Hacking A Dollar Store Bluetooth Device
Hardware hackers are always looking for devices to tear apart and scavenge from. It’s hardly a secret that purchasing components individually is significantly more expensive than the minuscule cost per unit that goes along with mass manufacturing. Bluetooth devices are no exception. Sure, they’re not exactly a luxury purchase anymore, but they’re still not dirt cheap either.
Luckily for [Troy Denton], it seems dollar stores have started carrying a Bluetooth camera shutter for just a few dollars (it was three bucks, perhaps the dollar store actually means divisible-by). The device is designed to pair with a smart phone, and has two buttons allowing you to control the camera from afar. The fact that it works at all at that price is a small miracle, but the device also has potential for hacking that adds to its appeal.
Inside is a Bluetooth chips with integrated ARM controller. It connects to an EEPROM via I2C. Using an oscilloscope, an Arduino, and a Bus Pirate, [Troy] has so far succeeded in dumping and deciphering the EEPROM and was successful in renaming the device. He has high hopes that he’ll be able to discover something juicy from his preliminary explorations of the USART on the Bluetooth chip.
Ultimately he plans to document his quest to rewrite which keys the device’s buttons emulate. Once that’s accomplished, this dollar store find will have a lot of potential for cheap Bluetooth control. If you’re a reverse engineering veteran we’d love to hear some suggestions of low hanging fruit for him to explore. If you’re eager to learn more about about what you can do with Bluetooth, check out our awesome BLE primer.