Thanks for the wiki -- I have always been interested in hardware hacking but I have always felt overwhelmed as I didn't know where to start. I believe this kind of resource can greatly help with that, especially the case studies.
However, I can't help but feel that a major part of the content is LLM-generated, or at least LLM-rewritten. It feels off and uninteresting to read, honestly. Is it the case? To support my case, I see that the case study page (https://www.hardbreak.wiki/introduction/case-study-led-to-a-...) has very similar paragraphs next to each other, the second one seemingly being the "genuine" one, and the first one being the LLM-rewritten version.
I'm not against using LLMs to help fix typos or reformulate things, but you should definitely keep some of your style. The LLM that you used (if you used one) made the content super bland, and as a reader, I'm not really incentivized to browse more.
Case in point, under Case Study > Reconnaissance > OSINT, these two paragraphs follow one another - same content but different wording.
> The first step in any hardware hacking project is research. I started by Googling the router model number, "ASUS RT-N12 D1", and came across an article about a similar model, the ASUS RT-N12+ B1. The article mentioned that the device had an open UART interface allowing unauthenticated root access. However, it provided no exact details on how to exploit this or where the UART interface might be located. Could my router model have the same vulnerability?
> In the first step I googled the model number for my router "ASUS RT N12 D1" and I came accross this article. It shows that a similar model the "ASUS RT N12+ B1" appears to have an open UART interface, which gives unauthenticated root access. It does not show how to exacltly abuse this or any details where to find the UART interface. Let's see if our router model may have the same vulnerability!
Thanks for your work in pointing this out! Like a trademark, we have to defend this term if we want its meaning to persist.
I don't have specific sources, but to those curious, the gist is this: open source, or more accurately free software or free culture, is not about the creator. It is about affirming the rights of the user, to use the work in any way they wish, which includes selling it.
A common phrase to correct this unfortunate misconception is "free as in speech, not as in beer". The price tag is not the issue (you can actually sell free work, like by commission or by phsyical copies), the freedom of the user is. This includes the freedom to reuse the content in a commercial manner. Just about the only freedom that may be restricted is the freedom to restrict others.
You may disagree with this, but this is just the history of the free software, free culture and open source movement, which built a significant portion of the software world we have today.
Have you thought of a Creative Commons license? You can have a Non-Commercial clause, while letting others to cooperate with you and remix the information in your site. CC licenses are IMHO better suited for documents than things like GPL, BSD or MIT.
wrong. your definition essentially means "business friendly", the wiki is open source in every way that matters, except for "lets make money off this persons free work"
This is great timing. I recently purchased a micro:bit for learning with my young daughter (who loves it) and found I was very quickly out of my depth with even the most rudimentary customisation for the board.
My draws have now exploded with breadboards, alligator clips, jump wires, LCDs and various other electrical components and I'm in desperate need of understanding the fundamentals of how all these things work.
There's something magical and addictive about being able to control your own hardware components from your own code though. We've had great joy from simply lighting up LEDs and programming our IR receiver.
A minor nitpick, but it would be great if you put a description of the site in the meta/og description[0] so people get an explanation of what the site is when linking elsewhere, e.g. the same "This page is a free and open-source wiki about hardware hacking!" as is on the page itself. I just linked the site in Slack and it just says "hardbreak.wiki / Welcome to HardBreak | Hardbreak" which is pretty terse. I imagine there might be some setting in your wiki software that might populate these tags automatically (moreso than they already have), with any luck!
You are right! I encountered the same problem. Unfortunately, I didn't find a setting in Gitbook to change the preview text, just the preview image. It seems like it just takes the name of the first page 'Welcome to HardBreak' and adds the site name 'HardBreak' at the end. So I'd have to change the name of the first page, but a name like 'HardBreak - a Hardware Hacking Wiki' or something similar would look weird on the website, I think. I haven't found a good solution for that yet.
I've always been on the application security side of things, but I'm increasingly interested in hardware hacking. Through some cursory research, I learned that there are a few scattered resources, but the best way to learn is to really work with someone who knows what they're doing.
Putting all these guides, roadmaps, etc. together in a single place is a great resource that I'll definitely use.
Instead of `strings` for the search[1], I recommend using `rz-bin`[2] and `rz-find`[3] tools, which offer more flexibility, searching strings outside of the data sections, searching for Unicode and less common encodings, and built-in cryptographic keys search. There are also `/` (search) commands in the Rizin itself. As for the entropy, there is a configurable and interactive histogram, see `p=` and `p==` commands, e.g. `p==e`.
