some setting in your wiki software that might populate these tags automatically (moreso than they already have), with any luck!
[0] https://ogp.me/
You are right! I encountered the same problem. Unfortunately, I didn't find a setting in Gitbook to change the preview text, just the preview image. It seems like it just takes the name of the first page 'Welcome to HardBreak' and adds the site name 'HardBreak' at the end. So I'd have to change the name of the first page, but a name like 'HardBreak - a Hardware Hacking Wiki' or something similar would look weird on the website, I think. I haven't found a good solution for that yet.
Shameless plug: For anybody wanting to get into rockchip SoC development I've created a (no AI) resource: https://danielc.dev/rk/
This is great.
I've always been on the application security side of things, but I'm increasingly interested in hardware hacking. Through some cursory research, I learned that there are a few scattered resources, but the best way to learn is to really work with someone who knows what they're doing.
Putting all these guides, roadmaps, etc. together in a single place is a great resource that I'll definitely use.
Thank you!
Instead of `strings` for the search[1], I recommend using `rz-bin`[2] and `rz-find`[3] tools, which offer more flexibility, searching strings outside of the data sections, searching for Unicode and less common encodings, and built-in cryptographic keys search. There are also `/` (search) commands in the Rizin itself. As for the entropy, there is a configurable and interactive histogram, see `p=` and `p==` commands, e.g. `p==e`.
[1] https://book.rizin.re/src/search_bytes/intro.html
AI gen hogwash
Head to your local public library and pick any book pre 2020
I know of one family that’s doing homeschooling. It’s not because of classmates, it’s because of curriculum failures. Their school district has messed up both reading (not doing phonics) and math. So if their kid goes to school they still have to go home and spend a lot of additional time learning. If they stay home, they learn everything they need in much less than a school day. This is only possible for them due to modern education software that lets them know exactly where their kid is at and where tutoring is needed.
Can anyone recommend a resource for how to (architecturally) handle communication with a device over i2c? That is where I am kinda stuck atm when it comes to programming a GPS device.
Backstory: at one point I was trying to use elixir/nerves on an rpi to manipulate a few sensor modules to try and produce a race lap timer for motorcycles: https://github.com/whalesalad/rabbit/blob/master/lib/rabbit/...
I bit off more than I could chew: learn elixir, learn i2c, and produce a novel library for controlling the ublox chip since nothing existed for Elixir.
But when it comes to managing the state of the device, reading/writing memory, etc.. that is all very foreign to me (I am used to sockets, http apis, etc) like request/response style interactions.
So it jumps into detail quickly and is written by a vendor but this is a pretty good guide handling the architecture and detail. See how read and writes use device and register addresses to issue requests, and responses are managed with clock pulses and bus arbitration.
You might find some useful information on elinux.org here: https://elinux.org/Interfacing_with_I2C_Devices
Additionally, search on the wiki of i2c.
The wiki is free and open-source? Or the contents of the wiki are free and open-source?
If it's a wiki, it would be less than courteous to restrictively copyright public contributions (but I'm sure it's been done).
And presumably, paywalling it would reduce contributions.
My impression as to the number one barrier to hardware modifications is soldering. For some reason people can't or won't do it.
So I'd like to introduce the non-sponsor for this comment, "Pincel" the open firmware soldering iron
https://pine64.org/devices/pinecil/
It's running a risc-v chip on open firmware so you'll have cool points with when you whip it out at Richard Stallman's next BBQ.
The Pinecil is great, but is definitely a terrible recommendation for anyone new to soldering. If you're trying to encourage people to learn to solder, they should be doing it with a proper station that can handle and maintain temp for extended periods. I have a Pinecil, but it's really only useful for quick on-the-fly jobs (which it excels at, in my experience) so it stays in my tool bag for work. It suffers from overheating and temperature changes for more lengthy jobs.
Otherwise, yeah, if you're already competent at soldering and need a pocket-sized iron that you can create a portable power supply for, invest in a Pinecil
Ok, next time I'll do it like this
<HUMOR> <!----- THIS IS THE FUNNY PART ----->
So I'd like to introduce the non-sponsor for this comment, "Pincel" the open firmware soldering iron
https://pine64.org/devices/pinecil/
It's running a risc-v chip on open firmware so you'll have cool points with when you whip it out at Richard Stallman's next BBQ.
<!-------- THE FUNNY PART IS ENDING HERE ------> </HUMOR>
So it's 10000000% clear I am making the joke.
This is great, and sorely needed! My son wanted to get into hardware hacking a couple of years ago and had a horrible time. He ended up watching a mish-mash of varying quality youtube videos and reading blog posts which went out of date suprisingly quick.
Ian Lesnet/Dangerous Prototypes have within the last few months released the v5 Bus Pirate. Looks like he and the Dangerous Prototypes team might have taken on different ventures, but Ian has come back to the Bus Pirate.
On a personal note, I think the v5 hardware is pretty good, worth having alongside a Tigard since they are all so cheap anyway.
Edit: Apparently there's now a v5 XL and a v6 based on the RP2350 been released too, seems to be revived
Great idea, and it's definitely an area I am becoming more interested in as a hobbyist.
Not to be that guy, but I always think it's a shame to see an open source community centre itself around a Discord server.
I like IRC, but that seems to be an unpopular opinion these days (but maybe appropriate for a bunch of hardware hackers, since you could probably host it on an ESP32 if you were so inclined lol). There is also Matrix, which is somewhat more modern, or Zulip as another commenter has mentioned.
Ultimately it's your decision, and I guess Discord is probably easier to manage. Just consider that with Discord the discussions and knowledge that build up on the server don't really belong to you.
https://news.ycombinator.com/item?id=42685138 is the one I always post in any mention if Discord or Slack because they are both walled gardens
In your specific case, you may have to self-host or pay because I don't believe your project would qualify under their open source hosting offering but it wouldn't hurt to ask
I love it so much. I always wanted to get started with hardware hacking , and this is the right place to start !
Thank you for the site.
I've been trying to learn how to customize Linux (e.g. roll my own Linux) for any platform but it takes time to learn since all the information is laid out all over the internet, thus hard to locate. I'm aware of Linux From Scratch project but it is a long read and I find that certain knowledge is assumed (e.g. why build chain is needed), thus not necessarily newbie-friendly. Though I've yet to go through your site, hopefully it will take the newbie inexperience (e.g. electronics knowledge if any) into consideration.
Good luck, SM68
I was thinking about it, but the Guidelines include this:
>Off topic: blog posts, sign-up pages, newsletters, lists, and other reading material. Those can't be tried out, so can't be Show HNs. Make a regular submission instead.
so I made a regular submission, as I think HardBreak is reading material. @Mods feel free to move my post, if this is considered a Show HN post.
whether partially open source or not, I appreciate this. Thanks, OP
fantastic providing such knowledge for free, many thanks
Thanks for the wiki -- I have always been interested in hardware hacking but I have always felt overwhelmed as I didn't know where to start. I believe this kind of resource can greatly help with that, especially the case studies.
However, I can't help but feel that a major part of the content is LLM-generated, or at least LLM-rewritten. It feels off and uninteresting to read, honestly. Is it the case? To support my case, I see that the case study page (https://www.hardbreak.wiki/introduction/case-study-led-to-a-...) has very similar paragraphs next to each other, the second one seemingly being the "genuine" one, and the first one being the LLM-rewritten version.
I'm not against using LLMs to help fix typos or reformulate things, but you should definitely keep some of your style. The LLM that you used (if you used one) made the content super bland, and as a reader, I'm not really incentivized to browse more.