Compatibility with Elekstube IPS Pro

Question

Compatibility with Elekstube IPS Pro

Closed this issue a year ago · 16 comments

RedFox-Fr commented a year ago

Hi,

Is your project compatible with the EleksTube IPS Pro ?
https://fr.aliexpress.com/item/1005004836024662.html

Do you know if this product has the problem with the 5V power ?

Best Regards,

Answer 1 · 2023-03-15T11:05:13.000Z

If you send me the Pro version, we will make it compatible (if it isn't already). I am in EU so shipping is easy.

I don't understand the 5V question. All these clocks run on USB-C.

Answer 2 · 2023-03-15T11:34:52.000Z

In the Readme.md

Hardware modification
Original EleksTube has a few problems in the hardware design. Most notably it forces 5V signals into ESP32 which is not happy about it. And it is outside of safe operating limits. This will extend the lifetime of ESP32. Mine died because of this...

I don't know what is exactly an "Original Elekstube". Just the very first model of Elekstube, or an Elekstube made by EleksMaker…

Answer 3 · 2023-03-15T12:00:33.000Z

There are a few versions out there, originals, copies and modified versions. Personally I have only analyzed one (original).

Answer 4 · 2023-03-15T16:01:11.000Z

That’s talking about signaling pins. It’s safe to assume that new hardware will appropriately regulate a 5vDC input to whatever voltages are needed internally. Regardless of that, it’s not a code concern. The new firmware doesn’t have any dependencies on voltages in use. That’s entirely a hardware thing. Edit: Wow, replying to email really did not work well there. Cleaned up quoted test.

Answer 5 · 2023-03-15T19:36:25.000Z

@RedFox-Fr None of us have the Pro version, so we don't know anything about it. If you try it out and it works, let us know! If you try it out and you have to modify some things to make it work, submit a pull request! (but please retain backward compatibility) If you try and can't make it work, well, bummer, but that's also good to know.

Answer 6 · 2023-03-16T07:38:37.000Z

... If you try and can't make it work, well, bummer, but that's also good to know.

If you can't get it working - I assume you are form France, so it would be just a few euros to send the clock to me (Slovenia) for analysis and then I return it to you in working condition.

Answer 7 · 2023-03-17T12:41:57.000Z

I don't own EleksTube for now.
And finally I just ordered a Marvel Tubes… There is a speaker !

http://www.unitedcreation.co/marvel-tubes/?lang=en
https://fr.aliexpress.com/item/1005004925188446.html

Nextube was also in the race, but the screen are too small :(
https://rotrics.com/pages/nextube

Answer 8 · 2024-02-11T13:15:52.000Z

This won’t work on Elekstube Pro, they switched to using the ESP32 PICO so some pins have moved, but most importantly the firmware is now protected so not only can you not read the original firmware, but you also can’t upload new firmware.

Answer 9 · 2024-02-12T11:33:02.000Z

firmware is now protected

I quickly browsed through the esp32-pico-d4 datasheet and found no reference on any FW protection. Also the dev board has same UART interface as any other ESP32. @judge2005 can you please share more light on this protections that I can't find?

Answer 10 · 2024-02-12T11:53:18.000Z

firmware is now protected

I quickly browsed through the esp32-pico-d4 datasheet and found no reference on any FW protection. Also the dev board has same UART interface as any other ESP32. @judge2005 can you please share more light on this protections that I can't find?

It's not specific to the pico, it's a feature of all ESP32 chips. I was making two separate points.

The first is that their switch to the pico meant they had to change some pin assignments - the pico uses some pins internally and they happen to have used those pins in their previous version.

The second point is that with this version they have used the ESP32 protection features. The contents of the chip can no longer be read or overwritten.

I have verified this with their v2 hardware. You can see the different pin assignments in the GLOBAL_DEFINES.h of my EleksTubeIPS repo.

EDIT: the protection features do allow some degree of update ability. As far as I can tell the firmware developer has to implement an 'OTA' scheme, which EleksMaker have done, but at that point I gave up as I assumed that this would be difficult to reverse engineer and you would have one chance to get it right before you bricked the chip.

Answer 11 · 2024-02-12T12:56:12.000Z

Thanks, I read through the documentation on the link. It makes more sense now. A bit similar to Level 1 and Level 2 flash protection on STM32 devices.
If they left the device in "development" mode, then encryption can be disabled and chip used unencrypted from then on, with custom firmware. If switched to "release" mode, maybe also disabled UART bootloader, then part is more or less fully locked.
If you have the Pro version you can check if it can be unlocked?

Answer 12 · 2024-02-12T17:26:49.000Z

Thanks, I read through the documentation on the link. It makes more sense now. A bit similar to Level 1 and Level 2 flash protection on STM32 devices. If they left the device in "development" mode, then encryption can be disabled and chip used unencrypted from then on, with custom firmware. If switched to "release" mode, maybe also disabled UART bootloader, then part is more or less fully locked. If you have the Pro version you can check if it can be unlocked?

I will try to take a look this evening, however I am not hopeful. This page talks about secure booting, and in particular it says this:

Please note that enabling Secure Boot or flash encryption disables the USB-OTG USB stack in the ROM, disallowing updates via the serial emulation or Device Firmware Update (DFU) on that port.

When I try to upload an image using esptool, I just get no response from the device. Same when trying to read the image using esptool. There is some explanatory text here.

I notice you have another ticket #55 that implies that GEN2 hardware can be flashed, which would be nice. I have the Pro hardware, which is apparently identified by the buttons being on the front - this according to the PC client that EleksMaker provide to update it - when you update it you have to select either the pro firmware or the regular gen2 firmware. I had wondered why there was a difference. Perhaps it is simply that one is protected and the other isn't?

Answer 13 · 2024-02-12T19:53:45.000Z

USB-OTG or DFU require native USB support from the processor itself. This are different things than what is usually used on these simple devices. If you have an USB-to-Serial converter chip on board, this is a classic approach. And serial bootloader should be working there, unless explicitly disabled. No idea what is the difference between Pro and Gen2. Probably different hardware or functions and you must load correct firmware on it.

Answer 14 · 2024-02-12T21:31:21.000Z

USB-OTG or DFU require native USB support from the processor itself. This are different things than what is usually used on these simple devices. If you have an USB-to-Serial converter chip on board, this is a classic approach. And serial bootloader should be working there, unless explicitly disabled. No idea what is the difference between Pro and Gen2. Probably different hardware or functions and you must load correct firmware on it.

well the documentation is a little confusing. Here is another snippet: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/kconfig.html#config-secure-uart-rom-dl-mode

Answer 15 · 2024-06-24T20:48:38.000Z

Would a firmware dump help here or is everything moot by security?

Answer 16 · 2024-06-25T09:01:56.000Z

Generally it is easier to reverse engineer the hardware than firmware. I personally wouldn't benefit from the firmware dump.
Maybe some interesting new clock faces could be extracted, if uploaded to the clock and not available otherwise.