I know of one family that’s doing homeschooling. It’s not because of classmates, it’s because of curriculum failures. Their school district has messed up both reading (not doing phonics) and math. So if their kid goes to school they still have to go home and spend a lot of additional time learning. If they stay home, they learn everything they need in much less than a school day.
This is only possible for them due to modern education software that lets them know exactly where their kid is at and where tutoring is needed.
Can anyone recommend a resource for how to (architecturally) handle communication with a device over i2c? That is where I am kinda stuck atm when it comes to programming a GPS device.
I bit off more than I could chew: learn elixir, learn i2c, and produce a novel library for controlling the ublox chip since nothing existed for Elixir.
But when it comes to managing the state of the device, reading/writing memory, etc.. that is all very foreign to me (I am used to sockets, http apis, etc) like request/response style interactions.
So it jumps into detail quickly and is written by a vendor but this is a pretty good guide handling the architecture and detail. See how read and writes use device and register addresses to issue requests, and responses are managed with clock pulses and bus arbitration.
The Pinecil is great, but is definitely a terrible recommendation for anyone new to soldering. If you're trying to encourage people to learn to solder, they should be doing it with a proper station that can handle and maintain temp for extended periods. I have a Pinecil, but it's really only useful for quick on-the-fly jobs (which it excels at, in my experience) so it stays in my tool bag for work. It suffers from overheating and temperature changes for more lengthy jobs.
Otherwise, yeah, if you're already competent at soldering and need a pocket-sized iron that you can create a portable power supply for, invest in a Pinecil
This is good. I would've like to see the things that are possible by hacking hardware upfront. I think this help entice users by providing some exciting anticipation.
One interesting feature: an index of all existing (already documented) hardware hacks on commercial devices. I know for example the IP camera industry has a large models that many different people are modding, but their docs are scattered all over github.
This is great, and sorely needed! My son wanted to get into hardware hacking a couple of years ago and had a horrible time. He ended up watching a mish-mash of varying quality youtube videos and reading blog posts which went out of date suprisingly quick.
Thanks this is an awesome resource! Especially to get into hardware hacking without getting lost in case studies... It looks super beginner friendly too
Ian Lesnet/Dangerous Prototypes have within the last few months released the v5 Bus Pirate. Looks like he and the Dangerous Prototypes team might have taken on different ventures, but Ian has come back to the Bus Pirate.
On a personal note, I think the v5 hardware is pretty good, worth having alongside a Tigard since they are all so cheap anyway.
Edit: Apparently there's now a v5 XL and a v6 based on the RP2350 been released too, seems to be revived
Thank you for your feedback!
The Discord server serves as a platform for feedback and discussions about hardware hacking and HardBreak. Do you have any suggestions for alternative ways to offer these features?
I like IRC, but that seems to be an unpopular opinion these days (but maybe appropriate for a bunch of hardware hackers, since you could probably host it on an ESP32 if you were so inclined lol). There is also Matrix, which is somewhat more modern, or Zulip as another commenter has mentioned.
Ultimately it's your decision, and I guess Discord is probably easier to manage. Just consider that with Discord the discussions and knowledge that build up on the server don't really belong to you.
In your specific case, you may have to self-host or pay because I don't believe your project would qualify under their open source hosting offering but it wouldn't hurt to ask
I've been trying to learn how to customize Linux (e.g. roll my own Linux) for any platform but it takes time to learn since all the information is laid out all over the internet, thus hard to locate. I'm aware of Linux From Scratch project but it is a long read and I find that certain knowledge is assumed (e.g. why build chain is needed), thus not necessarily newbie-friendly. Though I've yet to go through your site, hopefully it will take the newbie inexperience (e.g. electronics knowledge if any) into consideration.
I was thinking about it, but the Guidelines include this:
>Off topic: blog posts, sign-up pages, newsletters, lists, and other reading material. Those can't be tried out, so can't be Show HNs. Make a regular submission instead.
so I made a regular submission, as I think HardBreak is reading material. @Mods feel free to move my post, if this is considered a Show HN post.
Thanks for the wiki!
Thanks for the wiki -- I have always been interested in hardware hacking but I have always felt overwhelmed as I didn't know where to start. I believe this kind of resource can greatly help with that, especially the case studies.
