Skip to content

Hack my Car - ODB and GPS

April 23, 2019

I got myself a ‘ODB-diagnosegerät’ from China. Of course it didn’t work right away and I had to readz the internets for fixing. First I had to find a suitable driver. USB identifier was: Product ID: 0x7523 Vendor ID: 0x1a86. This looks like a CH340 / CH341 Serial / USB Chip. Luckily I found the drivers here:

VAG-COM 409.1 + Wine:
VAG-COM 409.1 + Win7:

Kabel Fix:


Other Software:

Other devices:ät-aber-welches/


Next: get GPS Tracker.

Hope is to find my car, once it got stolen, but so far, it was more of a hack project :). I figured, the best opensource solution you currently get is Here’s how to set it up and dockerize:


Hacking mir:ror

February 20, 2019

Finally! All of a sudden I got an evening with ccb23 to hack of lives away. This time: NFC like it’s 2009. Aka violet mir:ror.

Out of the blue we were brainstroming how to DYI hörbert, a smart mp3 player for our youngest. Here, a mp3 is selected via NFC sensor. O.T: “NFC sensor!? Wait, I remember having touch this years ago, lemme get the Nabaztag”. And indeed, along with the infamous Nabaztag IOT rabbit, violet released a side product called ‘mir:ror’ in 2009(?). It’s a NFC to USB device meant to showcase & utilize its capabilities. To bad official drivers were only released for WIN and discontinued with the bankrupt of violet. But opensource to rescue. We quick figure the device adheres to HID standard, so let’s get it working (on a mac/linux).

After confirming the device is recognised in MacOS X we got hooked. Next, with a quick google search we first discovered - an OOO implementation based on hidraw. too bad kernel extension is Linux specific, so next the HIDapi, an OS agnostic lib for general purpose use, felt promising. Indeed, we got the mir:ror up and running the first time on Mac, although reading was non blocking and we couldn’t really make sense out of it. After various back and forth, we jumped back to start: let’s check on linux first. So with virtualbox and ubuntu we were able to install reflektor and use it via hidraw. Worked like a charm! So next is porting this to MacOSX and getting deeper understand of mirware. What commands are supported? Modifying (or just turning off) the choreo would be a huge plus towards using mir:ror for our custom mp3 project. In anycase, this 10 years old device was way ahead of its time and still works like wooow!

Sources worth to check:

Self Contained Systems

September 10, 2018


January 27, 2018

Very nice slick DYI Pinball Kit:

Hacking Rainbowduino 2017 - now BLE support

January 29, 2017

It’s 2017 and I finally wanted to get my hands dirty with some Bluetooth 4.0 LE gadget hacking.

Luckily I found this outdated project MacOSXVirtualSerialPort which gave me the final piece: Use socat to create two new serial ports which are innerconnected and send thier received data viceversa.

brew install socat

and exectue

sudo socat -d -d pty,link=/tmp/tty.ble,raw,echo=0,user=tobi,group=staff pty,link=/tmp/tty.serial,raw,echo=0,user=tobi,group=staff

Voila now we have one port /tmp/tty.serial where we connect mtXcontrol to and /tmp/tty.ble where we connect the simple noble service too.

Finally the data chain looks like:

mtXcontrol -> rainbowduino processing lib -> processing serial -> /tmp/tty.serial -> /tmp/tty.ble -> nodejs serialport -> nodejs noble -> HM-10 -> Rainbowduino Serial

Sources worth a read

December 01, 2016

A couple of my bookmarks worth a read

API Design:
* Bad Oauth2:
* Hawk:
* Test Tools:
* REST Design:


*  ruby-install, chruby:
* Ruby -> Go:
* Ruby 2015:
* Calling services:


* New Keyboard layout:
* Docker, nginx, Stripe, MongoDB, CloudFlare, Xamarin, Mixpanel, DigitalOcean, Twilio:
* A minimalist real-time framework:



List of (my)SQL-Tutorials

November 16, 2016

I did an introduction to (my)SQL once. This were my sources:

MySQL for Absolute Beginners:
Examples for Beginners:

(My)SQL Cheat Sheet:
Another one:

My notes/write along:

Turtely Awesome - how we fixed weak flippers Data East TMNT Pinball

November 16, 2016

TL;DR; Always check fuses first!

We love to play our Data East TMNT Pinball, but unfortunately the ball got lost more and more often, due to weak flippers. The flippers did hold up, but one could easily push the down, and so did the ball. What’s the problem a big mystery! First, we thought it’s something mechanical and did rebuild the flippers - both side. For that we used the DA Flipper Rebuild kid from Pinball Center(?). The flippers got more precise, but kept on being weak. It had to be something electronic.