However, I can't help but feel that a major part of the content is LLM-generated, or at least LLM-rewritten. It feels off and uninteresting to read, honestly. Is it the case? To support my case, I see that the case study page (https://www.hardbreak.wiki/introduction/case-study-led-to-a-...) has very similar paragraphs next to each other, the second one seemingly being the "genuine" one, and the first one being the LLM-rewritten version.
I'm not against using LLMs to help fix typos or reformulate things, but you should definitely keep some of your style. The LLM that you used (if you used one) made the content super bland, and as a reader, I'm not really incentivized to browse more.
Get a ham radio technician license, and you may develop an intuitive perspective on most electrical engineering concepts.
i.e. the physics lab derivation of the core EE tool set is unnecessary if you understand what the models are describing.
AI is slop in and slop out... and dangerous to students... =3
John Shive's Wave Machines is where every student should start:
https://www.youtube.com/watch?v=DovunOxlY1k
> Get a ham radio technician license, and you may develop an intuitive perspective on most electrical engineering concepts.
May. I managed to get one without developing much intuition for most EE concepts, unfortunately.
15 replies →
At least in the UK you can't if you're a linux user, the software they use to spy on you while taking the test is windows only.
1 reply →
dangerous to students
It's fatally dangerous to students who ignore it or dismiss it out of hand. That much is already certain.
28 replies →
Case in point, under Case Study > Reconnaissance > OSINT, these two paragraphs follow one another - same content but different wording.
> The first step in any hardware hacking project is research. I started by Googling the router model number, "ASUS RT-N12 D1", and came across an article about a similar model, the ASUS RT-N12+ B1. The article mentioned that the device had an open UART interface allowing unauthenticated root access. However, it provided no exact details on how to exploit this or where the UART interface might be located. Could my router model have the same vulnerability?
> In the first step I googled the model number for my router "ASUS RT N12 D1" and I came accross this article. It shows that a similar model the "ASUS RT N12+ B1" appears to have an open UART interface, which gives unauthenticated root access. It does not show how to exacltly abuse this or any details where to find the UART interface. Let's see if our router model may have the same vulnerability!
Unfortunately not Open Source, in the common definition of the word.
From the license.md [0] page, under "Terms":
> Exemptions: Commercial Use: For inquiries regarding commercial use, please contact the author.
[0] https://github.com/f3nter/HardBreak/blob/fd3d2d4cd17624a3f62...
Thanks for your work in pointing this out! Like a trademark, we have to defend this term if we want its meaning to persist.
I don't have specific sources, but to those curious, the gist is this: open source, or more accurately free software or free culture, is not about the creator. It is about affirming the rights of the user, to use the work in any way they wish, which includes selling it.
A common phrase to correct this unfortunate misconception is "free as in speech, not as in beer". The price tag is not the issue (you can actually sell free work, like by commission or by phsyical copies), the freedom of the user is. This includes the freedom to reuse the content in a commercial manner. Just about the only freedom that may be restricted is the freedom to restrict others.
You may disagree with this, but this is just the history of the free software, free culture and open source movement, which built a significant portion of the software world we have today.
I just don't want anyone to copy the content and sell it. It's meant to be freely accessible to everyone.
That's fine. It's just not open source. Don't call it open source if it's not.
Definition: https://opensource.org/osd
18 replies →
Have you thought of a Creative Commons license? You can have a Non-Commercial clause, while letting others to cooperate with you and remix the information in your site. CC licenses are IMHO better suited for documents than things like GPL, BSD or MIT.
https://chooser-beta.creativecommons.org/
2 replies →
wrong. your definition essentially means "business friendly", the wiki is open source in every way that matters, except for "lets make money off this persons free work"
This is great timing. I recently purchased a micro:bit for learning with my young daughter (who loves it) and found I was very quickly out of my depth with even the most rudimentary customisation for the board.
My draws have now exploded with breadboards, alligator clips, jump wires, LCDs and various other electrical components and I'm in desperate need of understanding the fundamentals of how all these things work.
There's something magical and addictive about being able to control your own hardware components from your own code though. We've had great joy from simply lighting up LEDs and programming our IR receiver.
This is rad! I’ll throw this in my embedded resources round up [1]
https://hardwareteams.com/docs/embedded/embedded-resources/
Whoa! Very much appreciated!
Fantastic round-up with loads of useful inclusions. Thanks for sharing!
Nice! Hopefully it will grow to include circuit bending [1] techniques, those typically used for altering music machines and similar.
[1]. https://en.wikipedia.org/wiki/Circuit_bending
Just in case folks are curious, a circuit bending wiki does exist:
https://circuitbending.miraheze.org/wiki/Circuit_Bending
A minor nitpick, but it would be great if you put a description of the site in the meta/og description[0] so people get an explanation of what the site is when linking elsewhere, e.g. the same "This page is a free and open-source wiki about hardware hacking!" as is on the page itself. I just linked the site in Slack and it just says "hardbreak.wiki / Welcome to HardBreak | Hardbreak" which is pretty terse. I imagine there might be some setting in your wiki software that might populate these tags automatically (moreso than they already have), with any luck!
[0] https://ogp.me/
You are right! I encountered the same problem. Unfortunately, I didn't find a setting in Gitbook to change the preview text, just the preview image. It seems like it just takes the name of the first page 'Welcome to HardBreak' and adds the site name 'HardBreak' at the end. So I'd have to change the name of the first page, but a name like 'HardBreak - a Hardware Hacking Wiki' or something similar would look weird on the website, I think. I haven't found a good solution for that yet.
I think having it in the homepage title is fine. I do it for most sites I build for exactly this reason.
“HardBreak - Open-Source Hardware Hacking Wiki”
Looks fine as a title, and helps for embeds/sharing.
Shameless plug: For anybody wanting to get into rockchip SoC development I've created a (no AI) resource: https://danielc.dev/rk/
This is great.
I've always been on the application security side of things, but I'm increasingly interested in hardware hacking. Through some cursory research, I learned that there are a few scattered resources, but the best way to learn is to really work with someone who knows what they're doing.
Putting all these guides, roadmaps, etc. together in a single place is a great resource that I'll definitely use.
Thank you!
Instead of `strings` for the search[1], I recommend using `rz-bin`[2] and `rz-find`[3] tools, which offer more flexibility, searching strings outside of the data sections, searching for Unicode and less common encodings, and built-in cryptographic keys search. There are also `/` (search) commands in the Rizin itself. As for the entropy, there is a configurable and interactive histogram, see `p=` and `p==` commands, e.g. `p==e`.
[1] https://book.rizin.re/src/search_bytes/intro.html
[2] https://book.rizin.re/src/tools/rz-bin/strings.html
[3] https://book.rizin.re/src/tools/rz-find/intro.html
AI gen hogwash
Head to your local public library and pick any book pre 2020
hogwash because hogwash or because ai?
I know of one family that’s doing homeschooling. It’s not because of classmates, it’s because of curriculum failures. Their school district has messed up both reading (not doing phonics) and math. So if their kid goes to school they still have to go home and spend a lot of additional time learning. If they stay home, they learn everything they need in much less than a school day. This is only possible for them due to modern education software that lets them know exactly where their kid is at and where tutoring is needed.
Can anyone recommend a resource for how to (architecturally) handle communication with a device over i2c? That is where I am kinda stuck atm when it comes to programming a GPS device.
Backstory: at one point I was trying to use elixir/nerves on an rpi to manipulate a few sensor modules to try and produce a race lap timer for motorcycles: https://github.com/whalesalad/rabbit/blob/master/lib/rabbit/...
I bit off more than I could chew: learn elixir, learn i2c, and produce a novel library for controlling the ublox chip since nothing existed for Elixir.
But when it comes to managing the state of the device, reading/writing memory, etc.. that is all very foreign to me (I am used to sockets, http apis, etc) like request/response style interactions.
So it jumps into detail quickly and is written by a vendor but this is a pretty good guide handling the architecture and detail. See how read and writes use device and register addresses to issue requests, and responses are managed with clock pulses and bus arbitration.
https://www.ti.com/lit/pdf/sbaa565 [pdf]
thank you!
You might find some useful information on elinux.org here: https://elinux.org/Interfacing_with_I2C_Devices
Additionally, search on the wiki of i2c.
The wiki is free and open-source? Or the contents of the wiki are free and open-source?
If it's a wiki, it would be less than courteous to restrictively copyright public contributions (but I'm sure it's been done).
And presumably, paywalling it would reduce contributions.
My impression as to the number one barrier to hardware modifications is soldering. For some reason people can't or won't do it.
So I'd like to introduce the non-sponsor for this comment, "Pincel" the open firmware soldering iron
https://pine64.org/devices/pinecil/
It's running a risc-v chip on open firmware so you'll have cool points with when you whip it out at Richard Stallman's next BBQ.
It's nice that open firmware exists
but why on earth would a soldering iron need firmware to begin with?