So we started to learn about Solid State Flippers, were the control unit is located and Diodes. We followed this great guide from Flipperwinkel, a lots of insights, but couldn’t spot any problem. So we started measuring volts and current. It turned out that one of the fuses was broken. Important part about this is, that the flipper controller has four fuses. One for each flipper to activate, and two to hold any flipper. Which means, even when one hold fuse is broken, the other still holds up. But only half the current, so the flippers results in being weak. We replaced the broken fuse, and the flipper work as strong as never before… check!

While doing the research, we found a good resource for Pinball hacks/repairs:

WG-Held - Hack the House project presentation

May 05, 2016

Nice sum up on our HackTheHouse 2nd price.

Introducing: Vault Project or How to setup an Encryption Server

April 01, 2016

Let’s talk about credentials. Credentials! Who doesn’t work without any secret data which should never go public? Sure, sure, we’d never share those secrets public, but then there’s git, and github and.. BAAMM.. credentials exposed. Upps!

To avoid this, it’s common sense to NOT checkin any credentials. NEVER. EVER. We make use of .gitignore, cfg templates and placeholders. But nevertheless it’s a hassle, especially when working in a team, where a credential exchange is sometimes required. In past, I preferred the solution where an encryption server in a save environment took care about encrypting/decrypting data. Once the data is encrypted, it’s save to checkin, store and share in the same way like any other data. Only users (or systems) with access rights for the encryption server can decrypt the data. Instant WIN! But how to setup such a server?

Introducing: Vault Project

I recently came across the Vault Project which exactly meet all my needs. In addition, it’s open source, simple to use and comes with very good documentation and tutorials. Nevertheless, I couldn’t find all the steps required to setup an encryption server in one place, so here they are:

How to setup an Encryption server with Vault

First, setup a new vault server on a remote machine by following those steps:

    1. Create a config file docs

touch vault.cfg

For our case we just need a simple file backend and expose the vault via tcp

backend "file" {
  path = "/Users//.vaultstore"

listener "tcp" {
  address = ""
  tls_disable = 1

See the vault config docs for other options.

    1. Now start the server …

vault server -config vault.cfg

    1. … and run the init procedure: docs

vault init -address=

This will output five keys and a root token. Make sure to keep those keys save, once lost you wouldn’t be able to unseal your vault, and therefore gain access. The root token is needed to authenticate against the server. To remove the need of passing in the host address all the time, you can set the value with VAULT_ADDR too: export VAULT_ADDR=

On start, the vault is sealed, and can only be opened with the keys generated at the very beginning. Unseal is done with:

vault unseal

Execute this three times, and enter a different key each time.

DONE! Now the server is up and running and you can connect from you local machine to the vault.

    1. Authenticate with the server

The vault only accepts authenticated connections, for that create a auth token with:

vault auth

Enter the root token-key obtained from step 1. Later, I’d strongly recommend to use a non-root token.

    1. Enable github auth backend docs

In order to allow other people access to the vault and decrypt data, it’s the easiest to enable github authentication. In this case, every user part to a specific github team is able to obtain an auth-token themselves.

Enable github auth:

vault auth-enable github

Register github org:
vault write auth/github/config organization=

…and a team:
vault write auth/github/map/teams/ value=root

Now, any team member can get access to the vault with a github token:
vault auth -method=github token=

Whereas `` only requires the ‘read:org’ scope to be granted. Once auth is complete the actual vault token will be stored in ~/.vault-token and allows the user to connect to the vault.

7.Enable transit backend docs

Per default, vault stores data associated with a key. But for our case, we want to encrypt data on the fly and manage storage within our SCM instead. Encryption only is enabled with the ‘tranist backend’:

vault mount transit

Add a key name to generate an encryption key:

vault write -f transit/keys/

The actual encryption key can be retrieved via:
vault read --format=json transit/raw/

DONE! Now the encryption server is ready to encrypt. For this I used json as response format and jq to extract the data.

  • 1.Encrypt:

    echo -n “” base64 vault write –format=json transit/encrypt/ plaintext=- jq -r .data.ciphertext
  • 2.Decrypt:

    vault write –format=json transit/decrypt/ ciphertext= jq -r .data.plaintext base64 -D

Finally, let’s create some bash functions to make life easy:

export VAULT_ADDR=""
export VAULT_KEY=""

function _encrypt {
  base64 | vault write --format=json transit/encrypt/$VAULT_KEY plaintext=- | jq -r .data.ciphertext

function _decrypt {
  vault write --format=json transit/decrypt/$VAULT_KEY ciphertext=- | jq -r .data.plaintext | base64 -D