Temperature control.
It can be done w/o software for sure, but it's easier to do PID with.
The Pinecil is great, but is definitely a terrible recommendation for anyone new to soldering. If you're trying to encourage people to learn to solder, they should be doing it with a proper station that can handle and maintain temp for extended periods. I have a Pinecil, but it's really only useful for quick on-the-fly jobs (which it excels at, in my experience) so it stays in my tool bag for work. It suffers from overheating and temperature changes for more lengthy jobs.
Otherwise, yeah, if you're already competent at soldering and need a pocket-sized iron that you can create a portable power supply for, invest in a Pinecil
Ok, next time I'll do it like this
<HUMOR> <!----- THIS IS THE FUNNY PART ----->
So I'd like to introduce the non-sponsor for this comment, "Pincel" the open firmware soldering iron
https://pine64.org/devices/pinecil/
It's running a risc-v chip on open firmware so you'll have cool points with when you whip it out at Richard Stallman's next BBQ.
<!-------- THE FUNNY PART IS ENDING HERE ------> </HUMOR>
So it's 10000000% clear I am making the joke.
1 reply →
This is good. I would've like to see the things that are possible by hacking hardware upfront. I think this help entice users by providing some exciting anticipation.
One interesting feature: an index of all existing (already documented) hardware hacks on commercial devices. I know for example the IP camera industry has a large models that many different people are modding, but their docs are scattered all over github.
This is great, and sorely needed! My son wanted to get into hardware hacking a couple of years ago and had a horrible time. He ended up watching a mish-mash of varying quality youtube videos and reading blog posts which went out of date suprisingly quick.
Thanks this is an awesome resource! Especially to get into hardware hacking without getting lost in case studies... It looks super beginner friendly too
Omg, wiki is recommending "Bus Pirate", this HW is many years old and basically abandoned project. Use something up-to-date, like Tigard and BitMagic.
Ian Lesnet/Dangerous Prototypes have within the last few months released the v5 Bus Pirate. Looks like he and the Dangerous Prototypes team might have taken on different ventures, but Ian has come back to the Bus Pirate.
On a personal note, I think the v5 hardware is pretty good, worth having alongside a Tigard since they are all so cheap anyway.
Edit: Apparently there's now a v5 XL and a v6 based on the RP2350 been released too, seems to be revived
Great idea, and it's definitely an area I am becoming more interested in as a hobbyist.
Not to be that guy, but I always think it's a shame to see an open source community centre itself around a Discord server.
Thank you for your feedback! The Discord server serves as a platform for feedback and discussions about hardware hacking and HardBreak. Do you have any suggestions for alternative ways to offer these features?
I like IRC, but that seems to be an unpopular opinion these days (but maybe appropriate for a bunch of hardware hackers, since you could probably host it on an ESP32 if you were so inclined lol). There is also Matrix, which is somewhat more modern, or Zulip as another commenter has mentioned.
Ultimately it's your decision, and I guess Discord is probably easier to manage. Just consider that with Discord the discussions and knowledge that build up on the server don't really belong to you.
https://news.ycombinator.com/item?id=42685138 is the one I always post in any mention if Discord or Slack because they are both walled gardens
In your specific case, you may have to self-host or pay because I don't believe your project would qualify under their open source hosting offering but it wouldn't hurt to ask
I love it so much. I always wanted to get started with hardware hacking , and this is the right place to start !
Thank you for the site.
I've been trying to learn how to customize Linux (e.g. roll my own Linux) for any platform but it takes time to learn since all the information is laid out all over the internet, thus hard to locate. I'm aware of Linux From Scratch project but it is a long read and I find that certain knowledge is assumed (e.g. why build chain is needed), thus not necessarily newbie-friendly. Though I've yet to go through your site, hopefully it will take the newbie inexperience (e.g. electronics knowledge if any) into consideration.
Good luck, SM68
Please remember to write "Show HN:" when submitting your own content.
I was thinking about it, but the Guidelines include this:
>Off topic: blog posts, sign-up pages, newsletters, lists, and other reading material. Those can't be tried out, so can't be Show HNs. Make a regular submission instead.
so I made a regular submission, as I think HardBreak is reading material. @Mods feel free to move my post, if this is considered a Show HN post.
I think you are right! I stand corrected.
whether partially open source or not, I appreciate this. Thanks, OP
Nice one, very user friendly.
Can't wait for the RFID section :)
fantastic providing such knowledge for free, many thanks
[dead]
Pos