# encrypt data.
# Usage: encryptd ""
function encryptd {
  echo $1 | _encrypt

# decrypt data.
# Usage: decryptd 
function decryptd {
  echo -n $1 | _decrypt

# encrypt file. will overwrite existing ones! 
# Usage: encryptf 
function encryptf {
  cat $1 | _encrypt > $1.enc

# decrypt file. will overwrite existing ones! 
# Usage: decryptf 
function decryptf {
  cat $1 | _decrypt > `basename -s .enc $1`

# decrypt file and open for edit. on close encrypt changes.
# Usage: editcrypt 
function editcrypt {
  cat $1 | _decrypt > $1.tmp && $EDITOR $1.tmp && cat $1.tmp | _encrypt > $1 && rm $1.tmp


On thing to mention is adding the non-encrypted files to you .gitignore. This ensures the file wont end up in your repo by accident:

$ cat .gitignore
# only checkin the encrypted version

I hope this helped setting up your own vault server. These are just the first rough steps. Vault allows way more, like very granular access management, various auth and storage backends etc. Again, I strongly recommend to check their docs and follow the interactive tutorial

Keep your data save!

[proofread by Daniel - thanks!]

Testing Deepdive Sumup

February 16, 2016

Here my follow-/sum-up of a Testing deep dive I gave:

Motivation for writing Tests

  • To avoid manual process (Out of pure laziness)
    • Don’t repeat your manual work flow :D
    • test setup/preconditions are exactly the same
    • ideal you never have to start irb / application server to test
  • To verify the code aligns & fulfils all the assumptions
    • gain confidence
  • To indicate other what’s important
    • to secure that new code doesn’t change/break current state
    • to avoid surprises
    • give confidence
  • Documentation
    • allows other to understand you code quickly
    • good example ->
  • Avoid Bugs before they even exists ;)

Test Types

Follow the Pyramid (

  • (little) End2End (Acceptance),
    • no stubbing
    • full scenarios
  • (some) Integration
    • cover the full interface your code integrates (different call/inputs, return values, exceptions)
    • static data
    • some stubbing
  • (at lot of) Unit
    • Low level
    • stub external
    • all public method, each condition/parameter combination should be a test case
  • refactor usually break unit, but shouldn’t integration and for sure not End2End

Test Structure

  1. Setup static State (be aware of Time)
  2. Execute
  3. Assert


  • Prefer copy & past over magic/bad abstraction
  • be simple, explicit, verbose

Little Helpers

GitPrePush Hook:

  • copy this in .git/hooks of every project
  • skip with git push --no-verify

See all test statuses:

Download, create a access token here and use this url in ccmenu:<token>

Keep in mind

  • make test should always work on your local machine
  • Avoid introducing code/merging PR when dependencies build are broken
  • Make sure new code integrates nicely with dependencies/or update dependencies asap.
  • Rebase branch on current master(HEAD) before merge

Pls share your opinions/experience/ideas on how to kill all the bugs and to maintain a simple & obvious development process for everyone!

Important Git Commands

December 18, 2015

Useful Git commands

  • git pull equals git fetch + git merge (all)

better to know what your’ doing:

git fetch
git merge


git add -p # select specific lines to stage
git add .
git add -u 
  • git stash
  • git push
    • push hooks
    • tracking branch
  • git remote
    • origin

see changes

git diff 
git diff --cached

… or stick to gui

gitx -


git clean
git reset --hard master
git remote prune origin


git rebase master


git rebase -i master

if merges within branch use Hannes lye:

git lye -

git merge --squash
git comit -v


git hub
git compare


git whatchanged master..head


  default = current
  • git amend

Berlin Maker Fair 2015 - Findings

November 28, 2015

I went to Berlin Maker Fair 2015

Here some Projects which caught my attention the most:

Brick´R´Knowledge -

  • an innovative plug system which can be used to tranfer electronical knowledge very easily, fast and playfully

Seeedstudios RePhone -

VaiKai -

  • intuitive connected toys for less screentime and more play.

TinkerBots -

  • a Lego ‘extension’ for smart senors and actor modules. Super simple to control and programm. For Kids starting from 6years!

ManuGoo -

OpenHive -

  • an open Source Bee Hive Monitoring Project

I got myself a Oscilloscope - MSO5102D

November 16, 2015

It’s a Hantek MSO5102D. See full Details here:


10 Things to consider before buying a Oscilloscope:

Call by value vs. Call by name

September 14, 2015

Call by Value

def log(out)
 puts out
 out = 1

start = 100
puts start + 10

start = 100
puts start + 10

Call by Name

def log_a(out)
 puts out.size
 return out << 1

start = [100]
puts start.size
start = log_a(start)

start = log_a(start.dup)
start = log_a(start.dup)
if (start.size > 1)